The PowerNV PCI Host Bridge (PHB) supports a large and small configuration where the small configuration supports only half the number of interrupts supported by the large configuration.
Since the PCIe LSIs are allocated at the end of the PHB IRQ list, when calculating the LSI IRQ number, the code must take into consideration the number of IRQ's supported by the PHB. This was not happening and was resulting in a QEMU segmentation fault when a PCI device was added to a PHB with the small configuration. Signed-off-by: Glenn Miles <mil...@linux.ibm.com> --- hw/pci-host/pnv_phb4.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hw/pci-host/pnv_phb4.c b/hw/pci-host/pnv_phb4.c index 18992054e8..aeb2a45b4b 100644 --- a/hw/pci-host/pnv_phb4.c +++ b/hw/pci-host/pnv_phb4.c @@ -1167,6 +1167,7 @@ static int pnv_phb4_map_irq(PCIDevice *pci_dev, int irq_num) static void pnv_phb4_set_irq(void *opaque, int irq_num, int level) { PnvPHB4 *phb = PNV_PHB4(opaque); + XiveSource *xsrc = &phb->xsrc; uint32_t lsi_base; /* LSI only ... */ @@ -1175,6 +1176,7 @@ static void pnv_phb4_set_irq(void *opaque, int irq_num, int level) } lsi_base = GETFIELD(PHB_LSI_SRC_ID, phb->regs[PHB_LSI_SOURCE_ID >> 3]); lsi_base <<= 3; + lsi_base &= xsrc->nr_irqs - 1; qemu_set_irq(phb->qirqs[lsi_base + irq_num], level); } -- 2.43.5