+qemu-...@nongnu.org
On Wed, 2025-07-16 at 11:50 -0500, Glenn Miles wrote:
> The PowerNV PCI Host Bridge (PHB) supports a large and small
> configuration where the small configuration supports only
> half the number of interrupts supported by the large configuration.
>
> Since the PCIe LSIs are allocated at the end of the PHB IRQ list,
> when calculating the LSI IRQ number, the code must take into
> consideration the number of IRQ's supported by the PHB. This
> was not happening and was resulting in a QEMU segmentation fault
> when a PCI device was added to a PHB with the small configuration.
>
> Signed-off-by: Glenn Miles <mil...@linux.ibm.com>
> ---
> hw/pci-host/pnv_phb4.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/hw/pci-host/pnv_phb4.c b/hw/pci-host/pnv_phb4.c
> index 18992054e8..aeb2a45b4b 100644
> --- a/hw/pci-host/pnv_phb4.c
> +++ b/hw/pci-host/pnv_phb4.c
> @@ -1167,6 +1167,7 @@ static int pnv_phb4_map_irq(PCIDevice *pci_dev, int
> irq_num)
> static void pnv_phb4_set_irq(void *opaque, int irq_num, int level)
> {
> PnvPHB4 *phb = PNV_PHB4(opaque);
> + XiveSource *xsrc = &phb->xsrc;
> uint32_t lsi_base;
>
> /* LSI only ... */
> @@ -1175,6 +1176,7 @@ static void pnv_phb4_set_irq(void *opaque, int irq_num,
> int level)
> }
> lsi_base = GETFIELD(PHB_LSI_SRC_ID, phb->regs[PHB_LSI_SOURCE_ID >> 3]);
> lsi_base <<= 3;
> + lsi_base &= xsrc->nr_irqs - 1;
> qemu_set_irq(phb->qirqs[lsi_base + irq_num], level);
> }
>
