diff options
author | Michael S. Tsirkin <mst@redhat.com> | 2009-07-01 16:28:00 +0300 |
---|---|---|
committer | Anthony Liguori <aliguori@us.ibm.com> | 2009-07-09 16:58:08 -0500 |
commit | 9a3e12c8a48ef96bf0f3effc21a4ce98d35992f9 (patch) | |
tree | 4790235d481f58198a70aa0a46761df56999a325 | |
parent | 391354f126afde449d679db67a7c6b64afdca0f9 (diff) |
fix segfault in msix_save
This fixes segfault reported by Kevin Wolf,
and simplifies the code in msix_save.
Reported-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
-rw-r--r-- | hw/msix.c | 12 |
1 files changed, 7 insertions, 5 deletions
@@ -284,11 +284,13 @@ int msix_uninit(PCIDevice *dev) void msix_save(PCIDevice *dev, QEMUFile *f) { - unsigned nentries = (pci_get_word(dev->config + PCI_MSIX_FLAGS) & - PCI_MSIX_FLAGS_QSIZE) + 1; - qemu_put_buffer(f, dev->msix_table_page, nentries * MSIX_ENTRY_SIZE); - qemu_put_buffer(f, dev->msix_table_page + MSIX_PAGE_PENDING, - (nentries + 7) / 8); + unsigned n = dev->msix_entries_nr; + + if (!dev->cap_present & QEMU_PCI_CAP_MSIX) + return; + + qemu_put_buffer(f, dev->msix_table_page, n * MSIX_ENTRY_SIZE); + qemu_put_buffer(f, dev->msix_table_page + MSIX_PAGE_PENDING, (n + 7) / 8); } /* Should be called after restoring the config space. */ |