summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael S. Tsirkin <mst@redhat.com>2009-07-01 16:28:00 +0300
committerAnthony Liguori <aliguori@us.ibm.com>2009-07-09 16:58:08 -0500
commit9a3e12c8a48ef96bf0f3effc21a4ce98d35992f9 (patch)
tree4790235d481f58198a70aa0a46761df56999a325
parent391354f126afde449d679db67a7c6b64afdca0f9 (diff)
fix segfault in msix_save
This fixes segfault reported by Kevin Wolf, and simplifies the code in msix_save. Reported-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
-rw-r--r--hw/msix.c12
1 files changed, 7 insertions, 5 deletions
diff --git a/hw/msix.c b/hw/msix.c
index c031842761..e1308572ef 100644
--- a/hw/msix.c
+++ b/hw/msix.c
@@ -284,11 +284,13 @@ int msix_uninit(PCIDevice *dev)
void msix_save(PCIDevice *dev, QEMUFile *f)
{
- unsigned nentries = (pci_get_word(dev->config + PCI_MSIX_FLAGS) &
- PCI_MSIX_FLAGS_QSIZE) + 1;
- qemu_put_buffer(f, dev->msix_table_page, nentries * MSIX_ENTRY_SIZE);
- qemu_put_buffer(f, dev->msix_table_page + MSIX_PAGE_PENDING,
- (nentries + 7) / 8);
+ unsigned n = dev->msix_entries_nr;
+
+ if (!dev->cap_present & QEMU_PCI_CAP_MSIX)
+ return;
+
+ qemu_put_buffer(f, dev->msix_table_page, n * MSIX_ENTRY_SIZE);
+ qemu_put_buffer(f, dev->msix_table_page + MSIX_PAGE_PENDING, (n + 7) / 8);
}
/* Should be called after restoring the config space. */