From: Zhao Liu <zhao1.liu@intel.com>

QEMU crashes (Segmentation fault) when getting cxl-fmw property via
qmp:

(QEMU) qom-get path=machine property=cxl-fmw

This issue is caused by accessing wrong callback (opaque) type in
machine_get_cfmw().

cxl_machine_init() sets the callback as `CXLState *` type but
machine_get_cfmw() treats the callback as
`CXLFixedMemoryWindowOptionsList **`.

Fix this error by casting opaque to `CXLState *` type in
machine_get_cfmw().

Fixes: 03b39fcf64bc ("hw/cxl: Make the CXL fixed memory window setup a machine parameter.")
Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
Reviewed-by: Li Zhijian <lizhijian@fujitsu.com>
Reviewed-by: Xingtao Yao <yaoxt.fnst@fujitsu.com>
Link: https://lore.kernel.org/r/20240704093404.1848132-1-zhao1.liu@linux.intel.com
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
---
 hw/cxl/cxl-host.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/hw/cxl/cxl-host.c b/hw/cxl/cxl-host.c
index c5f5fcfd64..e9f2543c43 100644
--- a/hw/cxl/cxl-host.c
+++ b/hw/cxl/cxl-host.c
@@ -315,7 +315,8 @@ static void machine_set_cxl(Object *obj, Visitor *v, const char *name,
 static void machine_get_cfmw(Object *obj, Visitor *v, const char *name,
                              void *opaque, Error **errp)
 {
-    CXLFixedMemoryWindowOptionsList **list = opaque;
+    CXLState *state = opaque;
+    CXLFixedMemoryWindowOptionsList **list = &state->cfmw_list;
 
     visit_type_CXLFixedMemoryWindowOptionsList(v, name, list, errp);
 }
-- 
2.43.0

05.07.2024 14:39, Jonathan Cameron via wrote:
> From: Zhao Liu <zhao1.liu@intel.com>
> 
> QEMU crashes (Segmentation fault) when getting cxl-fmw property via
> qmp:
> 
> (QEMU) qom-get path=machine property=cxl-fmw
> 
> This issue is caused by accessing wrong callback (opaque) type in
> machine_get_cfmw().
> 
> cxl_machine_init() sets the callback as `CXLState *` type but
> machine_get_cfmw() treats the callback as
> `CXLFixedMemoryWindowOptionsList **`.
> 
> Fix this error by casting opaque to `CXLState *` type in
> machine_get_cfmw().
> 
> Fixes: 03b39fcf64bc ("hw/cxl: Make the CXL fixed memory window setup a machine parameter.")
> Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
> Reviewed-by: Li Zhijian <lizhijian@fujitsu.com>
> Reviewed-by: Xingtao Yao <yaoxt.fnst@fujitsu.com>
> Link: https://lore.kernel.org/r/20240704093404.1848132-1-zhao1.liu@linux.intel.com
> Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>

Is this a stable@ material?

Thanks,

/mjt

On Wed, 24 Jul 2024 07:53:48 +0300
Michael Tokarev <mjt@tls.msk.ru> wrote:

> 05.07.2024 14:39, Jonathan Cameron via wrote:
> > From: Zhao Liu <zhao1.liu@intel.com>
> > 
> > QEMU crashes (Segmentation fault) when getting cxl-fmw property via
> > qmp:
> > 
> > (QEMU) qom-get path=machine property=cxl-fmw
> > 
> > This issue is caused by accessing wrong callback (opaque) type in
> > machine_get_cfmw().
> > 
> > cxl_machine_init() sets the callback as `CXLState *` type but
> > machine_get_cfmw() treats the callback as
> > `CXLFixedMemoryWindowOptionsList **`.
> > 
> > Fix this error by casting opaque to `CXLState *` type in
> > machine_get_cfmw().
> > 
> > Fixes: 03b39fcf64bc ("hw/cxl: Make the CXL fixed memory window setup a machine parameter.")
> > Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
> > Reviewed-by: Li Zhijian <lizhijian@fujitsu.com>
> > Reviewed-by: Xingtao Yao <yaoxt.fnst@fujitsu.com>
> > Link: https://lore.kernel.org/r/20240704093404.1848132-1-zhao1.liu@linux.intel.com
> > Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>  
> 
> Is this a stable@ material?

Yes please

Thanks,

Jonathan

> 
> Thanks,
> 
> /mjt
>