When called on an unrealized i440FX host bridge (e.g. from qmp_qom_list_properties), h->bus is NULL since the root bus is only created during realize. Guard against this in both pci_hole64_start and pci_hole64_end getters, reporting an error.
Signed-off-by: Marc-André Lureau <[email protected]> --- hw/pci-host/i440fx.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/hw/pci-host/i440fx.c b/hw/pci-host/i440fx.c index e7d638b296c..c1982f7962a 100644 --- a/hw/pci-host/i440fx.c +++ b/hw/pci-host/i440fx.c @@ -189,8 +189,14 @@ static void i440fx_pcihost_get_pci_hole64_start(Object *obj, Visitor *v, const char *name, void *opaque, Error **errp) { - uint64_t hole64_start = i440fx_pcihost_get_pci_hole64_start_value(obj); + PCIHostState *h = PCI_HOST_BRIDGE(obj); + uint64_t hole64_start; + if (!h->bus) { + error_setg(errp, "PCI host bridge not realized"); + return; + } + hole64_start = i440fx_pcihost_get_pci_hole64_start_value(obj); visit_type_uint64(v, name, &hole64_start, errp); } @@ -206,10 +212,15 @@ static void i440fx_pcihost_get_pci_hole64_end(Object *obj, Visitor *v, { PCIHostState *h = PCI_HOST_BRIDGE(obj); I440FXState *s = I440FX_PCI_HOST_BRIDGE(obj); - uint64_t hole64_start = i440fx_pcihost_get_pci_hole64_start_value(obj); + uint64_t hole64_start; Range w64; uint64_t value, hole64_end; + if (!h->bus) { + error_setg(errp, "PCI host bridge not realized"); + return; + } + hole64_start = i440fx_pcihost_get_pci_hole64_start_value(obj); pci_bus_get_w64_range(h->bus, &w64); value = range_is_empty(&w64) ? 0 : range_upb(&w64) + 1; hole64_end = ROUND_UP(hole64_start + s->pci_hole64_size, 1ULL << 30); -- 2.54.0
