As indicated in the function header, this "hcall is only supported for LISNs that have the ESB hcall flag set to 1 when returned from hcall() H_INT_GET_SOURCE_INFO". We only set that flag for LSIs actually.
Check that in h_int_esb(). Signed-off-by: Greg Kurz <gr...@kaod.org> --- hw/intc/spapr_xive.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/hw/intc/spapr_xive.c b/hw/intc/spapr_xive.c index 58c2e5d890bd..01dd47ad5b02 100644 --- a/hw/intc/spapr_xive.c +++ b/hw/intc/spapr_xive.c @@ -1408,6 +1408,12 @@ static target_ulong h_int_esb(PowerPCCPU *cpu, return H_P2; } + if (!xive_source_irq_is_lsi(xsrc, lisn)) { + qemu_log_mask(LOG_GUEST_ERROR, "XIVE: LISN " TARGET_FMT_lx "isn't LSI\n", + lisn); + return H_P2; + } + if (offset > (1ull << xsrc->esb_shift)) { return H_P3; }