Commit ce2e8408a1 for qemu.org

commit ce2e8408a14a35f4ec634d80ca65dfe5129814a9
Author: Marc-André Lureau <marcandre.lureau@redhat.com>
Date:   Fri Apr 24 19:04:47 2026 +0400

    hw/pci-bridge: handle missing parent in prop_pxb_uid_get

    When called on an unrealized pxb bus (e.g. from
    qmp_qom_list_properties), bus->parent_dev is NULL. The pxb_bus_num()
    callback dereferences it unconditionally. Check for this to avoid a
    NULL dereference.

    Fixes: 97b9cb066e5f ("hw/pci-bridge: Add acpi_uid property to TYPE_PXB_BUS")
    Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
    Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>

diff --git a/hw/pci-bridge/pci_expander_bridge.c b/hw/pci-bridge/pci_expander_bridge.c
index 11623a5666..40ffbc4e08 100644
--- a/hw/pci-bridge/pci_expander_bridge.c
+++ b/hw/pci-bridge/pci_expander_bridge.c
@@ -85,8 +85,14 @@ static uint16_t pxb_bus_numa_node(PCIBus *bus)
 static void prop_pxb_uid_get(Object *obj, Visitor *v, const char *name,
                              void *opaque, Error **errp)
 {
-    uint32_t uid = pci_bus_num(PCI_BUS(obj));
+    PCIBus *bus = PCI_BUS(obj);
+    uint32_t uid;

+    if (!bus->parent_dev) {
+        error_setg(errp, "bus not attached to a device");
+        return;
+    }
+    uid = pci_bus_num(bus);
     visit_type_uint32(v, name, &uid, errp);
 }