diff --git a/qemu.spec b/qemu.spec
index 54b0fe44ed83e18c642102f14d219362e6c6ca59..9a7b53a432d079469a7efb7b75c2cd51538258ee 100644
--- a/qemu.spec
+++ b/qemu.spec
@@ -1,6 +1,6 @@
 Name: qemu
 Version: 4.1.0
-Release: 81
+Release: 82
 Epoch: 10
 Summary: QEMU is a generic and open source machine emulator and virtualizer
 License: GPLv2 and BSD and MIT and CC-BY-SA-4.0
@@ -391,6 +391,7 @@ Patch0378: io-remove-io-watch-if-TLS-channel-is-closed-during-h.patch
 Patch0379: pci-assert-configuration-access-is-within-bounds.patch
 Patch0380: accel-tcg-fix-race-in-cpu_exec_step_atomic-bug-18630.patch
 Patch0381: hw-pvrdma-Protect-against-buggy-or-malicious-guest-driver.patch
+Patch0382: xfusion-Fix-code-errors.patch
 
 BuildRequires: flex
 BuildRequires: bison
@@ -791,6 +792,9 @@ getent passwd qemu >/dev/null || \
 %endif
 
 %changelog
+* Fri Jan 12 2024 liuhaipeng <liuhaipeng@xfusion.com> - 10:4.1.0-82
+- Fix code errors
+
 * Tue Nov 28 2023 Jiabo Feng <fengjiabo1@huawei.com>
 - hw/pvrdma: Protect against buggy or malicious guest driver
 
diff --git a/xfusion-Fix-code-errors.patch b/xfusion-Fix-code-errors.patch
new file mode 100644
index 0000000000000000000000000000000000000000..963dd90bcc1218031b1a0a5abfe4614bbd8f8e03
--- /dev/null
+++ b/xfusion-Fix-code-errors.patch
@@ -0,0 +1,26 @@
+From 80667c95b2f10e45d82ae8122a516cd067c4b649 Mon Sep 17 00:00:00 2001
+From: liuhaipeng <liuhaipeng@xfusion.com>
+Date: Fri, 12 Jan 2024 10:46:03 +0800
+Subject: [PATCH] Fix Code Errors
+
+---
+ hw/display/qxl.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/hw/display/qxl.c b/hw/display/qxl.c
+index 5a923d30..9da83d93 100644
+--- a/hw/display/qxl.c
++++ b/hw/display/qxl.c
+@@ -674,7 +674,8 @@ static int interface_get_command(QXLInstance *sin, struct QXLCommandExt *ext)
+              *
+              * https://cgit.freedesktop.org/spice/win32/qxl-wddm-dod/commit/?id=f6e099db39e7d0787f294d5fd0dce328b5210faa
+              */
+-            void *msg = qxl_phys2virt(qxl, ext->cmd.data, ext->group_id);
++            void *msg = qxl_phys2virt(qxl, ext->cmd.data, ext->group_id,
++			              sizeof(void));
+             if (msg != NULL && (
+                     msg < (void *)qxl->vga.vram_ptr ||
+                     msg > ((void *)qxl->vga.vram_ptr + qxl->vga.vram_size))) {
+-- 
+2.27.0
+