From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:50221)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <cormac@c-obrien.org>) id 1ZTAml-0008Ul-5l
	for qemu-devel@nongnu.org; Sat, 22 Aug 2015 11:32:48 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <cormac@c-obrien.org>) id 1ZTAmk-0003Uv-Dp
	for qemu-devel@nongnu.org; Sat, 22 Aug 2015 11:32:47 -0400
From: Cormac O'Brien <cormac@c-obrien.org>
Date: Sat, 22 Aug 2015 10:32:11 -0500
Message-Id: <1440257533-1504-3-git-send-email-cormac@c-obrien.org>
In-Reply-To: <1440257533-1504-1-git-send-email-cormac@c-obrien.org>
References: <1440257533-1504-1-git-send-email-cormac@c-obrien.org>
Subject: [Qemu-devel] [PATCH 2/4] PPC: Fix lsxw bounds checks
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: agraf@suse.de, mark.cave-ayland@ilande.co.uk, qemu-devel@nongnu.org, qemu-ppc@nongnu.org

From: Alexander Graf <agraf@suse.de>

The lsxw instruction checks whether the desired string actually fits
into all defined registers. Unfortunately it does the calculation wrong,
resulting in illegal instruction traps for loads that really should fit.

Fix it up, making Mac OS happier.

Signed-off-by: Alexander Graf <agraf@suse.de>
---
 target-ppc/mem_helper.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/target-ppc/mem_helper.c b/target-ppc/mem_helper.c
index 6d37dae..7e1f234 100644
--- a/target-ppc/mem_helper.c
+++ b/target-ppc/mem_helper.c
@@ -100,8 +100,9 @@ void helper_lswx(CPUPPCState *env, target_ulong addr, uint32_t reg,
                  uint32_t ra, uint32_t rb)
 {
     if (likely(xer_bc != 0)) {
-        if (unlikely((ra != 0 && reg < ra && (reg + xer_bc) > ra) ||
-                     (reg < rb && (reg + xer_bc) > rb))) {
+        int num_used_regs = (xer_bc + 3) / 4;
+        if (unlikely((ra != 0 && reg < ra && (reg + num_used_regs) > ra) ||
+                     (reg < rb && (reg + num_used_regs) > rb))) {
             helper_raise_exception_err(env, POWERPC_EXCP_PROGRAM,
                                        POWERPC_EXCP_INVAL |
                                        POWERPC_EXCP_INVAL_LSWX);
-- 
2.5.0