[Qemu-devel] [PULL 02/14] PPC: Fix lswx bounds checks

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: David Gibson <david@gibson.dropbear.id.au>
To: peter.maydell@linaro.org
Cc: lvivier@redhat.com, thuth@redhat.com, qemu-devel@nongnu.org,
	aik@ozlabs.ru, Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>,
	agraf@suse.de, mdroth@linux.vnet.ibm.com, qemu-ppc@nongnu.org,
	David Gibson <david@gibson.dropbear.id.au>
Subject: [Qemu-devel] [PULL 02/14] PPC: Fix lswx bounds checks
Date: Thu, 12 Nov 2015 15:38:31 +1100	[thread overview]
Message-ID: <1447303123-4446-4-git-send-email-david@gibson.dropbear.id.au> (raw)
In-Reply-To: <1447303123-4446-1-git-send-email-david@gibson.dropbear.id.au>

From: Alexander Graf <agraf@suse.de>

The lswx instruction checks whether the desired string actually fits
into all defined registers. Unfortunately it does the calculation wrong,
resulting in illegal instruction traps for loads that really should fit.

Fix it up, making Mac OS happier.

Signed-off-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
 target-ppc/mem_helper.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/target-ppc/mem_helper.c b/target-ppc/mem_helper.c
index 6d37dae..7e1f234 100644
--- a/target-ppc/mem_helper.c
+++ b/target-ppc/mem_helper.c
@@ -100,8 +100,9 @@ void helper_lswx(CPUPPCState *env, target_ulong addr, uint32_t reg,
                  uint32_t ra, uint32_t rb)
 {
     if (likely(xer_bc != 0)) {
-        if (unlikely((ra != 0 && reg < ra && (reg + xer_bc) > ra) ||
-                     (reg < rb && (reg + xer_bc) > rb))) {
+        int num_used_regs = (xer_bc + 3) / 4;
+        if (unlikely((ra != 0 && reg < ra && (reg + num_used_regs) > ra) ||
+                     (reg < rb && (reg + num_used_regs) > rb))) {
             helper_raise_exception_err(env, POWERPC_EXCP_PROGRAM,
                                        POWERPC_EXCP_INVAL |
                                        POWERPC_EXCP_INVAL_LSWX);
-- 
2.5.0

next prev parent reply	other threads:[~2015-11-12  4:38 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-11-12  4:38 [Qemu-devel] [PULL 00/14] ppc-next queue 20151112 David Gibson
2015-11-12  4:38 ` David Gibson
2015-11-12 14:15   ` Peter Maydell
2015-11-12  4:38 ` [Qemu-devel] [PULL 01/14] PPC: Allow Rc bit to be set on mtspr David Gibson
2015-11-12  4:38 ` David Gibson [this message]
2015-11-12  4:38 ` [Qemu-devel] [PULL 03/14] PPC: mac99: Always add USB controller David Gibson
2015-11-12  4:38 ` [Qemu-devel] [PULL 04/14] cuda.c: fix CUDA ADB error packet format David Gibson
2015-11-12  4:38 ` [Qemu-devel] [PULL 05/14] cuda.c: fix CUDA_PACKET response " David Gibson
2015-11-12  4:38 ` [Qemu-devel] [PULL 06/14] cuda.c: implement simple CUDA_GET_6805_ADDR command David Gibson
2015-11-12  4:38 ` [Qemu-devel] [PULL 07/14] cuda.c: implement dummy IIC access commands David Gibson
2015-11-12  4:38 ` [Qemu-devel] [PULL 08/14] cuda.c: fix CUDA SR interrupt clearing David Gibson
2015-11-12  4:38 ` [Qemu-devel] [PULL 09/14] cuda.c: add defines for CUDA registers David Gibson
2015-11-12  4:38 ` [Qemu-devel] [PULL 10/14] cuda.c: refactor get_tb() so that the time can be passed in David Gibson
2015-11-12  4:38 ` [Qemu-devel] [PULL 11/14] cuda.c: rename get_counter() state variable from s to ti for consistency David Gibson
2015-11-12  4:38 ` [Qemu-devel] [PULL 12/14] cuda.c: fix T2 timer and enable its interrupt David Gibson
2015-11-12  4:38 ` [Qemu-devel] [PULL 13/14] cuda.c: add delay to setting of SR_INT bit David Gibson
2015-11-12  4:38 ` [Qemu-devel] [PULL 14/14] monitor/target-ppc: Define target_get_monitor_def David Gibson

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:6d37dae dfblob:7e1f234 )
 OR (
bs:"[Qemu-devel] [PULL 02/14] PPC: Fix lswx bounds checks" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1447303123-4446-4-git-send-email-david@gibson.dropbear.id.au \
    --to=david@gibson.dropbear.id.au \
    --cc=agraf@suse.de \
    --cc=aik@ozlabs.ru \
    --cc=lvivier@redhat.com \
    --cc=mark.cave-ayland@ilande.co.uk \
    --cc=mdroth@linux.vnet.ibm.com \
    --cc=peter.maydell@linaro.org \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu-ppc@nongnu.org \
    --cc=thuth@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).