[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-ppc] [PULL 5/8] target/ppc: Fix QEMU crash with stxsdx
From: |
David Gibson |
Subject: |
[Qemu-ppc] [PULL 5/8] target/ppc: Fix QEMU crash with stxsdx |
Date: |
Fri, 29 Mar 2019 14:29:26 +1100 |
From: Greg Kurz <address@hidden>
I've been hitting several QEMU crashes while running a fedora29 ppc64le
guest under TCG. Each time, this would occur several minutes after the
guest reached login:
Fedora 29 (Twenty Nine)
Kernel 4.20.6-200.fc29.ppc64le on an ppc64le (hvc0)
Web console: https://localhost:9090/
localhost login:
tcg/tcg.c:3211: tcg fatal error
This happens because a bug crept up in the gen_stxsdx() helper when it
was converted to use VSR register accessors by commit 8b3b2d75c7c04
"target/ppc: introduce get_cpu_vsr{l,h}() and set_cpu_vsr{l,h}() helpers
for VSR register access".
The code creates a temporary, passes it directly to gen_qemu_st64_i64()
and then to set_cpu_vrsh()... which looks like this was mistakenly
coded as a load instead of a store.
Reverse the logic: read the VSR to the temporary first and then store
it to memory.
Fixes: 8b3b2d75c7c0481544e277dad226223245e058eb
Signed-off-by: Greg Kurz <address@hidden>
Message-Id: <address@hidden>
Reviewed-by: Mark Cave-Ayland <address@hidden>
Signed-off-by: David Gibson <address@hidden>
---
target/ppc/translate/vsx-impl.inc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/ppc/translate/vsx-impl.inc.c
b/target/ppc/translate/vsx-impl.inc.c
index 508e9199c8..489b2436e4 100644
--- a/target/ppc/translate/vsx-impl.inc.c
+++ b/target/ppc/translate/vsx-impl.inc.c
@@ -356,8 +356,8 @@ static void gen_##name(DisasContext *ctx)
\
gen_set_access_type(ctx, ACCESS_INT); \
EA = tcg_temp_new(); \
gen_addr_reg_index(ctx, EA); \
+ get_cpu_vsrh(t0, xS(ctx->opcode)); \
gen_qemu_##operation(ctx, t0, EA); \
- set_cpu_vsrh(xS(ctx->opcode), t0); \
tcg_temp_free(EA); \
tcg_temp_free_i64(t0); \
}
--
2.20.1
- [Qemu-ppc] [PULL 0/8] ppc-for-4.0 queue 20190329, David Gibson, 2019/03/28
- [Qemu-ppc] [PULL 3/8] target/ppc: Consolidate 64-bit server processor detection in a helper, David Gibson, 2019/03/28
- [Qemu-ppc] [PULL 2/8] target/ppc: Enable "decrement and test CTR" version of bcctr, David Gibson, 2019/03/28
- [Qemu-ppc] [PULL 5/8] target/ppc: Fix QEMU crash with stxsdx,
David Gibson <=
- [Qemu-ppc] [PULL 8/8] exec: Only count mapped memory backends for qemu_getrampagesize(), David Gibson, 2019/03/28
- [Qemu-ppc] [PULL 7/8] spapr/irq: Add XIVE sanity checks on non-P9 machines, David Gibson, 2019/03/28
- [Qemu-ppc] [PULL 6/8] spapr: Simplify handling of host-serial and host-model values, David Gibson, 2019/03/28
- [Qemu-ppc] [PULL 4/8] target/ppc: Improve comment of bcctr used for spectre v2 mitigation, David Gibson, 2019/03/28
- [Qemu-ppc] [PULL 1/8] target/ppc: Fix TCG temporary leaks in gen_bcond(), David Gibson, 2019/03/28
- Re: [Qemu-ppc] [PULL 0/8] ppc-for-4.0 queue 20190329, Peter Maydell, 2019/03/29