[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 05/21] target/s390x: Fix MVCRL with a large value in R0
From: |
Thomas Huth |
Subject: |
[PULL 05/21] target/s390x: Fix MVCRL with a large value in R0 |
Date: |
Mon, 10 Jul 2023 14:15:27 +0200 |
From: Ilya Leoshkevich <iii@linux.ibm.com>
Using a large R0 causes an assertion error:
qemu-s390x: target/s390x/tcg/mem_helper.c:183: access_prepare_nf: Assertion
`size > 0 && size <= 4096' failed.
Even though PoP explicitly advises against using more than 8 bits for the
size, an emulator crash is never a good thing.
Fix by truncating the size to 8 bits.
Fixes: ea0a1053e276 ("s390x/tcg: Implement Miscellaneous-Instruction-Extensions
Facility 3 for the s390x")
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Cc: qemu-stable@nongnu.org
Message-Id: <20230704081506.276055-5-iii@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
---
target/s390x/tcg/mem_helper.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/target/s390x/tcg/mem_helper.c b/target/s390x/tcg/mem_helper.c
index d02ec861d8..84ad85212c 100644
--- a/target/s390x/tcg/mem_helper.c
+++ b/target/s390x/tcg/mem_helper.c
@@ -514,6 +514,7 @@ void HELPER(mvcrl)(CPUS390XState *env, uint64_t l, uint64_t
dest, uint64_t src)
int32_t i;
/* MVCRL always copies one more byte than specified - maximum is 256 */
+ l &= 0xff;
l++;
access_prepare(&srca, env, src, l, MMU_DATA_LOAD, mmu_idx, ra);
--
2.39.3
- [PULL 00/21] s390x, qtest and misc patches before the 8.1 soft freeze, Thomas Huth, 2023/07/10
- [PULL 01/21] hw/s390x: Move KVM specific PV from hw/ to target/s390x/kvm/, Thomas Huth, 2023/07/10
- [PULL 03/21] target/s390x: Fix EPSW CC reporting, Thomas Huth, 2023/07/10
- [PULL 04/21] target/s390x: Fix MDEB and MDEBR, Thomas Huth, 2023/07/10
- [PULL 09/21] tests/tcg/s390x: Test EPSW, Thomas Huth, 2023/07/10
- [PULL 02/21] linux-user: elfload: Add more initial s390x PSW bits, Thomas Huth, 2023/07/10
- [PULL 07/21] target/s390x: Fix LRA when DAT is off, Thomas Huth, 2023/07/10
- [PULL 05/21] target/s390x: Fix MVCRL with a large value in R0,
Thomas Huth <=
- [PULL 06/21] target/s390x: Fix LRA overwriting the top 32 bits on DAT error, Thomas Huth, 2023/07/10
- [PULL 08/21] target/s390x: Fix relative long instructions with large offsets, Thomas Huth, 2023/07/10
- [PULL 12/21] tests/tcg/s390x: Test MDEB and MDEBR, Thomas Huth, 2023/07/10
- [PULL 10/21] tests/tcg/s390x: Test LARL with a large offset, Thomas Huth, 2023/07/10
- [PULL 11/21] tests/tcg/s390x: Test LRA, Thomas Huth, 2023/07/10
- [PULL 13/21] tests/tcg/s390x: Test MVCRL with a large value in R0, Thomas Huth, 2023/07/10
- [PULL 16/21] tests/qtest/readconfig: Test the docs/config/q35-*.cfg files, Thomas Huth, 2023/07/10