qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [RFC PATCH 0/1] ppc: loadvm corrupts excp_prefix


From: Kurban Mallachiev
Subject: [Qemu-devel] [RFC PATCH 0/1] ppc: loadvm corrupts excp_prefix
Date: Wed, 29 Nov 2017 19:22:18 +0300

On processors which don't support MSR_EP bit, loadvm command set exception 
prefix to an incorrect value and so guest OS freezes.

In cpu_post_load() there is:
        /* Invalidate all msr bits except MSR_TGPR/MSR_HVB before restoring */
        msr = env->msr;
        env->msr ^= ~((1ULL << MSR_TGPR) | MSR_HVB);
        ppc_store_msr(env, msr);

While hreg_store_msr() (called by ppc_store_msr) contains:
        value &= env->msr_mask;
        ...
        if (unlikely((value >> MSR_EP) & 1) != msr_ep) {
        /* Change the exception prefix on PowerPC 601 */
        ...

where msr_ep is ((env->msr >> MSR_EP) & 1).

If MSR_EP bit in msr_mask is zero, then MSR_EP in 'value' bit is zero, and 
MSR_EP bit in env->msr is 1. Condition '(value >> MSR_EP) & 1) != msr_ep' is 
true and so qemu changes exception prefix.

AFAIU we should multiply env->msr by msr_mask, but I am not sure where we 
should do it: inside hreg_store_msr or outside. This is why this patch is RFC.

Current version of the patch adds msr_mask multiplication before the 
hreg_store_msr call.

Kurban

Kurban Mallachiev (1):
  target-ppc: Don't invalidate non-supported msr bits

 target/ppc/machine.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

-- 
2.15.0




reply via email to

[Prev in Thread] Current Thread [Next in Thread]