qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] accel/tcg: Fix undefined jump with x86_cpu_tlb_fill

From: Richard Henderson
Subject: Re: [PATCH] accel/tcg: Fix undefined jump with x86_cpu_tlb_fill
Date: Wed, 30 Nov 2022 23:42:23 -0800
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.4.2 
On 11/30/22 22:48, Daniel Hoffman wrote:

Signed-off-by: Daniel Hoffman <dhoff749@gmail.com>
---
  target/i386/tcg/sysemu/excp_helper.c | 3 ++-
  1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/target/i386/tcg/sysemu/excp_helper.c 
b/target/i386/tcg/sysemu/excp_helper.c
index 405a5d414a..6a93e96eb7 100644
--- a/target/i386/tcg/sysemu/excp_helper.c
+++ b/target/i386/tcg/sysemu/excp_helper.c
@@ -595,6 +595,7 @@ bool x86_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
      CPUX86State *env = cs->env_ptr;
      TranslateResult out;
      TranslateFault err;
+    bool use_stage2 = env->hflags2 & HF2_NPT_MASK;
if (get_physical_address(env, addr, access_type, mmu_idx, &out, &err)) { 
          /*
@@ -615,7 +616,7 @@ bool x86_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
          return false;
      }
- if (err.stage2 != S2_NONE) { 
+    if (use_stage2 && err.stage2 != S2_NONE) {
          raise_stage2(env, &err, retaddr);
      }
The patch description is missing, which might have included some indication of how the problem might have been triggered.
From inspection I can guess that it comes from the incomplete initialization of TranslateFault in get_physical_address, after the check for a canonical address form. In any case this is not an ideal fix. 


r~
reply via email to
[Prev in Thread] Current Thread [Next in Thread]