From patchwork Wed Jul 20 15:57:40 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Dave Hansen <dave.hansen@intel.com>
X-Patchwork-Id: 9240005
Return-Path: 
 <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	D163B6077C for <patchwork-qemu-devel@patchwork.kernel.org>;
	Wed, 20 Jul 2016 16:48:41 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C301527C2C
	for <patchwork-qemu-devel@patchwork.kernel.org>;
	Wed, 20 Jul 2016 16:48:41 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id B76F627D29; Wed, 20 Jul 2016 16:48:41 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI
	autolearn=ham version=3.3.1
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 6E59127C2C
	for <patchwork-qemu-devel@patchwork.kernel.org>;
	Wed, 20 Jul 2016 16:48:40 +0000 (UTC)
Received: from localhost ([::1]:35757 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from
	<qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>)
	id 1bPufn-000079-6Z for patchwork-qemu-devel@patchwork.kernel.org;
	Wed, 20 Jul 2016 12:48:39 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:56793)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <dave@ray.jf.intel.com>) id 1bPuKf-00076y-D8
	for qemu-devel@nongnu.org; Wed, 20 Jul 2016 12:26:50 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <dave@ray.jf.intel.com>) id 1bPuKb-0005aa-0x
	for qemu-devel@nongnu.org; Wed, 20 Jul 2016 12:26:48 -0400
Received: from mga03.intel.com ([134.134.136.65]:46927)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <dave@ray.jf.intel.com>) id 1bPuKa-0005aN-R4
	for qemu-devel@nongnu.org; Wed, 20 Jul 2016 12:26:44 -0400
Received: from fmsmga004.fm.intel.com ([10.253.24.48])
	by orsmga103.jf.intel.com with ESMTP; 20 Jul 2016 08:57:49 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.28,394,1464678000"; d="scan'208";a="142626428"
Received: from ray.jf.intel.com (HELO ray) ([10.7.201.155])
	by fmsmga004.fm.intel.com with ESMTP; 20 Jul 2016 08:57:48 -0700
Received: by ray (Postfix, from userid 1000)
	id 0113F4DD; Wed, 20 Jul 2016 08:57:49 -0700 (PDT)
From: Dave Hansen <dave.hansen@intel.com>
To: dave@sr71.net,
	qemu-devel@nongnu.org
Date: Wed, 20 Jul 2016 08:57:40 -0700
Message-Id: <1469030260-28448-1-git-send-email-dave.hansen@intel.com>
X-Mailer: git-send-email 1.9.1
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 134.134.136.65
Subject: [Qemu-devel] [PATCH] i386 translation: fix typo in xsetbv
	implementation
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Dave Hansen <dave.hansen@intel.com>, Richard Henderson <rth@twiddle.net>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Eduardo Habkost <ehabkost@redhat.com>,
	Paolo Bonzini <pbonzini@redhat.com>
Errors-To: 
 qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>
X-Virus-Scanned: ClamAV using ClamSMTP

QEMU 2.6 added support for the XSAVE family of instructions, which
includes the XSETBV instruction which allows setting the 'XCR0'
register.

But, when booting Linux kernels with XSAVE support enabled, I was
getting very early crashes where the instruction pointer was set
to 0x3.  I tracked it down to a jump instruction generated by this:

	gen_jmp_im(s->pc - pc_start);

where s->pc is pointing to the instruction after XSETBV and pc_start
is pointing _at_ XSETBV.  Subtract the two and you get 0x3.  Whoops.

The fix is to replace this typo with the pattern found everywhere
else in the file when folks want to end the translation buffer.

Richard Henderson confirmed that this is a bug and that this is the
correct fix.

Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: Eduardo Habkost <ehabkost@redhat.com>
Cc: Richard Henderson <rth@twiddle.net>
Reviewed-by: Richard Henderson <rth@twiddle.net>
---
 target-i386/translate.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/target-i386/translate.c b/target-i386/translate.c
index 1a1214d..53a065c 100644
--- a/target-i386/translate.c
+++ b/target-i386/translate.c
@@ -7170,7 +7170,7 @@ static target_ulong disas_insn(CPUX86State *env, DisasContext *s,
             tcg_gen_trunc_tl_i32(cpu_tmp2_i32, cpu_regs[R_ECX]);
             gen_helper_xsetbv(cpu_env, cpu_tmp2_i32, cpu_tmp1_i64);
             /* End TB because translation flags may change.  */
-            gen_jmp_im(s->pc - pc_start);
+            gen_jmp_im(s->pc - s->cs_base);
             gen_eob(s);
             break;