| Message ID | 20230703155801.179167-5-iii@linux.ibm.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | target/s390x: Miscellaneous TCG fixes | expand |
On 03.07.23 17:50, Ilya Leoshkevich wrote: > Using a large R0 causes an assertion error: > > qemu-s390x: target/s390x/tcg/mem_helper.c:183: access_prepare_nf: Assertion `size > 0 && size <= 4096' failed. > > Even though PoP explicitly advises against using more than 8 bits for the > size, an emulator crash is never a good thing. > > Fix by truncating the size to 8 bits. > > Fixes: ea0a1053e276 ("s390x/tcg: Implement Miscellaneous-Instruction-Extensions Facility 3 for the s390x") > Cc: qemu-stable@nongnu.org > Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com> Reviewed-by: David Hildenbrand <david@redhat.com>
diff --git a/target/s390x/tcg/mem_helper.c b/target/s390x/tcg/mem_helper.c index d02ec861d8b..84ad85212c9 100644 --- a/target/s390x/tcg/mem_helper.c +++ b/target/s390x/tcg/mem_helper.c @@ -514,6 +514,7 @@ void HELPER(mvcrl)(CPUS390XState *env, uint64_t l, uint64_t dest, uint64_t src) int32_t i; /* MVCRL always copies one more byte than specified - maximum is 256 */ + l &= 0xff; l++; access_prepare(&srca, env, src, l, MMU_DATA_LOAD, mmu_idx, ra);
Using a large R0 causes an assertion error: qemu-s390x: target/s390x/tcg/mem_helper.c:183: access_prepare_nf: Assertion `size > 0 && size <= 4096' failed. Even though PoP explicitly advises against using more than 8 bits for the size, an emulator crash is never a good thing. Fix by truncating the size to 8 bits. Fixes: ea0a1053e276 ("s390x/tcg: Implement Miscellaneous-Instruction-Extensions Facility 3 for the s390x") Cc: qemu-stable@nongnu.org Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com> --- target/s390x/tcg/mem_helper.c | 1 + 1 file changed, 1 insertion(+)