]> git.proxmox.com Git - mirror_qemu.git/commitdiff
projects / mirror_qemu.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 68851b9)
taget-ppc: Fix read access to IBAT registers higher than IBAT3
authorJulio Guerra <julio@farjump.io>
Wed, 14 Oct 2015 17:43:19 +0000 (19:43 +0200)
committerMichael Tokarev <mjt@tls.msk.ru>
Fri, 6 Nov 2015 12:42:38 +0000 (15:42 +0300)
Fix the index used to read the IBAT's vector which results in IBAT0..3 instead
of IBAT4..N.

The bug appeared by saving/restoring contexts including IBATs values.

Signed-off-by: Julio Guerra <julio@farjump.io>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
target-ppc/translate_init.c patch | blob | blame | history

diff --git a/target-ppc/translate_init.c b/target-ppc/translate_init.c
index 4934c80b8f0bfb4cfbfa52065500fed6622140d5..e88dc7fc7aa385b30a2c5d6ce978a855a87a1474 100644 (file)
--- a/target-ppc/translate_init.c
+++ b/target-ppc/translate_init.c
@@ -305,7 +305,7 @@ static void spr_read_ibat (DisasContext *ctx, int gprn, int sprn)
 
 static void spr_read_ibat_h (DisasContext *ctx, int gprn, int sprn)
 {
-    tcg_gen_ld_tl(cpu_gpr[gprn], cpu_env, offsetof(CPUPPCState, IBAT[sprn & 1][(sprn - SPR_IBAT4U) / 2]));
+    tcg_gen_ld_tl(cpu_gpr[gprn], cpu_env, offsetof(CPUPPCState, IBAT[sprn & 1][((sprn - SPR_IBAT4U) / 2) + 4]));
 }
 
 static void spr_write_ibatu (DisasContext *ctx, int sprn, int gprn)
QEMU mirror