qemu/target
David Hildenbrand 401bf46779 s390x/tcg: Don't ignore content in r0 when not specified via "b" or "x"
Using get_address() with register identifiers comming from an "r" field
is wrong: if the "r" field designates "r0", we don't read the content
and instead assume 0 - which should only be applied when the register
was specified via "b" or "x".

PoP 5-11 "Operand-Address Generation":
  "A zero in any of the B1, B2, X2, B3, or B4 fields indicates the absence
   of the corresponding address component. For the absent component, a zero
   is used in forming the intermediate sum, regardless of the contents of
   general register 0. A displacement of zero has no special significance."

This BUG became visible for CSPG as generated by LLVM-12 in the upstream
Linux kernel (v5.11-rc2), used while creating the linear mapping in
vmem_map_init(): Trying to store to address 0 results in a Low Address
Protection exception.

Debugging this was more complicated than it could have been: The program
interrupt handler in the kernel will try to crash the kernel: doing so, it
will enable DAT. As the linear mapping is not created yet (asce=0), we run
into an addressing exception while tring to walk non-existant DAT tables,
resulting in a program exception loop.

This allows for booting upstream Linux kernels compiled by clang-12. Most
of these cases seem to be broken forever.

Reported-by: Nick Desaulniers <ndesaulniers@google.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Tested-by: Nick Desaulniers <ndesaulniers@google.com>
Tested-by: Guenter Roeck <linux@roeck-us.net>
Cc: Guenter Roeck <linux@roeck-us.net>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Heiko Carstens <hca@linux.ibm.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210111163845.18148-4-david@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2021-01-21 11:19:45 +01:00
..
alpha migration: Replace migration's JSON writer by the general one 2020-12-19 10:39:16 +01:00
arm target/arm/m_helper: Silence GCC 10 maybe-uninitialized error 2021-01-19 15:45:14 +00:00
avr tcg: Make tb arg to synchronize_from_tb const 2021-01-07 05:09:41 -10:00
cris cris tcg cpus: Fix Lesser GPL version number 2020-11-15 16:39:05 +01:00
hppa tcg: Make tb arg to synchronize_from_tb const 2021-01-07 05:09:41 -10:00
i386 target/i386: Use X86Seg enum for segment registers 2021-01-12 17:05:10 +01:00
lm32 nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
m68k gdbstub: drop CPUEnv from gdb_exit() 2021-01-18 10:05:06 +00:00
microblaze tcg: Make tb arg to synchronize_from_tb const 2021-01-07 05:09:41 -10:00
mips target/mips: Remove vendor specific CPU definitions 2021-01-14 17:13:54 +01:00
moxie qom: Remove module_obj_name parameter from OBJECT_DECLARE* macros 2020-09-18 14:12:32 -04:00
nios2 gdbstub: drop CPUEnv from gdb_exit() 2021-01-18 10:05:06 +00:00
openrisc migration: Replace migration's JSON writer by the general one 2020-12-19 10:39:16 +01:00
ppc migration: Replace migration's JSON writer by the general one 2020-12-19 10:39:16 +01:00
riscv Testing, gdbstub and semihosting patches: 2021-01-18 12:10:20 +00:00
rx tcg: Make tb arg to synchronize_from_tb const 2021-01-07 05:09:41 -10:00
s390x s390x/tcg: Don't ignore content in r0 when not specified via "b" or "x" 2021-01-21 11:19:45 +01:00
sh4 tcg: Make tb arg to synchronize_from_tb const 2021-01-07 05:09:41 -10:00
sparc tcg: Make tb arg to synchronize_from_tb const 2021-01-07 05:09:41 -10:00
tilegx nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
tricore tcg: Make tb arg to synchronize_from_tb const 2021-01-07 05:09:41 -10:00
unicore32 target/unicore32/translate: Add missing fallthrough annotations 2020-12-18 09:14:22 +01:00
xtensa xtensa tcg cpus: Fix Lesser GPL version number 2020-11-15 16:40:15 +01:00
meson.build meson: target 2020-08-21 06:30:35 -04:00