From nobody Sun Apr 28 09:32:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1511890632496374.7004802094881; Tue, 28 Nov 2017 09:37:12 -0800 (PST) Received: from localhost ([::1]:39307 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eJjod-0005YH-Pm for importer@patchew.org; Tue, 28 Nov 2017 12:37:03 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:55405) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eJjmz-0004fJ-I6 for qemu-devel@nongnu.org; Tue, 28 Nov 2017 12:35:42 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eJjmY-0003JX-4j for qemu-devel@nongnu.org; Tue, 28 Nov 2017 12:35:21 -0500 Received: from orth.archaic.org.uk ([2001:8b0:1d0::2]:38614) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eJjlr-0002tC-Px; Tue, 28 Nov 2017 12:34:11 -0500 Received: from pm215 by orth.archaic.org.uk with local (Exim 4.89) (envelope-from ) id 1eJjlo-0002Ce-P0; Tue, 28 Nov 2017 17:34:08 +0000 From: Peter Maydell To: qemu-arm@nongnu.org, qemu-devel@nongnu.org Date: Tue, 28 Nov 2017 17:34:07 +0000 Message-Id: <1511890447-13601-1-git-send-email-peter.maydell@linaro.org> X-Mailer: git-send-email 2.7.4 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2001:8b0:1d0::2 Subject: [Qemu-devel] [PATCH] linux-user/arm/nwfpe: Check coprocessor number for FPA emulation X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Riku Voipio , Richard Henderson , =?UTF-8?q?Alex=20Benn=C3=A9e?= , Laurent Vivier , patches@linaro.org Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Our copy of the nwfpe code for emulating of the old FPA11 floating point unit doesn't check the coprocessor number in the instruction when it emulates it. This means that we might treat some instructions which should really UNDEF as being FPA11 instructions by accident. The kernel's copy of the nwfpe code doesn't make this error; I suspect the bug was noticed and fixed as part of the process of mainlining the nwfpe code more than a decade ago. Add a check that the coprocessor number (which is always in bits [11:8] of the instruction) is either 1 or 2, which is where the FPA11 lives. Reported-by: Richard Henderson Signed-off-by: Peter Maydell Reviewed-by: Richard Henderson --- Tested with a chroot of arm debian lenny, which is the last one that still used the calling convention that mandated use of the old FPA11 FPU and thus needs nwfpe emulation. --- linux-user/arm/nwfpe/fpa11.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/linux-user/arm/nwfpe/fpa11.c b/linux-user/arm/nwfpe/fpa11.c index 441e3b1..f6f8163 100644 --- a/linux-user/arm/nwfpe/fpa11.c +++ b/linux-user/arm/nwfpe/fpa11.c @@ -137,8 +137,17 @@ unsigned int EmulateAll(unsigned int opcode, FPA11* qf= pa, CPUARMState* qregs) unsigned int nRc =3D 0; // unsigned long flags; FPA11 *fpa11; + unsigned int cp; // save_flags(flags); sti(); =20 + /* Check that this is really an FPA11 instruction: the coprocessor + * field in bits [11:8] must be 1 or 2. + */ + cp =3D (opcode >> 8) & 0xf; + if (cp !=3D 1 && cp !=3D 2) { + return 0; + } + qemufpa=3Dqfpa; user_registers=3Dqregs; =20 --=20 2.7.4