Do not raise the exception directly within mmu_translate,
but pass it back so that caller may do so.
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
target/s390x/internal.h | 2 +-
target/s390x/excp_helper.c | 4 ++--
target/s390x/mem_helper.c | 13 +++++++---
target/s390x/mmu_helper.c | 49 +++++++++++++++-----------------------
4 files changed, 32 insertions(+), 36 deletions(-)
diff --git a/target/s390x/internal.h b/target/s390x/internal.h
index c4388aaf23..c993c3ef40 100644
--- a/target/s390x/internal.h
+++ b/target/s390x/internal.h
@@ -360,7 +360,7 @@ void probe_write_access(CPUS390XState *env, uint64_t addr, uint64_t len,
/* mmu_helper.c */
int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,
- target_ulong *raddr, int *flags, bool exc);
+ target_ulong *raddr, int *flags, uint64_t *tec);
int mmu_translate_real(CPUS390XState *env, target_ulong raddr, int rw,
target_ulong *addr, int *flags, uint64_t *tec);
diff --git a/target/s390x/excp_helper.c b/target/s390x/excp_helper.c
index 906b87c071..6a0728b65f 100644
--- a/target/s390x/excp_helper.c
+++ b/target/s390x/excp_helper.c
@@ -140,8 +140,8 @@ bool s390_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
if (!(env->psw.mask & PSW_MASK_64)) {
vaddr &= 0x7fffffff;
}
- fail = mmu_translate(env, vaddr, access_type, asc, &raddr, &prot, true);
- excp = 0; /* exception already raised */
+ excp = mmu_translate(env, vaddr, access_type, asc, &raddr, &prot, &tec);
+ fail = excp;
} else if (mmu_idx == MMU_REAL_IDX) {
/* 31-Bit mode */
if (!(env->psw.mask & PSW_MASK_64)) {
diff --git a/target/s390x/mem_helper.c b/target/s390x/mem_helper.c
index 7d2a652823..e15aa296dd 100644
--- a/target/s390x/mem_helper.c
+++ b/target/s390x/mem_helper.c
@@ -2364,8 +2364,8 @@ uint64_t HELPER(lra)(CPUS390XState *env, uint64_t addr)
CPUState *cs = env_cpu(env);
uint32_t cc = 0;
uint64_t asc = env->psw.mask & PSW_MASK_ASC;
- uint64_t ret;
- int old_exc, flags;
+ uint64_t ret, tec;
+ int old_exc, flags, exc;
/* XXX incomplete - has more corner cases */
if (!(env->psw.mask & PSW_MASK_64) && (addr >> 32)) {
@@ -2373,7 +2373,14 @@ uint64_t HELPER(lra)(CPUS390XState *env, uint64_t addr)
}
old_exc = cs->exception_index;
- if (mmu_translate(env, addr, 0, asc, &ret, &flags, true)) {
+ exc = mmu_translate(env, addr, 0, asc, &ret, &flags, &tec);
+ if (exc) {
+ /*
+ * We don't care about ILEN or TEC, as we're not going to
+ * deliver the exception -- thus resetting exception_index below.
+ * TODO: clean this up.
+ */
+ trigger_pgm_exception(env, exc, ILEN_UNWIND);
cc = 3;
}
if (cs->exception_index == EXCP_PGM) {
diff --git a/target/s390x/mmu_helper.c b/target/s390x/mmu_helper.c
index aa8712221e..8ea1c95549 100644
--- a/target/s390x/mmu_helper.c
+++ b/target/s390x/mmu_helper.c
@@ -369,17 +369,15 @@ static void mmu_handle_skey(target_ulong addr, int rw, int *flags)
* @return 0 if the translation was successful, -1 if a fault occurred
*/
int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,
- target_ulong *raddr, int *flags, bool exc)
+ target_ulong *raddr, int *flags, uint64_t *tec)
{
- /* Code accesses have an undefined ilc, let's use 2 bytes. */
- const int ilen = (rw == MMU_INST_FETCH) ? 2 : ILEN_AUTO;
- uint64_t tec = (vaddr & TARGET_PAGE_MASK) | (asc >> 46) |
- (rw == MMU_DATA_STORE ? FS_WRITE : FS_READ);
uint64_t asce;
int r;
-
+ *tec = (vaddr & TARGET_PAGE_MASK) | (asc >> 46) |
+ (rw == MMU_DATA_STORE ? FS_WRITE : FS_READ);
*flags = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
+
if (is_low_address(vaddr & TARGET_PAGE_MASK) && lowprot_enabled(env, asc)) {
/*
* If any part of this page is currently protected, make sure the
@@ -391,12 +389,9 @@ int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,
*/
*flags |= PAGE_WRITE_INV;
if (is_low_address(vaddr) && rw == MMU_DATA_STORE) {
- if (exc) {
- /* LAP sets bit 56 */
- tec |= 0x80;
- trigger_access_exception(env, PGM_PROTECTION, ilen, tec);
- }
- return -EACCES;
+ /* LAP sets bit 56 */
+ *tec |= 0x80;
+ return PGM_PROTECTION;
}
}
@@ -426,30 +421,21 @@ int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,
/* perform the DAT translation */
r = mmu_translate_asce(env, vaddr, asc, asce, raddr, flags, rw);
if (unlikely(r)) {
- if (exc) {
- trigger_access_exception(env, r, ilen, tec);
- }
- return -1;
+ return r;
}
/* check for DAT protection */
if (unlikely(rw == MMU_DATA_STORE && !(*flags & PAGE_WRITE))) {
- if (exc) {
- /* DAT sets bit 61 only */
- tec |= 0x4;
- trigger_access_exception(env, PGM_PROTECTION, ilen, tec);
- }
- return -1;
+ /* DAT sets bit 61 only */
+ *tec |= 0x4;
+ return PGM_PROTECTION;
}
/* check for Instruction-Execution-Protection */
if (unlikely(rw == MMU_INST_FETCH && !(*flags & PAGE_EXEC))) {
- if (exc) {
- /* IEP sets bit 56 and 61 */
- tec |= 0x84;
- trigger_access_exception(env, PGM_PROTECTION, ilen, tec);
- }
- return -1;
+ /* IEP sets bit 56 and 61 */
+ *tec |= 0x84;
+ return PGM_PROTECTION;
}
nodat:
@@ -473,9 +459,12 @@ static int translate_pages(S390CPU *cpu, vaddr addr, int nr_pages,
int ret, i, pflags;
for (i = 0; i < nr_pages; i++) {
- ret = mmu_translate(env, addr, is_write, asc, &pages[i], &pflags, true);
+ uint64_t tec;
+
+ ret = mmu_translate(env, addr, is_write, asc, &pages[i], &pflags, &tec);
if (ret) {
- return ret;
+ trigger_access_exception(env, ret, ILEN_AUTO, tec);
+ return -EFAULT;
}
if (!address_space_access_valid(&address_space_memory, pages[i],
TARGET_PAGE_SIZE, is_write,
--
2.17.1
On 27.09.19 21:39, Richard Henderson wrote:
> Do not raise the exception directly within mmu_translate,
> but pass it back so that caller may do so.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> target/s390x/internal.h | 2 +-
> target/s390x/excp_helper.c | 4 ++--
> target/s390x/mem_helper.c | 13 +++++++---
> target/s390x/mmu_helper.c | 49 +++++++++++++++-----------------------
> 4 files changed, 32 insertions(+), 36 deletions(-)
>
> diff --git a/target/s390x/internal.h b/target/s390x/internal.h
> index c4388aaf23..c993c3ef40 100644
> --- a/target/s390x/internal.h
> +++ b/target/s390x/internal.h
> @@ -360,7 +360,7 @@ void probe_write_access(CPUS390XState *env, uint64_t addr, uint64_t len,
>
> /* mmu_helper.c */
> int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,
> - target_ulong *raddr, int *flags, bool exc);
> + target_ulong *raddr, int *flags, uint64_t *tec);
> int mmu_translate_real(CPUS390XState *env, target_ulong raddr, int rw,
> target_ulong *addr, int *flags, uint64_t *tec);
>
> diff --git a/target/s390x/excp_helper.c b/target/s390x/excp_helper.c
> index 906b87c071..6a0728b65f 100644
> --- a/target/s390x/excp_helper.c
> +++ b/target/s390x/excp_helper.c
> @@ -140,8 +140,8 @@ bool s390_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
> if (!(env->psw.mask & PSW_MASK_64)) {
> vaddr &= 0x7fffffff;
> }
> - fail = mmu_translate(env, vaddr, access_type, asc, &raddr, &prot, true);
> - excp = 0; /* exception already raised */
> + excp = mmu_translate(env, vaddr, access_type, asc, &raddr, &prot, &tec);
> + fail = excp;
> } else if (mmu_idx == MMU_REAL_IDX) {
> /* 31-Bit mode */
> if (!(env->psw.mask & PSW_MASK_64)) {
> diff --git a/target/s390x/mem_helper.c b/target/s390x/mem_helper.c
> index 7d2a652823..e15aa296dd 100644
> --- a/target/s390x/mem_helper.c
> +++ b/target/s390x/mem_helper.c
> @@ -2364,8 +2364,8 @@ uint64_t HELPER(lra)(CPUS390XState *env, uint64_t addr)
> CPUState *cs = env_cpu(env);
> uint32_t cc = 0;
> uint64_t asc = env->psw.mask & PSW_MASK_ASC;
> - uint64_t ret;
> - int old_exc, flags;
> + uint64_t ret, tec;
> + int old_exc, flags, exc;
>
> /* XXX incomplete - has more corner cases */
> if (!(env->psw.mask & PSW_MASK_64) && (addr >> 32)) {
> @@ -2373,7 +2373,14 @@ uint64_t HELPER(lra)(CPUS390XState *env, uint64_t addr)
> }
>
> old_exc = cs->exception_index;
> - if (mmu_translate(env, addr, 0, asc, &ret, &flags, true)) {
> + exc = mmu_translate(env, addr, 0, asc, &ret, &flags, &tec);
> + if (exc) {
> + /*
> + * We don't care about ILEN or TEC, as we're not going to
> + * deliver the exception -- thus resetting exception_index below.
> + * TODO: clean this up.
> + */
> + trigger_pgm_exception(env, exc, ILEN_UNWIND);
> cc = 3;
> }
> if (cs->exception_index == EXCP_PGM) {
> diff --git a/target/s390x/mmu_helper.c b/target/s390x/mmu_helper.c
> index aa8712221e..8ea1c95549 100644
> --- a/target/s390x/mmu_helper.c
> +++ b/target/s390x/mmu_helper.c
> @@ -369,17 +369,15 @@ static void mmu_handle_skey(target_ulong addr, int rw, int *flags)
> * @return 0 if the translation was successful, -1 if a fault occurred
> */
> int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,
> - target_ulong *raddr, int *flags, bool exc)
> + target_ulong *raddr, int *flags, uint64_t *tec)
> {
> - /* Code accesses have an undefined ilc, let's use 2 bytes. */
> - const int ilen = (rw == MMU_INST_FETCH) ? 2 : ILEN_AUTO;
> - uint64_t tec = (vaddr & TARGET_PAGE_MASK) | (asc >> 46) |
> - (rw == MMU_DATA_STORE ? FS_WRITE : FS_READ);
> uint64_t asce;
> int r;
>
> -
> + *tec = (vaddr & TARGET_PAGE_MASK) | (asc >> 46) |
> + (rw == MMU_DATA_STORE ? FS_WRITE : FS_READ);
> *flags = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
> +
> if (is_low_address(vaddr & TARGET_PAGE_MASK) && lowprot_enabled(env, asc)) {
> /*
> * If any part of this page is currently protected, make sure the
> @@ -391,12 +389,9 @@ int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,
> */
> *flags |= PAGE_WRITE_INV;
> if (is_low_address(vaddr) && rw == MMU_DATA_STORE) {
> - if (exc) {
> - /* LAP sets bit 56 */
> - tec |= 0x80;
> - trigger_access_exception(env, PGM_PROTECTION, ilen, tec);
> - }
> - return -EACCES;
> + /* LAP sets bit 56 */
> + *tec |= 0x80;
> + return PGM_PROTECTION;
> }
> }
>
> @@ -426,30 +421,21 @@ int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,
> /* perform the DAT translation */
> r = mmu_translate_asce(env, vaddr, asc, asce, raddr, flags, rw);
> if (unlikely(r)) {
> - if (exc) {
> - trigger_access_exception(env, r, ilen, tec);
> - }
> - return -1;
> + return r;
> }
>
> /* check for DAT protection */
> if (unlikely(rw == MMU_DATA_STORE && !(*flags & PAGE_WRITE))) {
> - if (exc) {
> - /* DAT sets bit 61 only */
> - tec |= 0x4;
> - trigger_access_exception(env, PGM_PROTECTION, ilen, tec);
> - }
> - return -1;
> + /* DAT sets bit 61 only */
> + *tec |= 0x4;
> + return PGM_PROTECTION;
> }
>
> /* check for Instruction-Execution-Protection */
> if (unlikely(rw == MMU_INST_FETCH && !(*flags & PAGE_EXEC))) {
> - if (exc) {
> - /* IEP sets bit 56 and 61 */
> - tec |= 0x84;
> - trigger_access_exception(env, PGM_PROTECTION, ilen, tec);
> - }
> - return -1;
> + /* IEP sets bit 56 and 61 */
> + *tec |= 0x84;
> + return PGM_PROTECTION;
> }
>
> nodat:
> @@ -473,9 +459,12 @@ static int translate_pages(S390CPU *cpu, vaddr addr, int nr_pages,
> int ret, i, pflags;
>
> for (i = 0; i < nr_pages; i++) {
> - ret = mmu_translate(env, addr, is_write, asc, &pages[i], &pflags, true);
> + uint64_t tec;
> +
> + ret = mmu_translate(env, addr, is_write, asc, &pages[i], &pflags, &tec);
> if (ret) {
> - return ret;
> + trigger_access_exception(env, ret, ILEN_AUTO, tec);
> + return -EFAULT;
> }
> if (!address_space_access_valid(&address_space_memory, pages[i],
> TARGET_PAGE_SIZE, is_write,
>
Reviewed-by: David Hildenbrand <david@redhat.com>
--
Thanks,
David / dhildenb
On 27.09.19 21:39, Richard Henderson wrote:
> Do not raise the exception directly within mmu_translate,
> but pass it back so that caller may do so.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> target/s390x/internal.h | 2 +-
> target/s390x/excp_helper.c | 4 ++--
> target/s390x/mem_helper.c | 13 +++++++---
> target/s390x/mmu_helper.c | 49 +++++++++++++++-----------------------
> 4 files changed, 32 insertions(+), 36 deletions(-)
>
> diff --git a/target/s390x/internal.h b/target/s390x/internal.h
> index c4388aaf23..c993c3ef40 100644
> --- a/target/s390x/internal.h
> +++ b/target/s390x/internal.h
> @@ -360,7 +360,7 @@ void probe_write_access(CPUS390XState *env, uint64_t addr, uint64_t len,
>
> /* mmu_helper.c */
> int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,
> - target_ulong *raddr, int *flags, bool exc);
> + target_ulong *raddr, int *flags, uint64_t *tec);
> int mmu_translate_real(CPUS390XState *env, target_ulong raddr, int rw,
> target_ulong *addr, int *flags, uint64_t *tec);
>
> diff --git a/target/s390x/excp_helper.c b/target/s390x/excp_helper.c
> index 906b87c071..6a0728b65f 100644
> --- a/target/s390x/excp_helper.c
> +++ b/target/s390x/excp_helper.c
> @@ -140,8 +140,8 @@ bool s390_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
> if (!(env->psw.mask & PSW_MASK_64)) {
> vaddr &= 0x7fffffff;
> }
> - fail = mmu_translate(env, vaddr, access_type, asc, &raddr, &prot, true);
> - excp = 0; /* exception already raised */
> + excp = mmu_translate(env, vaddr, access_type, asc, &raddr, &prot, &tec);
> + fail = excp;
> } else if (mmu_idx == MMU_REAL_IDX) {
> /* 31-Bit mode */
> if (!(env->psw.mask & PSW_MASK_64)) {
> diff --git a/target/s390x/mem_helper.c b/target/s390x/mem_helper.c
> index 7d2a652823..e15aa296dd 100644
> --- a/target/s390x/mem_helper.c
> +++ b/target/s390x/mem_helper.c
> @@ -2364,8 +2364,8 @@ uint64_t HELPER(lra)(CPUS390XState *env, uint64_t addr)
> CPUState *cs = env_cpu(env);
> uint32_t cc = 0;
> uint64_t asc = env->psw.mask & PSW_MASK_ASC;
> - uint64_t ret;
> - int old_exc, flags;
> + uint64_t ret, tec;
> + int old_exc, flags, exc;
>
> /* XXX incomplete - has more corner cases */
> if (!(env->psw.mask & PSW_MASK_64) && (addr >> 32)) {
> @@ -2373,7 +2373,14 @@ uint64_t HELPER(lra)(CPUS390XState *env, uint64_t addr)
> }
>
> old_exc = cs->exception_index;
> - if (mmu_translate(env, addr, 0, asc, &ret, &flags, true)) {
> + exc = mmu_translate(env, addr, 0, asc, &ret, &flags, &tec);
> + if (exc) {
> + /*
> + * We don't care about ILEN or TEC, as we're not going to
> + * deliver the exception -- thus resetting exception_index below.
> + * TODO: clean this up.
> + */
> + trigger_pgm_exception(env, exc, ILEN_UNWIND);
> cc = 3;
> }
> if (cs->exception_index == EXCP_PGM) {
> diff --git a/target/s390x/mmu_helper.c b/target/s390x/mmu_helper.c
> index aa8712221e..8ea1c95549 100644
> --- a/target/s390x/mmu_helper.c
> +++ b/target/s390x/mmu_helper.c
> @@ -369,17 +369,15 @@ static void mmu_handle_skey(target_ulong addr, int rw, int *flags)
> * @return 0 if the translation was successful, -1 if a fault occurred
> */
> int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,
> - target_ulong *raddr, int *flags, bool exc)
> + target_ulong *raddr, int *flags, uint64_t *tec)
> {
> - /* Code accesses have an undefined ilc, let's use 2 bytes. */
> - const int ilen = (rw == MMU_INST_FETCH) ? 2 : ILEN_AUTO;
> - uint64_t tec = (vaddr & TARGET_PAGE_MASK) | (asc >> 46) |
> - (rw == MMU_DATA_STORE ? FS_WRITE : FS_READ);
> uint64_t asce;
> int r;
>
> -
> + *tec = (vaddr & TARGET_PAGE_MASK) | (asc >> 46) |
> + (rw == MMU_DATA_STORE ? FS_WRITE : FS_READ);
> *flags = PAGE_READ | PAGE_WRITE | PAGE_EXEC;
> +
> if (is_low_address(vaddr & TARGET_PAGE_MASK) && lowprot_enabled(env, asc)) {
> /*
> * If any part of this page is currently protected, make sure the
> @@ -391,12 +389,9 @@ int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,
> */
> *flags |= PAGE_WRITE_INV;
> if (is_low_address(vaddr) && rw == MMU_DATA_STORE) {
> - if (exc) {
> - /* LAP sets bit 56 */
> - tec |= 0x80;
> - trigger_access_exception(env, PGM_PROTECTION, ilen, tec);
> - }
> - return -EACCES;
> + /* LAP sets bit 56 */
> + *tec |= 0x80;
> + return PGM_PROTECTION;
> }
> }
>
> @@ -426,30 +421,21 @@ int mmu_translate(CPUS390XState *env, target_ulong vaddr, int rw, uint64_t asc,
> /* perform the DAT translation */
> r = mmu_translate_asce(env, vaddr, asc, asce, raddr, flags, rw);
> if (unlikely(r)) {
> - if (exc) {
> - trigger_access_exception(env, r, ilen, tec);
> - }
> - return -1;
> + return r;
> }
>
> /* check for DAT protection */
> if (unlikely(rw == MMU_DATA_STORE && !(*flags & PAGE_WRITE))) {
> - if (exc) {
> - /* DAT sets bit 61 only */
> - tec |= 0x4;
> - trigger_access_exception(env, PGM_PROTECTION, ilen, tec);
> - }
> - return -1;
> + /* DAT sets bit 61 only */
> + *tec |= 0x4;
> + return PGM_PROTECTION;
> }
>
> /* check for Instruction-Execution-Protection */
> if (unlikely(rw == MMU_INST_FETCH && !(*flags & PAGE_EXEC))) {
> - if (exc) {
> - /* IEP sets bit 56 and 61 */
> - tec |= 0x84;
> - trigger_access_exception(env, PGM_PROTECTION, ilen, tec);
> - }
> - return -1;
> + /* IEP sets bit 56 and 61 */
> + *tec |= 0x84;
> + return PGM_PROTECTION;
> }
>
> nodat:
> @@ -473,9 +459,12 @@ static int translate_pages(S390CPU *cpu, vaddr addr, int nr_pages,
> int ret, i, pflags;
>
> for (i = 0; i < nr_pages; i++) {
> - ret = mmu_translate(env, addr, is_write, asc, &pages[i], &pflags, true);
> + uint64_t tec;
> +
> + ret = mmu_translate(env, addr, is_write, asc, &pages[i], &pflags, &tec);
> if (ret) {
> - return ret;
> + trigger_access_exception(env, ret, ILEN_AUTO, tec);
> + return -EFAULT;
> }
> if (!address_space_access_valid(&address_space_memory, pages[i],
> TARGET_PAGE_SIZE, is_write,
>
This patch breaks "tests/test-hmp"
[dhildenb@desktop qemu]$ LANG=C make check-qtest-s390x
make[1]: Entering directory '/home/dhildenb/git/qemu/slirp'
make[1]: Nothing to be done for 'all'.
make[1]: Leaving directory '/home/dhildenb/git/qemu/slirp'
CHK version_gen.h
TEST check-qtest-s390x: tests/boot-serial-test
TEST check-qtest-s390x: tests/pxe-test
TEST check-qtest-s390x: tests/test-netfilter
TEST check-qtest-s390x: tests/test-filter-mirror
TEST check-qtest-s390x: tests/test-filter-redirector
TEST check-qtest-s390x: tests/drive_del-test
TEST check-qtest-s390x: tests/device-plug-test
TEST check-qtest-s390x: tests/virtio-ccw-test
TEST check-qtest-s390x: tests/cpu-plug-test
TEST check-qtest-s390x: tests/migration-test
TEST check-qtest-s390x: tests/qmp-test
TEST check-qtest-s390x: tests/qmp-cmd-test
TEST check-qtest-s390x: tests/device-introspect-test
TEST check-qtest-s390x: tests/cdrom-test
TEST check-qtest-s390x: tests/machine-none-test
TEST check-qtest-s390x: tests/qom-test
TEST check-qtest-s390x: tests/test-hmp
Broken pipe
tests/libqtest.c:149: kill_qemu() detected QEMU death from signal 11
(Segmentation fault) (core dumped)
ERROR - too few tests run (expected 4, got 0)
make: *** [/home/dhildenb/git/qemu/tests/Makefile.include:901:
check-qtest-s390x] Error 1
Haven't looked at the detail, but I could imagine some debug page access.
The current combined tree resides at:
https://github.com/davidhildenbrand/qemu/tree/mmu_plus_rewind
--
Thanks,
David / dhildenb
On 10/1/19 8:30 AM, David Hildenbrand wrote: > TEST check-qtest-s390x: tests/test-hmp > Broken pipe > tests/libqtest.c:149: kill_qemu() detected QEMU death from signal 11 > (Segmentation fault) (core dumped) Missed a change to s390_cpu_get_phys_page_debug: (gdb) bt 4 #0 0x00005555557a4923 in mmu_translate (env=0x555555f7c330, vaddr=vaddr@entry=0, rw=rw@entry=0, asc=0, raddr=raddr@entry=0x7fffffffd010, flags=flags@entry=0x7fffffffd00c, tec=0x0) at /home/rth/qemu/qemu/target/s390x/mmu_helper.c:376 #1 0x000055555575a135 in s390_cpu_get_phys_page_debug (cs=<optimized out>, vaddr=0) at /home/rth/qemu/qemu/target/s390x/helper.c:70 #2 0x0000555555752219 in cpu_get_phys_page_attrs_debug (attrs=0x7fffffffd034, addr=0, cpu=<optimized out>) at /home/rth/qemu/qemu/include/hw/core/cpu.h:605 #3 0x0000555555752219 in hmp_gva2gpa (mon=0x555555f53310, qdict=<optimized out>) at /home/rth/qemu/qemu/monitor/misc.c:850 Irritating that the "0" produced an implicit null instead of a compile-time failure. Anyway, will fix and rebase on your mmu branch. r~
© 2016 - 2025 Red Hat, Inc.