On 11/30/22 22:48, Daniel Hoffman wrote:
> Signed-off-by: Daniel Hoffman <dhoff749@gmail.com>
> ---
> target/i386/tcg/sysemu/excp_helper.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/target/i386/tcg/sysemu/excp_helper.c b/target/i386/tcg/sysemu/excp_helper.c
> index 405a5d414a..6a93e96eb7 100644
> --- a/target/i386/tcg/sysemu/excp_helper.c
> +++ b/target/i386/tcg/sysemu/excp_helper.c
> @@ -595,6 +595,7 @@ bool x86_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
> CPUX86State *env = cs->env_ptr;
> TranslateResult out;
> TranslateFault err;
> + bool use_stage2 = env->hflags2 & HF2_NPT_MASK;
>
> if (get_physical_address(env, addr, access_type, mmu_idx, &out, &err)) {
> /*
> @@ -615,7 +616,7 @@ bool x86_cpu_tlb_fill(CPUState *cs, vaddr addr, int size,
> return false;
> }
>
> - if (err.stage2 != S2_NONE) {
> + if (use_stage2 && err.stage2 != S2_NONE) {
> raise_stage2(env, &err, retaddr);
> }
>
The patch description is missing, which might have included some indication of how the
problem might have been triggered.
From inspection I can guess that it comes from the incomplete initialization of
TranslateFault in get_physical_address, after the check for a canonical address form. In
any case this is not an ideal fix.
r~