7f3a3d3dc4
In several places in the 32-bit Arm translate.c, we try to use load_cpu_field() to load from a CPUARMState field into a TCGv_i32 where the field is actually 64-bit. This works on little-endian hosts, but gives the wrong half of the register on big-endian. Add a new load_cpu_field_low32() which loads the low 32 bits of a 64-bit field into a TCGv_i32. The new macro includes a compile-time check against accidentally using it on a field of the wrong size. Use it to fix the two places in the code where we were using load_cpu_field() on a 64-bit field. This fixes a bug where on big-endian hosts the guest would crash after executing an ERET instruction, and a more corner case one where some UNDEFs for attempted accesses to MSR banked registers from Secure EL1 might go to the wrong EL. Cc: qemu-stable@nongnu.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-id: 20230424153909.1419369-2-peter.maydell@linaro.org |
||
|---|---|---|
| .. | ||
| a32-uncond.decode | ||
| a32.decode | ||
| cpu32.c | ||
| cpu64.c | ||
| crypto_helper.c | ||
| helper-a64.c | ||
| hflags.c | ||
| iwmmxt_helper.c | ||
| m_helper.c | ||
| m-nocp.decode | ||
| meson.build | ||
| mte_helper.c | ||
| mve_helper.c | ||
| mve.decode | ||
| neon_helper.c | ||
| neon-dp.decode | ||
| neon-ls.decode | ||
| neon-shared.decode | ||
| op_helper.c | ||
| pauth_helper.c | ||
| psci.c | ||
| sme_helper.c | ||
| sme-fa64.decode | ||
| sme.decode | ||
| sve_helper.c | ||
| sve.decode | ||
| t16.decode | ||
| t32.decode | ||
| tlb_helper.c | ||
| translate-a64.c | ||
| translate-a64.h | ||
| translate-m-nocp.c | ||
| translate-mve.c | ||
| translate-neon.c | ||
| translate-sme.c | ||
| translate-sve.c | ||
| translate-vfp.c | ||
| translate.c | ||
| translate.h | ||
| vec_helper.c | ||
| vec_internal.h | ||
| vfp-uncond.decode | ||
| vfp.decode | ||