qemu/target/i386/tcg
Richard Henderson 8218c048be target/i386: Always completely initialize TranslateFault
In get_physical_address, the canonical address check failed to
set TranslateFault.stage2, which resulted in an uninitialized
read from the struct when reporting the fault in x86_cpu_tlb_fill.

Adjust all error paths to use structure assignment so that the
entire struct is always initialized.

Reported-by: Daniel Hoffman <dhoff749@gmail.com>
Fixes: 9bbcf37219 ("target/i386: Reorg GET_HPHYS")
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20221201074522.178498-1-richard.henderson@linaro.org>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1324
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2022-12-01 09:53:24 +01:00
..
sysemu target/i386: Always completely initialize TranslateFault 2022-12-01 09:53:24 +01:00
user target/i386: Raise #GP on unaligned m128 accesses when required. 2022-09-18 09:17:40 +02:00
bpt_helper.c compiler.h: replace QEMU_NORETURN with G_NORETURN 2022-04-21 17:03:51 +04:00
cc_helper_template.h
cc_helper.c target/i386: Expand eflags updates inline 2022-11-01 08:31:41 +11:00
decode-new.c.inc target/i386: allow MMX instructions with CR4.OSFXSR=0 2022-12-01 09:05:05 +01:00
decode-new.h target/i386: implement FMA instructions 2022-10-22 09:05:54 +02:00
emit.c.inc target/i386: implement FMA instructions 2022-10-22 09:05:54 +02:00
excp_helper.c target/i386: Raise #GP on unaligned m128 accesses when required. 2022-09-18 09:17:40 +02:00
fpu_helper.c target/i386: introduce function to set rounding mode from FPCW or MXCSR bits 2022-10-20 15:16:13 +02:00
helper-tcg.h target/i386: Raise #GP on unaligned m128 accesses when required. 2022-09-18 09:17:40 +02:00
int_helper.c exec/exec-all: Move 'qemu/log.h' include in units requiring it 2022-02-21 10:18:06 +01:00
mem_helper.c exec/memop: Adding signedness to quad definitions 2022-01-08 15:46:10 +10:00
meson.build i386: split svm_helper into sysemu and stub-only user 2021-05-10 15:41:51 -04:00
misc_helper.c compiler.h: replace QEMU_NORETURN with G_NORETURN 2022-04-21 17:03:51 +04:00
mpx_helper.c i386: move TCG cpu class initialization to tcg/ 2020-12-16 15:50:33 -05:00
seg_helper.c target/i386: Truncate values for lcall_real to i32 2022-10-11 09:36:01 +02:00
seg_helper.h i386: split seg_helper into user-only and sysemu parts 2021-05-10 15:41:52 -04:00
tcg-cpu.c target/i386: Convert to tcg_ops restore_state_to_opc 2022-10-26 11:11:28 +10:00
tcg-cpu.h target/i386: Move X86XSaveArea into TCG 2021-07-06 08:33:51 +02:00
tcg-stub.c
translate.c target/i386: hardcode R_EAX as destination register for LAHF/SAHF 2022-11-15 09:34:42 +10:00