diff options
author | Julio Guerra <julio@farjump.io> | 2015-10-14 19:43:19 +0200 |
---|---|---|
committer | Michael Tokarev <mjt@tls.msk.ru> | 2015-11-06 15:42:38 +0300 |
commit | 3ede8f699645f4ca7cdbc40d8139e5a0275b4805 (patch) | |
tree | 6f2711f4b219da38e51aad88bb6b97f30b18017b | |
parent | 68851b98e5bf6d397498b74f1776801274ab8d48 (diff) | |
download | qemu-3ede8f699645f4ca7cdbc40d8139e5a0275b4805.zip qemu-3ede8f699645f4ca7cdbc40d8139e5a0275b4805.tar.gz qemu-3ede8f699645f4ca7cdbc40d8139e5a0275b4805.tar.bz2 |
taget-ppc: Fix read access to IBAT registers higher than IBAT3
Fix the index used to read the IBAT's vector which results in IBAT0..3 instead
of IBAT4..N.
The bug appeared by saving/restoring contexts including IBATs values.
Signed-off-by: Julio Guerra <julio@farjump.io>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
-rw-r--r-- | target-ppc/translate_init.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/target-ppc/translate_init.c b/target-ppc/translate_init.c index 4934c80..e88dc7f 100644 --- a/target-ppc/translate_init.c +++ b/target-ppc/translate_init.c @@ -305,7 +305,7 @@ static void spr_read_ibat (DisasContext *ctx, int gprn, int sprn) static void spr_read_ibat_h (DisasContext *ctx, int gprn, int sprn) { - tcg_gen_ld_tl(cpu_gpr[gprn], cpu_env, offsetof(CPUPPCState, IBAT[sprn & 1][(sprn - SPR_IBAT4U) / 2])); + tcg_gen_ld_tl(cpu_gpr[gprn], cpu_env, offsetof(CPUPPCState, IBAT[sprn & 1][((sprn - SPR_IBAT4U) / 2) + 4])); } static void spr_write_ibatu (DisasContext *ctx, int sprn, int gprn) |