aboutsummaryrefslogtreecommitdiff
path: root/target/s390x
diff options
context:
space:
mode:
authorDavid Hildenbrand <david@redhat.com>2018-07-18 11:23:30 +0200
committerCornelia Huck <cohuck@redhat.com>2018-07-18 14:20:02 +0200
commit677ff32db12bcd1bca3a3df733d2478896d6df96 (patch)
tree9798405dd80bda6600a3fce59730f14cc57b0ba9 /target/s390x
parentea6abffa8a08d832feb759d359d5b935e3087cf7 (diff)
downloadqemu-677ff32db12bcd1bca3a3df733d2478896d6df96.zip
qemu-677ff32db12bcd1bca3a3df733d2478896d6df96.tar.gz
qemu-677ff32db12bcd1bca3a3df733d2478896d6df96.tar.bz2
s390x/cpumodel: fix segmentation fault when baselining models
Usually, when baselining two CPU models, whereby one of them has base CPU features disabled (e.g. z14-base,msa=off), we fallback to an older model that did not have these features in the base model. We always try to create a "sane" CPU model (as far as possible), and one part of it is that removing base features is no good and to be avoided. Now, if we disable base features that were part of a z900, we're out of luck. We won't find a CPU model and QEMU will segfault. This is a scenario that should never happen in real life, but it can be used to crash QEMU. So let's properly report an error if we baseline e.g.: { "execute": "query-cpu-model-baseline", "arguments" : { "modela": { "name": "z14-base", "props": {"esan3" : false}}, "modelb": { "name": "z14"}} } Instead of segfaulting. Signed-off-by: David Hildenbrand <david@redhat.com> Message-Id: <20180718092330.19465-1-david@redhat.com> Acked-by: Christian Borntraeger <borntraeger@de.ibm.com> Signed-off-by: Cornelia Huck <cohuck@redhat.com>
Diffstat (limited to 'target/s390x')
-rw-r--r--target/s390x/cpu_models.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/target/s390x/cpu_models.c b/target/s390x/cpu_models.c
index cfdbccf..604898a 100644
--- a/target/s390x/cpu_models.c
+++ b/target/s390x/cpu_models.c
@@ -716,6 +716,14 @@ CpuModelBaselineInfo *arch_query_cpu_model_baseline(CpuModelInfo *infoa,
model.def = s390_find_cpu_def(cpu_type, max_gen, max_gen_ga,
model.features);
+
+ /* models without early base features (esan3) are bad */
+ if (!model.def) {
+ error_setg(errp, "No compatible CPU model could be created as"
+ " important base features are disabled");
+ return NULL;
+ }
+
/* strip off features not part of the max model */
bitmap_and(model.features, model.features, model.def->full_feat,
S390_FEAT_MAX);