In guest_exit_cont we call kvmhv_commence_exit which expects the trap
number as the argument. However r3 doesn't contain the trap number at
this point and as a result we would be calling the function with a
spurious trap number.
Fix this by copying r12 into r3 before calling kvmhv_commence_exit as
r12 contains the trap number
Signed-off-by: Gautham R. Shenoy <[email protected]>
---
arch/powerpc/kvm/book3s_hv_rmhandlers.S | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/powerpc/kvm/book3s_hv_rmhandlers.S b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
index 4d70df2..f0d7c54 100644
--- a/arch/powerpc/kvm/book3s_hv_rmhandlers.S
+++ b/arch/powerpc/kvm/book3s_hv_rmhandlers.S
@@ -1170,6 +1170,7 @@ mc_cont:
bl kvmhv_accumulate_time
#endif
+ mr r3, r12
/* Increment exit count, poke other threads to exit */
bl kvmhv_commence_exit
nop
--
1.9.3
On Thu, May 21, 2015 at 01:57:04PM +0530, Gautham R. Shenoy wrote:
> In guest_exit_cont we call kvmhv_commence_exit which expects the trap
> number as the argument. However r3 doesn't contain the trap number at
> this point and as a result we would be calling the function with a
> spurious trap number.
>
> Fix this by copying r12 into r3 before calling kvmhv_commence_exit as
> r12 contains the trap number
>
> Signed-off-by: Gautham R. Shenoy <[email protected]>
Hi Gautham,
I agree with your logic: r3 is quite clearly corrupted in that path. So:
Reviewed-by: Sam Bobroff <[email protected]>
Just one comment: Do you have a case of this causing some visible problem due
to the corrupted trap number? (I'll test the patch if you do.)
Cheers,
Sam.
Hi Sam,
On Fri, Aug 14, 2015 at 03:07:28PM +1000, Sam Bobroff wrote:
> On Thu, May 21, 2015 at 01:57:04PM +0530, Gautham R. Shenoy wrote:
> > In guest_exit_cont we call kvmhv_commence_exit which expects the trap
> > number as the argument. However r3 doesn't contain the trap number at
> > this point and as a result we would be calling the function with a
> > spurious trap number.
> >
> > Fix this by copying r12 into r3 before calling kvmhv_commence_exit as
> > r12 contains the trap number
> >
> > Signed-off-by: Gautham R. Shenoy <[email protected]>
>
> Hi Gautham,
>
> I agree with your logic: r3 is quite clearly corrupted in that path. So:
>
> Reviewed-by: Sam Bobroff <[email protected]>
>
> Just one comment: Do you have a case of this causing some visible problem due
> to the corrupted trap number? (I'll test the patch if you do.)
>
Actually no! I found this bug while reviewing the code for some other issue.
> Cheers,
> Sam.
--
Thanks and Regards
gautham.