powerpc: Wrap register number correctly for string load/store instructions

Michael Ellerman reported that emulate_loadstore() was trying to
access element 32 of regs->gpr[], which doesn't exist, when
emulating a string store instruction.  This is because the string
load and store instructions (lswi, lswx, stswi and stswx) are
defined to wrap around from register 31 to register 0 if the number
of bytes being loaded or stored is sufficiently large.  This wrapping
was not implemented in the emulation code.  To fix it, we mask the
register number after incrementing it.

Reported-by: Michael Ellerman <mpe@ellerman.id.au>
Fixes: c9f6f4ed95d4 ("powerpc: Implement emulation of string loads and stores")
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>

diff --git a/arch/powerpc/lib/sstep.c b/arch/powerpc/lib/sstep.c
index f168ea0..06dd61d 100644 (file)
--- a/arch/powerpc/lib/sstep.c
+++ b/arch/powerpc/lib/sstep.c
@@ -2865,7 +2865,8 @@ int emulate_loadstore(struct pt_regs *regs, struct instruction_op *op)
                                v32 = byterev_4(v32);
                        regs->gpr[rd] = v32;
                        ea += 4;
-                       ++rd;
+                       /* reg number wraps from 31 to 0 for lsw[ix] */
+                       rd = (rd + 1) & 0x1f;
                }
                break;
 
@@ -2934,7 +2935,8 @@ int emulate_loadstore(struct pt_regs *regs, struct instruction_op *op)
                        if (err)
                                break;
                        ea += 4;
-                       ++rd;
+                       /* reg number wraps from 31 to 0 for stsw[ix] */
+                       rd = (rd + 1) & 0x1f;
                }
                break;