One of the side effects of making vaddr always 64 bits is there are places where we assume it is sized to the guest. As a result a simple shift might bring in extra bits.
Using extract32 stops the crash in: ./pyvenv/bin/meson test qtest-ppc/prom-env-test with TCI enabled but the test still hangs. Over to you PPC maintainers ;-) Signed-off-by: Alex Bennée <[email protected]> --- target/ppc/mmu-hash32.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/ppc/mmu-hash32.c b/target/ppc/mmu-hash32.c index 8b980a5aa90..ce9c86ceacd 100644 --- a/target/ppc/mmu-hash32.c +++ b/target/ppc/mmu-hash32.c @@ -342,7 +342,7 @@ bool ppc_hash32_xlate(PowerPCCPU *cpu, vaddr eaddr, MMUAccessType access_type, } /* 3. Look up the Segment Register */ - sr = env->sr[eaddr >> 28]; + sr = env->sr[extract32(eaddr, 28, 4)]; /* 4. Handle direct store segments */ if (sr & SR32_T) { -- 2.47.3
