The exception vector offset calculation was moved into a function but the case when AIL=0 was not checked.
The reason we got away with this is that the sole caller of ppc_excp_vector_offset checks the AIL before calling the function: /* Handle AIL */ if (ail) { ... vector |= ppc_excp_vector_offset(cs, ail); } Fixes: 2586a4d7a0 ("target/ppc: Move exception vector offset computation into a function") Signed-off-by: Fabiano Rosas <faro...@linux.ibm.com> --- target/ppc/excp_helper.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c index 50b004d00d..5752ed4a4d 100644 --- a/target/ppc/excp_helper.c +++ b/target/ppc/excp_helper.c @@ -112,6 +112,8 @@ static uint64_t ppc_excp_vector_offset(CPUState *cs, int ail) uint64_t offset = 0; switch (ail) { + case AIL_NONE: + break; case AIL_0001_8000: offset = 0x18000; break; -- 2.23.0