QEMU-Devel Archive on lore.kernel.org
 help / color / Atom feed
From: David Hildenbrand <david@redhat.com>
To: qemu-devel@nongnu.org
Cc: Florian Weimer <fweimer@redhat.com>,
	Thomas Huth <thuth@redhat.com>,
	David Hildenbrand <david@redhat.com>,
	Cornelia Huck <cohuck@redhat.com>,
	Stefano Brivio <sbrivio@redhat.com>,
	qemu-s390x@nongnu.org, Richard Henderson <rth@twiddle.net>
Subject: [Qemu-devel] [PATCH v2 13/28] s390x/tcg: MVST: Fix storing back the addresses to registers
Date: Fri,  6 Sep 2019 09:57:35 +0200
Message-ID: <20190906075750.14791-14-david@redhat.com> (raw)
In-Reply-To: <20190906075750.14791-1-david@redhat.com>

24 and 31-bit address space handling is wrong when it comes to storing
back the addresses to the register.

Signed-off-by: David Hildenbrand <david@redhat.com>
---
 target/s390x/helper.h      |  2 +-
 target/s390x/insn-data.def |  2 +-
 target/s390x/mem_helper.c  | 20 ++++++++------------
 target/s390x/translate.c   |  8 ++++++--
 4 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/target/s390x/helper.h b/target/s390x/helper.h
index e9aff83b05..b32fce22ca 100644
--- a/target/s390x/helper.h
+++ b/target/s390x/helper.h
@@ -20,7 +20,7 @@ DEF_HELPER_FLAGS_4(mvn, TCG_CALL_NO_WG, void, env, i32, i64, i64)
 DEF_HELPER_FLAGS_4(mvo, TCG_CALL_NO_WG, void, env, i32, i64, i64)
 DEF_HELPER_FLAGS_4(mvpg, TCG_CALL_NO_WG, i32, env, i64, i64, i64)
 DEF_HELPER_FLAGS_4(mvz, TCG_CALL_NO_WG, void, env, i32, i64, i64)
-DEF_HELPER_4(mvst, i64, env, i64, i64, i64)
+DEF_HELPER_4(mvst, i32, env, i64, i32, i32)
 DEF_HELPER_4(ex, void, env, i32, i64, i64)
 DEF_HELPER_FLAGS_4(stam, TCG_CALL_NO_WG, void, env, i32, i64, i32)
 DEF_HELPER_FLAGS_4(lam, TCG_CALL_NO_WG, void, env, i32, i64, i32)
diff --git a/target/s390x/insn-data.def b/target/s390x/insn-data.def
index f421184fcd..449eee1662 100644
--- a/target/s390x/insn-data.def
+++ b/target/s390x/insn-data.def
@@ -637,7 +637,7 @@
 /* MOVE PAGE */
     C(0xb254, MVPG,    RRE,   Z,   r1_o, r2_o, 0, 0, mvpg, 0)
 /* MOVE STRING */
-    C(0xb255, MVST,    RRE,   Z,   r1_o, r2_o, 0, 0, mvst, 0)
+    C(0xb255, MVST,    RRE,   Z,   0, 0, 0, 0, mvst, 0)
 /* MOVE WITH OPTIONAL SPECIFICATION */
     C(0xc800, MVCOS,   SSF,   MVCOS, la1, a2, 0, 0, mvcos, 0)
 /* MOVE WITH OFFSET */
diff --git a/target/s390x/mem_helper.c b/target/s390x/mem_helper.c
index afcd452a00..8dd58b3ab1 100644
--- a/target/s390x/mem_helper.c
+++ b/target/s390x/mem_helper.c
@@ -694,8 +694,10 @@ uint32_t HELPER(mvpg)(CPUS390XState *env, uint64_t r0, uint64_t r1, uint64_t r2)
 }
 
 /* string copy (c is string terminator) */
-uint64_t HELPER(mvst)(CPUS390XState *env, uint64_t c, uint64_t d, uint64_t s)
+uint32_t HELPER(mvst)(CPUS390XState *env, uint64_t c, uint32_t r1, uint32_t r2)
 {
+    const uint64_t d = get_address(env, r1);
+    const uint64_t s = get_address(env, r2);
     uintptr_t ra = GETPC();
     uint32_t len;
 
@@ -703,8 +705,6 @@ uint64_t HELPER(mvst)(CPUS390XState *env, uint64_t c, uint64_t d, uint64_t s)
         s390_program_interrupt(env, PGM_SPECIFICATION, ILEN_AUTO, ra);
     }
     c = c & 0xff;
-    d = wrap_address(env, d);
-    s = wrap_address(env, s);
 
     /* Lest we fail to service interrupts in a timely manner, limit the
        amount of work we're willing to do.  For now, let's cap at 8k.  */
@@ -712,17 +712,13 @@ uint64_t HELPER(mvst)(CPUS390XState *env, uint64_t c, uint64_t d, uint64_t s)
         uint8_t v = cpu_ldub_data_ra(env, s + len, ra);
         cpu_stb_data_ra(env, d + len, v, ra);
         if (v == c) {
-            /* Complete.  Set CC=1 and advance R1.  */
-            env->cc_op = 1;
-            env->retxl = s;
-            return d + len;
+            set_address_zero(env, r1, d + len);
+            return 1;
         }
     }
-
-    /* Incomplete.  Set CC=3 and signal to advance R1 and R2.  */
-    env->cc_op = 3;
-    env->retxl = s + len;
-    return d + len;
+    set_address_zero(env, r1, d + len);
+    set_address_zero(env, r2, s + len);
+    return 3;
 }
 
 /* load access registers r1 to r3 from memory at a2 */
diff --git a/target/s390x/translate.c b/target/s390x/translate.c
index 2927247c82..b76e10d832 100644
--- a/target/s390x/translate.c
+++ b/target/s390x/translate.c
@@ -3488,9 +3488,13 @@ static DisasJumpType op_mvpg(DisasContext *s, DisasOps *o)
 
 static DisasJumpType op_mvst(DisasContext *s, DisasOps *o)
 {
-    gen_helper_mvst(o->in1, cpu_env, regs[0], o->in1, o->in2);
+    TCGv_i32 t1 = tcg_const_i32(get_field(s->fields, r1));
+    TCGv_i32 t2 = tcg_const_i32(get_field(s->fields, r2));
+
+    gen_helper_mvst(cc_op, cpu_env, regs[0], t1, t2);
+    tcg_temp_free_i32(t1);
+    tcg_temp_free_i32(t2);
     set_cc_static(s);
-    return_low128(o->in2);
     return DISAS_NEXT;
 }
 
-- 
2.21.0



  parent reply index

Thread overview: 68+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-06  7:57 [Qemu-devel] [PATCH v2 00/28] s390x/tcg: mem_helper: Fault-safe handling David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 01/28] s390x/tcg: Reset exception_index to -1 instead of 0 David Hildenbrand
2019-09-11 14:38   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 02/28] s390x/tcg: MVCL: Zero out unused bits of address David Hildenbrand
2019-09-11 14:40   ` Richard Henderson
2019-09-11 16:10     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 03/28] s390x/tcg: MVCL: Detect destructive overlaps David Hildenbrand
2019-09-11 14:42   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 04/28] s390x/tcg: MVCL: Process max 2k bytes at a time David Hildenbrand
2019-09-11 14:52   ` Richard Henderson
2019-09-11 15:07     ` Richard Henderson
2019-09-11 16:12       ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 05/28] s390x/tcg: MVC: Increment the length once David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 06/28] s390x/tcg: MVC: Use is_destructive_overlap() David Hildenbrand
2019-09-11 14:54   ` Richard Henderson
2019-09-11 16:13     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 07/28] s390x/tcg: MVPG: Check for specification exceptions David Hildenbrand
2019-09-11 14:57   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 08/28] s390x/tcg: MVPG: Properly wrap the addresses David Hildenbrand
2019-09-11 14:58   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 09/28] s390x/tcg: MVCLU/MVCLE: Process max 4k bytes at a time David Hildenbrand
2019-09-11 15:05   ` Richard Henderson
2019-09-11 16:14     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 10/28] s390x/tcg: MVCS/MVCP: Check for special operation exceptions David Hildenbrand
2019-09-11 15:08   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 11/28] s390x/tcg: MVCS/MVCP: Properly wrap the length David Hildenbrand
2019-09-11 15:11   ` Richard Henderson
2019-09-11 16:15     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 12/28] s390x/tcg: MVST: Check for specification exceptions David Hildenbrand
2019-09-11 15:14   ` Richard Henderson
2019-09-06  7:57 ` David Hildenbrand [this message]
2019-09-11 15:18   ` [Qemu-devel] [PATCH v2 13/28] s390x/tcg: MVST: Fix storing back the addresses to registers Richard Henderson
2019-09-11 16:15     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 14/28] s390x/tcg: Always use MMU_USER_IDX for CONFIG_USER_ONLY David Hildenbrand
2019-09-11 15:19   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 15/28] s390x/tcg: Fault-safe memset David Hildenbrand
2019-09-11 15:29   ` Richard Henderson
2019-09-11 16:18     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 16/28] s390x/tcg: Fault-safe memmove David Hildenbrand
2019-09-11 21:11   ` Richard Henderson
2019-09-11 22:03   ` Richard Henderson
2019-09-13 12:37     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 17/28] s390x/tcg: MVCS/MVCP: Use access_memmove_idx() David Hildenbrand
2019-09-11 21:13   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 18/28] s390x/tcg: MVC: Fault-safe handling on destructive overlaps David Hildenbrand
2019-09-11 21:20   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 19/28] s390x/tcg: MVCLU: Fault-safe handling David Hildenbrand
2019-09-11 21:24   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 20/28] s390x/tcg: OC: " David Hildenbrand
2019-09-11 21:26   ` Richard Henderson
2019-09-16 12:01     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 21/28] s390x/tcg: XC: " David Hildenbrand
2019-09-11 21:29   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 22/28] s390x/tcg: NC: " David Hildenbrand
2019-09-11 21:32   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 23/28] s390x/tcg: MVCIN: " David Hildenbrand
2019-09-11 21:35   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 24/28] s390x/tcg: MVN: " David Hildenbrand
2019-09-11 21:37   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 25/28] s390x/tcg: MVZ: " David Hildenbrand
2019-09-11 21:38   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 26/28] s390x/tcg: MVST: " David Hildenbrand
2019-09-11 21:52   ` Richard Henderson
2019-09-16 10:39     ` David Hildenbrand
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 27/28] s390x/tcg: MVO: " David Hildenbrand
2019-09-11 22:09   ` Richard Henderson
2019-09-06  7:57 ` [Qemu-devel] [PATCH v2 28/28] tests/tcg: target/s390x: Test MVO David Hildenbrand
2019-09-11 11:11 ` [Qemu-devel] [qemu-s390x] [PATCH v2 00/28] s390x/tcg: mem_helper: Fault-safe handling David Hildenbrand

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190906075750.14791-14-david@redhat.com \
    --to=david@redhat.com \
    --cc=cohuck@redhat.com \
    --cc=fweimer@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu-s390x@nongnu.org \
    --cc=rth@twiddle.net \
    --cc=sbrivio@redhat.com \
    --cc=thuth@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

QEMU-Devel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/qemu-devel/0 qemu-devel/git/0.git
	git clone --mirror https://lore.kernel.org/qemu-devel/1 qemu-devel/git/1.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 qemu-devel qemu-devel/ https://lore.kernel.org/qemu-devel \
		qemu-devel@nongnu.org
	public-inbox-index qemu-devel

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.nongnu.qemu-devel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git