s390 tcg breakage - Patchwork

Message ID	1E58A03D-3CD1-495E-840E-9DB7574F3638@suse.de
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Apple Message framework v1278) From: Alexander Graf <agraf@suse.de> Date: Mon, 25 Mar 2013 14:19:00 +0100 Content-Transfer-Encoding: quoted-printable Message-Id: <1E58A03D-3CD1-495E-840E-9DB7574F3638@suse.de> To: Richard Henderson <rth@twiddle.net> Cc: "<qemu-devel@nongnu.org> qemu-devel" <qemu-devel@nongnu.org> Subject: [Qemu-devel] s390 tcg breakage Precedence: list Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

Message ID

1E58A03D-3CD1-495E-840E-9DB7574F3638@suse.de

State

New

Headers

Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Apple Message framework v1278)
From: Alexander Graf <agraf@suse.de>
Date: Mon, 25 Mar 2013 14:19:00 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <1E58A03D-3CD1-495E-840E-9DB7574F3638@suse.de>
To: Richard Henderson <rth@twiddle.net>
Cc: "<qemu-devel@nongnu.org> qemu-devel" <qemu-devel@nongnu.org>
Subject: [Qemu-devel] s390 tcg breakage
Precedence: list
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

Commit Message

Alexander Graf March 25, 2013, 1:19 p.m. UTC

Hi Richard,

I've finally gotten around to debug why TCG on s390 hosts breaks for me. The reason turned out to be quite simple. The broken TB ends with a goto_tb instruction:

   exit_tb $0x3fffb258010

which gets translated into:

   0x90000040:	lgfi	%r2,-81428464
   0x90000046:	iihl	%r2,1023
   0x9000004a:	jg	0x91fffc10

which again leaves r2 as:

  0xffff03fffb258010

This is because lgfi leaves the register negative, but iihl doesn't replace the upper 16 bits, only [48..32].

The patch below fixes it for me, but I'm sure you can come up with something cleaner, better and working on non-ext-imm machines :).


Alex

Comments

Richard Henderson March 26, 2013, 12:13 a.m. UTC | #1

On 2013-03-25 06:19, Alexander Graf wrote:
> This is because lgfi leaves the register negative, but iihl doesn't replace the upper 16 bits, only [48..32].
>
> The patch below fixes it for me, but I'm sure you can come up with something cleaner, better and working on non-ext-imm machines :).

Oops, yes.  I've posted a patch that addresses the problem for real.


r~

diff --git a/tcg/s390/tcg-target.c b/tcg/s390/tcg-target.c
index e12a152..6b72ff4 100644
--- a/tcg/s390/tcg-target.c
+++ b/tcg/s390/tcg-target.c
@@ -775,13 +775,7 @@  static void tcg_out_movi(TCGContext *s, TCGType type,
     /* Insert data into the high 32-bits.  */
     uval = uval >> 31 >> 1;
     if (facilities & FACILITY_EXT_IMM) {
-        if (uval < 0x10000) {
-            tcg_out_insn(s, RI, IIHL, ret, uval);
-        } else if ((uval & 0xffff) == 0) {
-            tcg_out_insn(s, RI, IIHH, ret, uval >> 16);
-        } else {
-            tcg_out_insn(s, RIL, IIHF, ret, uval);
-        }
+        tcg_out_insn(s, RIL, IIHF, ret, uval);
     } else {
         if (uval & 0xffff) {
             tcg_out_insn(s, RI, IIHL, ret, uval);