target/s390x: Exit tb after executing ex_value

Message ID	20220630031635.271353-1-richard.henderson@linaro.org
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> From: Richard Henderson <richard.henderson@linaro.org> To: qemu-devel@nongnu.org Cc: qemu-s390x@nongnu.org, Sven Schnelle <svens@linux.ibm.com> Subject: [PATCH] target/s390x: Exit tb after executing ex_value Date: Thu, 30 Jun 2022 08:46:35 +0530 Message-Id: <20220630031635.271353-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2607:f8b0:4864:20::42a; envelope-from=richard.henderson@linaro.org; helo=mail-pf1-x42a.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
Series	target/s390x: Exit tb after executing ex_value \| expand target/s390x: Exit tb after executing ex_value

Message ID

20220630031635.271353-1-richard.henderson@linaro.org

State

New

Headers

From: Richard Henderson <richard.henderson@linaro.org>
To: qemu-devel@nongnu.org
Cc: qemu-s390x@nongnu.org,
	Sven Schnelle <svens@linux.ibm.com>
Subject: [PATCH] target/s390x: Exit tb after executing ex_value
Date: Thu, 30 Jun 2022 08:46:35 +0530
Message-Id: <20220630031635.271353-1-richard.henderson@linaro.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=2607:f8b0:4864:20::42a;
 envelope-from=richard.henderson@linaro.org; helo=mail-pf1-x42a.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>

Series

target/s390x: Exit tb after executing ex_value | expand

Commit Message

Richard Henderson June 30, 2022, 3:16 a.m. UTC

When EXECUTE sets ex_value to interrupt the constructed instruction,
we implicitly disable interrupts so that the value is not corrupted.
Exit to the main loop after execution, so that we re-evaluate any
pending interrupts.

Reported-by: Sven Schnelle <svens@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---

Hi Sven.  Will you test this vs your testcase?  Thanks,

r~

---
 target/s390x/tcg/translate.c | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

Comments

Sven Schnelle June 30, 2022, 8:47 a.m. UTC | #1

Hi Richard,

Richard Henderson <richard.henderson@linaro.org> writes:

> When EXECUTE sets ex_value to interrupt the constructed instruction,
> we implicitly disable interrupts so that the value is not corrupted.
> Exit to the main loop after execution, so that we re-evaluate any
> pending interrupts.
>
> Reported-by: Sven Schnelle <svens@linux.ibm.com>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
>
> Hi Sven.  Will you test this vs your testcase?  Thanks,

Of course, i'm happy if someone fixes this so i don't have to. :-)

Unfortunately it doesn't fix the issue:

exec_tb_exit tb:(nil) flags=0x0
exec_tb tb:0x3ff35c66f00 pc=0x400
exec_tb tb:0x3ff3410f300 pc=0x1edf7f8
tcg_handle_interrupt: 2
exec_tb_exit tb:0x3ff340d2d00 flags=0x3
ignoring irq during EX
ignoring irq during EX
exec_tb tb:0x3ff340d2d00 pc=0x1edf810

writing dc->base.is_jmp to the qemu log shows:

s390x_tr_translate_insn: is_jmp: 3
s390x_tr_translate_insn: is_jmp: 3
s390x_tr_translate_insn: is_jmp: 3
s390x_tr_translate_insn: is_jmp: 3
s390x_tr_translate_insn: is_jmp: 3
s390x_tr_translate_insn: is_jmp: 3
[..]

So is_jump is always 3, which is DISAS_TARGET_0. I think the
if (dc->base.is_jmp == DISAS_NEXT) condition therefore never matches.

diff --git a/target/s390x/tcg/translate.c b/target/s390x/tcg/translate.c
index fd2433d625..e52c2a4a6f 100644
--- a/target/s390x/tcg/translate.c
+++ b/target/s390x/tcg/translate.c
@@ -6620,11 +6620,18 @@  static void s390x_tr_translate_insn(DisasContextBase *dcbase, CPUState *cs)
 
     dc->base.is_jmp = translate_one(env, dc);
     if (dc->base.is_jmp == DISAS_NEXT) {
-        uint64_t page_start;
-
-        page_start = dc->base.pc_first & TARGET_PAGE_MASK;
-        if (dc->base.pc_next - page_start >= TARGET_PAGE_SIZE || dc->ex_value) {
-            dc->base.is_jmp = DISAS_TOO_MANY;
+        if (unlikely(dc->ex_value)) {
+            /*
+             * Because ex_value was set, s390_cpu_exec_interrupt may
+             * have skipped an interrupt.  Exit to the main loop to
+             * re-evaluate interrupts, as we do for LCTL.
+             */
+            dc->base.is_jmp = DISAS_PC_STALE_NOCHAIN;
+        } else {
+            uint64_t page_start = dc->base.pc_first & TARGET_PAGE_MASK;
+            if (dc->base.pc_next - page_start >= TARGET_PAGE_SIZE) {
+                dc->base.is_jmp = DISAS_TOO_MANY;
+            }
         }
     }
 }

target/s390x: Exit tb after executing ex_value

Commit Message

Comments

Patch