1. Patchew
  2. QEMU
  3. [Qemu-devel] [PATCH 0/6] Some improvements in z/Arch instructions support
  4. View patch

[Qemu-devel] [PATCH 3/6] target/s390x: fix ipm polluting irrelevant bits

Pavel Zbitskiy posted 6 patches 7 years, 3 months ago
There is a newer version of this series
[Qemu-devel] [PATCH 3/6] target/s390x: fix ipm polluting irrelevant bits
Posted by Pavel Zbitskiy 7 years, 3 months ago 
Suppose psw.mask=0x0000000080000000, cc=2, r1=0 and we do "ipm 1".
This command must touch only bits 32-39, so the expected output
is r1=0x20000000. However, currently qemu yields r1=0x20008000,
because irrelevant parts of PSW leak into r1 during program mask
transfer.

Signed-off-by: Pavel Zbitskiy <pavel.zbitskiy@gmail.com>
---
 target/s390x/translate.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/target/s390x/translate.c b/target/s390x/translate.c
index f318fb6e4e..05442dff36 100644
--- a/target/s390x/translate.c
+++ b/target/s390x/translate.c
@@ -2442,8 +2442,8 @@ static DisasJumpType op_ipm(DisasContext *s, DisasOps *o)
     tcg_gen_andi_i64(o->out, o->out, ~0xff000000ull);
 
     t1 = tcg_temp_new_i64();
-    tcg_gen_shli_i64(t1, psw_mask, 20);
-    tcg_gen_shri_i64(t1, t1, 36);
+    tcg_gen_andi_i64(t1, psw_mask, 0x00000f0000000000);
+    tcg_gen_shri_i64(t1, t1, 16);
     tcg_gen_or_i64(o->out, o->out, t1);
 
     tcg_gen_extu_i32_i64(t1, cc_op);
-- 
2.16.2.windows.1
Re: [Qemu-devel] [PATCH 3/6] target/s390x: fix ipm polluting irrelevant bits
Posted by Richard Henderson 7 years, 3 months ago 
On 08/05/2018 11:28 AM, Pavel Zbitskiy wrote:
> +    tcg_gen_andi_i64(t1, psw_mask, 0x00000f0000000000);
> +    tcg_gen_shri_i64(t1, t1, 16);

It would be better to swap these two operations, so that a 64-bit constant
isn't needed for the mask, e.g:

    tcg_gen_shri_i64(t1, psw_mask, 16);
    tcg_gen_andi_i64(t1, t1, 0xf000000);

Or maybe rewrite this whole function with extract/deposit:

    tcg_gen_extract_i64(t1, psw_mask, 40, 4);
    tcg_gen_extu_i32_i64(t2, cc_op);
    tcg_gen_deposit_i64(t1, t1, t2, 4, 60);
    tcg_gen_deposit_i64(o->out, o->out, t1, 24, 8);

But what you have is not wrong so,
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>


r~
Re: [Qemu-devel] [PATCH 3/6] target/s390x: fix ipm polluting irrelevant bits
Posted by David Hildenbrand 7 years, 3 months ago 
On 05.08.2018 20:28, Pavel Zbitskiy wrote:
> Suppose psw.mask=0x0000000080000000, cc=2, r1=0 and we do "ipm 1".
> This command must touch only bits 32-39, so the expected output
> is r1=0x20000000. However, currently qemu yields r1=0x20008000,
> because irrelevant parts of PSW leak into r1 during program mask
> transfer.
> 
> Signed-off-by: Pavel Zbitskiy <pavel.zbitskiy@gmail.com>
> ---
>  target/s390x/translate.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/target/s390x/translate.c b/target/s390x/translate.c
> index f318fb6e4e..05442dff36 100644
> --- a/target/s390x/translate.c
> +++ b/target/s390x/translate.c
> @@ -2442,8 +2442,8 @@ static DisasJumpType op_ipm(DisasContext *s, DisasOps *o)
>      tcg_gen_andi_i64(o->out, o->out, ~0xff000000ull);
>  
>      t1 = tcg_temp_new_i64();
> -    tcg_gen_shli_i64(t1, psw_mask, 20);
> -    tcg_gen_shri_i64(t1, t1, 36);
> +    tcg_gen_andi_i64(t1, psw_mask, 0x00000f0000000000);

ull?

> +    tcg_gen_shri_i64(t1, t1, 16);
>      tcg_gen_or_i64(o->out, o->out, t1);
>  
>      tcg_gen_extu_i32_i64(t1, cc_op);
> 


-- 

Thanks,

David / dhildenb

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.