* [Qemu-devel] s390 tcg breakage
@ 2013-03-25 13:19 Alexander Graf
2013-03-26 0:13 ` Richard Henderson
0 siblings, 1 reply; 2+ messages in thread
From: Alexander Graf @ 2013-03-25 13:19 UTC (permalink / raw)
To: Richard Henderson; +Cc: <qemu-devel@nongnu.org> qemu-devel
Hi Richard,
I've finally gotten around to debug why TCG on s390 hosts breaks for me. The reason turned out to be quite simple. The broken TB ends with a goto_tb instruction:
exit_tb $0x3fffb258010
which gets translated into:
0x90000040: lgfi %r2,-81428464
0x90000046: iihl %r2,1023
0x9000004a: jg 0x91fffc10
which again leaves r2 as:
0xffff03fffb258010
This is because lgfi leaves the register negative, but iihl doesn't replace the upper 16 bits, only [48..32].
The patch below fixes it for me, but I'm sure you can come up with something cleaner, better and working on non-ext-imm machines :).
Alex
diff --git a/tcg/s390/tcg-target.c b/tcg/s390/tcg-target.c
index e12a152..6b72ff4 100644
--- a/tcg/s390/tcg-target.c
+++ b/tcg/s390/tcg-target.c
@@ -775,13 +775,7 @@ static void tcg_out_movi(TCGContext *s, TCGType type,
/* Insert data into the high 32-bits. */
uval = uval >> 31 >> 1;
if (facilities & FACILITY_EXT_IMM) {
- if (uval < 0x10000) {
- tcg_out_insn(s, RI, IIHL, ret, uval);
- } else if ((uval & 0xffff) == 0) {
- tcg_out_insn(s, RI, IIHH, ret, uval >> 16);
- } else {
- tcg_out_insn(s, RIL, IIHF, ret, uval);
- }
+ tcg_out_insn(s, RIL, IIHF, ret, uval);
} else {
if (uval & 0xffff) {
tcg_out_insn(s, RI, IIHL, ret, uval);
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-03-26 0:13 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-03-25 13:19 [Qemu-devel] s390 tcg breakage Alexander Graf
2013-03-26 0:13 ` Richard Henderson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).