From: Richard Henderson <richard.henderson@linaro.org>
Date: Wed, 3 Apr 2024 17:39:31 +0000 (-1000)
Subject: target/s390x: Fix translator_fake_ld length
X-Git-Tag: v9.1.0-rc0~106^2~13
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=171ce939812d5e09ff3b9e24e1cc995368258768;p=thirdparty%2Fqemu.git

target/s390x: Fix translator_fake_ld length

The ilen value extracted from ex_value is the length of the
EXECUTE instruction itself, and so is the increment to the pc.
However, the length of the synthetic insn is located in the
opcode like all other instructions.

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---

diff --git a/target/s390x/tcg/translate.c b/target/s390x/tcg/translate.c
index 2eb787e4013..95d4d6ebc35 100644
--- a/target/s390x/tcg/translate.c
+++ b/target/s390x/tcg/translate.c
@@ -6200,11 +6200,11 @@ static const DisasInsn *extract_insn(CPUS390XState *env, DisasContext *s)
         /* Extract the values saved by EXECUTE.  */
         insn = s->ex_value & 0xffffffffffff0000ull;
         ilen = s->ex_value & 0xf;
+        op = insn >> 56;
 
         /* Register insn bytes with translator so plugins work. */
         be_insn = cpu_to_be64(insn);
-        translator_fake_ld(&s->base, &be_insn, ilen);
-        op = insn >> 56;
+        translator_fake_ld(&s->base, &be_insn, get_ilen(op));
     } else {
         insn = ld_code2(env, s, pc);
         op = (insn >> 8) & 0xff;