From: Ilya Leoshkevich <iii@linux.ibm.com>
Date: Thu, 11 Jan 2024 09:21:26 +0000 (+0100)
Subject: target/s390x: Fix LAE setting a wrong access register
X-Git-Tag: v7.2.9~24
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9222f3ee43743d4c02d4db1bdc5181bb78a8afe7;p=thirdparty%2Fqemu.git

target/s390x: Fix LAE setting a wrong access register

LAE should set the access register corresponding to the first operand,
instead, it always modifies access register 1.

Co-developed-by: Ido Plat <Ido.Plat@ibm.com>
Cc: qemu-stable@nongnu.org
Fixes: a1c7610a6879 ("target-s390x: implement LAY and LAEY instructions")
Reviewed-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Message-ID: <20240111092328.929421-2-iii@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
(cherry picked from commit e358a25a97c71c39e3513d9b869cdb82052e50b8)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
(Mjt: target/s390x/tcg/translate.c: fixup for
 v8.1.0-1189-gad75a51e84  "tcg: Rename cpu_env to tcg_env" and
 v7.2.0-2636-g3ac6f91bca "target/s390x: Drop tcg_temp_free from translate.c")
---

diff --git a/target/s390x/tcg/translate.c b/target/s390x/tcg/translate.c
index b0173e968e0..a257c06838e 100644
--- a/target/s390x/tcg/translate.c
+++ b/target/s390x/tcg/translate.c
@@ -3394,6 +3394,7 @@ static DisasJumpType op_mov2e(DisasContext *s, DisasOps *o)
 {
     int b2 = get_field(s, b2);
     TCGv ar1 = tcg_temp_new_i64();
+    int r1 = get_field(s, r1);
 
     o->out = o->in2;
     o->g_out = o->g_in2;
@@ -3419,7 +3420,7 @@ static DisasJumpType op_mov2e(DisasContext *s, DisasOps *o)
         break;
     }
 
-    tcg_gen_st32_i64(ar1, cpu_env, offsetof(CPUS390XState, aregs[1]));
+    tcg_gen_st32_i64(ar1, cpu_env, offsetof(CPUS390XState, aregs[r1]));
     tcg_temp_free_i64(ar1);
 
     return DISAS_NEXT;