git.ipfire.org Git - thirdparty/qemu.git/commit

author	Ilya Leoshkevich <iii@linux.ibm.com>
	Thu, 16 Oct 2025 17:58:32 +0000 (19:58 +0200)
committer	Thomas Huth <thuth@redhat.com>
	Mon, 3 Nov 2025 07:27:59 +0000 (08:27 +0100)
commit	fc976a67ded4232cf0b9ae3c11fe051da01e4456
tree	4de2eca6f62b50d90159900bdb0717763e0a7526	tree
parent	dacfec5157fb9e2249cf393a143bd545e80a6e31	commit \| diff

target/s390x: Use address generation for register branch targets

Indirect branches to addresses taken from registers go through address
generation, e.g., for BRANCH ON CONDITION Principles of Operation says:

In the RR format, the contents of general register R2 are used to
generate the branch address

QEMU uses r2_nz handler for the respective register operands. Currently
it does not zero out extra bits in 24- and 31-bit addressing modes as
required by address generation. The very frequently used
s390x_tr_init_disas_context() function has a workaround for this,
but the code for saving an old PSW during an interrupt does not.

Add the missing masking to r2_nz. Enforce PSW validity by replacing the
workaround with an assertion.

Reported-by: Thomas Weißschuh <linux@weissschuh.net>
Reported-by: Heiko Carstens <hca@linux.ibm.com>
Link: https://lore.kernel.org/lkml/ab3131a2-c42a-47ff-bf03-e9f68ac053c0@t-8ch.de/
Cc: qemu-stable@nongnu.org
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Thomas Weißschuh <linux@weissschuh.net>
Message-ID: <20251016175954.41153-4-iii@linux.ibm.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>