diff options
| author | James Hogan <james.hogan@imgtec.com> | 2013-06-24 17:45:39 +0100 |
|---|---|---|
| committer | Aurelien Jarno <aurelien@aurel32.net> | 2013-07-28 18:33:44 +0200 |
| commit | 240ce26a0533a6e5ee472789fbfbd9f7f939197e (patch) | |
| tree | 8b3761396d3b85d3f00a1023983b3a72ce703819 /linux-user/main.c | |
| parent | 4877866ee4fbd760c943577bb6d1eba489fb6c6e (diff) | |
| download | focaccia-qemu-240ce26a0533a6e5ee472789fbfbd9f7f939197e.tar.gz focaccia-qemu-240ce26a0533a6e5ee472789fbfbd9f7f939197e.zip | |
target-mips: fix branch in likely delay slot tcg assert
When a branch delay slot contains another branch instruction, the code generated raises an exception, however since is_branch==1, handle_delay_slot() doesn't get called immediately. This means ctx->bstate isn't set to BS_BRANCH, and the decoder continues decoding until a non-branch instruction is found. If the first branch was a branch likely instruction then each instruction after it generates code for the unlikely case, to go to the next tb starting after the delay slot. This results in multiple goto_tb tcg ops being generated with the same exit number. When debug is enabled this hits: tcg-op.h:2589: tcg_gen_goto_tb: Assertion `(tcg_ctx.goto_tb_issue_mask & (1 << idx)) == 0' failed. This is fixed by removing is_branch entirely, and calling handle_delay_slot() if (ctx.hflags & MIPS_HFLAG_BMASK) was set prior to the current instruction being decoded. This still prevents handle_delay_slot() being called immediately after a branch but allows it to still be called after a branch within a delay slot. Signed-off-by: James Hogan <james.hogan@imgtec.com> Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Diffstat (limited to 'linux-user/main.c')
0 files changed, 0 insertions, 0 deletions