240ce26a05
When a branch delay slot contains another branch instruction, the code generated raises an exception, however since is_branch==1, handle_delay_slot() doesn't get called immediately. This means ctx->bstate isn't set to BS_BRANCH, and the decoder continues decoding until a non-branch instruction is found. If the first branch was a branch likely instruction then each instruction after it generates code for the unlikely case, to go to the next tb starting after the delay slot. This results in multiple goto_tb tcg ops being generated with the same exit number. When debug is enabled this hits: tcg-op.h:2589: tcg_gen_goto_tb: Assertion `(tcg_ctx.goto_tb_issue_mask & (1 << idx)) == 0' failed. This is fixed by removing is_branch entirely, and calling handle_delay_slot() if (ctx.hflags & MIPS_HFLAG_BMASK) was set prior to the current instruction being decoded. This still prevents handle_delay_slot() being called immediately after a branch but allows it to still be called after a branch within a delay slot. Signed-off-by: James Hogan <james.hogan@imgtec.com> Signed-off-by: Yongbok Kim <yongbok.kim@imgtec.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net> |
||
|---|---|---|
| .. | ||
| cpu-qom.h | ||
| cpu.c | ||
| cpu.h | ||
| dsp_helper.c | ||
| gdbstub.c | ||
| helper.c | ||
| helper.h | ||
| lmi_helper.c | ||
| machine.c | ||
| Makefile.objs | ||
| mips-defs.h | ||
| op_helper.c | ||
| TODO | ||
| translate_init.c | ||
| translate.c | ||