On 19 February 2015 at 21:26, <i...@inbox.ru> wrote: > From: Ildar Isaev <i...@inbox.ru> > > pc wasn't modified in tcg code for load/store multiple, > causing translation block to be executed in infinite loop forever > > Signed-off-by: Ildar Isaev <i...@inbox.ru>
It would be helpful if you gave an example of guest code which we mishandle. Do you have a test case? > --- > target-arm/translate.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/target-arm/translate.c b/target-arm/translate.c > index 36868ed..622aa03 100644 > --- a/target-arm/translate.c > +++ b/target-arm/translate.c > @@ -8973,7 +8973,7 @@ static void disas_arm_insn(DisasContext *s, unsigned > int insn) > tmp = load_cpu_field(spsr); > gen_set_cpsr(tmp, CPSR_ERET_MASK); > tcg_temp_free_i32(tmp); > - s->is_jmp = DISAS_UPDATE; > + gen_lookup_tb(s); > } > } > break; This doesn't look right. What if the load-multiple loaded PC? Calling gen_lookup_tb() will overwrite that. -- PMM
