aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Bennée <alex.bennee@linaro.org>2021-04-16 18:02:07 +0100
committerPeter Maydell <peter.maydell@linaro.org>2021-04-17 18:48:05 +0100
commitc57b27ea89ac3ca8a4bc6b682231823f081478d0 (patch)
tree37628de02e21cedcd10501c5a3908458783d6e43
parent330ef14e6e749919c5c70e9fd6f73aaeac8a15ae (diff)
downloadqemu-c57b27ea89ac3ca8a4bc6b682231823f081478d0.zip
qemu-c57b27ea89ac3ca8a4bc6b682231823f081478d0.tar.gz
qemu-c57b27ea89ac3ca8a4bc6b682231823f081478d0.tar.bz2
target/arm: drop CF_LAST_IO/dc->condjump check
This is a left over erroneous check from the days front-ends handled io start/end themselves. Regardless just because IO could be performed on the last instruction doesn't obligate the front end to do so. This fixes an abort faced by the aspeed execute-in-place support which will necessarily trigger this state (even before the one-shot CF_LAST_IO fix). The test still seems to hang once it attempts to boot the Linux kernel but I suspect this is an unrelated issue with icount and the timer handling code. The original intention of the cpu_abort (added in commit 2e70f6efa8b9 when the icount stuff was first added) seems to have been to act as an assert() to catch an unhandled corner case where the generated code would be something like: conditional branch to condlabel if its cc failed implementation of the insn (a conditional branch or trap) code emitted by gen_io_end() condlabel: gen_goto_tb or equivalent thing to go to next insn At runtime the cc-failed case would skip over the code emitted by gen_io_end(), leaving the can_do_io flag incorrectly set. In commit ba3e7926691ed33 we switched to an implementation which always clears can_do_io at the start of the following TB instead of trying to clear it at the end of a TB that did IO. So the corner case that this cpu_abort() was trying to flag is no longer possible, because the gen_io_end() call has been deleted. We can therefore safely remove the no-longer-valid assertion. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 20210416170207.12504-1-alex.bennee@linaro.org Cc: Cédric Le Goater <clg@kaod.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
-rw-r--r--target/arm/translate.c5
1 files changed, 0 insertions, 5 deletions
diff --git a/target/arm/translate.c b/target/arm/translate.c
index 62b1c20..7103da2 100644
--- a/target/arm/translate.c
+++ b/target/arm/translate.c
@@ -9199,11 +9199,6 @@ static void arm_tr_tb_stop(DisasContextBase *dcbase, CPUState *cpu)
{
DisasContext *dc = container_of(dcbase, DisasContext, base);
- if (tb_cflags(dc->base.tb) & CF_LAST_IO && dc->condjmp) {
- /* FIXME: This can theoretically happen with self-modifying code. */
- cpu_abort(cpu, "IO on conditional branch instruction");
- }
-
/* At this stage dc->condjmp will only be set when the skipped
instruction was a conditional branch or trap, and the PC has
already been written. */