Thiemo Seufer wrote: [snip] > > Patched QEMU HEAD (see appended patch file): > > > > * The code works in a well defined way. An optional message in the log file > > will show the faulty statement. It won't amount to a DoS because it > > is disabled by default. > > Sorry, but I missed the "well defined". What does the jump in the branch > delay slot exactly _do_ now? Where does the PC point to when it was a > conditional branch which wasn't taken?
I committed something which cover the rest of your patch, and throws now a RI exception for branch-in-branch-delay-slot. For the AR7 case, could you - add AR7 as a CPU type - handle the interesting cases for AR7 only, after verifying the cornercase behaviour of qemu and real hardware is consistent. The cornercases which come to mind: - conditional vs. unconditional branches - the various condition types - taken vs. non-taken branches - linked vs. non-linked branches - likely vs. non-likely branches - the side effects of j / jal in the delayslot - the value of PC/ra (if it changes) I don't ask for an exhaustive analysis, I just want to see the cases of interest covered, so we can be reasonably sure the qemu results will be useful for other AR7 users as well. Thiemo _______________________________________________ Qemu-devel mailing list Qemu-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/qemu-devel
