[Qemu-devel] [Bug 551814] Re: qemu-system-sparc: conditional branch never taken when its delay slot accesses io and icount is being used

[Aurelien Jarno]

** Changed in: qemu
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/551814

Title:
  qemu-system-sparc: conditional branch never taken when its delay slot
  accesses io and icount is being used

Status in QEMU:
  Fix Released

Bug description:
  Affects qemu 0.12.3, the latest development version, which was 
6d8ff4d85ce2f3fc8a18dc8f077f73a4bd19a89a and earlier releases.
  Affects i386 and amd64 hosts; possibly others.

  
  #define IO_ADDR  0x71e00000

    set IO_ADDR, %o0

    sub %g0, 1, %o3
    or %g0, 5, %l5
    or %g0, 3, %l3

    cmp  %l5, %l3
    bne 1f
    ld  [ %o0 ], %l0

    clr %o3
  1:
    mov  1, %l0

  When running the following code in qemu-system-sparc with the -icount option, 
%o3 holds 0x0, which is wrong.
  Without the icount option, %o3 holds 0xffffffff, which is OK.

  The ba and bn instructions are not affected.
  Using the other Bicc instructions with the appropriate condition codes set, 
the branch is not taken.

  
  qemu was configured like this

  mkdir bld0123; cd bld0123
  ../qemu/configure --target-list=sparc-softmmu
  make

  
  The test code is assembled, linked and used in place of openbios-sparc32.
  n=the-test; $CC -c $n.S && $LD -e start -Ttext=0xffd00000 $n.o -o $n.elf
  where CC and LD the cross compiler and linker.

  and run like this
  bld0123debug/sparc-softmmu/qemu-system-sparc -nographic -icount 1
  bld0123debug/sparc-softmmu/qemu-system-sparc -nographic

  I've attached a tar file with some scripts and the compiled test code
  to make it easier to reproduce the problem.