From 8a416b814622edcf6715218fa5fb29f6cb534610 Mon Sep 17 00:00:00 2001
From: Richard Henderson <richard.henderson@linaro.org>
Date: Fri, 11 May 2018 15:18:13 -0400
Subject: [PATCH] target/mips: use lookup_and_goto_ptr on BS_STOP

The TB after BS_STOP is not fixed (e.g. helper_mtc0_hwrena
changes hflags, which ends up changing the TB flags via
cpu_get_tb_cpu_state). This requires a full lookup (i.e.
with flags) via lookup_and_goto_ptr instead of gen_goto_tb,
since the latter only looks at the PC for in-page goto's. Fix it.

Backports commit cd314a7d0190a03122ca0606ecf71b4b873a22c6 from qemu.
---
 qemu/target/mips/translate.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/qemu/target/mips/translate.c b/qemu/target/mips/translate.c
index 9bbe4b6c..bf8567ca 100644
--- a/qemu/target/mips/translate.c
+++ b/qemu/target/mips/translate.c
@@ -20581,7 +20581,8 @@ void gen_intermediate_code(CPUState *cs, struct TranslationBlock *tb)
     } else {
         switch (ctx.bstate) {
         case BS_STOP:
-            gen_goto_tb(&ctx, 0, ctx.pc);
+            gen_save_pc(tcg_ctx, ctx.pc);
+            tcg_gen_lookup_and_goto_ptr(tcg_ctx);
             env->uc->next_pc = ctx.pc;
             break;
         case BS_NONE: