From c48b0f76ee7655182f5169f30323ca12618824f7 Mon Sep 17 00:00:00 2001
From: Alex Smith <alex.smith@imgtec.com>
Date: Thu, 15 Feb 2018 15:44:18 -0500
Subject: [PATCH] target-mips: Fix RDHWR on CP0.Count

For RDHWR on the CP0.Count register, env->CP0_Count was being returned.
This value is a delta against the QEMU_CLOCK_VIRTUAL clock, not the
correct current value of CP0.Count. Use cpu_mips_get_count() instead.

Backports commit cdfcad788394ff53e317043e07b8e34f4987c659 from qemu
---
 qemu/target-mips/op_helper.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/qemu/target-mips/op_helper.c b/qemu/target-mips/op_helper.c
index eafb07c7..5f376ac6 100644
--- a/qemu/target-mips/op_helper.c
+++ b/qemu/target-mips/op_helper.c
@@ -2191,10 +2191,15 @@ target_ulong helper_rdhwr_synci_step(CPUMIPSState *env)
 target_ulong helper_rdhwr_cc(CPUMIPSState *env)
 {
     if ((env->hflags & MIPS_HFLAG_CP0) ||
-        (env->CP0_HWREna & (1 << 2)))
+        (env->CP0_HWREna & (1 << 2))) {
+#ifdef CONFIG_USER_ONLY
         return env->CP0_Count;
-    else
+#else
+        return (int32_t)cpu_mips_get_count(env);
+#endif
+    } else {
         helper_raise_exception(env, EXCP_RI);
+    }
 
     return 0;
 }