target/mips: use lookup_and_goto_ptr on BS_STOP

The TB after BS_STOP is not fixed (e.g. helper_mtc0_hwrena
changes hflags, which ends up changing the TB flags via
cpu_get_tb_cpu_state). This requires a full lookup (i.e.
with flags) via lookup_and_goto_ptr instead of gen_goto_tb,
since the latter only looks at the PC for in-page goto's. Fix it.

Reported-by: Richard Henderson <richard.henderson@linaro.org>
Suggested-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Emilio G. Cota <cota@braap.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

1 files changed, 2 insertions, 1 deletions

diff --git a/target/mips/translate.c b/target/mips/translate.c
index d8e717dacf..69137d0b3f 100644
--- a/target/mips/translate.c
+++ b/target/mips/translate.c
@@ -20343,7 +20343,8 @@ void gen_intermediate_code(CPUState *cs, struct TranslationBlock *tb)
     } else {
         switch (ctx.bstate) {
         case BS_STOP:
-            gen_goto_tb(&ctx, 0, ctx.pc);
+            gen_save_pc(ctx.pc);
+            tcg_gen_lookup_and_goto_ptr();
             break;
         case BS_NONE:
             save_cpu_state(&ctx, 0);