• Aurelien Jarno's avatar
    target/sh4: fix RTE instruction delay slot · be53081a
    Aurelien Jarno authored
    The ReTurn from Exception (RTE) instruction loads the system register
    (SR) with the saved system register (SSR). It has a delay slot, and
    behaves specially according to the SH4 manual:
      The SR value accessed by the instruction in the RTE delay slot is the
      value restored from SSR by the RTE instruction. The SR and MD values
      defined prior to RTE execution are used to fetch the instruction in
      the RTE delay slot.
    The instruction in the delay slot being often a NOP, it doesn't cause
    any issue most of the time except in some rare cases where the NOP is
    being splitted in a different TB (for example when the TCG op buffer
    is full). In that case the NOP is fetched with the user permissions
    and causes an instruction TLB protection violation exception.
    This patches fixes that by introducing a new delay slot flag for the
    RTE instruction. Given it's a privileged instruction, the RTE delay
    slot instruction is always fetched in privileged mode. It is therefore
    enough to to check for this flag in cpu_mmu_index.
    Reviewed-by: 's avatarRichard Henderson <rth@twiddle.net>
    Signed-off-by: 's avatarAurelien Jarno <aurelien@aurel32.net>
cpu.h 12.9 KB