From 2d3239d0a1edd4bc75605017bc672bb8e759a84a Mon Sep 17 00:00:00 2001 From: Richard Henderson Date: Sat, 21 Mar 2020 17:20:51 -0400 Subject: [PATCH] target/arm: Use aarch32_cpsr_valid_mask in helper_exception_return Using ~0 as the mask on the aarch64->aarch32 exception return was not even as correct as the CPSR_ERET_MASK that we had used on the aarch32->aarch32 exception return. Backports commit d203cabd1bd12f31c9df0b5737421ba67b96857b from qemu --- qemu/target/arm/helper-a64.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/qemu/target/arm/helper-a64.c b/qemu/target/arm/helper-a64.c index 9697eb0a..96ed2346 100644 --- a/qemu/target/arm/helper-a64.c +++ b/qemu/target/arm/helper-a64.c @@ -957,7 +957,7 @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc) { int cur_el = arm_current_el(env); unsigned int spsr_idx = aarch64_banked_spsr_index(cur_el); - uint32_t spsr = env->banked_spsr[spsr_idx]; + uint32_t mask, spsr = env->banked_spsr[spsr_idx]; int new_el; bool return_to_aa64 = (spsr & PSTATE_nRW) == 0; @@ -1013,7 +1013,8 @@ void HELPER(exception_return)(CPUARMState *env, uint64_t new_pc) * will sort the register banks out for us, and we've already * caught all the bad-mode cases in el_from_spsr(). */ - cpsr_write(env, spsr, ~0, CPSRWriteRaw); + mask = aarch32_cpsr_valid_mask(env->features, &env_archcpu(env)->isar); + cpsr_write(env, spsr, mask, CPSRWriteRaw); if (!arm_singlestep_active(env)) { env->uncached_cpsr &= ~PSTATE_SS; }