@@ -177,6 +177,7 @@ static void loongarch_cpu_do_interrupt(CPUState *cs)
}
QEMU_FALLTHROUGH;
case EXCCODE_PIF:
+ case EXCCODE_ADEF:
cause = cs->exception_index;
update_badinstr = 0;
break;
@@ -229,7 +229,8 @@ static void raise_mmu_exception(CPULoongArchState *env, target_ulong address,
switch (tlb_error) {
default:
case TLBRET_BADADDR:
- cs->exception_index = EXCCODE_ADEM;
+ cs->exception_index = access_type == MMU_INST_FETCH
+ ? EXCCODE_ADEF : EXCCODE_ADEM;
break;
case TLBRET_NOMATCH:
/* No TLB match for a mapped address */
@@ -643,7 +644,7 @@ bool loongarch_cpu_tlb_fill(CPUState *cs, vaddr address, int size,
CPULoongArchState *env = &cpu->env;
hwaddr physical;
int prot;
- int ret = TLBRET_BADADDR;
+ int ret;
/* Data access */
ret = get_physical_address(env, &physical, &prot, address,
When the address is invalid address, We should set exception_index according to MMUAccessType, and EXCCODE_ADEF need't update badinstr. Otherwise, The system enters an infinite loop. e.g: run test.c on system mode test.c: #include<stdio.h> void (*func)(int *); int main() { int i = 8; void *ptr = (void *)0x4000000000000000; func = ptr; func(&i); return 0; } Signed-off-by: Song Gao <gaosong@loongson.cn> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-ID: <20221101073210.3934280-2-gaosong@loongson.cn> --- target/loongarch/cpu.c | 1 + target/loongarch/tlb_helper.c | 5 +++-- 2 files changed, 4 insertions(+), 2 deletions(-)