MIPS: make sure to fill 'jr' branch delay slot with 'nop'

Inline assembly in RoLO and the FiiO M3K bootloader used 'jr' to jump to a newly loaded Rockbox binary, but incorrectly left the branch delay slot open. That gives GCC an opening to place illegal instrutions, etc, which might cause an unhandled exception. Change-Id: Ia7a561fe530e94a41189d25f18a767c448177960
2021-04-07 19:27:22 +01:00 · 2021-04-07 19:27:22 +01:00 · 4b26372591
commit 4b26372591
parent 213d372c92
3 changed files with 7 additions and 2 deletions
--- a/bootloader/fiiom3k-spl.c
+++ b/bootloader/fiiom3k-spl.c
@ -199,6 +199,8 @@ void spl_main(void)
    /* Flush caches and jump to address */
    void* execaddr = (void*)opt->exec_addr;
    commit_discard_idcache();
-    __asm__ __volatile__ ("jr %0" :: "r"(execaddr));
+    __asm__ __volatile__ ("jr %0\n"
+                          "nop\n"
+                          :: "r"(execaddr));
    __builtin_unreachable();
 }
--- a/bootloader/fiiom3k.c
+++ b/bootloader/fiiom3k.c
@ -47,7 +47,9 @@ void exec(void* dst, const void* src, int bytes)
 {
    memcpy(dst, src, bytes);
    commit_discard_idcache();
-    __asm__ __volatile__ ("jr %0" :: "r"(dst));
+    __asm__ __volatile__ ("jr %0\n"
+                          "nop\n"
+                          :: "r"(dst));
    __builtin_unreachable();
 }

--- a/firmware/rolo.c
+++ b/firmware/rolo.c
@ -204,6 +204,7 @@ void rolo_restart(const unsigned char* source, unsigned char* dest,
    commit_discard_idcache();
    asm volatile(
        "jr     %0               \n"
+        "nop\n"
        : : "r"(dest)
    );
 #endif