From 4b263725912939748427faa105f8b2745999a627 Mon Sep 17 00:00:00 2001
From: Aidan MacDonald <amachronic@protonmail.com>
Date: Wed, 7 Apr 2021 19:27:22 +0100
Subject: MIPS: make sure to fill 'jr' branch delay slot with 'nop'

Inline assembly in RoLO and the FiiO M3K bootloader used 'jr' to
jump to a newly loaded Rockbox binary, but incorrectly left the
branch delay slot open. That gives GCC an opening to place illegal
instrutions, etc, which might cause an unhandled exception.

Change-Id: Ia7a561fe530e94a41189d25f18a767c448177960
---
 bootloader/fiiom3k-spl.c | 4 +++-
 bootloader/fiiom3k.c     | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

(limited to 'bootloader')

diff --git a/bootloader/fiiom3k-spl.c b/bootloader/fiiom3k-spl.c
index ec532d5789..67b4b0a59c 100644
--- a/bootloader/fiiom3k-spl.c
+++ b/bootloader/fiiom3k-spl.c
@@ -199,6 +199,8 @@ void spl_main(void)
     /* Flush caches and jump to address */
     void* execaddr = (void*)opt->exec_addr;
     commit_discard_idcache();
-    __asm__ __volatile__ ("jr %0" :: "r"(execaddr));
+    __asm__ __volatile__ ("jr %0\n"
+                          "nop\n"
+                          :: "r"(execaddr));
     __builtin_unreachable();
 }
diff --git a/bootloader/fiiom3k.c b/bootloader/fiiom3k.c
index 6108a37efc..93010e86d2 100644
--- a/bootloader/fiiom3k.c
+++ b/bootloader/fiiom3k.c
@@ -47,7 +47,9 @@ void exec(void* dst, const void* src, int bytes)
 {
     memcpy(dst, src, bytes);
     commit_discard_idcache();
-    __asm__ __volatile__ ("jr %0" :: "r"(dst));
+    __asm__ __volatile__ ("jr %0\n"
+                          "nop\n"
+                          :: "r"(dst));
     __builtin_unreachable();
 }
 
-- 
cgit v1.2.3