diff --git a/src/frontend/translate/translate_arm/branch.cpp b/src/frontend/translate/translate_arm/branch.cpp index 4a061b07..36ce9b20 100644 --- a/src/frontend/translate/translate_arm/branch.cpp +++ b/src/frontend/translate/translate_arm/branch.cpp @@ -44,6 +44,8 @@ bool ArmTranslatorVisitor::arm_BLX_imm(bool H, Imm24 imm24) { } bool ArmTranslatorVisitor::arm_BLX_reg(Cond cond, Reg m) { + if (m == Reg::PC) + return UnpredictableInstruction(); // BLX if (ConditionPassed(cond)) { ir.SetRegister(Reg::LR, ir.Imm32(ir.current_location.PC() + 4)); diff --git a/tests/arm/fuzz_arm.cpp b/tests/arm/fuzz_arm.cpp index 10397f70..6f64c463 100644 --- a/tests/arm/fuzz_arm.cpp +++ b/tests/arm/fuzz_arm.cpp @@ -563,7 +563,8 @@ TEST_CASE("Fuzz ARM data processing instructions", "[JitX64]") { TEST_CASE("Fuzz ARM branch instructions", "[JitX64]") { const std::array instructions = {{ InstructionGenerator("1111101hvvvvvvvvvvvvvvvvvvvvvvvv"), - InstructionGenerator("cccc000100101111111111110011mmmm"), + InstructionGenerator("cccc000100101111111111110011mmmm", + [](u32 instr) { return Bits<0, 3>(instr) != 0b1111; }), // R15 is UNPREDICTABLE InstructionGenerator("cccc1010vvvvvvvvvvvvvvvvvvvvvvvv"), InstructionGenerator("cccc1011vvvvvvvvvvvvvvvvvvvvvvvv"), InstructionGenerator("cccc000100101111111111110001mmmm"),