When VHE is enabled, we need to take the aa32-ness of EL0 from PSTATE not HCR_EL2, which is controlling EL1.
Signed-off-by: Richard Henderson <richard.hender...@linaro.org> --- target/arm/helper.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/target/arm/helper.c b/target/arm/helper.c index f2d18bd51a..f3785d5ad6 100644 --- a/target/arm/helper.c +++ b/target/arm/helper.c @@ -8887,14 +8887,19 @@ static void arm_cpu_do_interrupt_aarch64(CPUState *cs) * immediately lower than the target level is using AArch32 or AArch64 */ bool is_aa64; + uint64_t hcr; switch (new_el) { case 3: is_aa64 = (env->cp15.scr_el3 & SCR_RW) != 0; break; case 2: - is_aa64 = (env->cp15.hcr_el2 & HCR_RW) != 0; - break; + hcr = arm_hcr_el2_eff(env); + if ((hcr & (HCR_E2H | HCR_TGE)) != (HCR_E2H | HCR_TGE)) { + is_aa64 = (hcr & HCR_RW) != 0; + break; + } + /* fall through */ case 1: is_aa64 = is_a64(env); break; -- 2.17.1