From 619e73761073d0c6df3330a4086fa683f354cef5 Mon Sep 17 00:00:00 2001
From: Maxim Poliakovski <maximumspatium@googlemail.com>
Date: Sun, 25 Dec 2016 17:58:27 +0100
Subject: [PATCH] ppcdrc.cpp: clear two LSBs of the branch target address.

This is what a real CPU does in order to prevent branching to an invalid address.
---
 src/devices/cpu/powerpc/ppcdrc.cpp | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/devices/cpu/powerpc/ppcdrc.cpp b/src/devices/cpu/powerpc/ppcdrc.cpp
index 4ebf89a61f8..0b5ab034be7 100644
--- a/src/devices/cpu/powerpc/ppcdrc.cpp
+++ b/src/devices/cpu/powerpc/ppcdrc.cpp
@@ -1942,8 +1942,11 @@ void ppc_device::generate_branch(drcuml_block *block, compiler_state *compiler,
 	}
 	else
 	{
-		generate_update_cycles(block, &compiler_temp, mem(srcptr), true);              // <subtract cycles>
-		UML_HASHJMP(block, m_core->mode, mem(srcptr), *m_nocode);   // hashjmp <mode>,<rsreg>,nocode
+		generate_update_cycles(block, &compiler_temp, mem(srcptr), true);    // <subtract cycles>
+
+        /* clear two LSBs of the target address to prevent branching to an invalid address */
+        UML_AND(block, I0, mem(srcptr), 0xFFFFFFFC);                         // and i0, 0xFFFFFFFC
+        UML_HASHJMP(block, m_core->mode, I0, *m_nocode);                     // hashjmp <mode>,i0,nocode
 	}
 
 	/* update the label */