QEMU

illegal instructions for AArch64 ARMv8

Bug #1308381 reported by Hao Liu
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
QEMU
Fix Released
Undecided
Alex Bennée

Bug Description

The test case is in the attachment. To reproduce as following (I tried both GCC and Clang):
$aarch64-linux-gnu-gcc qemu.c -o test
$./test
qemu: uncaught target signal 4 (Illegal instruction) - core dumped
Illegal instruction (core dumped)

In the test case, 3 intrinsics are tested: vqmovunh_s16, vqmovuns_s32, vqmovund_s64. They will be compiled into instructions:
SQXTUN Bd, Hn
SQXTUN Hd, Sn
SQXTUN Sd, Dn.

QEMU is get from trunk git://git.qemu.org/qemu.git. Other instructions work well. It seems that these instructions are not supported in QEMU. Is this a bug?

See original description
Revision history for this message
Hao Liu (hao-liu) wrote :
description: updated
Hao Liu (hao-liu)
description: updated
Revision history for this message
Peter Maydell (pmaydell) wrote :

Can you attach a statically linked test case binary, please?

Revision history for this message
Alex Bennée (ajbennee) wrote : Re: [Qemu-devel] [Bug 1308381] Re: illegal instructions for AArch64ARMv88

Peter Maydell <email address hidden> writes:

> Can you attach a statically linked test case binary, please?

I can reproduce with the source file. It looks like:

@@ -7553,12 +7555,9 @@ static void disas_simd_scalar_two_reg_misc(DisasContext *s, uint32_t insn)
         }
         break;
     case 0x12: /* SQXTUN */
- if (u) {
- unallocated_encoding(s);
- return;
- }
         /* fall through */

Fixes it. Let me check why this slipped through the risu tests and
re-validate. I'll submit a patch once I've double checked.

--
Alex Bennée

Revision history for this message
Peter Maydell (pmaydell) wrote :

On 16 April 2014 11:55, Alex Bennée <email address hidden> wrote:
>
> Peter Maydell <email address hidden> writes:
>
>> Can you attach a statically linked test case binary, please?
>
> I can reproduce with the source file. It looks like:
>
> @@ -7553,12 +7555,9 @@ static void disas_simd_scalar_two_reg_misc(DisasContext *s, uint32_t insn)
> }
> break;
> case 0x12: /* SQXTUN */
> - if (u) {
> - unallocated_encoding(s);
> - return;
> - }
> /* fall through */
>
> Fixes it.

However the ARM ARM, unless I'm misreading it, requires scalar-2-misc
SQXTUN to have U==1, so the correct fix should be to turn that "if (u)"
into "if (!u)" I think. (Opcode 0x12 u==0 isn't in the table so should undef.)

Better check we didn't make the same mistake in the vector-2-misc
decode as well.

thanks
-- PMM

Revision history for this message
Alex Bennée (ajbennee) wrote :

Fix identified

Changed in qemu:
assignee: nobody → Alex Bennée (ajbennee)
Revision history for this message
Alex Bennée (ajbennee) wrote :

I've sent this patch to the mailing list but it fixes the attached test case and has been tested with risu patterns.

Revision history for this message
Alex Bennée (ajbennee) wrote :

@pmaydell: yeah vector is unaffected as U is used to select another opcode.

Revision history for this message
Thomas Huth (th-huth) wrote :

Patch had been included here:
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e44a90c59697cf98
==> Fix released

Changed in qemu:
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Patches

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.