[Qemu-devel] [Bug 1668041] [NEW] x86 Floating point exceptions - incorrect support?

[Qemu-devel] [Bug 1668041] [NEW] x86 Floating point exceptions - incorrect support?

[Nadav Har'El]

Public bug reported:

It seems that qemu does not correctly emulate the x86 support for
optionally causing a floating-point exception (#FP) when, for example,
dividing by zero. Reports such as:

https://github.com/cloudius-systems/osv/issues/855
http://stackoverflow.com/questions/15134189/qemu-div-by-zero-mxcsr-register

suggest that setting the exception mask in the fpu cw or mxcsr (e.g.,
using a function like feenableexcept() in the guest OS) does not
generate floating point exceptions on divide by zero. The problem only
happens on pure QEMU - when a QEMU/KVM combination is used, the actual
hardware does the floating point work, and does throw the exception on
divide by zero if so requested.

Looking at the qemu (2.8.0) source code, it seems to me it really lacks
support for generating fpu exceptions: For example, helper_fdiv() in
target-i386/fpu_helper.c, when it notices the divisor is zero, seems to
set the divide-by-zero exception bit, but doesn't seem to check whether
it needs to trigger an exception (when the right bits on the x87 or SSE
control words are enabled).

** Affects: qemu
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1668041

Title:
  x86 Floating point exceptions - incorrect support?

Status in QEMU:
  New

Bug description:
  It seems that qemu does not correctly emulate the x86 support for
  optionally causing a floating-point exception (#FP) when, for example,
  dividing by zero. Reports such as:

  https://github.com/cloudius-systems/osv/issues/855
  http://stackoverflow.com/questions/15134189/qemu-div-by-zero-mxcsr-register

  suggest that setting the exception mask in the fpu cw or mxcsr (e.g.,
  using a function like feenableexcept() in the guest OS) does not
  generate floating point exceptions on divide by zero. The problem only
  happens on pure QEMU - when a QEMU/KVM combination is used, the actual
  hardware does the floating point work, and does throw the exception on
  divide by zero if so requested.

  Looking at the qemu (2.8.0) source code, it seems to me it really
  lacks support for generating fpu exceptions: For example,
  helper_fdiv() in target-i386/fpu_helper.c, when it notices the divisor
  is zero, seems to set the divide-by-zero exception bit, but doesn't
  seem to check whether it needs to trigger an exception (when the right
  bits on the x87 or SSE control words are enabled).

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1668041/+subscriptions

[Bug 1668041] Re: x86 Floating point exceptions - incorrect support?

[Rin Okuyama]

Hi,

This problem still exists on QEMU 5.0.0 both for i386 and x86_64;
floating-point zero division is not trapped at all, while integer
one is trapped correctly.

This seriously affects NetBSD project, which carries out periodic
regression tests on QEMU:

https://releng.netbsd.org/test-results.html

Tests including floating-point zero division are falling on QEMU,
while they are successfully passing on real hardwares.

HOW TO REPEAT:

Compile and run this program on Unix like operating systems:

---
#include <fenv.h>
#include <stdlib.h>
#include <unistd.h>

int
main(void)
{
        volatile double a = getpid();
        volatile double b = atoi("0");

        feenableexcept(FE_ALL_EXCEPT);

        usleep((int)(a / b));

        return 0;
}
---

It crashes by SIGFPE on real hardware, but normally exits on QEMU.

I ran this program on NetBSD 9.0 for x86_64 and i386 on QEMU 5.0.0:

(1) Obtain NetBSD 9.0 release from here:

For x86_64:
http://cdn.netbsd.org/pub/NetBSD/NetBSD-9.0/images/NetBSD-9.0-amd64.iso

For i386:
http://cdn.netbsd.org/pub/NetBSD/NetBSD-9.0/images/NetBSD-9.0-i386.iso

(2) Install it for disk image.

(3) qemu-system-x86_64 NetBSD.qcow2 or qemu-system-i386 NetBSD.qcow2

(4) Compile and run the test program above:

# cc fpe.c -lm -o fpe
# ./fpe

(5) Then, it exits normally, while it should abort due to SIGFPE.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1668041

Title:
  x86 Floating point exceptions - incorrect support?

Status in QEMU:
  New

Bug description:
  It seems that qemu does not correctly emulate the x86 support for
  optionally causing a floating-point exception (#FP) when, for example,
  dividing by zero. Reports such as:

  https://github.com/cloudius-systems/osv/issues/855
  http://stackoverflow.com/questions/15134189/qemu-div-by-zero-mxcsr-register

  suggest that setting the exception mask in the fpu cw or mxcsr (e.g.,
  using a function like feenableexcept() in the guest OS) does not
  generate floating point exceptions on divide by zero. The problem only
  happens on pure QEMU - when a QEMU/KVM combination is used, the actual
  hardware does the floating point work, and does throw the exception on
  divide by zero if so requested.

  Looking at the qemu (2.8.0) source code, it seems to me it really
  lacks support for generating fpu exceptions: For example,
  helper_fdiv() in target-i386/fpu_helper.c, when it notices the divisor
  is zero, seems to set the divide-by-zero exception bit, but doesn't
  seem to check whether it needs to trigger an exception (when the right
  bits on the x87 or SSE control words are enabled).

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1668041/+subscriptions

[Bug 1668041] Re: x86 Floating point exceptions - incorrect support?

[Thomas Huth]

The QEMU project is currently considering to move its bug tracking to another system. For this we need to know which bugs are still valid and which could be closed already. Thus we are setting all older bugs to
"Incomplete" now.
If you still think this bug report here is valid, then please switch the state back to "New" within the next 60 days, otherwise this report will be marked as "Expired". Thank you and sorry for the inconvenience.


** Changed in: qemu
       Status: New => Incomplete

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1668041

Title:
  x86 Floating point exceptions - incorrect support?

Status in QEMU:
  Incomplete

Bug description:
  It seems that qemu does not correctly emulate the x86 support for
  optionally causing a floating-point exception (#FP) when, for example,
  dividing by zero. Reports such as:

  https://github.com/cloudius-systems/osv/issues/855
  http://stackoverflow.com/questions/15134189/qemu-div-by-zero-mxcsr-register

  suggest that setting the exception mask in the fpu cw or mxcsr (e.g.,
  using a function like feenableexcept() in the guest OS) does not
  generate floating point exceptions on divide by zero. The problem only
  happens on pure QEMU - when a QEMU/KVM combination is used, the actual
  hardware does the floating point work, and does throw the exception on
  divide by zero if so requested.

  Looking at the qemu (2.8.0) source code, it seems to me it really
  lacks support for generating fpu exceptions: For example,
  helper_fdiv() in target-i386/fpu_helper.c, when it notices the divisor
  is zero, seems to set the divide-by-zero exception bit, but doesn't
  seem to check whether it needs to trigger an exception (when the right
  bits on the x87 or SSE control words are enabled).

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1668041/+subscriptions

[Bug 1668041] Re: x86 Floating point exceptions - incorrect support?

[Peter Maydell]

Bug still present as of commit 7fbd7e710323c8f4c (just before 5.2
release); tested with a Linux guest in system emulation and with Linux
usermode.

The underlying problem is that we don't properly implement trapping FP
exceptions; see the final paragraph in the commit message for commit
418b0f93d12a1589d50.


** Changed in: qemu
       Status: Incomplete => Confirmed

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1668041

Title:
  x86 Floating point exceptions - incorrect support?

Status in QEMU:
  Confirmed

Bug description:
  It seems that qemu does not correctly emulate the x86 support for
  optionally causing a floating-point exception (#FP) when, for example,
  dividing by zero. Reports such as:

  https://github.com/cloudius-systems/osv/issues/855
  http://stackoverflow.com/questions/15134189/qemu-div-by-zero-mxcsr-register

  suggest that setting the exception mask in the fpu cw or mxcsr (e.g.,
  using a function like feenableexcept() in the guest OS) does not
  generate floating point exceptions on divide by zero. The problem only
  happens on pure QEMU - when a QEMU/KVM combination is used, the actual
  hardware does the floating point work, and does throw the exception on
  divide by zero if so requested.

  Looking at the qemu (2.8.0) source code, it seems to me it really
  lacks support for generating fpu exceptions: For example,
  helper_fdiv() in target-i386/fpu_helper.c, when it notices the divisor
  is zero, seems to set the divide-by-zero exception bit, but doesn't
  seem to check whether it needs to trigger an exception (when the right
  bits on the x87 or SSE control words are enabled).

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1668041/+subscriptions

[Bug 1668041] Re: x86 Floating point exceptions - incorrect support?

[Thomas Huth]

This is an automated cleanup. This bug report has been moved to QEMU's
new bug tracker on gitlab.com and thus gets marked as 'expired' now.
Please continue with the discussion here:

 https://gitlab.com/qemu-project/qemu/-/issues/215


** Changed in: qemu
       Status: Confirmed => Expired

** Bug watch added: gitlab.com/qemu-project/qemu/-/issues #215
   https://gitlab.com/qemu-project/qemu/-/issues/215

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1668041

Title:
  x86 Floating point exceptions - incorrect support?

Status in QEMU:
  Expired

Bug description:
  It seems that qemu does not correctly emulate the x86 support for
  optionally causing a floating-point exception (#FP) when, for example,
  dividing by zero. Reports such as:

  https://github.com/cloudius-systems/osv/issues/855
  http://stackoverflow.com/questions/15134189/qemu-div-by-zero-mxcsr-register

  suggest that setting the exception mask in the fpu cw or mxcsr (e.g.,
  using a function like feenableexcept() in the guest OS) does not
  generate floating point exceptions on divide by zero. The problem only
  happens on pure QEMU - when a QEMU/KVM combination is used, the actual
  hardware does the floating point work, and does throw the exception on
  divide by zero if so requested.

  Looking at the qemu (2.8.0) source code, it seems to me it really
  lacks support for generating fpu exceptions: For example,
  helper_fdiv() in target-i386/fpu_helper.c, when it notices the divisor
  is zero, seems to set the divide-by-zero exception bit, but doesn't
  seem to check whether it needs to trigger an exception (when the right
  bits on the x87 or SSE control words are enabled).

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1668041/+subscriptions