[Qemu-devel] [Bug 1748296] Re: TCG throws Invalid Opcode when executing x86 BMI shlx instruction

From: Doug Gale <doug16k@gmail.com>
To: qemu-devel@nongnu.org
Subject: [Qemu-devel] [Bug 1748296] Re: TCG throws Invalid Opcode when executing x86 BMI shlx instruction
Date: Thu, 08 Feb 2018 21:50:56 -0000	[thread overview]
Message-ID: <151812665669.9868.12149661875211242307.launchpad@wampee.canonical.com> (raw)
In-Reply-To: 151812332204.10331.17425660234309724521.malonedeb@wampee.canonical.com

** Description changed:

  I am unable to use BMI in my project when running under TCG. I narrowed
  the problem down to incorrect instruction decoding for BMI instructions
  (which have a 2 byte VEX prefix). The gen_sse function in translate.c
  reaches the goto label do_0f_38_fx, but b does not equal 0x1f7, 0x2f7,
  or 0x3f7, so the switch takes the default path and raises an invalid
  opcode exception.

  The code executes correctly and passes the test under KVM.

  I have created a complete repro here: https://github.com/doug65536/qemu-
  bmibug

  The makefile has the following utility targets:

  debug-kvm: Build and run the VM using KVM and wait for gdbstub attach

  run: Run the test case with TCG, make fails if the test fails. (It will
  fail)

  run-kvm: Run the test case with KVM, make fails if the test fails. (It
  will succeed)

  debug: Build and run the VM with TCG and wait for GDB attach

- attach-gdb: Run GDB and attach to KVM gdbstub
+ attach-gdb: Run GDB and attach to QEMU gdbstub

  The VM runs with -cpu max. CPUID reports support for BMI, BMI2, and ABM.

  You can quickly verify the issue by executing `make run-kvm` to confirm
  that KVM passes, then `make run` to confirm that TCG fails.

  I believe the bug affects other BMI, BMI2, and ABM instructions, but I
  have only completely verified incorrect execution of SHLX.

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1748296

Title:
  TCG throws Invalid Opcode when executing x86 BMI shlx instruction

Status in QEMU:
  New

Bug description:
  I am unable to use BMI in my project when running under TCG. I
  narrowed the problem down to incorrect instruction decoding for BMI
  instructions (which have a 2 byte VEX prefix). The gen_sse function in
  translate.c reaches the goto label do_0f_38_fx, but b does not equal
  0x1f7, 0x2f7, or 0x3f7, so the switch takes the default path and
  raises an invalid opcode exception.

  The code executes correctly and passes the test under KVM.

  I have created a complete repro here: https://github.com/doug65536
  /qemu-bmibug

  The makefile has the following utility targets:

  debug-kvm: Build and run the VM using KVM and wait for gdbstub attach

  run: Run the test case with TCG, make fails if the test fails. (It
  will fail)

  run-kvm: Run the test case with KVM, make fails if the test fails. (It
  will succeed)

  debug: Build and run the VM with TCG and wait for GDB attach

  attach-gdb: Run GDB and attach to QEMU gdbstub

  The VM runs with -cpu max. CPUID reports support for BMI, BMI2, and
  ABM.

  You can quickly verify the issue by executing `make run-kvm` to
  confirm that KVM passes, then `make run` to confirm that TCG fails.

  I believe the bug affects other BMI, BMI2, and ABM instructions, but I
  have only completely verified incorrect execution of SHLX.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1748296/+subscriptions