[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [Bug 1641637] [NEW] incorrect illegal SSE3 instructions rep
From: |
Jie |
Subject: |
[Qemu-devel] [Bug 1641637] [NEW] incorrect illegal SSE3 instructions reporting on x86_64 |
Date: |
Mon, 14 Nov 2016 15:45:36 -0000 |
Public bug reported:
Hi all, we found 28 differently encoded illegal SSE3 instructions
reporting on the most recent x86_64 user mode linux qemu (version
2.7.0). We believe these reporting should be incorrect because the same
code can be executed on a real machine. The instructions are the
following:
pabsb %mm0, %mm1
pabsb %xmm0, %xmm1
pabsd %mm0, %mm1
pabsd %xmm0, %xmm1
pabsw %mm0, %mm1
pabsw %xmm0, %xmm1
phaddd %mm0, %mm1
phaddd %xmm0, %xmm1
phaddsw %mm0, %mm1
phaddsw %xmm0, %xmm1
phaddw %mm0, %mm1
phaddw %xmm0, %xmm1
phsubd %mm0, %mm1
phsubd %xmm0, %xmm1
phsubsw %mm0, %mm1
phsubsw %xmm0, %xmm1
phsubw %mm0, %mm1
phsubw %xmm0, %xmm1
pmaddubsw %mm0, %mm1
pmaddubsw %xmm0, %xmm1
pmulhrsw %mm0, %mm1
pmulhrsw %xmm0, %xmm1
psignb %mm0, %mm1
psignb %xmm0, %xmm1
psignd %mm0, %mm1
psignd %xmm0, %xmm1
psignw %mm0, %mm1
psignw %xmm0, %xmm1
The following is the proof of code
/********** Beginning of bug 1.c: pabsb %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("pabsb %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 1.c **********/
/********** Beginning of bug 2.c: pabsb %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("pabsb %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 2.c **********/
/********** Beginning of bug 3.c: pabsd %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("pabsd %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 3.c **********/
/********** Beginning of bug 4.c: pabsd %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("pabsd %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 4.c **********/
/********** Beginning of bug 5.c: pabsw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("pabsw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 5.c **********/
/********** Beginning of bug 6.c: pabsw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("pabsw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 6.c **********/
/********** Beginning of bug 7.c: phaddd %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("phaddd %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 7.c **********/
/********** Beginning of bug 8.c: phaddd %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("phaddd %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 8.c **********/
/********** Beginning of bug 9.c: phaddsw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("phaddsw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 9.c **********/
/********** Beginning of bug 10.c: phaddsw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("phaddsw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 10.c **********/
/********** Beginning of bug 11.c: phaddw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("phaddw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 11.c **********/
/********** Beginning of bug 12.c: phaddw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("phaddw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 12.c **********/
/********** Beginning of bug 13.c: phsubd %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("phsubd %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 13.c **********/
/********** Beginning of bug 14.c: phsubd %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("phsubd %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 14.c **********/
/********** Beginning of bug 15.c: phsubsw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("phsubsw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 15.c **********/
/********** Beginning of bug 16.c: phsubsw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("phsubsw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 16.c **********/
/********** Beginning of bug 17.c: phsubw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("phsubw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 17.c **********/
/********** Beginning of bug 18.c: phsubw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("phsubw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 18.c **********/
/********** Beginning of bug 19.c: pmaddubsw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char i2[0x10];
unsigned char i3[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i2)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i3)));;
asm("pmaddubsw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 19.c **********/
/********** Beginning of bug 20.c: pmaddubsw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char i2[0x10];
unsigned char i3[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i2)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i3)));;
asm("pmaddubsw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 20.c **********/
/********** Beginning of bug 21.c: pmulhrsw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("pmulhrsw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 21.c **********/
/********** Beginning of bug 22.c: pmulhrsw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("pmulhrsw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 22.c **********/
/********** Beginning of bug 23.c: psignb %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("psignb %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 23.c **********/
/********** Beginning of bug 24.c: psignb %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("psignb %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 24.c **********/
/********** Beginning of bug 25.c: psignd %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("psignd %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 25.c **********/
/********** Beginning of bug 26.c: psignd %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("psignd %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 26.c **********/
/********** Beginning of bug 27.c: psignw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("psignw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 27.c **********/
/********** Beginning of bug 28.c: psignw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("psignw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 28.c **********/
For any of the above code, when compiled into x86-64 binary code with
gcc, qemu reports the illegal instructions bug. However, these can be
correctly executed on a real machine. For example,
$ gcc 28.c -o 28
$ qemu-x86_64 ./28
qemu: uncaught target signal 4 (Illegal instruction) - core dumped
Illegal instruction
$ ./28
00000000000000000000000000000000
Some information about the system:
$ qemu-x86_64 --version
qemu-x86_64 version 2.7.0, Copyright (c) 2003-2016 Fabrice Bellard and the QEMU
Project developers
$ uname -a
Linux cgos-System-Product-Name 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15
03:51:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
$ gcc --version
gcc (Ubuntu 4.8.4-2ubuntu1~14.04) 4.8.4
Copyright (C) 2013 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Thanks!
** Affects: qemu
Importance: Undecided
Status: New
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1641637
Title:
incorrect illegal SSE3 instructions reporting on x86_64
Status in QEMU:
New
Bug description:
Hi all, we found 28 differently encoded illegal SSE3 instructions
reporting on the most recent x86_64 user mode linux qemu (version
2.7.0). We believe these reporting should be incorrect because the
same code can be executed on a real machine. The instructions are the
following:
pabsb %mm0, %mm1
pabsb %xmm0, %xmm1
pabsd %mm0, %mm1
pabsd %xmm0, %xmm1
pabsw %mm0, %mm1
pabsw %xmm0, %xmm1
phaddd %mm0, %mm1
phaddd %xmm0, %xmm1
phaddsw %mm0, %mm1
phaddsw %xmm0, %xmm1
phaddw %mm0, %mm1
phaddw %xmm0, %xmm1
phsubd %mm0, %mm1
phsubd %xmm0, %xmm1
phsubsw %mm0, %mm1
phsubsw %xmm0, %xmm1
phsubw %mm0, %mm1
phsubw %xmm0, %xmm1
pmaddubsw %mm0, %mm1
pmaddubsw %xmm0, %xmm1
pmulhrsw %mm0, %mm1
pmulhrsw %xmm0, %xmm1
psignb %mm0, %mm1
psignb %xmm0, %xmm1
psignd %mm0, %mm1
psignd %xmm0, %xmm1
psignw %mm0, %mm1
psignw %xmm0, %xmm1
The following is the proof of code
/********** Beginning of bug 1.c: pabsb %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("pabsb %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 1.c **********/
/********** Beginning of bug 2.c: pabsb %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("pabsb %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 2.c **********/
/********** Beginning of bug 3.c: pabsd %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("pabsd %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 3.c **********/
/********** Beginning of bug 4.c: pabsd %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("pabsd %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 4.c **********/
/********** Beginning of bug 5.c: pabsw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("pabsw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 5.c **********/
/********** Beginning of bug 6.c: pabsw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("pabsw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 6.c **********/
/********** Beginning of bug 7.c: phaddd %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("phaddd %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 7.c **********/
/********** Beginning of bug 8.c: phaddd %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("phaddd %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 8.c **********/
/********** Beginning of bug 9.c: phaddsw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("phaddsw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 9.c **********/
/********** Beginning of bug 10.c: phaddsw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("phaddsw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 10.c **********/
/********** Beginning of bug 11.c: phaddw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("phaddw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 11.c **********/
/********** Beginning of bug 12.c: phaddw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("phaddw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 12.c **********/
/********** Beginning of bug 13.c: phsubd %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("phsubd %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 13.c **********/
/********** Beginning of bug 14.c: phsubd %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("phsubd %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 14.c **********/
/********** Beginning of bug 15.c: phsubsw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("phsubsw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 15.c **********/
/********** Beginning of bug 16.c: phsubsw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("phsubsw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 16.c **********/
/********** Beginning of bug 17.c: phsubw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("phsubw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 17.c **********/
/********** Beginning of bug 18.c: phsubw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("phsubw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 18.c **********/
/********** Beginning of bug 19.c: pmaddubsw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char i2[0x10];
unsigned char i3[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i2)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i3)));;
asm("pmaddubsw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 19.c **********/
/********** Beginning of bug 20.c: pmaddubsw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char i2[0x10];
unsigned char i3[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i2)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i3)));;
asm("pmaddubsw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 20.c **********/
/********** Beginning of bug 21.c: pmulhrsw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("pmulhrsw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 21.c **********/
/********** Beginning of bug 22.c: pmulhrsw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("pmulhrsw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 22.c **********/
/********** Beginning of bug 23.c: psignb %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("psignb %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 23.c **********/
/********** Beginning of bug 24.c: psignb %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("psignb %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 24.c **********/
/********** Beginning of bug 25.c: psignd %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("psignd %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 25.c **********/
/********** Beginning of bug 26.c: psignd %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("psignd %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 26.c **********/
/********** Beginning of bug 27.c: psignw %mm0, %mm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movq (%%rdx), %%mm1\n"::"r"((char *)(i1)));;
asm("psignw %mm0, %mm1");
asm("mov %0, %%rdx\n"
"movq %%mm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 27.c **********/
/********** Beginning of bug 28.c: psignw %xmm0, %xmm1 **********/
int printf(const char *format, ...);
unsigned char i0[0x10];
unsigned char i1[0x10];
unsigned char o[0x10];
int main() {
int k = 0;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm0\n"::"r"((char *)(i0)));;
asm("mov %0, %%rdx\n"
"movdqu (%%rdx), %%xmm1\n"::"r"((char *)(i1)));;
asm("psignw %xmm0, %xmm1");
asm("mov %0, %%rdx\n"
"movdqu %%xmm1, (%%rdx)\n"::"r"((char *)(o)));;
for (k = 0; k < 0x10; k++)
printf("%02x", o[0x10 - 1 - k]);
printf("\n");
}
/********** End of bug 28.c **********/
For any of the above code, when compiled into x86-64 binary code with
gcc, qemu reports the illegal instructions bug. However, these can be
correctly executed on a real machine. For example,
$ gcc 28.c -o 28
$ qemu-x86_64 ./28
qemu: uncaught target signal 4 (Illegal instruction) - core dumped
Illegal instruction
$ ./28
00000000000000000000000000000000
Some information about the system:
$ qemu-x86_64 --version
qemu-x86_64 version 2.7.0, Copyright (c) 2003-2016 Fabrice Bellard and the
QEMU Project developers
$ uname -a
Linux cgos-System-Product-Name 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15
03:51:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
$ gcc --version
gcc (Ubuntu 4.8.4-2ubuntu1~14.04) 4.8.4
Copyright (C) 2013 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Thanks!
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1641637/+subscriptions
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-devel] [Bug 1641637] [NEW] incorrect illegal SSE3 instructions reporting on x86_64,
Jie <=