From nobody Mon Feb 9 01:01:48 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=reject dis=none) header.from=oss.qualcomm.com ARC-Seal: i=1; a=rsa-sha256; t=1770487677; cv=none; d=zohomail.com; s=zohoarc; b=hBWRyAOH8mVpUOCWvhdRwyogeB3RG9ma+tjb5c7dy0HM/Rh2JN+vFlacBoLbTbMMyWMlD5d80S/CEeHFgqJHI9Bgr944gePaF1iY1DluYHnDXCcP7YDIAXh8w7+E8QDjfSTbSIJHvcbvmfVCs7oPA5gWl3sPfVTKrsrTkpf4T1Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1770487677; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=U4PnucSErgQ1G1d8s/m4sKZugrEwnunGmTkw2hW8UbY=; b=dXUJbKtVknMqF7HEhbza6EtlxuLMgD2hPDahgpoobJ8ydGgXqbcKT6Gn1KiSeKGdexT0nl62Fdk0HGck0ZrxCNqyMmukaVdd7o3LDFSuDAIzowKPJmtpHndyKPj/lhHBnZPEGZ8uC+DYkLkTDHy/B+/Ice8CCs9uKcCJQjGsAFQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1770487677435591.3766782580713; Sat, 7 Feb 2026 10:07:57 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vomi5-0001UJ-4Y; Sat, 07 Feb 2026 13:07:09 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vomhz-0001Tb-RY for qemu-devel@nongnu.org; Sat, 07 Feb 2026 13:07:04 -0500 Received: from mx0a-0031df01.pphosted.com ([205.220.168.131]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vomhr-0005L5-Dj for qemu-devel@nongnu.org; Sat, 07 Feb 2026 13:07:01 -0500 Received: from pps.filterd (m0279864.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 617BRhBw3292657 for ; Sat, 7 Feb 2026 18:06:51 GMT Received: from mail-dy1-f200.google.com (mail-dy1-f200.google.com [74.125.82.200]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 4c64hngh7y-1 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NOT) for ; Sat, 07 Feb 2026 18:06:51 +0000 (GMT) Received: by mail-dy1-f200.google.com with SMTP id 5a478bee46e88-2b83787af4cso23342431eec.1 for ; Sat, 07 Feb 2026 10:06:51 -0800 (PST) Received: from hu-bcain-lv.qualcomm.com (Global_NAT1.qualcomm.com. [129.46.96.20]) by smtp.gmail.com with ESMTPSA id 5a478bee46e88-2b855c63152sm4002328eec.25.2026.02.07.10.06.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 07 Feb 2026 10:06:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s=qcppdkim1; bh= U4PnucSErgQ1G1d8s/m4sKZugrEwnunGmTkw2hW8UbY=; b=TU0UyxSSE4tIEAWH fvRxcc2h0WoDqufFEHTDaecGN5oJgztZ2XDZrJxejb0/8GcT48rhdtQt2Z94uXOW pnjcbfSs6YicQ1sBOkqHUQYWtbnJ5jbaa0bj8BMy7uGKaJBKB/GKPYptOkIDEKyh owDVTwrKkkfGJR6EN1vZgpfwedT13UwGqZ/ZdJYj5xsbd5mHcI/POwPGT+tggAtl qwhjQQEWrDCaQfIPkU6DbKwXBly203HD0wCKHov2FGD1EZ6/RVuz10Yn6Tipkmge u68FCyjir39EM8UQ00h2Uz4Qf60uzuBLzw62o0xU9X0jUWBZiro/bWva+jaGlRL+ CgIweg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oss.qualcomm.com; s=google; t=1770487611; x=1771092411; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=U4PnucSErgQ1G1d8s/m4sKZugrEwnunGmTkw2hW8UbY=; b=eVxXq1OVX+C4CBQ/esXqFnjns8xdTF+mBBNzLYD+OO9lQgyKJIbJQ2WC65g+oedcpv Ze9VEy+S52BtSyEMB5eIxvDW6W2FI7wWuxleJV6hoWOLYstcRwz1obuYlCrSNe1AnzkE 2J3NpLUoewp4rWZEafE874HGZD1uzMT3c1h7tg1ny/zy3wYT/MzJ21buCyXz6H0oQN1v vMVC2c88/vs7ctVA7TTg/37He1iNsYZQOhXw+0hb1H1hJTt320+jY8W21VYUZS3k04+o 1ldaLzpLn+fW6rCtvChsdJqiLvoJTkyY/SAqid/p3S1jYCTyh+J3TPgkBcnDuRt+QbvG DKzg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770487611; x=1771092411; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=U4PnucSErgQ1G1d8s/m4sKZugrEwnunGmTkw2hW8UbY=; b=O/flzkARmKFZ3AWhCBbxA8hOCyojFiQrCCIUYt5erjPs9T/iNrVFuqhfJsJqkXeJD+ 9WhcgVMvbn3id4rHqBAsFU1+RQtfqX6L+ZPi5zrYIp5vKyJBE8EpVpYkyELi++DYrHmy vTkZhSPzf+gUocgVjg0gte5MgDviIWf1RpU7z/5AvGoYjuOj7WdecDPBmPXTnwnEi4x9 7G21yewgloDlGYu2atcnXSQZGuExQdeAr1LAdMB/DI21eyOFDkNWyu7YUtC+QdsUGEUA 7Kfk9ZniFDbssUHFTujMYsi3GlH8L2QhO0if+FA1c5fUwBtoMKY9cCpcsCOZ5SylV61q LBiQ== X-Gm-Message-State: AOJu0YyRtX1KO2GqUeCjkfCSPlG25LWpSjOOUK3abke6p6UqF4J2KVMh Vi2lqIebDMz2MTp/MxCani9rs9iqsYtgZC9uru0WNeYAEUMkMCvMe4d6kJZXgBC6tJC6Hdu4iIV Dz8JQ2pbiXgWJKbLJELLNM/gowOPgiTM5JgCbOLskoC1Gvv3nV09IAoblH9MDFzwKEg== X-Gm-Gg: AZuq6aLcmoDTj3bI207IN6naiksCGMzjfs1HnJ5UO9Ou+UVBc6lPJEmMU0IFxQO4DUr ec738Z1QnYhU6h6GIpJ6EQ3xX93sefPLmtkgtyWQXJTA7pTzl1A4MdKnDGL67XGeEjfd9mBphuf in7TkRn/9WI/wR0gYajzMTQR1J9lYa3mGgMnO9rWfXw2c3LKwqoM1Bq05ouZyt5lW00yUYphVl+ Hn/4Q4GJXlbEAhp/OxMTCIMzQE3FC66ieJZkuhzMYd5w3IAPl9l+AzXX3nCrTHP/U38PgIftqI7 vAIftcKSJQP6MmO3MsUdiQ3YLm92Fqw+gsHoQ1rRl8wbSwgrdCTHDaNjG+e/lpHddPG7zbs+lFk q8Vj/gbnLCPoh4bRXlgebwDIb318MvJPa3ehA5RozWq9XUPrUG+NXtbahrA== X-Received: by 2002:a05:7301:4198:b0:2ae:5020:afe1 with SMTP id 5a478bee46e88-2b85647d9d4mr3009401eec.14.1770487610560; Sat, 07 Feb 2026 10:06:50 -0800 (PST) X-Received: by 2002:a05:7301:4198:b0:2ae:5020:afe1 with SMTP id 5a478bee46e88-2b85647d9d4mr3009391eec.14.1770487609928; Sat, 07 Feb 2026 10:06:49 -0800 (PST) From: Brian Cain To: qemu-devel@nongnu.org Cc: brian.cain@oss.qualcomm.com, ltaylorsimpson@gmail.com, alex@alexrp.com, Brian Cain , Pierrick Bouvier , Laurent Vivier Subject: [PATCH v2 1/4] target/hexagon: Fix invalid duplex decoding Date: Sat, 7 Feb 2026 10:06:29 -0800 Message-Id: <20260207180632.1042754-2-brian.cain@oss.qualcomm.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260207180632.1042754-1-brian.cain@oss.qualcomm.com> References: <20260207180632.1042754-1-brian.cain@oss.qualcomm.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Proofpoint-GUID: vgs2N1auDmj-Q6Co8vMyWjZapNk7KSqa X-Proofpoint-ORIG-GUID: vgs2N1auDmj-Q6Co8vMyWjZapNk7KSqa X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMjA3MDE0OSBTYWx0ZWRfX3xuwY7cgp17a z6vV1dKjJcuUuEIIH5LzqwZwhb+SZcO+IDaQN1yupOO72bUsV+CvyBCPXccwAE7kknX6AmlzrwY HjMvCOALssCWXXLA1vTTsDDkotFqOnH58DOp2xZVBq2exqfmoP7Qfv0WriaUKTmLXLWwhXAnmU5 3sMvKcVcmKZ426Fq2Y5SE/H16wZ/ooAqOCWhRzqd8fwghInfkCPfyhsrpq1bJOf+e4JP0qh4ZNc AwNnmmODqsuzMk1TVE3dsflQO5TTEoXlNXG+364c0Ij2vAjRAUv0kn2eivGY9Nr/zPhohtm9zuF r5pP2cM9Htr/k5+O6gYv4jJ0Iyzqsxpr84dm1dSp/goQh0xwVt7ZsHgrxrp/suoIz/OjWNPvn1g DjveT5aZlYi44nuXI3A+iaCtXxhJOBNHnIzfuoSl28nRTvYczMTsEOR+6StKznp1oaXmSrUOgfL Zg5po2U1+ZKVrO7u4jw== X-Authority-Analysis: v=2.4 cv=SNlPlevH c=1 sm=1 tr=0 ts=69877f3b cx=c_pps a=PfFC4Oe2JQzmKTvty2cRDw==:117 a=ouPCqIW2jiPt+lZRy3xVPw==:17 a=IkcTkHD0fZMA:10 a=HzLeVaNsDn8A:10 a=s4-Qcg_JpJYA:10 a=VkNPw1HP01LnGYTKEx00:22 a=Mpw57Om8IfrbqaoTuvik:22 a=GgsMoib0sEa3-_RKJdDe:22 a=p0WdMEafAAAA:8 a=COk6AnOGAAAA:8 a=KKAkSRfTAAAA:8 a=OCWrEZw6VeUBrM89gJgA:9 a=QEXdDO2ut3YA:10 a=6Ab_bkdmUrQuMsNx7PHu:22 a=TjNXssC_j7lpFel5tvFf:22 a=cvBusfyB2V15izCimMoJ:22 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-02-06_05,2026-02-05_03,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 bulkscore=0 clxscore=1015 priorityscore=1501 impostorscore=0 suspectscore=0 adultscore=0 lowpriorityscore=0 spamscore=0 phishscore=0 malwarescore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2601150000 definitions=main-2602070149 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=205.220.168.131; envelope-from=brian.cain@oss.qualcomm.com; helo=mx0a-0031df01.pphosted.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @qualcomm.com) X-ZM-MESSAGEID: 1770487679285154100 When decoding a duplex instruction, if the slot0 sub-instruction fails to decode after slot1 succeeds, QEMU was leaving the packet in a partially-decoded state. This allowed invalid duplex encodings (where one sub-instruction doesn't match any valid pattern) to be executed incorrectly. Fix by resetting the decoder state when slot0 fails, returning an empty instruction that triggers an exception. Add gen_exception_decode_fail() for raising exceptions when decode fails before ctx->next_PC is initialized. This keeps gen_exception_end_tb() semantics unchanged (it continues to use ctx->next_PC for the exception PC after successful decode). Resolves: https://gitlab.com/qemu-project/qemu/-/issues/3291 Signed-off-by: Brian Cain Reviewed-by: Pierrick Bouvier Reviewed-by: Taylor Simpson --- linux-user/hexagon/cpu_loop.c | 4 ++ target/hexagon/decode.c | 13 ++++- target/hexagon/translate.c | 18 ++++++- tests/tcg/hexagon/invalid-encoding.c | 81 ++++++++++++++++++++++++++++ tests/tcg/hexagon/Makefile.target | 1 + 5 files changed, 113 insertions(+), 4 deletions(-) create mode 100644 tests/tcg/hexagon/invalid-encoding.c diff --git a/linux-user/hexagon/cpu_loop.c b/linux-user/hexagon/cpu_loop.c index 1941f4c9c1..c0e1098e3f 100644 --- a/linux-user/hexagon/cpu_loop.c +++ b/linux-user/hexagon/cpu_loop.c @@ -64,6 +64,10 @@ void cpu_loop(CPUHexagonState *env) force_sig_fault(TARGET_SIGBUS, TARGET_BUS_ADRALN, env->gpr[HEX_REG_R31]); break; + case HEX_CAUSE_INVALID_PACKET: + force_sig_fault(TARGET_SIGILL, TARGET_ILL_ILLOPC, + env->gpr[HEX_REG_PC]); + break; case EXCP_ATOMIC: cpu_exec_step_atomic(cs); break; diff --git a/target/hexagon/decode.c b/target/hexagon/decode.c index b5ece60450..69ba1ec96c 100644 --- a/target/hexagon/decode.c +++ b/target/hexagon/decode.c @@ -509,8 +509,14 @@ decode_insns(DisasContext *ctx, Insn *insn, uint32_t e= ncoding) insn->iclass =3D iclass_bits(encoding); return 2; } + /* + * Slot0 decode failed after slot1 succeeded. This is an inval= id + * duplex encoding (both sub-instructions must be valid). + */ + ctx->insn =3D --insn; } - g_assert_not_reached(); + /* Invalid duplex encoding - return 0 to signal failure */ + return 0; } } =20 @@ -674,7 +680,10 @@ int decode_packet(DisasContext *ctx, int max_words, co= nst uint32_t *words, encoding32 =3D words[words_read]; end_of_packet =3D is_packet_end(encoding32); new_insns =3D decode_insns(ctx, insn, encoding32); - g_assert(new_insns > 0); + if (new_insns =3D=3D 0) { + /* Invalid instruction encoding */ + return 0; + } /* * If we saw an extender, mark next word extended so immediate * decode works diff --git a/target/hexagon/translate.c b/target/hexagon/translate.c index e88e19cc1a..7fe8b35351 100644 --- a/target/hexagon/translate.c +++ b/target/hexagon/translate.c @@ -195,7 +195,21 @@ static void gen_exception_end_tb(DisasContext *ctx, in= t excp) tcg_gen_movi_tl(hex_gpr[HEX_REG_PC], ctx->next_PC); gen_exception_raw(excp); ctx->base.is_jmp =3D DISAS_NORETURN; +} =20 +/* + * Generate exception for decode failures. Unlike gen_exception_end_tb, + * this is used when decode fails before ctx->next_PC is initialized. + */ +static void gen_exception_decode_fail(DisasContext *ctx, int nwords, int e= xcp) +{ + target_ulong fail_pc =3D ctx->base.pc_next + nwords * sizeof(uint32_t); + + gen_exec_counters(ctx); + tcg_gen_movi_tl(hex_gpr[HEX_REG_PC], fail_pc); + gen_exception_raw(excp); + ctx->base.is_jmp =3D DISAS_NORETURN; + ctx->base.pc_next =3D fail_pc; } =20 static int read_packet_words(CPUHexagonState *env, DisasContext *ctx, @@ -935,7 +949,7 @@ static void decode_and_translate_packet(CPUHexagonState= *env, DisasContext *ctx) =20 nwords =3D read_packet_words(env, ctx, words); if (!nwords) { - gen_exception_end_tb(ctx, HEX_CAUSE_INVALID_PACKET); + gen_exception_decode_fail(ctx, 0, HEX_CAUSE_INVALID_PACKET); return; } =20 @@ -950,7 +964,7 @@ static void decode_and_translate_packet(CPUHexagonState= *env, DisasContext *ctx) gen_commit_packet(ctx); ctx->base.pc_next +=3D pkt.encod_pkt_size_in_bytes; } else { - gen_exception_end_tb(ctx, HEX_CAUSE_INVALID_PACKET); + gen_exception_decode_fail(ctx, nwords, HEX_CAUSE_INVALID_PACKET); } } =20 diff --git a/tests/tcg/hexagon/invalid-encoding.c b/tests/tcg/hexagon/inval= id-encoding.c new file mode 100644 index 0000000000..010a5eb741 --- /dev/null +++ b/tests/tcg/hexagon/invalid-encoding.c @@ -0,0 +1,81 @@ +/* + * Test that invalid instruction encodings are properly rejected. + * + * Copyright (c) Qualcomm Technologies, Inc. and/or its subsidiaries. + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include +#include +#include +#include +#include +#include + +static void *resume_pc; + +static void handle_sigill(int sig, siginfo_t *info, void *puc) +{ + ucontext_t *uc =3D (ucontext_t *)puc; + + if (sig !=3D SIGILL) { + _exit(EXIT_FAILURE); + } + + uc->uc_mcontext.r0 =3D SIGILL; + uc->uc_mcontext.pc =3D (unsigned long)resume_pc; +} + +/* + * Each test function: + * - Sets r0 to something other than SIGILL + * - Stores the resume address into resume_pc + * - Executes the invalid encoding + * - The handler sets r0 =3D SIGILL and resumes after the faulting packet + * - Returns the value in r0 + */ + +/* + * Invalid duplex encoding (issue #3291): + * - Word 0: 0x0fff6fff =3D immext(#0xfffbffc0), parse bits =3D 01 + * - Word 1: 0x600237b0 =3D duplex with: + * - slot0 =3D 0x17b0 (invalid S2 subinstruction encoding) + * - slot1 =3D 0x0002 (valid SA1_addi) + * - duplex iclass =3D 7 (S2 for slot0, A for slot1) + * + * Since slot0 doesn't decode to any valid S2 subinstruction, this packet + * should be rejected and raise SIGILL. + */ +static int test_invalid_duplex(void) +{ + int sig; + + asm volatile( + "r0 =3D #0\n" + "r1 =3D ##1f\n" + "memw(%1) =3D r1\n" + ".word 0x0fff6fff\n" /* immext(#0xfffbffc0), parse=3D01 */ + ".word 0x600237b0\n" /* duplex: slot0=3D0x17b0 (invalid) */ + "1:\n" + "%0 =3D r0\n" + : "=3Dr"(sig) + : "r"(&resume_pc) + : "r0", "r1", "memory"); + + return sig; +} + +int main() +{ + struct sigaction act; + + memset(&act, 0, sizeof(act)); + act.sa_sigaction =3D handle_sigill; + act.sa_flags =3D SA_SIGINFO; + assert(sigaction(SIGILL, &act, NULL) =3D=3D 0); + + assert(test_invalid_duplex() =3D=3D SIGILL); + + puts("PASS"); + return EXIT_SUCCESS; +} diff --git a/tests/tcg/hexagon/Makefile.target b/tests/tcg/hexagon/Makefile= .target index e5182c01d8..16669e04a8 100644 --- a/tests/tcg/hexagon/Makefile.target +++ b/tests/tcg/hexagon/Makefile.target @@ -51,6 +51,7 @@ HEX_TESTS +=3D scatter_gather HEX_TESTS +=3D hvx_misc HEX_TESTS +=3D hvx_histogram HEX_TESTS +=3D invalid-slots +HEX_TESTS +=3D invalid-encoding HEX_TESTS +=3D unaligned_pc =20 run-and-check-exception =3D $(call run-test,$2,$3 2>$2.stderr; \ --=20 2.34.1 From nobody Mon Feb 9 01:01:48 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=reject dis=none) header.from=oss.qualcomm.com ARC-Seal: i=1; a=rsa-sha256; t=1770487673; cv=none; d=zohomail.com; s=zohoarc; b=CEfMGsfP4ekC6R5CYQRM1qEEMXQ7coetzkD+K0kPpauvtPKnXCpGCzmPfGqqnCKszUZQRLCsWHo6TGKjb/W6i2LrQcBukil0Y0GhakbtNqmuNVvTkc4K604YP7FIHxjbLbYtzN/jUm4vV0hK50Lfdu+J0aWGzJQMf+bNo0QNLe8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1770487673; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=u8zQ/PgN+M6EU0nqZmhx5VWC/id7HIJ3f/1jOvE3ams=; b=fuIOFK5zQu0w5w+NDNo8fWpOV/5mS5E381xA+tFd0nIUbzkoVgH9WowVxaLr2PiP4oqDxV0D9hGd2aphJeT0UmafR1pfHoZiF4WUHcfW1T7msQ5UXiWAQ/RPD9ewv0S4Bc9IxDKdOrMKDIQ526JNm5+enIPUqelmdHpFOW2D5uk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1770487673896911.4934776100964; Sat, 7 Feb 2026 10:07:53 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vomi5-0001UI-45; Sat, 07 Feb 2026 13:07:09 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vomhz-0001Ta-RX for qemu-devel@nongnu.org; Sat, 07 Feb 2026 13:07:04 -0500 Received: from mx0b-0031df01.pphosted.com ([205.220.180.131]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vomhr-0005LM-HI for qemu-devel@nongnu.org; Sat, 07 Feb 2026 13:07:01 -0500 Received: from pps.filterd (m0279868.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 617DlDiI2132297 for ; Sat, 7 Feb 2026 18:06:53 GMT Received: from mail-dy1-f198.google.com (mail-dy1-f198.google.com [74.125.82.198]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 4c5xj1938t-1 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NOT) for ; Sat, 07 Feb 2026 18:06:52 +0000 (GMT) Received: by mail-dy1-f198.google.com with SMTP id 5a478bee46e88-2b708fa4093so9415532eec.0 for ; Sat, 07 Feb 2026 10:06:52 -0800 (PST) Received: from hu-bcain-lv.qualcomm.com (Global_NAT1.qualcomm.com. [129.46.96.20]) by smtp.gmail.com with ESMTPSA id 5a478bee46e88-2b855c63152sm4002328eec.25.2026.02.07.10.06.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 07 Feb 2026 10:06:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s=qcppdkim1; bh= u8zQ/PgN+M6EU0nqZmhx5VWC/id7HIJ3f/1jOvE3ams=; b=PaSGwpQ4lkZo5Mv0 CS6A/CdhU6kGgrK9f6x5x5njCuGUybCEgVvsIIIZsbagWGs0ieXx062dLF5bIuVu WHOBYd2Tth1PvPdSn0SKwsYo1GsDDb7aUUo/UbB/XZ9h3cZFJaKbqDWW7A25/OpP aDAPllv0IHmlmlVVeHG8u0E6OfeheatHFGQRXSGtyY4fuvl3XzsDYl43IFRQIOEy ZBM16RtRbouaincS4QDxXT/ONQZfKoD1P3lBckxfLoiLXLiF3S2bpRR59O4WBfVs +HcBrHUiN3/TuHomwB9xLLioXC+Evkx273O7eKpX7qD9WeyKEGrMjlZh+8jL33CW m0aYHA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oss.qualcomm.com; s=google; t=1770487612; x=1771092412; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=u8zQ/PgN+M6EU0nqZmhx5VWC/id7HIJ3f/1jOvE3ams=; b=SphfY5Lh4c3bUtM1P8s8mrSqMIyLqzVU3vmqG4rdh8IvzlUfRTIFfINLDiPWqMg+mH asVfE/oqJpcdBIt6gl0chMuLeFmsOHvAcY/RiwCirur+yjnMWN87VngH8szNloN9VLry j9DtKBx7MWYYXjDY9SmNc7WCf4hbObIv8SfewonsRngNfeDL/ZUbDUR/CVVDm+lLleS5 VSdQ+KBugY5hdvsMkOmOUGPn42u9XT00KZgyJn4RvIRKL/V9tUjPUdVDN3pSGNXXzFt+ uq8EpvxwLiIb8tLxnqHq5MQvdsgiTlyXB+uNLqdTKuBTqYCoCzgLQoLanh4SLYLYWRFI suqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770487612; x=1771092412; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=u8zQ/PgN+M6EU0nqZmhx5VWC/id7HIJ3f/1jOvE3ams=; b=M606dZXBVbOAdZEv88Ozff6A+1rENJf/b0lh2guY8H5wyf6N1+HFM36CkLCGYkUMR8 sYl9TRQAYRWbYZZPU4yMaa/u7oci+nR2cH3e/UjTbyTuD8GfMddzVVfe/fxLYctPhL5F QnySoibrXPlNbLG97Pgoy3qQX1io+uq9IWeceA2/iepiqM988trH6azUTMlYyff73aja mh6S8sqXlvf0hIT7dHmoJi0UPYAtKsNBfuFf05lIcdVqdUe3TujIy2W8eGZ9t0Zhuu8J pWKlatLqriURIi7VbvXlrHfkbyZMiBEo94clzbd1tXIwJHY/zjLd8tneexeVn14JXuoL N+5Q== X-Gm-Message-State: AOJu0YxB4T1qy/5XZaDkj8N1eBsbeit5QX7gfBY5O7UgnWZVblXmerOM y6FT52OML/XvnPnxYCAIq1kb5OQXnJU8tUM/qhsexb/ketGphmaKeNpO9iqEaOmoBy2gJkhMXSJ +Tp8LaBebHya9UGIktHC1XRnsck1/5BmrdAQLqxaRFyfenHyMeFoz5wTLvARrIw+SbA== X-Gm-Gg: AZuq6aJWGJOkrLCPT7apsnPUiDMbBs1OK25dKvU9NjfmmjCtsTXynBsy2KCv10I8gZY cMV+dppruXs5FSMqG3Rcxp83pLv0W1X2cj4VSCHZds17X+JX5Z5Gls70Sx1N8otZueD5YZJFo/Q J8TJRcKZHVsYM81Y5B0QgL/GBLtO8VVYe9L/CH/bX2L9nMXhJCIlDPuZKn6cVZNCEQOTnYtLi72 7U+2FvoUpdkMZOo6UMV7NwOczIJ0+YXp3+kHk0r81oUTv4DHwdoGDVNR1oLo/hnBywvJQ95bDbL FwWjoSSEhnqupB+6f/lCW5puXjf9sbeUZJhKUf8p+adnTzqtJN3rIpQWA2noqMGhC4aueu9i6w4 /qmwGaVWqBQ8a0eu2WAKl6ZRNywk05cfbOA5uEwVxfTOBP8wd3GeVpgETOg== X-Received: by 2002:a05:693c:2d8c:b0:2b7:1c58:dca6 with SMTP id 5a478bee46e88-2b85646d9c4mr4349651eec.6.1770487611539; Sat, 07 Feb 2026 10:06:51 -0800 (PST) X-Received: by 2002:a05:693c:2d8c:b0:2b7:1c58:dca6 with SMTP id 5a478bee46e88-2b85646d9c4mr4349638eec.6.1770487611030; Sat, 07 Feb 2026 10:06:51 -0800 (PST) From: Brian Cain To: qemu-devel@nongnu.org Cc: brian.cain@oss.qualcomm.com, ltaylorsimpson@gmail.com, alex@alexrp.com, Pierrick Bouvier Subject: [PATCH v2 2/4] target/hexagon: Reject duplex encodings with duplicate dest registers Date: Sat, 7 Feb 2026 10:06:30 -0800 Message-Id: <20260207180632.1042754-3-brian.cain@oss.qualcomm.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260207180632.1042754-1-brian.cain@oss.qualcomm.com> References: <20260207180632.1042754-1-brian.cain@oss.qualcomm.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Proofpoint-GUID: 1ShrdRGY-jCPL8tDYFihl2vi9ZxOhLgn X-Proofpoint-ORIG-GUID: 1ShrdRGY-jCPL8tDYFihl2vi9ZxOhLgn X-Authority-Analysis: v=2.4 cv=F/tat6hN c=1 sm=1 tr=0 ts=69877f3c cx=c_pps a=wEP8DlPgTf/vqF+yE6f9lg==:117 a=ouPCqIW2jiPt+lZRy3xVPw==:17 a=IkcTkHD0fZMA:10 a=HzLeVaNsDn8A:10 a=s4-Qcg_JpJYA:10 a=VkNPw1HP01LnGYTKEx00:22 a=Mpw57Om8IfrbqaoTuvik:22 a=GgsMoib0sEa3-_RKJdDe:22 a=p0WdMEafAAAA:8 a=EUspDBNiAAAA:8 a=KKAkSRfTAAAA:8 a=ceJ5jWYMHQCwmun8QzEA:9 a=QEXdDO2ut3YA:10 a=bBxd6f-gb0O0v-kibOvt:22 a=cvBusfyB2V15izCimMoJ:22 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMjA3MDE0OSBTYWx0ZWRfXziov73BePCf8 1C05VanEmJrrE9M+DVSDZj7qckorTPhVe+2YEWJmtIUKZULDKOaGkUzL7ELuUa83HCZzB5trzhN axPGt+wS6Kd9tEDSzkrrmgEozxzFl1LDUxDpKfKyystAnq8a/23lR675LRGlzbnS0lsioF71m4U +b4DfeittpBvfC7I0OPoBWe1llXvRy1Q0v2Yo8KPWX3sqViLI8tAjyx6q2R7YRLk7yWgZwwC9DO Ex70SFEI1PreMB6a7A1pz624l1SmEvKvwKuO9xC1aY6zQ7exgwxmBl+2fP0k3m6/Oq6CsvwSaU+ ELluvO1pvHAX5dbyQHcq6qjTzVvVp1QfhbsR+amqwUJVkyXiwuCr73cV/kBF/4LFksOHD3kx0tU gwv8fi5RIYy4Wj1xACV62bFIg6r4iwBep3aOSMAUdmnveR9maH+B/5W9hczmg17JPUSbFkMowYZ BZTkaDmxeKpzZkBpkXQ== X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-02-06_05,2026-02-05_03,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 bulkscore=0 adultscore=0 clxscore=1015 malwarescore=0 priorityscore=1501 suspectscore=0 spamscore=0 phishscore=0 impostorscore=0 lowpriorityscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2601150000 definitions=main-2602070149 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=205.220.180.131; envelope-from=brian.cain@oss.qualcomm.com; helo=mx0b-0031df01.pphosted.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @qualcomm.com) X-ZM-MESSAGEID: 1770487675945154101 A duplex encoding like 0x00000000 decodes as two loads that both write r0. Add a check in decode_insns() after both sub-instructions decode successfully to verify they don't write the same destination register. Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2696 Signed-off-by: Brian Cain Reviewed-by: Pierrick Bouvier --- target/hexagon/decode.c | 12 ++++++++++++ tests/tcg/hexagon/invalid-encoding.c | 29 ++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+) diff --git a/target/hexagon/decode.c b/target/hexagon/decode.c index 69ba1ec96c..90499fc320 100644 --- a/target/hexagon/decode.c +++ b/target/hexagon/decode.c @@ -501,12 +501,24 @@ decode_insns(DisasContext *ctx, Insn *insn, uint32_t = encoding) =20 /* The slot1 subinsn needs to be in the packet first */ if (decode_slot1_subinsn(ctx, slot1_subinsn)) { + Insn *slot1_insn =3D insn; insn->generate =3D opcode_genptr[insn->opcode]; insn->iclass =3D iclass_bits(encoding); ctx->insn =3D ++insn; if (decode_slot0_subinsn(ctx, slot0_subinsn)) { insn->generate =3D opcode_genptr[insn->opcode]; insn->iclass =3D iclass_bits(encoding); + /* + * Check that the two sub-instructions don't write the same + * destination register (e.g., encoding 0x0 decodes as two + * loads both writing R0, which is an invalid packet). + */ + if (insn->dest_idx >=3D 0 && slot1_insn->dest_idx >=3D 0 && + insn->regno[insn->dest_idx] =3D=3D + slot1_insn->regno[slot1_insn->dest_idx]) { + ctx->insn =3D --insn; + return 0; + } return 2; } /* diff --git a/tests/tcg/hexagon/invalid-encoding.c b/tests/tcg/hexagon/inval= id-encoding.c index 010a5eb741..1bbd312b61 100644 --- a/tests/tcg/hexagon/invalid-encoding.c +++ b/tests/tcg/hexagon/invalid-encoding.c @@ -65,6 +65,34 @@ static int test_invalid_duplex(void) return sig; } =20 +/* + * Duplex with duplicate destination registers (issue #2696): + * The encoding 0x00000000 decodes as a duplex with parse bits + * [15:14] =3D 0b00: + * slot1: SL1_loadri_io R0 =3D memw(R0+#0x0) + * slot0: SL1_loadri_io R0 =3D memw(R0+#0x0) + * + * Both sub-instructions write R0, which is an invalid packet (duplicate + * destination register). This should raise SIGILL. + */ +static int test_invalid_dups(void) +{ + int sig; + + asm volatile( + "r0 =3D #0\n" + "r1 =3D ##1f\n" + "memw(%1) =3D r1\n" + ".word 0x00000000\n" + "1:\n" + "%0 =3D r0\n" + : "=3Dr"(sig) + : "r"(&resume_pc) + : "r0", "r1", "memory"); + + return sig; +} + int main() { struct sigaction act; @@ -75,6 +103,7 @@ int main() assert(sigaction(SIGILL, &act, NULL) =3D=3D 0); =20 assert(test_invalid_duplex() =3D=3D SIGILL); + assert(test_invalid_dups() =3D=3D SIGILL); =20 puts("PASS"); return EXIT_SUCCESS; --=20 2.34.1 From nobody Mon Feb 9 01:01:48 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=reject dis=none) header.from=oss.qualcomm.com ARC-Seal: i=1; a=rsa-sha256; t=1770487673; cv=none; d=zohomail.com; s=zohoarc; b=B0W+rDM+XSQU8sMaLbyYSvqhqMTaDk1u3QJX5Dwe2CGwwSbXG86v0ZlGaG686oJ5nWKU8Ok+9TbO6Ue8IleAFxxfnIYVO/F9+GFMGTnQMtTeO49Z3/78hrX+fiWtoohFy/z7iYW9X52ros91eL5n28isHwrZkfG/5m8QrrdtI6Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1770487673; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=SGn9Dx9TKhYwyyq6cn6DSMXoUDg7D4YZd5UT23z4be8=; b=mnQRVTQGyX5dwKpHXnTUsze6ljMsqrGZEh/VTEH3ZZOsz1p1+Xn8x8FFN9asSpUazWvR7CxmCNzC9UIeNhQdf0ymc04XwhzTHLojQRCfquq9KyVuj90+MySiteX6VLKMf4g+CYfg2ONNvUQQ8g2RbaCONglzPExyRS/d4pFznYE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1770487673920388.4046935424284; Sat, 7 Feb 2026 10:07:53 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vomi9-0001Vf-PW; Sat, 07 Feb 2026 13:07:13 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vomhz-0001TZ-R2 for qemu-devel@nongnu.org; Sat, 07 Feb 2026 13:07:04 -0500 Received: from mx0b-0031df01.pphosted.com ([205.220.180.131]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vomhr-0005LY-Cv for qemu-devel@nongnu.org; Sat, 07 Feb 2026 13:07:01 -0500 Received: from pps.filterd (m0279868.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 6174chvk1050589 for ; Sat, 7 Feb 2026 18:06:54 GMT Received: from mail-dy1-f198.google.com (mail-dy1-f198.google.com [74.125.82.198]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 4c5xj1938u-1 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NOT) for ; Sat, 07 Feb 2026 18:06:53 +0000 (GMT) Received: by mail-dy1-f198.google.com with SMTP id 5a478bee46e88-2b708fa4093so9415553eec.0 for ; Sat, 07 Feb 2026 10:06:53 -0800 (PST) Received: from hu-bcain-lv.qualcomm.com (Global_NAT1.qualcomm.com. [129.46.96.20]) by smtp.gmail.com with ESMTPSA id 5a478bee46e88-2b855c63152sm4002328eec.25.2026.02.07.10.06.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 07 Feb 2026 10:06:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s=qcppdkim1; bh= SGn9Dx9TKhYwyyq6cn6DSMXoUDg7D4YZd5UT23z4be8=; b=UPzu8Q3wpDgI26vz zbO24C9sDc4Gd+imdiPebjMx0n3khGuvoT1UkYo6y6jbMsL14bRgmuUgZA7JhS2L nyEcJqroAvDyWE1vMSyopde+tl6rUH+mmqOc9qe8inbHkc/+30wIdoVl4+nqB8R/ a9+bUbjtKhiR0J67JqcHM6Cp7/g0YldotKxwVcFe7I4vcEtX2eEK99PK/1fiFU8w ch71oqq1wig0ss2TrI1+o0o6bW8wYbN5dFpCzIRgblGnpDQ6r4NsBjPZLShR6T09 Uay9/hpebcylmTMXilb/4f0TiS+8m40sAKUbKtO44SzY6DY2fYW16CW6oRw5mpd1 XDQI8Q== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oss.qualcomm.com; s=google; t=1770487613; x=1771092413; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=SGn9Dx9TKhYwyyq6cn6DSMXoUDg7D4YZd5UT23z4be8=; b=g2iSfc1hWoVUCm+D7qiNk++SkQQOFK7v9Ql2LX8vT3tVIQL40M7jh19Xcw8KFpleVR borkWYzOikd6HeuhQtJnTbVeLAerGFM/OMRqZDHm1ydhEFx9yDK0Yt2CxA14jkuNKAHX e8keYbGillc/71mAlJgkRkwqV1MkIH+BwHaU6UscJdcJvfm0M3+b16/pNusfCsceYqmM 92rrvaQXAeaR5Z6qut8PQG+9FdrQF5j0NVGUG+WuiHh6D/3HNxLhH87S8XQyPX2JyZ9X hpEUpEr3cjuPpAwpW3il41xvS7oz9PvtMnpVWu8/YFk3u75ZN57FkB77+lXXpKKb0ZNE 46DA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770487613; x=1771092413; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=SGn9Dx9TKhYwyyq6cn6DSMXoUDg7D4YZd5UT23z4be8=; b=ivJDVSu/TEITVUolk5D3KVMWr4GvQuu/PEco1/HwWBec6p63UyxYxzLwK0JFnrjeia sp3SLVMdejOEMGa5H/JmHTsMPgSSrm2XWsMsql8incsLNsLdba5yTZhmqC/d2NNcpOBC +5tjm0gYpei+VdDMQXsXAQHmLjArUU4oDR9HUP9q9OsTn9nm1vaWZXQvlFLuhFPtNsWx WtE4bkmMhYY/do0cXnqWsxFvfKm14gCmoLcdjaelCOwlKILBP4OPWX2X/nhZcLgaKMkN dlXW6bOL1jvemVguz0nvvviHsCxgi6VyFPIHYZyL28ZHByR/p3CgfBkZ5ZdFYv6oJAYo U7nA== X-Gm-Message-State: AOJu0YyCJnbVHQE+Wsk05SO4KfD1i3cUOkOxSRpnm888g5+jjsHfF0wq siAmM6aRPLI2RvVyWqWL0Q8qmjxvAFcZUdZowfeeop9seX5QYfBW5BKA4mj5X8nnEbDfIhZX4cf QVkYtEjNHmp3031s771rSYkvg60PnsmZz2g4X0CwokEcP7SNSf96p1DF4GdKxk1/tjw== X-Gm-Gg: AZuq6aLMi0xp69EGnzN0zc4F/++lLDJFxE/bCZQkWUCmfVyGiEQlzhJeqIj7hk4gwpG 78vOSg4G3GAhwpBufDbYl5aaOy0wdmFJF2eeXVPTa8fqW47fCr7N666myzObfuiLbEiROo5sSYG dE2rRUstYvoWnFKBJSA1JsCPj59FnnJyyiZ/aLVX+YyQCeGRQheGF3MsWem8tOq2oXx6bvKzAxS toSooN494katJXO504d8Us7yovQ3Rop0OI8Wtc4bwmNAhRFUI96x4f/O8VjcZODtgPpL7CGfnvI mbj7kJu3OPeWVlZ/6QHd6QySpUfpVBiKoCQ5OO4Llt3disyNUlsTwz+CNRmiLJiiy9Qz1gMhI2d ubgMCutu4dtgL63erKAeQfZ/8UzGyHJ9TRLxhnqh1NzwOk+xRJ9XQTG3jqA== X-Received: by 2002:a05:7300:e82c:b0:2b8:26b8:3420 with SMTP id 5a478bee46e88-2b85646dfcfmr2996063eec.5.1770487612610; Sat, 07 Feb 2026 10:06:52 -0800 (PST) X-Received: by 2002:a05:7300:e82c:b0:2b8:26b8:3420 with SMTP id 5a478bee46e88-2b85646dfcfmr2996054eec.5.1770487612112; Sat, 07 Feb 2026 10:06:52 -0800 (PST) From: Brian Cain To: qemu-devel@nongnu.org Cc: brian.cain@oss.qualcomm.com, ltaylorsimpson@gmail.com, alex@alexrp.com, Pierrick Bouvier Subject: [PATCH v2 3/4] target/hexagon: Return decode failure for invalid non-duplex encodings Date: Sat, 7 Feb 2026 10:06:31 -0800 Message-Id: <20260207180632.1042754-4-brian.cain@oss.qualcomm.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260207180632.1042754-1-brian.cain@oss.qualcomm.com> References: <20260207180632.1042754-1-brian.cain@oss.qualcomm.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Proofpoint-GUID: Z-wkv2KEKX0WKULyRiwCpPmh3EaKlWbA X-Proofpoint-ORIG-GUID: Z-wkv2KEKX0WKULyRiwCpPmh3EaKlWbA X-Authority-Analysis: v=2.4 cv=F/tat6hN c=1 sm=1 tr=0 ts=69877f3d cx=c_pps a=wEP8DlPgTf/vqF+yE6f9lg==:117 a=ouPCqIW2jiPt+lZRy3xVPw==:17 a=IkcTkHD0fZMA:10 a=HzLeVaNsDn8A:10 a=s4-Qcg_JpJYA:10 a=VkNPw1HP01LnGYTKEx00:22 a=Mpw57Om8IfrbqaoTuvik:22 a=GgsMoib0sEa3-_RKJdDe:22 a=EUspDBNiAAAA:8 a=KKAkSRfTAAAA:8 a=D67r-eMCZ0zeLs--bqkA:9 a=QEXdDO2ut3YA:10 a=bBxd6f-gb0O0v-kibOvt:22 a=cvBusfyB2V15izCimMoJ:22 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMjA3MDE0OSBTYWx0ZWRfX6lgXRZnCwhgS kBmPD4GgCl8LumA7McuVW4f9LMD6BQoxSgG4bvYn25KyjzV2U3cvFjo/YYSiwaaaktztnlXOo/m sYzr+P7t2Q+t+H1Hh4lTr7Vvqxm6Fm3IuuvoYXt7CsyMwAjiVxNu/fnt+xt4WM6DrnVdiTCHKZ+ P2dK5KY0r3w3qY35DCLqYhU7JQEYsNh3xN6/CDT4AKuk/4C0zTv311viQhCixQVjjgBgYO2saif wMP60j6g9xsKj9zuRdk8uiZvjukXxg1B+NMjjNgp2W58dHKSJljeLjf8TGJHJEet4nV1XfPPfN3 P3ufz/TBwunoVJEbgQD2kXrseg5E7bCaE+LLyIA4tbKnG3/m40sw3hgrww4+4bDKNgp29Wu52Ma rqwQ/oumy8HxjQs2Lj6aLqItT6uRyyCv2UeZC9F3p7qG5v6DkaqJDNVI2RR5m1Fe1Gr+S5TL4YK +u1ACELAoUCFksRer1A== X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-02-06_05,2026-02-05_03,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 bulkscore=0 adultscore=0 clxscore=1015 malwarescore=0 priorityscore=1501 suspectscore=0 spamscore=0 phishscore=0 impostorscore=0 lowpriorityscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2601150000 definitions=main-2602070149 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=205.220.180.131; envelope-from=brian.cain@oss.qualcomm.com; helo=mx0b-0031df01.pphosted.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @qualcomm.com) X-ZM-MESSAGEID: 1770487675945154100 When a non-duplex encoding (parse_bits !=3D 0) fails both decode_normal() and decode_hvx(), the decoder hit an unreachable. Instead, handle the decode failure and raise an exception. Signed-off-by: Brian Cain Reviewed-by: Pierrick Bouvier Reviewed-by: Taylor Simpson --- target/hexagon/decode.c | 3 ++- tests/tcg/hexagon/invalid-encoding.c | 25 +++++++++++++++++++++++++ 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/target/hexagon/decode.c b/target/hexagon/decode.c index 90499fc320..ebb4e02a17 100644 --- a/target/hexagon/decode.c +++ b/target/hexagon/decode.c @@ -489,7 +489,8 @@ decode_insns(DisasContext *ctx, Insn *insn, uint32_t en= coding) insn->iclass =3D iclass_bits(encoding); return 1; } - g_assert_not_reached(); + /* Invalid non-duplex encoding */ + return 0; } else { uint32_t iclass =3D get_duplex_iclass(encoding); unsigned int slot0_subinsn =3D get_slot0_subinsn(encoding); diff --git a/tests/tcg/hexagon/invalid-encoding.c b/tests/tcg/hexagon/inval= id-encoding.c index 1bbd312b61..040a7d9147 100644 --- a/tests/tcg/hexagon/invalid-encoding.c +++ b/tests/tcg/hexagon/invalid-encoding.c @@ -93,6 +93,30 @@ static int test_invalid_dups(void) return sig; } =20 +/* + * Invalid non-duplex encoding: + * The encoding 0xffffc000 has parse bits [15:14] =3D 0b11, making it a + * non-duplex instruction and packet end. The remaining bits do not match + * any valid normal or HVX instruction encoding, so this should raise SIGI= LL. + */ +static int test_invalid_nonduplex(void) +{ + int sig; + + asm volatile( + "r0 =3D #0\n" + "r1 =3D ##1f\n" + "memw(%1) =3D r1\n" + ".word 0xffffc000\n" + "1:\n" + "%0 =3D r0\n" + : "=3Dr"(sig) + : "r"(&resume_pc) + : "r0", "r1", "memory"); + + return sig; +} + int main() { struct sigaction act; @@ -104,6 +128,7 @@ int main() =20 assert(test_invalid_duplex() =3D=3D SIGILL); assert(test_invalid_dups() =3D=3D SIGILL); + assert(test_invalid_nonduplex() =3D=3D SIGILL); =20 puts("PASS"); return EXIT_SUCCESS; --=20 2.34.1 From nobody Mon Feb 9 01:01:48 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=reject dis=none) header.from=oss.qualcomm.com ARC-Seal: i=1; a=rsa-sha256; t=1770487688; cv=none; d=zohomail.com; s=zohoarc; b=a6zYE8pl7tstJ8xbwB2SI6vZpdhKYVIGBhGUxt18PUrk107eqLPyjcJ02Iappa/b0AtR49HrgwbSrRHre4XS1yOH9b3KLC0rimGM7NO42deN0ng9UNSoD94SZ7at5YlQRZOXPtlSELuo4ilEiIqe2kUQsDP6oowaQHTYbACKw4Q= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1770487688; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=JHhQq6zjjk1gW27nuetaXaeVBGetUzLOuDVqFptfOCA=; b=Iy/FAaUZ4nRJl+5DC/v1CFu/uY0eGrtg1Kc+LRjc/raztoR0voUZky+x9DDfP/Mv3VnpgMMPhbfyPTZf1TWihUNW9jA0+uulEQJSYowFfw8QoVHhU53jpUI3N1KhFPyJy5Qpv9q4p6Uh3uUsATiR/4B0wLrNm3GM43Th0oDMgyY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1770487688461942.8981220086552; Sat, 7 Feb 2026 10:08:08 -0800 (PST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1vomi5-0001UK-BB; Sat, 07 Feb 2026 13:07:09 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vomi1-0001U8-6l for qemu-devel@nongnu.org; Sat, 07 Feb 2026 13:07:06 -0500 Received: from mx0b-0031df01.pphosted.com ([205.220.180.131]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1vomhv-0005Lq-5p for qemu-devel@nongnu.org; Sat, 07 Feb 2026 13:07:04 -0500 Received: from pps.filterd (m0279868.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 6174dYmK1051289 for ; Sat, 7 Feb 2026 18:06:55 GMT Received: from mail-dy1-f199.google.com (mail-dy1-f199.google.com [74.125.82.199]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 4c5xj1938w-1 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NOT) for ; Sat, 07 Feb 2026 18:06:54 +0000 (GMT) Received: by mail-dy1-f199.google.com with SMTP id 5a478bee46e88-2b866e72c00so474811eec.1 for ; Sat, 07 Feb 2026 10:06:54 -0800 (PST) Received: from hu-bcain-lv.qualcomm.com (Global_NAT1.qualcomm.com. [129.46.96.20]) by smtp.gmail.com with ESMTPSA id 5a478bee46e88-2b855c63152sm4002328eec.25.2026.02.07.10.06.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 07 Feb 2026 10:06:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h= cc:content-transfer-encoding:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to; s=qcppdkim1; bh= JHhQq6zjjk1gW27nuetaXaeVBGetUzLOuDVqFptfOCA=; b=jnun3aeCuruGz43+ DQwgtUbeeSfGO7/Iry86yDsCLhZE8GXeeO3ysXc0EilyAqwFfqG2+sW18oqvNZAW 1+vCq8RL/06yozCpZZ2SbcPEvhJB6kEoli1Qz4nIWU6vFQvsLByRUtQVqYHqgofF ebiIGwVvEaIc3LRZ4zYJx1BievKGXNI674peLq7e2LRmYB0LW/ZREvJwIuvo8hwS vRszy91wV1gO5TAx1BRL//b+GpPR6CcTX+wqiEPQK/TQU/I8Do6s0lR8IUSPgWzm rPn/epH48NFUKWglJ/8IbIbD5hZ82z+G7OEAvVBxEtHfrDfDlFAGOdQ0hIbRNvOy 5EU6UQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oss.qualcomm.com; s=google; t=1770487614; x=1771092414; darn=nongnu.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=JHhQq6zjjk1gW27nuetaXaeVBGetUzLOuDVqFptfOCA=; b=YS3/MiTI53lHOSdnlUKIFPTpZZCQndLwckQbbqT+h+xRRCa2SO2qWJmcqcIQLurUKq i8vG59g1lhNrpiyMAa+MVfxjhzOzSKYIIBlRIjgThFDWlC8g63F/0FmKwXZ6d0wN+vQW 9TLtXklrxrqOws8T1uaCX4w23Bel8uF25lBVMTEpGHBINbvKwGAf5Qk+HppZRFRL4tdO fiCgY9CMjLT4LtDAKI+Rvre+D+ZM4eof6cXpcP3ktH6tzE4VcTmzQw7gwsH6nEbY4hx2 /OaoisbeueSfbcD0qr7bnLzMK7BqyJtiwJpV5s4rdQvQe8foANFpa3QPRyeYSStr309s 9oYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770487614; x=1771092414; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=JHhQq6zjjk1gW27nuetaXaeVBGetUzLOuDVqFptfOCA=; b=gXmj86ETzochOr+HG+/t/WL6yj2H83pWk1WtHNNDIlMU4/7yo6weBzXLHUEyhMp8No 0ob84dgf8ji0qzemtcEbLZ+7hf76OLy9zaxWNDBVhWofI0+fnNl+R+NNyAsR8RYZHGeH Hdw90Y8KSMTf+eLP5YmKZsrHYu4oifEGj1KmhTRuzEJAEvfAoFs8yI6m+cQ/rlBSdxDD R9h3psgT6bQ2YknclKgx3MSIPRDPqw4kGcU4TVhv7OaQEFzpO/pKRju549d/raiv8Dv6 iFh5uqd/jNQWHhcLOC+yMMATtTfq0lb8kCGkOIVZVRErN4VKab4gqvxFQLsVX3J9wSqS lzqw== X-Gm-Message-State: AOJu0YxS2evHzelPDknl2S+i2QXnk3WGrxuVBB8SOpVPqTZKgWiSF0me 1QNIUhVA1W9qGZqenwKCDARGbxmqKhwH+mtxZQWzgd2mh8QV4Iwke5BT4eZzKYXEbiTn9+WIevP fRaVRMMS7Odj1dA5k3jZDcTBCOKAqeoKETJuTdISgNhlLDuwinHJ42sjNPe2F8PVozg== X-Gm-Gg: AZuq6aI/+akQu3lGrjVp0p/xU022m0EKc4odYDvy9J1YP5ql6V4aP3CJrOI/DOHhajk 68Ys+R1Qd40f/Otz9cSJ0nZt0T9vw2OiobKexnbxkFZFyWVdL4yTPNcS2SpC/Rqh4d2E1ZiO1oP XTuI8bHI0gaQ7t8eFuECc8Qc7F+ttbDe9w7hmvp7JCkLzaBgtdQJ6ni/r+DVXmOotNwykY/zj2K 49y9exQYlrWMDYW3yFyvbW4TCEpNe0wOqVF6DnBtVC1+VFRTICzNEZJcPVUWIJmhrkz97RTkCtV UounufUEMns9k3+2zdaaVAK0+0i5E5aPV5Ad3wQhbTZ7N8pW1Lnj2um29MZ7OdKOJyfnYG/S5+P f2cSh+bcVVj1MLYheY34lOyRWIGGUXFISn8gPczerK/Y8qJBLmBckYOte7g== X-Received: by 2002:a05:7301:9bc6:b0:2b7:f0a0:c195 with SMTP id 5a478bee46e88-2b856830522mr3218967eec.31.1770487613791; Sat, 07 Feb 2026 10:06:53 -0800 (PST) X-Received: by 2002:a05:7301:9bc6:b0:2b7:f0a0:c195 with SMTP id 5a478bee46e88-2b856830522mr3218960eec.31.1770487613209; Sat, 07 Feb 2026 10:06:53 -0800 (PST) From: Brian Cain To: qemu-devel@nongnu.org Cc: brian.cain@oss.qualcomm.com, ltaylorsimpson@gmail.com, alex@alexrp.com Subject: [PATCH v2 4/4] tests/tcg/hexagon: Handle SIGILL internally in invalid-slots test Date: Sat, 7 Feb 2026 10:06:32 -0800 Message-Id: <20260207180632.1042754-5-brian.cain@oss.qualcomm.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260207180632.1042754-1-brian.cain@oss.qualcomm.com> References: <20260207180632.1042754-1-brian.cain@oss.qualcomm.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Proofpoint-GUID: Ge683moFqg7ndnEpiMF54ybC7JcldLZQ X-Proofpoint-ORIG-GUID: Ge683moFqg7ndnEpiMF54ybC7JcldLZQ X-Authority-Analysis: v=2.4 cv=F/tat6hN c=1 sm=1 tr=0 ts=69877f3e cx=c_pps a=cFYjgdjTJScbgFmBucgdfQ==:117 a=ouPCqIW2jiPt+lZRy3xVPw==:17 a=IkcTkHD0fZMA:10 a=HzLeVaNsDn8A:10 a=s4-Qcg_JpJYA:10 a=VkNPw1HP01LnGYTKEx00:22 a=Mpw57Om8IfrbqaoTuvik:22 a=GgsMoib0sEa3-_RKJdDe:22 a=mDV3o1hIAAAA:8 a=EUspDBNiAAAA:8 a=F0Jt1ehG-eUF7qKHwFUA:9 a=QEXdDO2ut3YA:10 a=scEy_gLbYbu1JhEsrz4S:22 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwMjA3MDE0OSBTYWx0ZWRfXyMW4wHKFd8Uu jkq8gjUWcOhMWifYIOZxHkRkEHsFWmKqsMf5xF36Y5LK8qCWeC49AOnKIw2xQDJ6r3qz0YV5vYM H9jOeXvPpsLIoZbQ5Gq2S6oTk3dl4o8jVWzilfPqffTldj2CuiDLA5LFdY9kf3TMt3MpNeghyh/ iou5MnI5lMKltdZ3ut4qq8otvCbZVhxd+xDUa38M2kFg+/HZZdkwABKI71tFnWw3uqeaTozO8tc UFGKRcR5+e/Oz7A0HKXDlLhvUHg+Iz/YZv5/LQGnSwBMiGfPRblYPmHacpzbKE+lSPmeoxJf+Rj nwpbNRhscGO8DZKdD3WadTzb5htaQ2VIxMxotVWpVjt5vMMHD3orQQp4AqrWrsT9CKHrhfJVV7z w0MBm1/j3BN6aGbIs0yDkDt5tf+mUlnXBvrutQK1HxUCMb8/poeXADXr8bDeBQShaDMBXlxVyvt Z9OLGUojPNiHGDblGsg== X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1121,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-02-06_05,2026-02-05_03,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 bulkscore=0 adultscore=0 clxscore=1015 malwarescore=0 priorityscore=1501 suspectscore=0 spamscore=0 phishscore=0 impostorscore=0 lowpriorityscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2601150000 definitions=main-2602070149 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=205.220.180.131; envelope-from=brian.cain@oss.qualcomm.com; helo=mx0b-0031df01.pphosted.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @qualcomm.com) X-ZM-MESSAGEID: 1770487689305154100 Rewrite invalid-slots.c to catch and verify SIGILL using a sigaction handler that modifies the ucontext, matching the pattern used by invalid-encoding.c. Signed-off-by: Brian Cain Reviewed-by: Pierrick Bouvier Reviewed-by: Taylor Simpson --- tests/tcg/hexagon/invalid-slots.c | 76 ++++++++++++++++++++++++------- tests/tcg/hexagon/Makefile.target | 6 --- 2 files changed, 59 insertions(+), 23 deletions(-) diff --git a/tests/tcg/hexagon/invalid-slots.c b/tests/tcg/hexagon/invalid-= slots.c index 366ce4f42f..607027f314 100644 --- a/tests/tcg/hexagon/invalid-slots.c +++ b/tests/tcg/hexagon/invalid-slots.c @@ -1,29 +1,71 @@ /* - * Copyright(c) 2023 Qualcomm Innovation Center, Inc. All Rights Reserved. + * Test that invalid slot assignments are properly rejected. * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see . + * Copyright (c) Qualcomm Technologies, Inc. and/or its subsidiaries. + * SPDX-License-Identifier: GPL-2.0-or-later */ =20 +#include +#include +#include +#include +#include +#include + +static void *resume_pc; + +static void handle_sigill(int sig, siginfo_t *info, void *puc) +{ + ucontext_t *uc =3D (ucontext_t *)puc; + + if (sig !=3D SIGILL) { + _exit(EXIT_FAILURE); + } + + uc->uc_mcontext.r0 =3D SIGILL; + uc->uc_mcontext.pc =3D (unsigned long)resume_pc; +} + char mem[8] __attribute__((aligned(8))); =20 -int main() +/* + * Invalid packet with 2 instructions at slot 0: + * - Word 0: 0xa1804100 =3D memw(r0) =3D r1 + * - Word 1: 0x28032804 =3D { r3 =3D #0; r4 =3D #0 } + * + * This should raise SIGILL due to the invalid slot assignment. + */ +static int test_invalid_slots(void) { + int sig; + asm volatile( + "r0 =3D #0\n" + "r1 =3D ##1f\n" + "memw(%1) =3D r1\n" "r0 =3D #mem\n" - /* Invalid packet (2 instructions at slot 0): */ ".word 0xa1804100\n" /* { memw(r0) =3D r1; */ ".word 0x28032804\n" /* r3 =3D #0; r4 =3D #0 } */ - : : : "r0", "r3", "r4", "memory"); - return 0; + "1:\n" + "%0 =3D r0\n" + : "=3Dr"(sig) + : "r"(&resume_pc) + : "r0", "r1", "r3", "r4", "memory"); + + return sig; +} + +int main() +{ + struct sigaction act; + + memset(&act, 0, sizeof(act)); + act.sa_sigaction =3D handle_sigill; + act.sa_flags =3D SA_SIGINFO; + assert(sigaction(SIGILL, &act, NULL) =3D=3D 0); + + assert(test_invalid_slots() =3D=3D SIGILL); + + puts("PASS"); + return EXIT_SUCCESS; } diff --git a/tests/tcg/hexagon/Makefile.target b/tests/tcg/hexagon/Makefile= .target index 16669e04a8..d64aeba090 100644 --- a/tests/tcg/hexagon/Makefile.target +++ b/tests/tcg/hexagon/Makefile.target @@ -54,12 +54,6 @@ HEX_TESTS +=3D invalid-slots HEX_TESTS +=3D invalid-encoding HEX_TESTS +=3D unaligned_pc =20 -run-and-check-exception =3D $(call run-test,$2,$3 2>$2.stderr; \ - test $$? -eq 1 && grep -q "exception $(strip $1)" $2.stderr) - -run-invalid-slots: invalid-slots - $(call run-and-check-exception, 0x15, $@, $(QEMU) $(QEMU_OPTS) $<) - HEX_TESTS +=3D test_abs HEX_TESTS +=3D test_bitcnt HEX_TESTS +=3D test_bitsplit --=20 2.34.1