Octeon Instruction BBIT Bug

Host environment

  • Operating system: All
  • OS/kernel version: All
  • Architecture: All
  • QEMU flavor: qemu-mips64*, qemu-mipsn32*,
  • QEMU version: 7.1.50
  • QEMU command line: 
    ./qemu-mips64 -cpu Octeon68XX hello

Emulated/Virtualized environment

  • Operating system: Userspace
  • OS/kernel version: Userspace
  • Architecture: mips64

Offset Is Not Sign Extended

When the branch offset is calculated for the Octeon BBIT instruction it is not properly sign extended.

Steps to reproduce

  1. Compile 64bit binary for Octeon with Octeon instructions
    mips64-octeon-linux-gnu-gcc -o hello hello.c
  2. Run with qemu-mips64
    qemu-mips64 -cpu Octeon68XX hello
  3. Get the output below:
qemu: uncaught target signal 4 (Illegal instruction) - core dumped
Illegal instruction

Additional information

I have a patch for this that I will be submitting to trivial-patches. This is not enough to emulate Octeon specific binaries alone. For small binaries mapping the CVMSEG_LM = 0xFFFFFFFFFFFF8000 - 0xFFFFFFFFFFFF9FFF to empty RAM and using this patch is enough. There are additional support issues for N32 binaries that will require a separate issue.

hello
Edited by Christopher Wrogg