On 6/15/25 22:09, Philippe Mathieu-Daudé wrote:
Hi Solomon,
Cc'ing the qemu-arm@ list.
On 14/6/25 06:51, r...@wjsota.com wrote:
Hi!
Is `qemu-aarch64 -cpu neoverse-n1` supposed to emulate the `retaa` instruction?
I have a binary called `main_pac` compiled from https://learn.arm.com/learning-paths/
servers-and-cloud-computing/pac/example/ .
The compiling command is `aarch64-linux-gnu-gcc -march=armv8.5-a -fPIC -pedantic -Wall -
Wextra -ggdb3 -O0 -mbranch-protection=standard -fno-stack-protector -fPIE -static main.c
-o main_pac`. The binary includes the `paciasp` and `retaa` instructions associated with
ARM PAC.
```
(gdb) disas main
Dump of assembler code for function main:
0x0000000000400858 <+0>: paciasp
0x000000000040085c <+4>: stp x29, x30, [sp, #-32]!
[…]
0x0000000000400898 <+64>: ldp x29, x30, [sp], #32
0x000000000040089c <+68>: retaa
End of assembler dump.
(gdb) quit
```
When emulated using `qemu-aarch64 -cpu neoverse-n1` , the program completes
without issues.
```
user@dell-op7020:~/learning/arm_learning_path_pac$ qemu-aarch64 -cpu neoverse-n1
main_pac test
Hello World!
user@dell-op7020:~/learning/arm_learning_path_pac$
```
This is the case for two versions I tested:
- v9.2.1 (Debian 1:9.2.1+ds-1ubuntu5)
- v10.0.50 (v10.0.0-1610-gd9ce74873a)
The expected behavior is for an Illegal Instruction exception to occur. Citing the Arm
A-profile A64 Instruction Set Architect Version 2025-03, the `retaa` instruction should
return an Undefined Instruction error when the PAC feature is not implemented.
```
if !IsFeatureImplemented(FEAT_PAuth) then EndOfDecode(Decode_UNDEF);
Yes, trans_RETA() is missing the pauth check.
r~
