I have been able to reproduce this issue using the attached C file on a custom arm1136-based qemu device, with latest git HEAD as of about 15 minutes ago. Running my test program on real hardware -- an arm1176-based board, and a cortex-a8-based board -- produces the desired result (0x78001800).
I'll try to investigate further, but it may take me a while to find a fix because I haven't spent much time looking at qemu's lower level instruction translation code. If someone with experience in this area can devise a fix more quickly, then I can help test. ** Attachment added: "Test code to reproduce the bug" http://launchpadlibrarian.net/50548546/test.c -- [ARM] All variants of ADDSUBX,SUBADDX give incorrect results https://bugs.launchpad.net/bugs/595906 You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. Status in QEMU: New Bug description: All variants of the ADDSUBX/SUBADDX instructions seem to be implemented incorrectly, i.e. MOV r12, #0 LDR r0, =0x18004800 LDR r1, =0x30006000 QADDSUBX r12, r0, r1 ; Should give 0x78001800 - gives 0x4800e800 This happens with latest git HEAD.
