1 files changed, 215 insertions, 0 deletions

diff --git a/gitlab/issues/target_m68k/host_missing/accel_TCG/754.toml b/gitlab/issues/target_m68k/host_missing/accel_TCG/754.toml
new file mode 100644
index 000000000..a89c0f391
--- /dev/null
+++ b/gitlab/issues/target_m68k/host_missing/accel_TCG/754.toml
@@ -0,0 +1,215 @@
+id = 754
+title = "qem_m68k : trapcs instruction causes the non-execution of the following 2 instructions"
+state = "closed"
+created_at = "2021-11-30T08:11:39.401Z"
+closed_at = "2022-06-02T14:59:58.361Z"
+labels = ["Closed::Fixed", "accel: TCG", "kind::Bug", "target: m68k"]
+url = "https://gitlab.com/qemu-project/qemu/-/issues/754"
+host-os = "Debian"
+host-arch = "(x86, ARM, s390x, etc.)"
+qemu-version = "(e.g. `qemu-system-x86_64 --version`)"
+guest-os = "Debian"
+guest-arch = "(x86, ARM, s390x, etc.)"
+description = """In try to run following code :
+```
+8004615a:\t204f           \tmoveal %sp,%a0
+8004615c:\tb1c7           \tcmpal %d7,%a0
+8004615e:\t55fc           \ttrapcs
+80046160:\t4e56 0000      \tlinkw %fp,#0
+80046164:\t2f14           \tmovel %a4@,%sp@-
+80046166:\t288e           \tmovel %fp,%a4@
+80046168:\tc74d           \texg %a3,%a5
+8004616a:\t48e7 3030      \tmoveml %d2-%d3/%a2-%a3,%sp@-
+8004616e:\t7001           \tmoveq #1,%d0
+80046170:\t3b40 816c      \tmovew %d0,%a5@(-32404)
+80046174:\t7218           \tmoveq #24,%d1
+80046176:\t3b41 816a      \tmovew %d1,%a5@(-32406)
+8004617a:\t242d 8004      \tmovel %a5@(-32764),%d2
+8004617e:\t2b42 815c      \tmovel %d2,%a5@(-32420)
+80046182:\t206d 8008      \tmoveal %a5@(-32760),%a0
+80046186:\t2268 8010      \tmoveal %a0@(-32752),%a1
+8004618a:\t2b49 8158      \tmovel %a1,%a5@(-32424)
+8004618e:\t42ad 8154      \tclrl %a5@(-32428)
+80046192:\t246d 8154      \tmoveal %a5@(-32428),%a2
+80046196:\t2b4a 8160      \tmovel %a2,%a5@(-32416)
+8004619a:\t2b4a 8164      \tmovel %a2,%a5@(-32412)
+8004619e:\t422d 8168      \tclrb %a5@(-32408)
+800461a2:\t7604           \tmoveq #4,%d3
+800461a4:\t2b43 8150      \tmovel %d3,%a5@(-32432)
+800461a8:\t2668 8010      \tmoveal %a0@(-32752),%a3
+800461ac:\t2b4b 814c      \tmovel %a3,%a5@(-32436)
+800461b0:\t2268 8010      \tmoveal %a0@(-32752),%a1
+800461b4:\t266d 8008      \tmoveal %a5@(-32760),%a3
+800461b8:\t206b 8008      \tmoveal %a3@(-32760),%a0
+800461bc:\t4e90           \tjsr %a0@
+800461be:\t2b48 8148      \tmovel %a0,%a5@(-32440)
+800461c2:\t4cdf 0c0c      \tmoveml %sp@+,%d2-%d3/%a2-%a3
+800461c6:\tc74d           \texg %a3,%a5
+800461c8:\t289f           \tmovel %sp@+,%a4@
+800461ca:\t4e5e           \tunlk %fp
+800461cc:\t4e75           \trts
+```
+When I run qemu-m68k -cpu m68020 -d in_asm,cpu, I have : 
+```
+----------------
+IN: 
+0x8004615a:  moveal %sp,%a0
+0x8004615c:  cmpal %d7,%a0
+0x8004615e:  trapcs
+0x80046160:  linkw %fp,#0
+0x80046164:  movel %a4@,%sp@-
+0x80046166:  movel %fp,%a4@
+0x80046168:  exg %a3,%a5
+0x8004616a:  moveml %d2-%d3/%a2-%a3,%sp@-
+0x8004616e:  moveq #1,%d0
+0x80046170:  movew %d0,%a5@(-32404)
+0x80046174:  moveq #24,%d1
+0x80046176:  movew %d1,%a5@(-32406)
+0x8004617a:  movel %a5@(-32764),%d2
+0x8004617e:  movel %d2,%a5@(-32420)
+0x80046182:  moveal %a5@(-32760),%a0
+0x80046186:  moveal %a0@(-32752),%a1
+0x8004618a:  movel %a1,%a5@(-32424)
+0x8004618e:  clrl %a5@(-32428)
+0x80046192:  moveal %a5@(-32428),%a2
+0x80046196:  movel %a2,%a5@(-32416)
+0x8004619a:  movel %a2,%a5@(-32412)
+0x8004619e:  clrb %a5@(-32408)
+0x800461a2:  moveq #4,%d3
+0x800461a4:  movel %d3,%a5@(-32432)
+0x800461a8:  moveal %a0@(-32752),%a3
+0x800461ac:  movel %a3,%a5@(-32436)
+0x800461b0:  moveal %a0@(-32752),%a1
+0x800461b4:  moveal %a5@(-32760),%a3
+0x800461b8:  moveal %a3@(-32760),%a0
+0x800461bc:  jsr %a0@
+
+Trace 0: 0x7f83a807e780 [00000000/8004615a/00000000/00000000] 
+D0 = 00000012   A0 = 8004615a   F0 = 7fff ffffffffffffffff  (         nan)
+D1 = 00000001   A1 = 800466d6   F1 = 7fff ffffffffffffffff  (         nan)
+D2 = 00000000   A2 = 00000000   F2 = 7fff ffffffffffffffff  (         nan)
+D3 = 00000000   A3 = 8000c3b0   F3 = 7fff ffffffffffffffff  (         nan)
+D4 = 00000000   A4 = 8004604c   F4 = 7fff ffffffffffffffff  (         nan)
+D5 = 00000000   A5 = 3ffd7000   F5 = 7fff ffffffffffffffff  (         nan)
+D6 = 00000004   A6 = 80046038   F6 = 7fff ffffffffffffffff  (         nan)
+D7 = 80042050   A7 = 80045ff4   F7 = 7fff ffffffffffffffff  (         nan)
+PC    SR = 0004 T:0 I:0 UI --Z--
+FPSR = 00000000 ---- 
+                                FPCR =     0000 X RN 
+\t\t\t\t\t\t\t\t
+
+----------------
+IN: 
+0x80046358:  lea %a1@(0,%d0:l),%a0
+0x8004635c:  rts
+
+Trace 0: 0x7f83a807eac0 [00000000/80046358/00000000/00000000] 
+D0 = 00000001   A0 = 80046358   F0 = 7fff ffffffffffffffff  (         nan)
+D1 = 00000018   A1 = 00000000   F1 = 7fff ffffffffffffffff  (         nan)
+D2 = ffffffff   A2 = 00000000   F2 = 7fff ffffffffffffffff  (         nan)
+D3 = 00000004   A3 = 8000c040   F3 = 7fff ffffffffffffffff  (         nan)
+D4 = 00000000   A4 = 8004604c   F4 = 7fff ffffffffffffffff  (         nan)
+D5 = 00000000   A5 = 8000c3b0   F5 = 7fff ffffffffffffffff  (         nan)
+D6 = 00000004   A6 = 80046038   F6 = 7fff ffffffffffffffff  (         nan)
+D7 = 80042050   A7 = 80045fe0   F7 = 7fff ffffffffffffffff  (         nan)
+PC = 80046358   SR = 0004 T:0 I:0 UI --Z--
+FPSR = 00000000 ---- 
+                                FPCR =     0000 X RN 
+----------------
+```
+Stack pointer is  80045fe0, it should be 80045FD8.
+
+When I run with options -cpu m68020 -d in_asm,cpu,op -singlestep, I have :
+```
+----------------
+IN:
+0x8004615e:  trapcs
+0x80046160:  linkw %fp,#0
+Disassembler disagrees with translator over instruction decoding
+Please report this to qemu-devel@nongnu.org
+
+OP:
+ ld_i32 tmp0,env,$0xfffffffffffffff8
+ brcond_i32 tmp0,$0x0,lt,$L0
+
+ ---- 8004615e 00000000
+ mov_i32 tmp0,$0x0
+ call flush_flags,$0x0,$0,env,CC_OP
+ setcond_i32 tmp2,CC_C,tmp0,ne
+ neg_i32 tmp2,tmp2
+ mov_i32 tmp0,$0x56
+ mov_i32 PC,$0x80046162
+ exit_tb $0x0
+ set_label $L0
+ exit_tb $0x7fba001a75c3
+
+D0 = 00000012   A0 = 80045ff4   F0 = 7fff ffffffffffffffff  (         nan)
+D1 = 00000001   A1 = 800466d6   F1 = 7fff ffffffffffffffff  (         nan)
+D2 = 00000000   A2 = 00000000   F2 = 7fff ffffffffffffffff  (         nan)
+D3 = 00000000   A3 = 8000c3b0   F3 = 7fff ffffffffffffffff  (         nan)
+D4 = 00000000   A4 = 8004604c   F4 = 7fff ffffffffffffffff  (         nan)
+D5 = 00000000   A5 = 3ffd5000   F5 = 7fff ffffffffffffffff  (         nan)
+D6 = 00000004   A6 = 80046038   F6 = 7fff ffffffffffffffff  (         nan)
+D7 = 80042050   A7 = 80045ff4   F7 = 7fff ffffffffffffffff  (         nan)
+PC = 8004615e   SR = 0000 T:0 I:0 UI -----
+FPSR = 00000000 ----
+                                FPCR =     0000 X RN
+----------------
+IN:
+0x80046162:  orib #20,%d0
+
+OP:
+ ld_i32 tmp0,env,$0xfffffffffffffff8
+ brcond_i32 tmp0,$0x0,lt,$L0
+
+ ---- 80046162 00000000
+ mov_i32 tmp0,$0x14
+ ext8s_i32 tmp3,D0
+ or_i32 tmp4,tmp3,tmp0
+ and_i32 D0,D0,$0xffffff00
+ ext8u_i32 tmp6,tmp4
+ or_i32 D0,D0,tmp6
+ ext8s_i32 CC_N,tmp4
+ discard CC_C
+ discard CC_Z
+ discard CC_V
+ mov_i32 CC_OP,$0xb
+ mov_i32 PC,$0x80046166
+ exit_tb $0x0
+ set_label $L0
+ exit_tb $0x7fba001a7683
+
+D0 = 00000012   A0 = 80045ff4   F0 = 7fff ffffffffffffffff  (         nan)
+D1 = 00000001   A1 = 800466d6   F1 = 7fff ffffffffffffffff  (         nan)
+D2 = 00000000   A2 = 00000000   F2 = 7fff ffffffffffffffff  (         nan)
+D3 = 00000000   A3 = 8000c3b0   F3 = 7fff ffffffffffffffff  (         nan)
+D4 = 00000000   A4 = 8004604c   F4 = 7fff ffffffffffffffff  (         nan)
+D5 = 00000000   A5 = 3ffd5000   F5 = 7fff ffffffffffffffff  (         nan)
+D6 = 00000004   A6 = 80046038   F6 = 7fff ffffffffffffffff  (         nan)
+D7 = 80042050   A7 = 80045ff4   F7 = 7fff ffffffffffffffff  (         nan)
+PC = 80046162   SR = 0000 T:0 I:0 UI -----
+FPSR = 00000000 ----
+                                FPCR =     0000 X RN
+----------------
+IN:
+0x80046166:  movel %fp,%a4@
+
+OP:
+ ld_i32 tmp0,env,$0xfffffffffffffff8
+ brcond_i32 tmp0,$0x0,lt,$L0
+
+...
+```
+I can see that instructions 
+```
+0x80046160:  linkw %fp,#0
+0x80046164:  movel %a4@,%sp@-
+```
+are not executed
+and an extra instruction
+```
+0x80046162:  orib #20,%d0
+```
+is executed"""
+reproduce = """Run chroot qemu-m68k qemu-m68k-static -cpu m68020 -d in_asm,cpu -D log1.txt ./test"""
+additional = """"""