virtual: 0.920 architecture: 0.885 device: 0.861 arm: 0.830 user-level: 0.724 performance: 0.703 semantic: 0.675 mistranslation: 0.648 graphic: 0.646 debug: 0.624 ppc: 0.594 network: 0.587 kernel: 0.584 assembly: 0.581 permissions: 0.581 PID: 0.565 hypervisor: 0.546 risc-v: 0.543 vnc: 0.538 files: 0.534 VMM: 0.533 x86: 0.528 register: 0.526 peripherals: 0.519 socket: 0.516 TCG: 0.475 KVM: 0.440 i386: 0.427 boot: 0.402 Implementation of exclusive monitor in ARM Hi I refer to the implementation of exclusive monitor in ARM32. For instruction like STREX Rx,Ry,[Rz], we need to check whether the address [Rz] is in exclusive state. If not, we set the value Rx as 1 without doing the store operation. However, I noticed that QEMU will not check whether the address that Rz points to is a legal address or not. If the value of Rz is 0x0 but it is not in exclusive state. QEMU will set Rx as 1 and continue to execute the following instructions. However, physical devices will check the value of Rz. If Rz is an illegal address (e.g., 0x0), a SIGSEGV signal will be raised even the address is not in exclusive state. I searched many documentation about ARM and it seems that manual of ARM specification does not specify the implementation of exclusive monitor in detail. I am not sure which one is the right behavior. Should QEMU add this check? This might not be a mistake. However, should it be better if QEMU has the same behavior as a physical device? Feel free if you need a testcase. Many thanks Regards Muhui QEMU's load/store exclusive implementation is known to not be architecturally compliant. Most notably, it works on virtual addresses and the architecture specifies that exclusives are supposed to work on physical addresses. We provide a "good enough for what real code (not weird test cases) needs" implementation. However, in this specific case, we're within the architectural requirements. In the ARMv8A Arm ARM (DDI0487F.c) the pseudocode AArch32.ExclusiveMonitorsPass() function has this comment: // It is IMPLEMENTATION DEFINED whether the detection of memory aborts happens // before or after the check on the local Exclusives monitor. As a result a failure // of the local monitor can occur on some implementations even if the memory // access would give a memory about. In other words, it's up to the implementation whether it detects and reports the invalid address first. QEMU's implementation chooses not to.