Booting arm64 Linux in TCG mode fails with "ERROR:../tcg/tcg.c:4317:temp_load: code should not be reached" Description of problem: Linux seems to boot successfully, but around loading/executing userspace, QEMU crashes with an error: ``` [ 4.047919] EXT4-fs (vda): mounted filesystem 59b147ee-5613-43a2-aab4-eaceb6e95be5 with ordered data mode. Quota mode: none. [ 4.049630] VFS: Mounted root (ext4 filesystem) on device 254:0. [ 4.055437] devtmpfs: mounted [ 4.160039] Freeing unused kernel memory: 8256K [ 4.161855] Run /sbin/init as init process [ 4.547387] EXT4-fs (vda): re-mounted 59b147ee-5613-43a2-aab4-eaceb6e95be5. Quota mode: none. ** ERROR:../tcg/tcg.c:4317:temp_load: code should not be reached Bail out! ERROR:../tcg/tcg.c:4317:temp_load: code should not be reached zsh: abort /home/mark/.opt/apps/qemu-v8.0.0-1645-ge6dd5e782b/bin/qemu-system-aarch64 -sm ``` Steps to reproduce: 1. Run the provided qemu commandline 2. Wait for QEMU to crash Additional information: I attempted a bisect, which suggests that the first bad commit is: ``` [e6dd5e782becfe6d51f3575c086f5bd7162421d0] target/arm: Use tcg_gen_qemu_{ld, st}_i128 in gen_sve_{ld, st}r ``` The full bisect log is: ``` [mark@lakrids:~/src/qemu]% git bisect log git bisect start # good: [f7f686b61cf7ee142c9264d2e04ac2c6a96d37f8] Update version for 8.0.2 release git bisect good f7f686b61cf7ee142c9264d2e04ac2c6a96d37f8 # bad: [5f9dd6a8ce3961db4ce47411ed2097ad88bdf5fc] Merge tag 'pull-9p-20230608' of https://github.com/cschoenebeck/qemu into staging git bisect bad 5f9dd6a8ce3961db4ce47411ed2097ad88bdf5fc # good: [c1eb2ddf0f8075faddc5f7c3d39feae3e8e9d6b4] Update version for v8.0.0 release git bisect good c1eb2ddf0f8075faddc5f7c3d39feae3e8e9d6b4 # good: [1a42d9d472b61e4db2fb16800495d402cb9b94af] tcg/sparc64: Split out tcg_out_movi_s32 git bisect good 1a42d9d472b61e4db2fb16800495d402cb9b94af # good: [a30498fcea5a8b9c544324ccfb0186090104b229] tcg/riscv: Support CTZ, CLZ from Zbb git bisect good a30498fcea5a8b9c544324ccfb0186090104b229 # good: [759573d05b808344f7047f893d2dd095884dfa4d] test-cutils: Add coverage of qemu_strtod git bisect good 759573d05b808344f7047f893d2dd095884dfa4d # good: [dc2a070d125772fe30384596d4d4ce6d9950b004] hw/arm/allwinner-r40: add Clock Control Unit git bisect good dc2a070d125772fe30384596d4d4ce6d9950b004 # good: [c0dde5fc5ccce56b69095bc29af72987efd65d1e] accel/tcg: Fix undefined shift in store_whole_le16 git bisect good c0dde5fc5ccce56b69095bc29af72987efd65d1e # bad: [e58e55dd8d5777f8a58ce30cfe04a8023282eb80] meson: fix "static build" entry in summary git bisect bad e58e55dd8d5777f8a58ce30cfe04a8023282eb80 # bad: [5c13983e23de4095e2dfa8bc52333ef40ebe40db] target/arm: Sink gen_mte_check1 into load/store_exclusive git bisect bad 5c13983e23de4095e2dfa8bc52333ef40ebe40db # good: [6c4f229a2e0d6f882bae389ce0c5bdaea712ce0f] tests: avocado: boot_linux_console: Add test case for bpim2u git bisect good 6c4f229a2e0d6f882bae389ce0c5bdaea712ce0f # good: [e452ca5af88fc49b3026c2de0f1e65fd18d1a656] target/arm: Introduce finalize_memop_{atom,pair} git bisect good e452ca5af88fc49b3026c2de0f1e65fd18d1a656 # good: [d450bd0157be43d273116c3e3617883c8a0ac3d1] target/arm: Use tcg_gen_qemu_{st, ld}_i128 for do_fp_{st, ld} git bisect good d450bd0157be43d273116c3e3617883c8a0ac3d1 # bad: [e6dd5e782becfe6d51f3575c086f5bd7162421d0] target/arm: Use tcg_gen_qemu_{ld, st}_i128 in gen_sve_{ld, st}r git bisect bad e6dd5e782becfe6d51f3575c086f5bd7162421d0 # good: [e6073d88cc1fb43b00be16f79d9d6b0f9d2276f5] target/arm: Use tcg_gen_qemu_st_i128 for STZG, STZ2G git bisect good e6073d88cc1fb43b00be16f79d9d6b0f9d2276f5 # first bad commit: [e6dd5e782becfe6d51f3575c086f5bd7162421d0] target/arm: Use tcg_gen_qemu_{ld, st}_i128 in gen_sve_{ld, st}r ``` Each build step was performed with: ``` git clean -fdx && ./configure --prefix=/home/mark/.opt/apps/qemu-$(git describe --long HEAD) --enable-debug-info --disable-strip && make -j64 && make install ```