On 11/17/25 02:40, Gabriel Brookman wrote:
According to ARM ARM, section "Memory region tagging types", tag-store
instructions targeting canonically tagged regions cause a stage 1
permission fault.
Signed-off-by: Gabriel Brookman <[email protected]>
---
target/arm/tcg/mte_helper.c | 47 +++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 47 insertions(+)
diff --git a/target/arm/tcg/mte_helper.c b/target/arm/tcg/mte_helper.c
index ddb68e11fc..9eb3777fe2 100644
--- a/target/arm/tcg/mte_helper.c
+++ b/target/arm/tcg/mte_helper.c
@@ -196,6 +196,23 @@ uint8_t *allocation_tag_mem_probe(CPUARMState *env, int
ptr_mmu_idx,
#endif
}
+static void canonical_tag_write_fail(CPUARMState *env,
+ uint64_t dirty_ptr, uintptr_t ra)
+{
+ uint64_t syn;
+
+ env->exception.vaddress = dirty_ptr;
+
+ /* bit 42 is TnD */
+ syn = (1l << 42) | syn_data_abort_no_iss(arm_current_el(env) != 0,
+ 0, 0, 0, 0, 1, 0b1110);
+ raise_exception_ra(env, EXCP_DATA_ABORT, syn, exception_target_el(env),
ra);
+ g_assert_not_reached();
+
+}
+
+
+
"l" is wrong.
Better as
syn = syn_data_abort_no_iss(...);
syn |= BIT_ULL(42);
Watch the myriad newlines.
r~
