Re: [Qemu-devel] [Bug] qemu-system-ppc: "invalid/unsupported opcode" during debug session

Re: [Qemu-devel] [Bug] qemu-system-ppc: "invalid/unsupported opcode" during debug session

[Aurelien Jarno]

On Tue, Dec 29, 2009 at 04:09:17PM +0100, Stefan Weil wrote:
> Test environment:
> 
> * ppc-softmmu/qemu-system-ppc running on x86_64 host
> * emulated ppc is running debian lenny
> 
> 
> 
> While debugging on the emulated ppc (each time when
> a shared library is loaded after "r" command?),
> qemu-system-ppc prints this error message:
> 
> invalid/unsupported opcode: 00 - 00 - 00 (00000000) 4800fa44 1
> 

I have fixed that in HEAD by stopping the translation just after a trap,
as the instructions might never be executed.

It is not a full fix, as the OS can actually use any instruction that
always generate a trap (even a memory access) as an instruction barrier
to make sure the following instructions are never executed. This
actually affects all targets, but is unlikely to happen.

One solution for that would be to only generate an exception for an
unsupported instruction when it is the first instruction of a TB, and
otherwise just end the translation before this instruction.

-- 
Aurelien Jarno                          GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net

Re: [Qemu-devel] [Bug] qemu-system-ppc: "invalid/unsupported opcode" during debug session

[Paul Brook]

> > invalid/unsupported opcode: 00 - 00 - 00 (00000000) 4800fa44 1
> 
> I have fixed that in HEAD by stopping the translation just after a trap,
> as the instructions might never be executed.
> 
> It is not a full fix, as the OS can actually use any instruction that
> always generate a trap (even a memory access) as an instruction barrier
> to make sure the following instructions are never executed. This
> actually affects all targets, but is unlikely to happen.
> 
> One solution for that would be to only generate an exception for an
> unsupported instruction when it is the first instruction of a TB, and
> otherwise just end the translation before this instruction.

By my reading the code is correct. We end up calling gen_invalid which output 
code to raise an invalid instruction exception. If earlier code faults at 
runtime then that code is never executed, and everything is happy.

The real bug is that we have debugging printfs enabled by default.

Paul

Re: [Qemu-devel] [Bug] qemu-system-ppc: "invalid/unsupported opcode" during debug session

[Aurelien Jarno]

On Sun, Feb 28, 2010 at 02:02:33PM +0000, Paul Brook wrote:
> > > invalid/unsupported opcode: 00 - 00 - 00 (00000000) 4800fa44 1
> > 
> > I have fixed that in HEAD by stopping the translation just after a trap,
> > as the instructions might never be executed.
> > 
> > It is not a full fix, as the OS can actually use any instruction that
> > always generate a trap (even a memory access) as an instruction barrier
> > to make sure the following instructions are never executed. This
> > actually affects all targets, but is unlikely to happen.
> > 
> > One solution for that would be to only generate an exception for an
> > unsupported instruction when it is the first instruction of a TB, and
> > otherwise just end the translation before this instruction.
> 
> By my reading the code is correct. We end up calling gen_invalid which output 
> code to raise an invalid instruction exception. If earlier code faults at 
> runtime then that code is never executed, and everything is happy.

You are correct, I have read the code too quickly. So ignore what I said
above.

> The real bug is that we have debugging printfs enabled by default.

Agreed, I'll fix that.

-- 
Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net

Re: [Qemu-devel] [Bug] qemu-system-ppc: "invalid/unsupported opcode" during debug session

[Jamie Lokier]

Aurelien Jarno wrote:
> It is not a full fix, as the OS can actually use any instruction that
> always generate a trap (even a memory access) as an instruction barrier
> to make sure the following instructions are never executed. This
> actually affects all targets, but is unlikely to happen.

I'm sure I've seen code wich intentionally accesses invalid memory,
followed by non-instruction data such as a message to print.  But I
can't think where.

> One solution for that would be to only generate an exception for an
> unsupported instruction when it is the first instruction of a TB, and
> otherwise just end the translation before this instruction.

Because that's a simple general solution for all targets, it sounds
like a good idea to me.

-- Jamie

Re: [Qemu-devel] [Bug] qemu-system-ppc: "invalid/unsupported opcode" during debug session

[Aurelien Jarno]

On Sun, Feb 28, 2010 at 03:25:42PM +0000, Jamie Lokier wrote:
> Aurelien Jarno wrote:
> > It is not a full fix, as the OS can actually use any instruction that
> > always generate a trap (even a memory access) as an instruction barrier
> > to make sure the following instructions are never executed. This
> > actually affects all targets, but is unlikely to happen.
> 
> I'm sure I've seen code wich intentionally accesses invalid memory,
> followed by non-instruction data such as a message to print.  But I
> can't think where.
> 

As Paul Brook explained, I am actually wrong. We don't generate an
exception in that case, but code that will generated an exception. If an
exception appears before, this code will never been executed.

So the best is to ignore this mail ;-)

-- 
Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net