RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 881893 - vex s390->IR: unimplemented insn: B93E 0002 (s390x) KIMD message-security assist (MSA) instruction extension
Summary: vex s390->IR: unimplemented insn: B93E 0002 (s390x) KIMD message-security ass...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: valgrind
Version: 6.4
Hardware: s390x
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Mark Wielaard
QA Contact: Miloš Prchlík
URL:
Whiteboard:
: 953840 1012625 (view as bug list)
Depends On:
Blocks: 1056252
TreeView+ depends on / blocked
 
Reported: 2012-11-29 18:24 UTC by Miroslav Franc
Modified: 2016-02-01 02:28 UTC (History)
9 users (show)

Fixed In Version: valgrind-3.8.1-3.3.el6
Doc Type: Bug Fix
Doc Text:
Cause: valgrind on s390x didn't properly report which instruction sets were supported. In particular it might report support for the KIMD message-security assist (MSA) instruction extension when the host machine supported that, even though valgrind itself does not support that instruction set extension. Consequence: A program running under valgrind might use some instructions on s390x that valgrind doesn't support, causing the program to receive a SIGILL signal. Fix: The implementation of STFLE (which reports the instruction set facilities that the machine supports) in valgrind has been changed to report the facilities of the valgrind virtual machine, not just the facilities the host machine supports. Result: Programs running under valgrind on s390x can now accurately detect which instruction set facilities are supported so they don't get killed because they use instructions not supported by valgrind.
Clone Of:
Environment:
Last Closed: 2014-10-14 06:36:48 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
KDE Software Compilation 310931 0 NOR RESOLVED s390 message-security assist (MSA) instruction extension not implemented 2020-09-03 10:46:33 UTC
Red Hat Product Errata RHBA-2014:1464 0 normal SHIPPED_LIVE valgrind bug fix update 2014-10-14 01:10:53 UTC

Description Miroslav Franc 2012-11-29 18:24:43 UTC 
Description of problem:
On s390x valgrind hits unrecognized instruction.



Version-Release number of selected component (if applicable):
valgrind-3.8.1-3.2.el6



Steps to Reproduce:
1. valgrind /usr/sbin/snmpd


  
Actual results:
...
ex s390->IR: unimplemented insn: B93E 0002
==63244== valgrind: Unrecognised instruction at address 0x51b1edc.
==63244==    at 0x51B1EDC: sha1_block_data_order (in /usr/lib64/libcrypto.so.1.0.0)
==63244==    by 0x51B0F8F: SHA1_Update (in /usr/lib64/libcrypto.so.1.0.0)
...


Expected results:
instruction is recognized :)
Comment 1 Mark Wielaard 2012-11-29 20:02:01 UTC 
Replicated against:

valgrind-3.8.1-3.2.el6.s390x
net-snmp-5.5-44.el6.s390x
openssl-1.0.0-27.el6.s390x

==2345== Process terminating with default action of signal 4 (SIGILL)
==2345==  Illegal opcode at address 0x51D5EDC
==2345==    at 0x51D5EDC: sha1_block_data_order (sha1-s390x.s:15)
==2345==    by 0x51D4F8F: SHA1_Update (md32_common.h:307)
==2345==    by 0x523159F: ssleay_rand_add (md_rand.c:289)

gdb says:

Dump of assembler code for function sha1_block_data_order:
   0x00000000051d5ec0 <+0>:     larl    %r1,0x532d770 <OPENSSL_s390xcap_P>
   0x00000000051d5ec6 <+6>:     lg      %r0,0(%r1)
   0x00000000051d5ecc <+12>:    tmhl    %r0,16384
   0x00000000051d5ed0 <+16>:    je      0x51d5f10 <sha1_block_data_order+80>
   0x00000000051d5ed4 <+20>:    lghi    %r0,0
   0x00000000051d5ed8 <+24>:    la      %r1,16(%r15)
   0x00000000051d5edc <+28>:    kimd    %r0,%r2
=> 0x00000000051d5ee0 <+32>:    lg      %r0,16(%r15)
   0x00000000051d5ee6 <+38>:    tmhh    %r0,16384
   0x00000000051d5eea <+42>:    je      0x51d5f10 <sha1_block_data_order+80>
Comment 2 Mark Wielaard 2012-11-29 20:49:36 UTC 
KIMD is part of the message-security assist (MSA) instruction extension.
And valgrind doesn't implement it:

   case 0xb93e: /* KIMD */ goto unimplemented;

openssl seems to probe the cpu to see if it can use it first, so valgrind should probably mask the availability somehow.
Comment 3 Mark Wielaard 2012-11-30 23:59:01 UTC 
Proposed upstream patch:

Index: VEX/priv/guest_s390_helpers.c
===================================================================
--- VEX/priv/guest_s390_helpers.c	(revision 2574)
+++ VEX/priv/guest_s390_helpers.c	(working copy)
@@ -310,6 +310,11 @@
                 "srl    %2,28\n"
                 : "=m" (hoststfle), "+d"(reg0), "=d"(cc) : : "cc", "memory");
 
+   /* None of the message-security assist (MSA) extensions are supported
+      under valgrind.  So clear bit 17. */
+   UChar *ptr = (UChar *) &hoststfle[0] + (17 >> 3);
+   *ptr &= ~(0x80 >> (17 & 7));
+
    /* Update guest register 0  with what STFLE set r0 to */
    guest_state->guest_r0 = reg0;
Comment 4 Mark Wielaard 2013-03-13 18:30:52 UTC 
This has been fixed upstream, differently from my proposed patch in comment #3. See https://bugs.kde.org/show_bug.cgi?id=310931 and upstream SVN commits valgrind r13150 / VEX r2579.
Comment 5 Mark Wielaard 2013-04-19 11:53:12 UTC 
*** Bug 953840 has been marked as a duplicate of this bug. ***
Comment 6 mbenitez 2013-06-26 20:52:08 UTC 
From a conversation with Mark there is an upstream fix and could be easily backported.
Proposing for 6.6 since valgrind is not in 6.5 ACL.
Comment 7 Mark Wielaard 2013-08-15 10:19:55 UTC 
I put the backport into valgrind-3.8.1-25.fc20 for fedora rawhide. It will be some time before that gets through the s390 koji builder though.
Comment 8 Mark Wielaard 2013-09-26 18:33:41 UTC 
*** Bug 1012625 has been marked as a duplicate of this bug. ***
Comment 13 Miloš Prchlík 2014-06-03 12:20:15 UTC 
Verified for build valgrind-3.8.1-3.5.el6.
Comment 14 errata-xmlrpc 2014-10-14 06:36:48 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2014-1464.html
Note You need to log in before you can comment on or make changes to this bug.