NetBSD Problem Report #44405

From Wolfgang.Stukenbrock@nagler-company.com  Mon Jan 17 16:10:35 2011
Return-Path: <Wolfgang.Stukenbrock@nagler-company.com>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
	by www.NetBSD.org (Postfix) with ESMTP id C466963B9CA
	for <gnats-bugs@gnats.NetBSD.org>; Mon, 17 Jan 2011 16:10:35 +0000 (UTC)
Message-Id: <20110117161026.2127B1E80CE@test-s0.nagler-company.com>
Date: Mon, 17 Jan 2011 17:10:26 +0100 (CET)
From: Wolfgang.Stukenbrock@nagler-company.com
Reply-To: Wolfgang.Stukenbrock@nagler-company.com
To: gnats-bugs@gnats.NetBSD.org
Subject: ddb on amd64 disassebler shows wrong register values
X-Send-Pr-Version: 3.95

>Number:         44405
>Category:       port-amd64
>Synopsis:       ddb on amd64 disassebler shows wrong register values
>Confidential:   no
>Severity:       non-critical
>Priority:       high
>Responsible:    port-amd64-maintainer
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Jan 17 16:15:00 +0000 2011
>Closed-Date:    Sun May 01 04:08:15 +0000 2011
>Last-Modified:  Sun May 01 04:08:15 +0000 2011
>Originator:     Dr. W. Stukenbrock
>Release:        NetBSD 5.1
>Organization:
Dr. Nagler & Company GmbH
>Environment:


System: NetBSD test-s0 4.0 NetBSD 4.0 (NSW-WS) #0: Tue Aug 17 17:28:09 CEST 2010 wgstuken@test-s0:/usr/src/sys/arch/amd64/compile/NSW-WS amd64
Architecture: x86_64
Machine: amd64
>Description:
	The disassembler of DDB for amd64 disassembles at least the cmp instruction in a wrong way.
	The sequence "48 3d 34 12 00 00" is disassebled to "cmpq    $0x1234,%r8", but it should
	be "cmpq    $0x1234,%rax".
	The objdump utility does it right and produces "48 3d 34 12 00 00       cmp    $0x1234,%rax".
	Due to the context of the function only "rax" makes sence, because "r8" is not used anywhere else.
>How-To-Repeat:
	Write a short function that compiles to this instruction and disasseble the object file
	with objdump and compare that with the ddb output. They differ in the register name.
>Fix:
	I'm 100% not shure, because I'm not realy confirmed with the Intel/Amd instruction set.

	The problem is located in "/usr/src/sys/arch/amd64/amd64/db_disasm.c".
	In the instruction table for "0x3d" is "op2(Is, A)" for the operands.
	The prefix 0x48 is loaded into the extention variable "rex" in line 1235 and used to determine the
	size (quad-word in this case with REG_w (0x08)) in line 1280.
	In the operand switch for "A" in line 1412 the same check is used to determine the lower 8 register
	(rax ...) or the upper register (r8 - r15).

	I think the check should not be done with "REX_w" - "REX_x" should be used to select the upper
	registers.

	Someone who knows the Intel/Amd assembler much better than me should have a look at it.

	remark: the following instructions are affected on a change for "A" processing too:
	  add    - 04, 05
	  or     - 0c, 0d
	  adc    - 14, 15
	  ssb    - 1c, 1d
	  and    - 24, 25
	  sub    - 2c, 2d
	  xor    - 34, 35
	  xchg   - 91, 92, 93, 94, 95, 96, 97
	  mov    - a0, a1
	  test   - a8, a9
	  in     - e4, e5, ed, ee
	  out    - e6, e7, ee, ef

	  mul, imul, div, idiv may be affected too - (Grp2 instructions)

>Release-Note:

>Audit-Trail:

State-Changed-From-To: open->feedback
State-Changed-By: drochner@NetBSD.org
State-Changed-When: Fri, 18 Feb 2011 18:02:08 +0000
State-Changed-Why:
does db_disasm.c rev.1.14 work correctly?


From: "Matthias Drochner" <drochner@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/44405 CVS commit: src/sys/arch/amd64/amd64
Date: Fri, 18 Feb 2011 18:00:52 +0000

 Module Name:	src
 Committed By:	drochner
 Date:		Fri Feb 18 18:00:52 UTC 2011

 Modified Files:
 	src/sys/arch/amd64/amd64: db_disasm.c

 Log Message:
 fix misinterpretation of REX prefixes where use of the accumulator
 as operand is hardwired into the instruction code,
 mostly from Wolfgang Stukenbrock per PR port-amd64/44405


 To generate a diff of this commit:
 cvs rdiff -u -r1.13 -r1.14 src/sys/arch/amd64/amd64/db_disasm.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: Wolfgang Stukenbrock <Wolfgang.Stukenbrock@nagler-company.com>
To: gnats-bugs@NetBSD.org
Cc: port-amd64-maintainer@NetBSD.org, gnats-admin@NetBSD.org,
        netbsd-bugs@NetBSD.org, Wolfgang.Stukenbrock@nagler-company.com
Subject: Re: PR/44405 CVS commit: src/sys/arch/amd64/amd64
Date: Mon, 21 Feb 2011 12:55:09 +0100

 Hi,

 the patch will hardcode %al/ax/eax/rax for this kind of instruction.
 The result is that the cmp instruction will print the correct register 
 name now.

 As already stated in the PR, I'm not very confirmed with the intel/amd 
 instruction set. So I cannot say if hardcoding to the "lower" set of 
 register names is correct for all affected instructions - see list in 
 orignal PR.
 The fact that either %rax or %r8 was already hardcoded before, the log 
 message for the patch sounds reasonable, as long as there are no 
 instructions that hardcode r8 somewhere and these are mapped to case "A" 
 in the implementation too.
 If this has been validated, I think this PR can be closed.

 Best regards

 W. Stukenbrock

 Matthias Drochner wrote:

 > The following reply was made to PR port-amd64/44405; it has been noted by GNATS.
 > 
 > From: "Matthias Drochner" <drochner@netbsd.org>
 > To: gnats-bugs@gnats.NetBSD.org
 > Cc: 
 > Subject: PR/44405 CVS commit: src/sys/arch/amd64/amd64
 > Date: Fri, 18 Feb 2011 18:00:52 +0000
 > 
 >  Module Name:	src
 >  Committed By:	drochner
 >  Date:		Fri Feb 18 18:00:52 UTC 2011
 >  
 >  Modified Files:
 >  	src/sys/arch/amd64/amd64: db_disasm.c
 >  
 >  Log Message:
 >  fix misinterpretation of REX prefixes where use of the accumulator
 >  as operand is hardwired into the instruction code,
 >  mostly from Wolfgang Stukenbrock per PR port-amd64/44405
 >  
 >  
 >  To generate a diff of this commit:
 >  cvs rdiff -u -r1.13 -r1.14 src/sys/arch/amd64/amd64/db_disasm.c
 >  
 >  Please note that diffs are not public domain; they are subject to the
 >  copyright notices on the relevant files.
 >  
 > 


 -- 


 Dr. Nagler & Company GmbH
 Hauptstraße 9
 92253 Schnaittenbach

 Tel. +49 9622/71 97-42
 Fax +49 9622/71 97-50

 Wolfgang.Stukenbrock@nagler-company.com
 http://www.nagler-company.com


 Hauptsitz: Schnaittenbach
 Handelregister: Amberg HRB
 Gerichtsstand: Amberg
 Steuernummer: 201/118/51825
 USt.-ID-Nummer: DE 273143997
 Geschäftsführer: Dr. Martin Nagler, Dr. Dr. Karl-Kuno Kunze


State-Changed-From-To: feedback->closed
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Sun, 01 May 2011 04:08:15 +0000
State-Changed-Why:
I have asked around a bit for further confirmation and I believe this can be
closed.


>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.