#740901 qemu-ppc-static reports invalid instruction and continues when running ssh-keygen

Package:
qemu-user-static
Source:
qemu
Description:
QEMU user mode emulation binaries (static version)
Submitter:
Christoph Biedl
Date:
2025-08-11 08:15:41 UTC
Severity:
minor
Tags:
#740901#5
Date:
2014-03-06 00:35:32 UTC
From:
To:
Dear Maintainer,

this seems to be different from #731082 but I might be wrong.

My scripts that create a foreign chroot call ssh-keygen rather at the
end of that process, and that one triggers an "Invalid instruction"

How to repeat:

Create a foreign wheezy chroot for powerpc at /tmp/chroot, make sure
the openssh-client is installed there, copy/link
/usr/bin/qemu-ppc-static into the chroot, then run:

# chroot /tmp/chroot/ /usr/bin/qemu-ppc-static /usr/bin/ssh-keygen

Output:

Invalid instruction
NIP 6fe34874   LR 6fe34c78 CTR 6fc59508 XER 00000000
MSR 00006040 HID0 00000000  HF 00006000 idx 0
TB 00000000 00000000
GPR00 000000006fe34c34 00000000f6fb6290 00000000f679c4a0 0000000000000000
GPR04 0000000000000000 000000006ffb5e74 0000000000000008 0000000000000020
GPR08 00000000ffffffc0 0000000000000000 0000000000000008 000000006fc2a884
GPR12 0000000028000282 00000000f70072b0 0000000000000000 0000000000000000
GPR16 0000000000000000 0000000000000000 0000000000000000 0000000000000000
GPR20 0000000000000000 0000000000000000 000000006fda7904 0000000000000000
GPR24 0000000000000000 0000000000000000 0000000000000000 00000000f67ba514
GPR28 00000000f67bb018 000000006ffb5f04 000000006ffb3af0 000000006ffb5cb0
CR 28000282  [ E  L  -  -  -  E  L  E  ]             RES ffffffff
FPR00 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR04 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR08 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR12 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR16 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR20 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR24 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR28 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPSCR 00000000
Invalid instruction
NIP 6fe34894   LR 6fe34c90 CTR 6fc59508 XER 00000000
MSR 00006040 HID0 00000000  HF 00006000 idx 0
TB 00000000 00000000
GPR00 000000006fe34c48 00000000f6fb6290 00000000f679c4a0 0000000000000000
GPR04 0000000000000000 000000006ffb5e74 0000000000000008 0000000000000020
GPR08 00000000ffffffc0 0000000000000000 0000000000000008 000000006fc59508
GPR12 0000000028000282 00000000f70072b0 0000000000000000 0000000000000000
GPR16 0000000000000000 0000000000000000 0000000000000000 0000000000000000
GPR20 0000000000000000 0000000000000000 000000006fda7904 0000000000000000
GPR24 0000000000000000 0000000000000000 0000000000000000 00000000f67ba514
GPR28 00000000f67bb018 000000006ffb5f04 000000006ffb3af0 000000006ffb5cb0
CR 28000282  [ E  L  -  -  -  E  L  E  ]             RES ffffffff
FPR00 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR04 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR08 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR12 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR16 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR20 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR24 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR28 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPSCR 00000000
Generating public/privat
(...)

Quite a surprise, the program continues to run and seems to do the
right thing. So it might be just a visual thing, severity left at
normal.

FWIW:

ii openssh-client 1:6.0p1-4 powerpc  secure shell (SSH) client, for secure access to remo
7236e82138fa7a85c45a7fd5245d987c  /usr/bin/ssh-keygen

    Christoph
#740901#10
Date:
2014-04-05 18:18:51 UTC
From:
To:
06.03.2014 04:35, Christoph Biedl wrote:

Yes it is.
...

Yeah.  The same happens with 2.0.0-rc1.

Tagging the bugreport for now.

Thank you!

/mjt
#740901#19
Date:
2014-04-05 21:04:30 UTC
From:
To:
05.04.2014 22:18, Michael Tokarev wrote:
[]

Actually this is not a bug per se.

ssh-keygen runs two instructions:

 fcfid   f1,f1

and

  vor     v0,v0,v0

First is only available in ppc64 (64bit) mode, and qemu-ppc64 does
not complain on it.  Yet the 32bit ssh-keygen somehow tries it.

The second is from altivec set, which qemu does not implement.

Apparently what happens here is - ssh-keygen tries some specialized
instructions and will use them if available.  And if not, it will
fall back to some software implementation.

qemu just reports that it does not know the instruction it were
asked to run, and generates a trap just like a real CPU will do.
The difference with real CPU is that the CPU is silent in this
case, it does nothing besides generating the trap.  But qemu
_also_ produces this quite scary message, because more often this
happens when qemu actually misses some instruction which it
_should_ implement, and from this message it can be decoded
and necessary implementation added.

The only possible complain to the qemu side is this extra
output which it produces.  Besides that, the rest works the
way it should work.

Thanks,

/mjt
#740901#28
Date:
2014-04-26 15:26:27 UTC
From:
To:
Michael Tokarev wrote...
[ snip ]

Thanks a lot for that deep analysis. Most important thing is to know
no harm is done indeed, so I agree this bug's (or rather feature?)
severity isn't that high.

However, I might tell friends about that at a beer.

    Christoph
#740901#33
Date:
2025-08-11 08:14:16 UTC
From:
To:
Let's close this bug report finally (after 11+ years).

Please feel free to reopen it if you think it is incorrect.

Thanks,

/mjt