[valgrind] [Bug 373166] drd and helgrind will crash wth vex amd64->IR: unhandled instruction bytes 0xFF 0xFF 0x48 0x85 0xC0 0x74 0x8 0x4D 0x89 0xE7

[Tushar]

https://bugs.kde.org/show_bug.cgi?id=373166

--- Comment #10 from Tushar <ntus...@yahoo.com> ---
Based on the crash information, I did disassemble the library in question
(/lib64/tls/libpthread-2.3.4.so) and looked at the instructions at the address
0x382BF0A2F0.  The instructions are

  382bf0a2d1:   e8 92 ab ff ff          callq  382bf04e68 <memcpy@plt>
  382bf0a2d6:   49 83 fc ff             cmp    $0xffffffffffffffff,%r12
  382bf0a2da:   74 23                   je     382bf0a2ff
<check_add_mapping+0x19f>
  382bf0a2dc:   48 8d 15 3d fe ff ff    lea    -0x1c3(%rip),%rdx        #
382bf0a120 <__sem_search>
  382bf0a2e3:   48 8d 35 66 a0 10 00    lea    0x10a066(%rip),%rsi        #
382c014350 <__sem_mappings>
  382bf0a2ea:   48 89 df                mov    %rbx,%rdi
  382bf0a2ed:   e8 46 ad ff ff          callq  382bf05038 <tsearch@plt>
  382bf0a2f2:   48 85 c0                test   %rax,%rax
  382bf0a2f5:   74 08                   je     382bf0a2ff
<check_add_mapping+0x19f>
  382bf0a2f7:   4d 89 e7                mov    %r12,%r15
  382bf0a2fa:   e9 74 ff ff ff          jmpq   382bf0a273
<check_add_mapping+0x113>
  382bf0a2ff:   48 89 df                mov    %rbx,%rdi
  382bf0a302:   e8 71 ad ff ff          callq  382bf05078 <free@plt>
  382bf0a307:   e9 67 ff ff ff          jmpq   382bf0a273
<check_add_mapping+0x113>
  382bf0a30c:   45 31 c9                xor    %r9d,%r9d
  382bf0a30f:   45 89 f0                mov    %r14d,%r8d

The thing that caught my attention is that data @ 0x382BF0A2F0 seems to be part
of  callq instruction @ 382bf0a2ed.  VEX seems to think it is the start of a
new instruction.

The disassembly of the test code (sem_open) itself at the are of interest is

  400aca:       ba f6 0d 40 00          mov    $0x400df6,%edx
  400acf:       be 20 00 00 00          mov    $0x20,%esi
  400ad4:       b8 00 00 00 00          mov    $0x0,%eax
  400ad9:       e8 e2 fd ff ff          callq  4008c0 <snprintf@plt>
  400ade:       48 8d 7d c0             lea    -0x40(%rbp),%rdi
  400ae2:       b9 01 00 00 00          mov    $0x1,%ecx
  400ae7:       ba 80 01 00 00          mov    $0x180,%edx
  400aec:       be c0 00 00 00          mov    $0xc0,%esi
  400af1:       b8 00 00 00 00          mov    $0x0,%eax
  400af6:       e8 25 fe ff ff          callq  400920 <sem_open@plt>
  400afb:       48 89 05 b6 07 20 00    mov    %rax,0x2007b6(%rip)        #
6012b8 <s_sem>
  400b02:       48 83 3d ae 07 20 00    cmpq   $0x0,0x2007ae(%rip)        #
6012b8 <s_sem>
  400b09:       00
  400b0a:       75 24                   jne    400b30 <main+0xfa>
  400b0c:       48 8d 55 c0             lea    -0x40(%rbp),%rdx
  400b10:       be 10 0e 40 00          mov    $0x400e10,%esi
  400b15:       48 8b 3d 7c 07 20 00    mov    0x20077c(%rip),%rdi        #
601298 <stderr@@GLIBC_2.2.5>
  400b1c:       b8 00 00 00 00          mov    $0x0,%eax
  400b21:       e8 ea fd ff ff          callq  400910 <fprintf@plt>



I hope this information helps

-- 
You are receiving this mail because:
You are watching all bug changes.