[valgrind] [Bug 450458] unhandled instruction bytes: 0x37 0x48 0x83 0xF8 0x2E 0xF 0x84 [AMD64 smc]
https://bugs.kde.org/show_bug.cgi?id=450458 Paul Floyd changed: What|Removed |Added Summary|unhandled instruction |unhandled instruction |bytes: 0x37 0x48 0x83 0xF8 |bytes: 0x37 0x48 0x83 0xF8 |0x2E 0xF 0x84 |0x2E 0xF 0x84 [AMD64 smc] CC||pjfl...@wanadoo.fr -- You are receiving this mail because: You are watching all bug changes.
[valgrind] [Bug 450458] unhandled instruction bytes: 0x37 0x48 0x83 0xF8 0x2E 0xF 0x84
https://bugs.kde.org/show_bug.cgi?id=450458 --- Comment #8 from Tom Hughes --- Well in principle we should probably treat them as non-file backed but it's going to be tricky to identify them. This is what a mapping from such a file looks like in valgrind's address map: --3993090:1: aspacem 10: file 0004033000-0004033fff4096 rwx-- d=0x001 i=445531 o=0 (8,345) So the device is 00:01 which is same as any other shared memory backed file, including files on tmpfs filesystems. I guess we could look at the filename but we'd probably want to do that when updating the map and store a flag because the point where actually want to check whether something is file backed is a hot path that needs to avoid unnecessary slowdowns. -- You are receiving this mail because: You are watching all bug changes.
[valgrind] [Bug 450458] unhandled instruction bytes: 0x37 0x48 0x83 0xF8 0x2E 0xF 0x84
https://bugs.kde.org/show_bug.cgi?id=450458 --- Comment #7 from Martin Koller --- I found out that QtCore uses 3rdparty/pcre2 code, which itself contains the sljit code. So does this mean, valgrind should handle this (aka: a bug/limitation in valgrind) ? -- You are receiving this mail because: You are watching all bug changes.
[valgrind] [Bug 450458] unhandled instruction bytes: 0x37 0x48 0x83 0xF8 0x2E 0xF 0x84
https://bugs.kde.org/show_bug.cgi?id=450458 --- Comment #6 from Tom Hughes --- Specifically https://github.com/zherczeg/sljit/blob/8d0f668fad91ca1d6c8afb3b72b34db41bee/sljit_src/sljitProtExecAllocator.c#L116 in sljit. -- You are receiving this mail because: You are watching all bug changes.
[valgrind] [Bug 450458] unhandled instruction bytes: 0x37 0x48 0x83 0xF8 0x2E 0xF 0x84
https://bugs.kde.org/show_bug.cgi?id=450458 --- Comment #5 from Tom Hughes --- Ah the /memfd:sljit path is probably a big clue - it's using an anonymous file created with memfd_create so it is file backed but not with a real file. -- You are receiving this mail because: You are watching all bug changes.
[valgrind] [Bug 450458] unhandled instruction bytes: 0x37 0x48 0x83 0xF8 0x2E 0xF 0x84
https://bugs.kde.org/show_bug.cgi?id=450458 --- Comment #4 from Tom Hughes --- Well that's quite interesting - the default is --smc-check=all-non-file which means we check for self modifying code on heap, stack and in anonymous mappings but not in file backed mappings. So it sounds like it is modifying code in a file backed mapping which is quite an odd thing to do! Either that or there is some sort of bug in our detection of whether a mapping is file backed. -- You are receiving this mail because: You are watching all bug changes.
[valgrind] [Bug 450458] unhandled instruction bytes: 0x37 0x48 0x83 0xF8 0x2E 0xF 0x84
https://bugs.kde.org/show_bug.cgi?id=450458 --- Comment #3 from Martin Koller --- So it has to do with libQtCore. When I use the option --smc-check=all it does not crash any more! There are TONS of warnings (with or without this option), all of the types: Conditional jump or move depends on uninitialised value(s) or Use of uninitialised value of size I also get a huge number of the like ==22110== Conditional jump or move depends on uninitialised value(s) ==22110==at 0x2E482C35: ??? (in /memfd:sljit (deleted)) ==22110==by 0x1755BF17: ??? which does not help me in any way, sadly. Since the "smc" option helps, does it give any specific warning which I can search for ? (since there are so many, that I can not check all manually) -- You are receiving this mail because: You are watching all bug changes.
[valgrind] [Bug 450458] unhandled instruction bytes: 0x37 0x48 0x83 0xF8 0x2E 0xF 0x84
https://bugs.kde.org/show_bug.cgi?id=450458 --- Comment #2 from Tom Hughes --- Checked the December 2021 edition of the manual now and nothing seems to have changed so that is not a valid instruction. Either this is self modifying code that hasn't been detected (does --smc-check=all help?) or the program has taken a bogus branch somewhere - are there any warnings before that about bad memory accesses? -- You are receiving this mail because: You are watching all bug changes.
[valgrind] [Bug 450458] unhandled instruction bytes: 0x37 0x48 0x83 0xF8 0x2E 0xF 0x84
https://bugs.kde.org/show_bug.cgi?id=450458 Tom Hughes changed: What|Removed |Added CC||t...@compton.nu --- Comment #1 from Tom Hughes --- Well 0x37 is the AAA (ASCII Adjust After Addition) instruction which seems pretty unlikely, not least because it's not valid in 64 bit mode. I'm using a 2019 edition of the Intel manual so maybe it has been reused in 64 bit mode now - are you using a very recent processor and did you compile with -march=native or similar? -- You are receiving this mail because: You are watching all bug changes.