Bug 292841

Summary: vex amd64->IR: unhandled instruction bytes: 0xC5 0xFB 0x10 0x5 0xD0 0x7B
Product: [Developer tools] valgrind Reporter: Christian Kruse <cjk>
Component: vexAssignee: Julian Seward <jseward>
Status: RESOLVED DUPLICATE    
Severity: crash CC: cjk, tom
Priority: NOR    
Version: 3.7.0   
Target Milestone: ---   
Platform: Compiled Sources   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Christian Kruse 2012-01-30 07:47:46 UTC 
Version:           3.7.0
OS:                Linux

When debugging a C++ application I wrote I get the following message from valgrind:


vex amd64->IR: unhandled instruction bytes: 0xC5 0xFB 0x10 0x44 0x24 0xF8 0xC3 0x90
==7616== valgrind: Unrecognised instruction at address 0x795bf13.
==7616==    at 0x795BF13: __mpn_construct_double (mpn2dbl.c:41)
==7616==    by 0x795449A: ____strtod_l_internal (strtod_l.c:1566)
==7616==    by 0x5075C5F: CForum::JSON::Parser::getNextToken(char const*, char const*, CForum::JSON::Parser::Token&) (json_parser.cc:225)
==7616==    by 0x50762D5: CForum::JSON::Parser::readValue(boost::shared_ptr<CForum::JSON::Element>*, char const*, char const*) (json_parser.cc:321)
==7616==    by 0x50760AC: CForum::JSON::Parser::readObject(boost::shared_ptr<CForum::JSON::Object>, char const*, char const*) (json_parser.cc:300)
==7616==    by 0x5076386: CForum::JSON::Parser::readValue(boost::shared_ptr<CForum::JSON::Element>*, char const*, char const*) (json_parser.cc:326)
==7616==    by 0x4E491E6: CForum::JSON::Parser::parse(char const*, unsigned long, boost::shared_ptr<CForum::JSON::Element>&) (json_parser.hh:140)
==7616==    by 0x4E490CA: CForum::JSON::Parser::parse(char const*, boost::shared_ptr<CForum::JSON::Element>&) (json_parser.hh:136)
==7616==    by 0x4E45E00: JSONTest::testParser() (json_test.cc:40)
==7616==    by 0x4E4E8DB: CppUnit::TestCaller<JSONTest>::runTest() (TestCaller.h:166)
==7616==    by 0x6F5B4A9: CppUnit::TestCaseMethodFunctor::operator()() const (TestCase.cpp:32)
==7616==    by 0x6F4FA2E: CppUnit::DefaultProtector::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) (DefaultProtector.cpp:15)
==7616==    by 0x6F57D91: CppUnit::ProtectorChain::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) (ProtectorChain.cpp:77)
==7616==    by 0x6F61983: CppUnit::TestResult::protect(CppUnit::Functor const&, CppUnit::Test*, std::string const&) (TestResult.cpp:178)
==7616==    by 0x6F5B157: CppUnit::TestCase::run(CppUnit::TestResult*) (TestCase.cpp:92)
==7616==    by 0x6F5B832: CppUnit::TestComposite::doRunChildTests(CppUnit::TestResult*) (TestComposite.cpp:64)
==7616==    by 0x6F5B755: CppUnit::TestComposite::run(CppUnit::TestResult*) (TestComposite.cpp:23)
==7616==    by 0x6F5B832: CppUnit::TestComposite::doRunChildTests(CppUnit::TestResult*) (TestComposite.cpp:64)
==7616==    by 0x6F5B755: CppUnit::TestComposite::run(CppUnit::TestResult*) (TestComposite.cpp:23)
==7616==    by 0x6F617B9: CppUnit::TestResult::runTest(CppUnit::Test*) (TestResult.cpp:145)
==7616==    by 0x6F638B2: CppUnit::TestRunner::run(CppUnit::TestResult&, std::string const&) (TestRunner.cpp:96)
==7616==    by 0x6F6600A: CppUnit::TextTestRunner::run(std::string, bool, bool, bool) (TextTestRunner.cpp:64)
==7616==    by 0x401273: main (run_tests.cc:51)



Reproducible: Always

Steps to Reproduce:
Run valgrind ./run_tests

Actual Results:  
Programm gets killed by SIGILL signal

Expected Results:  
Program runs fine

valgrind -v output:


==10105== Memcheck, a memory error detector
==10105== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==10105== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==10105== Command: ./run_tests
==10105== 
--10105-- Valgrind options:
--10105--    --num-callers=32
--10105--    -v
--10105-- Contents of /proc/version:
--10105--   Linux version 3.2.1-gentoo-r2 (root@achilles) (gcc version 4.5.3 (Gentoo 4.5.3-r1 p1.0, pie-0.4.5) ) #2 SMP PREEMPT Sun Jan 29 15:59:49 CET 2012
--10105-- Arch and hwcaps: AMD64, amd64-sse3-cx16
--10105-- Page sizes: currently 4096, max supported 4096
--10105-- Valgrind library directory: /usr/lib64/valgrind
--10105-- Reading syms from /home/ckruse/data/dev/cforum/build/src/tests/run_tests (0x400000)
--10105-- Reading syms from /lib64/ld-2.13.so (0x4000000)
--10105-- Reading syms from /usr/lib64/valgrind/memcheck-amd64-linux (0x38000000)
--10105--    object doesn't have a dynamic symbol table
--10105-- Reading suppressions file: /usr/lib64/valgrind/default.supp
==10105== embedded gdbserver: reading from /tmp/vgdb-pipe-from-vgdb-to-10105-by-ckruse-on-???
==10105== embedded gdbserver: writing to   /tmp/vgdb-pipe-to-vgdb-from-10105-by-ckruse-on-???
==10105== embedded gdbserver: shared mem   /tmp/vgdb-pipe-shared-mem-vgdb-10105-by-ckruse-on-???
==10105== 
==10105== TO CONTROL THIS PROCESS USING vgdb (which you probably
==10105== don't want to do, unless you know exactly what you're doing,
==10105== or are doing some strange experiment):
==10105==   /usr/lib64/valgrind/../../bin/vgdb --pid=10105 ...command...
==10105== 
==10105== TO DEBUG THIS PROCESS USING GDB: start GDB like this
==10105==   /path/to/gdb ./run_tests
==10105== and then give GDB the following command
==10105==   target remote | /usr/lib64/valgrind/../../bin/vgdb --pid=10105
==10105== --pid is optional if only one valgrind process is running
==10105== 
--10105-- REDIR: 0x4016210 (strlen) redirected to 0x38044897 (vgPlain_amd64_linux_REDIR_FOR_strlen)
--10105-- Reading syms from /usr/lib64/valgrind/vgpreload_core-amd64-linux.so (0x4a22000)
--10105-- Reading syms from /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so (0x4c24000)
--10105-- REDIR: 0x4016160 (index) redirected to 0x4c29500 (index)
--10105-- REDIR: 0x40161e0 (strcmp) redirected to 0x4c2a4a0 (strcmp)
--10105-- Reading syms from /home/ckruse/data/dev/cforum/build/src/tests/json/libcfjson_test.so (0x4e30000)
--10105-- Reading syms from /home/ckruse/data/dev/cforum/build/src/json/libcfjson.so (0x5056000)
--10105-- Reading syms from /home/ckruse/data/dev/cforum/build/src/exceptions/libcfexceptions.so (0x5283000)
--10105-- Reading syms from /usr/lib64/libicui18n.so.48.1 (0x5486000)
--10105--    object doesn't have a symbol table
--10105-- Reading syms from /usr/lib64/libicuuc.so.48.1 (0x5857000)
--10105--    object doesn't have a symbol table
--10105-- Reading syms from /usr/lib64/libcppunit-1.12.so.1.0.0 (0x6f31000)
--10105-- Reading syms from /usr/lib64/gcc/x86_64-pc-linux-gnu/4.5.3/libstdc++.so.6.0.14 (0x7179000)
--10105--    object doesn't have a symbol table
--10105-- Reading syms from /lib64/libm-2.13.so (0x7483000)
--10105-- Reading syms from /lib64/libgcc_s.so.1 (0x7701000)
--10105--    object doesn't have a symbol table
--10105-- Reading syms from /lib64/libc-2.13.so (0x7917000)
--10105-- Reading syms from /lib64/libpthread-2.13.so (0x7ca3000)
--10105-- Reading syms from /lib64/libdl-2.13.so (0x7ec0000)
--10105-- REDIR: 0x799b090 (strcasecmp) redirected to 0x4a22670 (_vgnU_ifunc_wrapper)
--10105-- REDIR: 0x799d350 (strncasecmp) redirected to 0x4a22670 (_vgnU_ifunc_wrapper)
--10105-- REDIR: 0x79990e0 (__GI_strrchr) redirected to 0x4c29320 (__GI_strrchr)
--10105-- REDIR: 0x7997600 (__GI_strlen) redirected to 0x4c29860 (__GI_strlen)
--10105-- REDIR: 0x7995b70 (strcmp) redirected to 0x4a22670 (_vgnU_ifunc_wrapper)
--10105-- REDIR: 0x7a292a0 (__strcmp_sse42) redirected to 0x4c2a3e0 (strcmp)
--10105-- REDIR: 0x79975c0 (strlen) redirected to 0x4a22670 (_vgnU_ifunc_wrapper)
--10105-- REDIR: 0x7a30940 (__strlen_sse42) redirected to 0x4c29840 (strlen)
--10105-- REDIR: 0x72363f0 (operator new(unsigned long)) redirected to 0x4c289f0 (operator new(unsigned long))
--10105-- REDIR: 0x799fa20 (memcpy) redirected to 0x4a22670 (_vgnU_ifunc_wrapper)
--10105-- REDIR: 0x7a3ebd0 (__memcpy_ssse3_back) redirected to 0x4c2aa80 (memcpy)
--10105-- REDIR: 0x79921f0 (realloc) redirected to 0x4c28fc0 (realloc)
--10105-- REDIR: 0x7992110 (free) redirected to 0x4c28050 (free)
--10105-- REDIR: 0x7234670 (operator delete(void*)) redirected to 0x4c27ce0 (operator delete(void*))
--10105-- REDIR: 0x7999e30 (memmove) redirected to 0x4a22670 (_vgnU_ifunc_wrapper)
--10105-- REDIR: 0x7a44170 (__memmove_ssse3_back) redirected to 0x4c2ba10 (memmove)
--10105-- REDIR: 0x79977f0 (strncmp) redirected to 0x4a22670 (_vgnU_ifunc_wrapper)
--10105-- REDIR: 0x7a2a140 (__strncmp_sse42) redirected to 0x4c29cc0 (strncmp)
vex amd64->IR: unhandled instruction bytes: 0xC5 0xFB 0x10 0x44 0x24 0xF8 0xC3 0x90
==10105== valgrind: Unrecognised instruction at address 0x795bf13.
==10105==    at 0x795BF13: __mpn_construct_double (mpn2dbl.c:41)
==10105==    by 0x795449A: ____strtod_l_internal (strtod_l.c:1566)
==10105==    by 0x5075C5F: CForum::JSON::Parser::getNextToken(char const*, char const*, CForum::JSON::Parser::Token&) (json_parser.cc:225)
==10105==    by 0x50762D5: CForum::JSON::Parser::readValue(boost::shared_ptr<CForum::JSON::Element>*, char const*, char const*) (json_parser.cc:321)
==10105==    by 0x50760AC: CForum::JSON::Parser::readObject(boost::shared_ptr<CForum::JSON::Object>, char const*, char const*) (json_parser.cc:300)
==10105==    by 0x5076386: CForum::JSON::Parser::readValue(boost::shared_ptr<CForum::JSON::Element>*, char const*, char const*) (json_parser.cc:326)
==10105==    by 0x4E491E6: CForum::JSON::Parser::parse(char const*, unsigned long, boost::shared_ptr<CForum::JSON::Element>&) (json_parser.hh:140)
==10105==    by 0x4E490CA: CForum::JSON::Parser::parse(char const*, boost::shared_ptr<CForum::JSON::Element>&) (json_parser.hh:136)
==10105==    by 0x4E45E00: JSONTest::testParser() (json_test.cc:40)
==10105==    by 0x4E4E8DB: CppUnit::TestCaller<JSONTest>::runTest() (TestCaller.h:166)
==10105==    by 0x6F5B4A9: CppUnit::TestCaseMethodFunctor::operator()() const (TestCase.cpp:32)
==10105==    by 0x6F4FA2E: CppUnit::DefaultProtector::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) (DefaultProtector.cpp:15)
==10105==    by 0x6F57D91: CppUnit::ProtectorChain::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) (ProtectorChain.cpp:77)
==10105==    by 0x6F61983: CppUnit::TestResult::protect(CppUnit::Functor const&, CppUnit::Test*, std::string const&) (TestResult.cpp:178)
==10105==    by 0x6F5B157: CppUnit::TestCase::run(CppUnit::TestResult*) (TestCase.cpp:92)
==10105==    by 0x6F5B832: CppUnit::TestComposite::doRunChildTests(CppUnit::TestResult*) (TestComposite.cpp:64)
==10105==    by 0x6F5B755: CppUnit::TestComposite::run(CppUnit::TestResult*) (TestComposite.cpp:23)
==10105==    by 0x6F5B832: CppUnit::TestComposite::doRunChildTests(CppUnit::TestResult*) (TestComposite.cpp:64)
==10105==    by 0x6F5B755: CppUnit::TestComposite::run(CppUnit::TestResult*) (TestComposite.cpp:23)
==10105==    by 0x6F617B9: CppUnit::TestResult::runTest(CppUnit::Test*) (TestResult.cpp:145)
==10105==    by 0x6F638B2: CppUnit::TestRunner::run(CppUnit::TestResult&, std::string const&) (TestRunner.cpp:96)
==10105==    by 0x6F6600A: CppUnit::TextTestRunner::run(std::string, bool, bool, bool) (TextTestRunner.cpp:64)
==10105==    by 0x401273: main (run_tests.cc:51)
==10105== Your program just tried to execute an instruction that Valgrind
==10105== did not recognise.  There are two possible reasons for this.
==10105== 1. Your program has a bug and erroneously jumped to a non-code
==10105==    location.  If you are running Memcheck and you just saw a
==10105==    warning about a bad jump, it's probably your program's fault.
==10105== 2. The instruction is legitimate but Valgrind doesn't handle it,
==10105==    i.e. it's Valgrind's fault.  If you think this is the case or
==10105==    you are not sure, please let us know and we'll try to fix it.
==10105== Either way, Valgrind will now raise a SIGILL signal which will
==10105== probably kill your program.
==10105== 
==10105== Process terminating with default action of signal 4 (SIGILL)
==10105==  Illegal opcode at address 0x795BF13
==10105==    at 0x795BF13: __mpn_construct_double (mpn2dbl.c:41)
==10105==    by 0x795449A: ____strtod_l_internal (strtod_l.c:1566)
==10105==    by 0x5075C5F: CForum::JSON::Parser::getNextToken(char const*, char const*, CForum::JSON::Parser::Token&) (json_parser.cc:225)
==10105==    by 0x50762D5: CForum::JSON::Parser::readValue(boost::shared_ptr<CForum::JSON::Element>*, char const*, char const*) (json_parser.cc:321)
==10105==    by 0x50760AC: CForum::JSON::Parser::readObject(boost::shared_ptr<CForum::JSON::Object>, char const*, char const*) (json_parser.cc:300)
==10105==    by 0x5076386: CForum::JSON::Parser::readValue(boost::shared_ptr<CForum::JSON::Element>*, char const*, char const*) (json_parser.cc:326)
==10105==    by 0x4E491E6: CForum::JSON::Parser::parse(char const*, unsigned long, boost::shared_ptr<CForum::JSON::Element>&) (json_parser.hh:140)
==10105==    by 0x4E490CA: CForum::JSON::Parser::parse(char const*, boost::shared_ptr<CForum::JSON::Element>&) (json_parser.hh:136)
==10105==    by 0x4E45E00: JSONTest::testParser() (json_test.cc:40)
==10105==    by 0x4E4E8DB: CppUnit::TestCaller<JSONTest>::runTest() (TestCaller.h:166)
==10105==    by 0x6F5B4A9: CppUnit::TestCaseMethodFunctor::operator()() const (TestCase.cpp:32)
==10105==    by 0x6F4FA2E: CppUnit::DefaultProtector::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) (DefaultProtector.cpp:15)
==10105==    by 0x6F57D91: CppUnit::ProtectorChain::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) (ProtectorChain.cpp:77)
==10105==    by 0x6F61983: CppUnit::TestResult::protect(CppUnit::Functor const&, CppUnit::Test*, std::string const&) (TestResult.cpp:178)
==10105==    by 0x6F5B157: CppUnit::TestCase::run(CppUnit::TestResult*) (TestCase.cpp:92)
==10105==    by 0x6F5B832: CppUnit::TestComposite::doRunChildTests(CppUnit::TestResult*) (TestComposite.cpp:64)
==10105==    by 0x6F5B755: CppUnit::TestComposite::run(CppUnit::TestResult*) (TestComposite.cpp:23)
==10105==    by 0x6F5B832: CppUnit::TestComposite::doRunChildTests(CppUnit::TestResult*) (TestComposite.cpp:64)
==10105==    by 0x6F5B755: CppUnit::TestComposite::run(CppUnit::TestResult*) (TestComposite.cpp:23)
==10105==    by 0x6F617B9: CppUnit::TestResult::runTest(CppUnit::Test*) (TestResult.cpp:145)
==10105==    by 0x6F638B2: CppUnit::TestRunner::run(CppUnit::TestResult&, std::string const&) (TestRunner.cpp:96)
==10105==    by 0x6F6600A: CppUnit::TextTestRunner::run(std::string, bool, bool, bool) (TextTestRunner.cpp:64)
==10105==    by 0x401273: main (run_tests.cc:51)
==10105== 
==10105== HEAP SUMMARY:
==10105==     in use at exit: 5,447 bytes in 53 blocks
==10105==   total heap usage: 68 allocs, 15 frees, 6,923 bytes allocated
==10105== 
==10105== Searching for pointers to 53 not-freed blocks
==10105== Checked 274,424 bytes
==10105== 
==10105== LEAK SUMMARY:
==10105==    definitely lost: 0 bytes in 0 blocks
==10105==    indirectly lost: 0 bytes in 0 blocks
==10105==      possibly lost: 246 bytes in 6 blocks
==10105==    still reachable: 5,201 bytes in 47 blocks
==10105==         suppressed: 0 bytes in 0 blocks
==10105== Rerun with --leak-check=full to see details of leaked memory
==10105== 
==10105== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 8 from 6)
--10105-- 
--10105-- used_suppression:      8 dl-hack3-cond-1
==10105== 
==10105== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 8 from 6)

uname -a output:
Linux achilles 3.2.1-gentoo-r2 #2 SMP PREEMPT Sun Jan 29 15:59:49 CET 2012 x86_64 Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz GenuineIntel GNU/Linux
Comment 1 Tom Hughes 2012-01-30 08:45:24 UTC 

*** This bug has been marked as a duplicate of bug 273475 ***