Bug 440180

Summary: s390x: Failed assertion in disassembler
Product: [Developer tools] valgrind Reporter: Florian Krohm <flo2030>
Component: vexAssignee: Julian Seward <jseward>
Status: RESOLVED FIXED    
Severity: normal CC: arnez
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Florian Krohm 2021-07-23 09:05:40 UTC 
In function construct_mnemonic this assertion fails:

   vassert(vex_strlen(prefix) + vex_strlen(suffix) +
           sizeof mask_id[0] <= sizeof buf);

The problem is that S390_MAX_MNEMONIC_LEN is too small.
It should be 9 instead of 8.
The largest opcode mnemonic without extension is 7 for ALGHSIK.
The largest opcode mnemonic with extension is 6 for STOCFH +
max. 3 letter extension makes a max length of 9.

To reproduce run this progeam

#include <stdlib.h>

int main()
{
  int *p = malloc(10);
  int ix;

// stocfhnle
  asm(".short 0xEB03");
  asm(".long  0x222222E1");
  return p[ix];
}

like so:

valgrind --trace-notbelow=1 --trace-flags=11111111 ./a.out

Here's the patch

diff --git a/VEX/priv/s390_defs.h b/VEX/priv/s390_defs.h
index 80d7336..fa6e85c 100644
--- a/VEX/priv/s390_defs.h
+++ b/VEX/priv/s390_defs.h
@@ -166,8 +166,8 @@ typedef enum
 #define S390_PPNO_MAX_SIZE_SHA512_GEN  64


-/* The length of the longest mnemonic: locgrnhe */
-#define S390_MAX_MNEMONIC_LEN  8
+/* The length of the longest mnemonic: stocfhnle */
+#define S390_MAX_MNEMONIC_LEN  9


 /*---------------------------------------------------------------*/
Comment 1 Andreas Arnez 2024-10-01 11:12:20 UTC 
This Bug was fixed in the meantime with commit 67a2bb759a7c9c76fd6aa142bdb6fe342a5998e2 (s390x: Fix disassembly of locfh/locfhr, update S390_MAX_MNEMONIC_LEN).