Bug 476978

Summary: [SSE4.1] missing support for PMAXUD (x86)
Product: [Developer tools] valgrind Reporter: Dirk Mueller <mueller>
Component: vexAssignee: Alexandra Hajkova <ahajkova>
Status: RESOLVED DUPLICATE    
Severity: normal CC: ahajkova, mark
Priority: NOR    
Version First Reported In: 3.20.0   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Dirk Mueller 2023-11-14 08:41:25 UTC 
SUMMARY

[   94s] vex x86->IR: unhandled instruction bytes: 0x66 0xF 0x38 0x3F
[   94s] ==12135== valgrind: Unrecognised instruction at address 0x1f548b.
[   94s] ==12135==    at 0x1F548B: Perl_safesysmalloc (in /usr/bin/perl)
[   94s] ==12135==    by 0x229AD2: Perl_more_bodies (in /usr/bin/perl)
[   94s] ==12135==    by 0x22D9A6: ??? (in /usr/bin/perl)
[   94s] ==12135==    by 0x14F57A: perl_construct (in /usr/bin/perl)
[   94s] ==12135==    by 0x12C520: main (in /usr/bin/perl)
[   94s] ==12135== Your program just tried to execute an instruction that Valgrind
[   94s] ==12135== did not recognise.  There are two possible reasons for this.
[   94s] ==12135== 1. Your program has a bug and erroneously jumped to a non-code
[   94s] ==12135==    location.  If you are running Memcheck and you just saw a
[   94s] ==12135==    warning about a bad jump, it's probably your program's fault.
[   94s] ==12135== 2. The instruction is legitimate but Valgrind doesn't handle it,
[   94s] ==12135==    i.e. it's Valgrind's fault.  If you think this is the case or
[   94s] ==12135==    you are not sure, please let us know and we'll try to fix it.
[   94s] ==12135== Either way, Valgrind will now raise a SIGILL signal which will
[   94s] ==12135== probably kill your program.
[   94s] ==12135== 
[   94s] ==12135== Process terminating with default action of signal 4 (SIGILL): dumping core
[   94s] ==12135==  Illegal opcode at address 0x1F548B
[   94s] ==12135==    at 0x1F548B: Perl_safesysmalloc (in /usr/bin/perl)
[   94s] ==12135==    by 0x229AD2: Perl_more_bodies (in /usr/bin/perl)
[   94s] ==12135==    by 0x22D9A6: ??? (in /usr/bin/perl)
[   94s] ==12135==    by 0x14F57A: perl_construct (in /usr/bin/perl)
[   94s] ==12135==    by 0x12C520: main (in /usr/bin/perl)




SOFTWARE/OS VERSIONS
gcc 13.2 or later seems to be generating those instructions now for x86 with sse4 enabled


ADDITIONAL INFORMATION
Comment 1 Mark Wielaard 2023-11-14 10:12:14 UTC 
Note that this is implemented for amd64, just not for x86 (32bit).

See VEX/priv/guest_amd64_toIR.c (dis_ESC_0F38__SSE4):

   case 0x3B:
   case 0x3F:
      /* 66 0F 38 3B /r = PMINUD xmm1, xmm2/m128
         Minimum of Packed Unsigned Doubleword Integers (XMM)
         66 0F 38 3F /r = PMAXUD xmm1, xmm2/m128
         Maximum of Packed Unsigned Doubleword Integers (XMM)
      */
      if (have66noF2noF3(pfx) && sz == 2) {
         /* FIXME: this needs an alignment check */
         Bool isMAX = opc == 0x3F;
         delta = dis_SSEint_E_to_G(
                    vbi, pfx, delta,
                    isMAX ? "pmaxud" : "pminud",
                    isMAX ? Iop_Max32Ux4 : Iop_Min32Ux4,
                    False
                 );
         goto decode_success;
      }
      break;

With tests in none/tests/amd64/sse4-64.c.
Comment 2 Mark Wielaard 2025-12-03 12:55:02 UTC 
Bug #512873 is a more general variant of this bug, plus patch.

*** This bug has been marked as a duplicate of bug 512873 ***