Bug 105227 - (bound) vex: x86->IR: unhandled instruction bytes: 0x62 0x75 0xF8 0xC7
Summary: (bound) vex: x86->IR: unhandled instruction bytes: 0x62 0x75 0xF8 0xC7
Status: REPORTED
Alias: None
Product: valgrind
Classification: Developer tools
Component: vex (show other bugs)
Version: unspecified
Platform: openSUSE Linux
: NOR crash
Target Milestone: ---
Assignee: Julian Seward
URL:
Keywords:
Depends on:
Blocks: 256630
  Show dependency treegraph
 
Reported: 2005-05-07 06:14 UTC by Geoff Smith
Modified: 2010-11-11 20:13 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Geoff Smith 2005-05-07 06:14:00 UTC
Version:            (using KDE KDE 3.3.0)
Installed from:    SuSE RPMs
OS:                Linux

The "BOUND" (x86) instruction is not implemented.  The IBM Rational Ada compiler uses this instruction (albeit rarely) for bounds checking.

valgrind --version :  valgrind-2.4.0
uname -a           :  Linux alpo 2.4.21-27.0.1ELcustom #2
Comment 1 Jeremy Fitzhardinge 2005-05-09 23:11:25 UTC
Geoff Smith wrote:

>The "BOUND" (x86) instruction is not implemented.  The IBM Rational Ada compiler uses this instruction (albeit rarely) for bounds checking.
>  
>

I'm astounded.  It has been a long while since that was a useful
instruction to use...  Shouldn't be too hard to implement as a helper
though.

    J
Comment 2 Tom Hughes 2005-10-06 10:38:24 UTC
In answer to Julian's question on bug 112432 about what a bounds check failure should look like in userspace the answer (from a quick examination of the kernel source) is a SEGV of some sort.
Comment 3 Julian Seward 2005-10-06 20:15:38 UTC
Geoff, is this still alive?  If yes, can you supply a test case
which checks that upon delivery of the resulting signal, you
have enough context (faulting address, or whatever) that the
compiler's code can recover in the way it wants.
Comment 4 Dave Nomura 2005-10-12 01:10:00 UTC
Hi, I work for Geoff Smith (the originator of this bug report)
I have put together a simple test case (below)
When I run the program I get:
windfall-apex%  bound
in handler
info->si_signo = 11
info->si_errno = 0
info->si_code = 128
context.uc_mcontext.gregs[12] = 5

When I run it under valgrind 2.4:
windfall-apex% valgrind bound
==23121== Memcheck, a memory error detector for x86-linux.
==23121== Copyright (C) 2002-2005, and GNU GPL'd, by Julian Seward et al.
==23121== Using valgrind-2.4.0, a program supervision framework for x86-linux.
==23121== Copyright (C) 2000-2005, and GNU GPL'd, by Julian Seward et al.
==23121== For more details, rerun with: -v
==23121==
--23121-- disInstr: unhandled instruction bytes: 0x62 0x75 0xF8 0x83
--23121--           at 0x80485C1: main (bound.c:48)
==23121==
==23121== Process terminating with default action of signal 4 (SIGILL): dumping core
==23121==  Illegal operand at address 0xB007D056
==23121==    at 0x80485C1: main (bound.c:48)
==23121==
==23121== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 13 from 1)
==23121== malloc/free: in use at exit: 0 bytes in 0 blocks.
==23121== malloc/free: 0 allocs, 0 frees, 0 bytes allocated.
==23121== For counts of detected errors, rerun with: -v
==23121== No malloc'd blocks -- no leaks are possible.
Illegal instruction

---------------------- bound.c ------------------------
#include <signal.h>
#include <sys/signal.h>
#include <ucontext.h>
#include <stdio.h>

char *p = 0;

void
handler(sig, info, context)
int sig;
siginfo_t *info;
ucontext_t *context;
{
        int i;
        printf("in handler\n");
        printf("info->si_signo = %d\n", info->si_signo);
        printf("info->si_errno = %d\n", info->si_errno);
        printf("info->si_code = %d\n", info->si_code);

        /* register 12 is REG_TRAPNO */
        printf("context.uc_mcontext.gregs[12] = %d\n",
                context->uc_mcontext.gregs[12]);
        exit(0);
}

int
intval()
{
        return 10;
}

int
main()
{
        int arr_bnd[2] = {1, 5};
        int arr[2];
        struct sigaction act, oact;
        register unsigned addr;
        register int ind = intval();

        bzero(&act, sizeof(struct sigaction));
        bzero(&oact, sizeof(struct sigaction));
        act.sa_sigaction = &handler;
        act.sa_flags = SA_SIGINFO;
        sigaction(SIGSEGV, &act, &oact);

        addr = (unsigned)&arr_bnd;
        asm("bound %esi, 0xfffffff8(%ebp)");
        printf("returned from handler\n");
}