Valgrind exits with a decode error: vex x86->IR: unhandled instruction bytes: 0x8F 0xC3 As far as I know, that's a valid, if not particularly optimal, way of saying "pop %ebx". The operand for 8F/0 is r/m32, not just m32. Of course it's happy if I change the instruction to the equivalent 0x5B, but that's not the point :)