301011 – vex x86->IR: unhandled instruction bytes: 0xF3 0xF 0xBC (tzcnt)

Bug 301011 - vex x86->IR: unhandled instruction bytes: 0xF3 0xF 0xBC (tzcnt)

Summary: vex x86->IR: unhandled instruction bytes: 0xF3 0xF 0xBC (tzcnt)

Status:	REPORTED

Alias:	None

Product:	valgrind
Classification:	Developer tools
Component:	vex (show other bugs)
Version:	unspecified
Platform:	unspecified Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	Julian Seward

URL:
Keywords:

Depends on:
Blocks:

Reported:	2012-06-01 19:21 UTC by Viraj Kanwade
Modified:	2014-02-03 12:53 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Viraj Kanwade 2012-06-01 19:21:55 UTC

I am seeing the following error when I run valgrind
priv/guest_x86_toIR.c 14041 disInstr_X86_WRK F3 F
vex x86->IR: unhandled instruction bytes: 0xF3 0xF 0xBC 0xDE opc: 0xF3
==8132== valgrind: Unrecognised instruction at address 0x4cbc3d2.
==8132==    at 0x4CBC3D2: ??? (in /usr/local/lib/libx264.so.122)

cat /proc/cpuinfo
processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 10
model name      : Intel(R) Core(TM) i7-2675QM CPU @ 2.20GHz
stepping        : 7
cpu MHz         : 2194.117
cache size      : 6144 KB
fdiv_bug        : no
hlt_bug         : no
f00f_bug        : no
coma_bug        : no
fpu             : yes
fpu_exception   : yes
cpuid level     : 13
wp              : yes
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss nx rdtscp lm pni popcnt
bogomips        : 4390.17

valgrind --version
valgrind-3.7.0

gcc --version
gcc (GCC) 3.4.6 20060404 (Red Hat 3.4.6-9)
Copyright (C) 2006 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Reproducible: Always

Steps to Reproduce:
I guess It gets 0xF instead of 0x0F




The code won't progress

Comment 1 Tom Hughes 2012-07-23 11:12:19 UTC

That's a TZCNT instruction, but I'm a bit surprised to see it in an Intel CPU as I thought it was an AMD specific instruction. It's listed in the Opcode map in the Intel manual but not in the main instruction reference...

See also bug #295808 for this same instruction in 64 bit mode.

Comment 2 Jakub Jelinek 2012-08-17 15:24:50 UTC

https://bugs.kde.org/show_bug.cgi?id=295808#c8
should fix this.  LZCNT and TZCNT are part of LZCNT resp. BMI1 ISA extensions, documented in both the AMD manuals and in
http://software.intel.com/file/45207 - 319433-013b.pdf - I think it wasn't in the earlier 319433-011.pdf yet.  The reason why GCC uses TZCNT now unconditionally is that for the non-zero values where the BSF insn is actually defined, TZCNT, REP; BSF and BSF give actually the same results (appart from different flags), so it doesn't matter which one is used and when tuning for future CPUs TZCNT is a better choice.  Unlike this, LZCNT gives different values (operand size - 1 - BSR), so LZCNT is going to appear usually just in code targetted at CPUs with the LZCNT ISA extension.