320965 – Unrecognised instruction __ieee754_pow_sse2

Bug 320965 - Unrecognised instruction __ieee754_pow_sse2

Summary: Unrecognised instruction __ieee754_pow_sse2

Status:	REPORTED

Alias:	None

Product:	valgrind
Classification:	Developer tools
Component:	general (show other bugs)
Version:	3.9.0.SVN
Platform:	Other Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	Julian Seward

URL:
Keywords:

Depends on:
Blocks:

Reported:	2013-06-09 17:17 UTC by Martin Liška
Modified:	2015-04-23 12:53 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
libm.so (982.18 KB, application/x-sharedlib) 2013-07-03 13:01 UTC, Martin Liška	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Martin Liška 2013-06-09 17:17:36 UTC

./valgrind --tool=callgrind `which gimp`
==25822== Callgrind, a call-graph generating cache profiler
==25822== Copyright (C) 2002-2012, and GNU GPL'd, by Josef Weidendorfer et al.
==25822== Using Valgrind-3.9.0.SVN and LibVEX; rerun with -h for copyright info
==25822== Command: /usr/bin/gimp
==25822== 
==25822== For interactive control, run 'callgrind_control -h'.
vex amd64->IR: unhandled instruction bytes: 0xC4 0xC3 0xF1 0x6B 0xC0 0x90 0xC4 0xE3
vex amd64->IR:   REX=0 REX.W=1 REX.R=0 REX.X=0 REX.B=1
vex amd64->IR:   VEX=1 VEX.L=0 VEX.nVVVV=0x1 ESC=0F3A
vex amd64->IR:   PFX.66=1 PFX.F2=0 PFX.F3=0
==25822== valgrind: Unrecognised instruction at address 0x7f9e5d8.
==25822==    at 0x7F9E5D8: __ieee754_pow_sse2 (in /lib64/libm-2.15.so)
==25822==    by 0x7FABDFB: pow (in /lib64/libm-2.15.so)
==25822==    by 0x1088A67E: init (in /usr/lib64/babl-0.1/gimp-8bit.so)
==25822==    by 0x7D5F1EC: babl_extension_load_dir_list (in /usr/lib64/libbabl-0.1.so.0.109.1)
==25822==    by 0x779E95E: ??? (in /usr/lib64/libgegl-0.2.so.0.199.1)
==25822==    by 0x871D3B7: g_option_context_parse (in /usr/lib64/libglib-2.0.so.0.3400.3)
==25822==    by 0x487FC9: main (in /usr/bin/gimp-2.8)
==25822== Your program just tried to execute an instruction that Valgrind
==25822== did not recognise.  There are two possible reasons for this.
==25822== 1. Your program has a bug and erroneously jumped to a non-code
==25822==    location.  If you are running Memcheck and you just saw a
==25822==    warning about a bad jump, it's probably your program's fault.
==25822== 2. The instruction is legitimate but Valgrind doesn't handle it,
==25822==    i.e. it's Valgrind's fault.  If you think this is the case or
==25822==    you are not sure, please let us know and we'll try to fix it.
==25822== Either way, Valgrind will now raise a SIGILL signal which will
==25822== probably kill your program.
==25822== 
==25822== Process terminating with default action of signal 4 (SIGILL)
==25822==  Illegal opcode at address 0x7F9E5D8
==25822==    at 0x7F9E5D8: __ieee754_pow_sse2 (in /lib64/libm-2.15.so)
==25822==    by 0x7FABDFB: pow (in /lib64/libm-2.15.so)
==25822==    by 0x1088A67E: init (in /usr/lib64/babl-0.1/gimp-8bit.so)
==25822==    by 0x7D5F1EC: babl_extension_load_dir_list (in /usr/lib64/libbabl-0.1.so.0.109.1)
==25822==    by 0x779E95E: ??? (in /usr/lib64/libgegl-0.2.so.0.199.1)
==25822==    by 0x871D3B7: g_option_context_parse (in /usr/lib64/libglib-2.0.so.0.3400.3)
==25822==    by 0x487FC9: main (in /usr/bin/gimp-2.8)
==25822== 
==25822== Events    : Ir
==25822== Collected : 19991863
==25822== 
==25822== I   refs:      19,991,863
Illegal instruction

uname -a:
Linux marxinbox 3.7.4-gentoo #3 SMP Sun Jun 9 13:38:25 CEST 2013 x86_64 AMD FX(tm)-8350 Eight-Core Processor AuthenticAMD GNU/Linux

cat /proc/cpuinfo:
processor	: 7
vendor_id	: AuthenticAMD
cpu family	: 21
model		: 2
model name	: AMD FX(tm)-8350 Eight-Core Processor           
stepping	: 0
microcode	: 0x600081c
cpu MHz		: 4000.000
cache size	: 2048 KB
physical id	: 0
siblings	: 8
core id		: 4
cpu cores	: 4
apicid		: 7
initial apicid	: 4
fpu		: yes
fpu_exception	: yes
cpuid level	: 13
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc extd_apicid aperfmperf pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 popcnt aes xsave avx f16c lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs xop skinit wdt lwp fma4 tce nodeid_msr tbm topoext perfctr_core arat cpb hw_pstate npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold bmi1
bogomips	: 8053.90
TLB size	: 1536 4K pages
clflush size	: 64
cache_alignment	: 64
address sizes	: 48 bits physical, 48 bits virtual
power management: ts ttp tm 100mhzsteps hwpstate cpb eff_freq_ro

gcc --version:
gcc (Gentoo 4.7.2 p1.3, pie-0.5.5) 4.7.2
Copyright (C) 2012 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.


Reproducible: Always

Comment 1 Julian Seward 2013-07-03 10:19:52 UTC

Hmm, I am not sure what this instruction is.  We have pretty comprehensive
coverage in the trunk so I am a bit surprised it is not supported.

Can you use objdump -d on /lib64/libm-2.15.so to find the instruction
(or just email the /lib64/libm-2.15.so to me directly)

Comment 2 Tom Hughes 2013-07-03 10:40:48 UTC

I'm decoding things right then there is a three byte VEX prefix followed by 0x6B which is an IMUL instruction.

Comment 3 Martin Liška 2013-07-03 13:01:19 UTC

After I met the problem, I recompiled my glibc library with enabled FMA4 instead of SSE2. FMA4 works for me.

Original libm.so library was taken from gentoo stage3 archive and I will add it as an attachment.

Comment 4 Martin Liška 2013-07-03 13:01:50 UTC

Created attachment 80920 [details]
libm.so

Comment 5 Tom Hughes 2013-07-03 13:10:21 UTC

I don't think that is the libm.so you were using, as it has no __ieee754_pow_sse2 symbol in it...

Comment 6 Martin Liška 2013-07-03 13:16:05 UTC

Unfortunately, I recompiled that library and old one was overwritten.

What about googling source code (probably assembler) for __ieee754_pow_sse2?

Link:
http://sterlingdesktops.com/pub/slack-stuff/glibc-2.15/glibc-2.15/sysdeps/x86_64/fpu/multiarch/e_pow.c

Comment 7 Tom Hughes 2013-07-03 13:27:20 UTC

That's not going to help because an SSE2 routine can't be explicitly using an instruction with a VEX prefix as VEX is a much newer processor feature than SSE2.

I assume that __ieee754_pow_sse2 is a C routine with either SSE2 intrinsics, or fragments of inline assembly, and that your compiler chose to use a VEX instruction for one of the C bits because of the compiler flags you had chosen.

Comment 8 Martin Liška 2013-07-03 13:30:27 UTC

OK, so please close the bug as invalid, maybe the libm.so library taken from gentoo distribution was compiled with some strange CFLAGS that mixed SSE2 with newer VEX instructions.

Thanks,
Martin

Comment 9 Tom Hughes 2013-07-03 13:41:47 UTC

The bug's not invalid though. As far as we know this was an entirely valid instruction that the compiler was perfectly entitled to generate and that valgrind just happens not to support.

Comment 10 Julian Seward 2013-09-19 16:36:44 UTC

This is almost certainly an AMD-specific extension (XOP or some such)
since (a) this is an AMD cpu, and (b) we have very comprehensive 
Intel coverage up to and including AVX2.

Comment 11 Sebastian Parborg 2015-04-23 12:53:01 UTC

I have this problem also with Valgrind 3.10.1 on my Gentoo system.
I do also believe that this is a AMD-specific extension.

Would it help if I posted my "libm-2.20.so" file?

If there is any other info/files I can provide to help, I'll be glad to do so.