I don't have a small example yet. This happens when running the elfutils testsuite. ==50295== Conditional jump or move depends on uninitialised value(s) ==50295== at 0x407A170: __libdwfl_frame_unwind (frame_unwind.c:711) ==50295== by 0x407A3F1: dwfl_frame_pc (dwfl_frame_pc.c:54) ==50295== by 0x80001F9B: frame_callback (backtrace.c:172) ==50295== by 0x407850B: dwfl_thread_getframes (dwfl_frame.c:450) ==50295== by 0x80001F0B: thread_callback (backtrace.c:201) ==50295== by 0x40782A7: dwfl_getthreads (dwfl_frame.c:294) ==50295== by 0x80001D5D: dump (backtrace.c:223) ==50295== by 0x80002299: exec_dump (backtrace.c:434) ==50295== by 0x80002499: parse_opt (backtrace.c:457) ==50295== by 0x41EB255: argp_parse (in /usr/lib64/libc-2.25.so) The code looks as follows: 709 /* Check whether this is the initial frame or a signal frame. 710 Then we need to unwind from the original, unadjusted PC. */ 711 if (! state->initial_frame && ! state->signal_frame) 712 pc--; Where the state is defined as: struct Dwfl_Frame { Dwfl_Thread *thread; /* Previous (outer) frame. */ Dwfl_Frame *unwound; bool signal_frame : 1; bool initial_frame : 1; enum { /* This structure is still being initialized or there was an error initializing it. */ DWFL_FRAME_STATE_ERROR, /* PC field is valid. */ DWFL_FRAME_STATE_PC_SET, /* PC field is undefined, this means the next (inner) frame was the outermost frame. */ DWFL_FRAME_STATE_PC_UNDEFINED } pc_state; /* Either initialized from appropriate REGS element or on some archs initialized separately as the return address has no DWARF register. */ Dwarf_Addr pc; /* (1 << X) bitmask where 0 <= X < ebl_frame_nregs. */ uint64_t regs_set[3]; /* REGS array size is ebl_frame_nregs. REGS_SET tells which of the REGS are valid. */ Dwarf_Addr regs[]; }; (gdb) print &state->signal_frame $3 = (_Bool *) 0x43350f0 (gdb) print &state->initial_frame $4 = (_Bool *) 0x43350f0 (gdb) print state $5 = (Dwfl_Frame *) 0x43350e0 (gdb) print *state $6 = {thread = 0x1ffeffe2c0, unwound = 0x0, signal_frame = false, initial_frame = false, pc_state = DWFL_FRAME_STATE_PC_SET, pc = 4557114334, regs_set = {4278255552, 0, 0}, regs = 0x4335118} (gdb) print sizeof (Dwfl_Frame) $7 = 56 (gdb) monitor xb 0x43350e0 56 00 00 00 00 00 00 00 00 0x43350E0: 0x00 0x00 0x00 0x1f 0xfe 0xff 0xe2 0xc0 00 00 00 00 00 00 00 00 0x43350E8: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 3f ff ff ff 00 00 00 00 0x43350F0: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x01 00 00 00 00 00 00 00 00 0x43350F8: 0x00 0x00 0x00 0x01 0x0f 0xa0 0x0b 0xde 00 00 00 00 00 00 00 00 0x4335100: 0x00 0x00 0x00 0x00 0xff 0x00 0xff 0xc0 00 00 00 00 00 00 00 00 0x4335108: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 00 00 00 00 00 00 00 00 0x4335110: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 Dump of assembler code for function __libdwfl_frame_unwind: 0x000000000407a130 <+0>: ltg %r1,8(%r2) 0x000000000407a136 <+6>: bner %r14 0x000000000407a138 <+8>: stmg %r6,%r15,48(%r15) 0x000000000407a13e <+14>: lghi %r4,0 0x000000000407a142 <+18>: lay %r15,-192(%r15) 0x000000000407a148 <+24>: lgr %r11,%r2 0x000000000407a14c <+28>: la %r3,176(%r15) 0x000000000407a150 <+32>: brasl %r14,0x407a388 <dwfl_frame_pc> 0x000000000407a156 <+38>: cije %r2,0,0x407a312 <__libdwfl_frame_unwind+482> 0x000000000407a15c <+44>: lg %r1,16(%r11) 0x000000000407a162 <+50>: lg %r3,176(%r15) 0x000000000407a168 <+56>: tmhh %r1,16384 0x000000000407a16c <+60>: jne 0x407a176 <__libdwfl_frame_unwind+70> => 0x000000000407a170 <+64>: cgijnl %r1,0,0x407a2c8 <__libdwfl_frame_unwind+408>
==== SB 4912 (evchecks 237802) [tid 1] 0x406615c __libdwfl_frame_unwind+44 /home/mjw/elfutils/libdw/libdw.so+0x3515c ------------------------ Front end ------------------------ lg %r1,16(%r11) ------ IMark(0x406615C, 6, 0) ------ t1 = 0x10:I64 t0 = Add64(Add64(t1,GET:I64(280)),0x0:I64) PUT(200) = LDbe:I64(t0) PUT(336) = 0x4066162:I64 lg %r3,176(%r15) ------ IMark(0x4066162, 6, 0) ------ t3 = 0xB0:I64 t2 = Add64(Add64(t3,GET:I64(312)),0x0:I64) PUT(216) = LDbe:I64(t2) PUT(336) = 0x4066168:I64 tmhh %r1,16384 ------ IMark(0x4066168, 4, 0) ------ t4 = GET:I16(200) t5 = 0x4000:I16 PUT(352) = 0x13:I64 PUT(360) = 16Uto64(t4) PUT(368) = 16Uto64(t5) PUT(376) = 0x0:I64 PUT(336) = 0x406616C:I64 jne .+10 ------ IMark(0x406616C, 4, 0) ------ t6 = s390_calculate_cond[mcx=0x13]{0x8000fe588}(0x7:I64,GET:I64(352),GET:I64(360),GET:I64(368),GET:I64(376)):I32 if (CmpNE32(t6,0x0:I32)) { PUT(336) = 0x4066176:I64; exit-Boring } PUT(336) = 0x4066170:I64 PUT(336) = GET:I64(336); exit-Boring GuestBytes 406615C 20 E3 10 B0 10 00 04 E3 30 F0 B0 00 04 A7 12 40 00 A7 74 00 05 06337FED ------------------------ After tree-building ------------------------ IRSB { t0:I64 t1:I64 t2:I64 t3:I64 t4:I16 t5:I16 t6:I32 t7:I64 t8:I64 t9:I64 t10:I64 t11:I64 t12:I64 t13:I64 t14:I64 t15:I64 t16:I64 t17:I64 t18:I64 t19:I64 t20:I64 t21:I32 t22:I1 t23:I64 t24:I64 t25:I32 t26:I1 t27:I64 ------ IMark(0x406615C, 6, 0) ------ PUT(200) = LDbe:I64(Add64(0x10:I64,GET:I64(280))) PUT(336) = 0x4066162:I64 ------ IMark(0x4066162, 6, 0) ------ PUT(216) = LDbe:I64(Add64(0xB0:I64,GET:I64(312))) ------ IMark(0x4066168, 4, 0) ------ PUT(352) = 0x13:I64 t24 = 16Uto64(GET:I16(200)) PUT(360) = t24 PUT(368) = 0x4000:I64 PUT(376) = 0x0:I64 PUT(336) = 0x406616C:I64 ------ IMark(0x406616C, 4, 0) ------ if (CmpNE64(And64(t24,0x4000:I64),0x0:I64)) { PUT(336) = 0x4066176:I64; exit-Boring } PUT(336) = 0x4066170:I64; exit-Boring } VexExpansionRatio 20 168 84 :10
==== SB 5392 (evchecks 243347) [tid 1] 0x4066170 __libdwfl_frame_unwind+64 /home/mjw/elfutils/libdw/libdw.so+0x35170 ------------------------ Front end ------------------------ cgijnl %r1,0,.+344 ------ IMark(0x4066170, 6, 0) ------ t0 = GET:I64(200) t2 = 0x0:I64 t1 = s390_calculate_cond[mcx=0x13]{0x8000fe588}(0xA:I64,0x1:I64,t0,t2,0x0:I64):I32 if (CmpNE32(t1,0x0:I32)) { PUT(336) = 0x40662C8:I64; exit-Boring } PUT(336) = 0x4066176:I64 PUT(336) = GET:I64(336); exit-Boring GuestBytes 4066170 6 EC 1A 00 AC 00 7C 00001EEC ------------------------ After tree-building ------------------------ IRSB { t0:I64 t1:I32 t2:I64 t3:I32 t4:I1 t5:I64 t6:I32 t7:I1 ------ IMark(0x4066170, 6, 0) ------ if (CmpLE64S(0x0:I64,GET:I64(200))) { PUT(336) = 0x40662C8:I64; exit-Boring } PUT(336) = 0x4066176:I64; exit-Boring } VexExpansionRatio 6 88 146 :10
Created attachment 109333 [details] Proposed fix This fixes it for me. Mark, can you give it a spin?
(In reply to Julian Seward from comment #3) > This fixes it for me. Mark, can you give it a spin? Works for me. I ran the whole elfutils testsuite under valgrind with this patch and it looks good.
commit d6a810760ec61ddedf15445457edbbe288536a2f