Bug 429350 - vex mips->IR: unhandled instruction bytes: 0xB0 0xC4 0xB5 0x40
Summary: vex mips->IR: unhandled instruction bytes: 0xB0 0xC4 0xB5 0x40
Status: RESOLVED NOT A BUG
Alias: None
Product: valgrind
Classification: Developer tools
Component: vex (show other bugs)
Version: unspecified
Platform: Other Linux
: NOR crash
Target Milestone: ---
Assignee: Julian Seward
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-11-19 15:18 UTC by cristi
Modified: 2021-03-18 18:04 UTC (History)
1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description cristi 2020-11-19 15:18:19 UTC 
SUMMARY
Hi guys,
I'm trying to check a custom app I've written for openwrt built for a small router based on "MediaTek MT7628AN ver:1 eco:2". The arch is mips32el.
I wasn't able to understand which instruction doesn't get recognized to figure out if it's some obscure extension or not.

STEPS TO REPRODUCE
1. 
2. 
3. 

OBSERVED RESULT

root@OpenWrt:~# valgrind -v roomcontroller
==1770== Memcheck, a memory error detector
==1770== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==1770== Using Valgrind-3.16.1-36d6727e1d-20200622X and LibVEX; rerun with -h for copyright info
==1770== Command: roomcontroller
==1770== 
--1770-- Valgrind options:
--1770--    -v
--1770-- Contents of /proc/version:
--1770--   Linux version 4.14.180 (cristic@cristi.c-scale.ro) (gcc version 7.5.0 (OpenWrt GCC 7.5.0 r11063-85e04e9f46)) #0 Sat May 16 18:32:20 2020
--1770-- 
--1770-- Arch and hwcaps: MIPS32, LittleEndian, MIPS-baseline-dsp
--1770-- Page sizes: currently 4096, max supported 65536
--1770-- Valgrind library directory: /usr/lib/valgrind
--1770-- Scheduler: using generic scheduler lock implementation.
--1770-- Reading suppressions file: /usr/lib/valgrind/default.supp
==1770== embedded gdbserver: reading from /tmp/vgdb-pipe-from-vgdb-to-1770-by-root-on-???
==1770== embedded gdbserver: writing to   /tmp/vgdb-pipe-to-vgdb-from-1770-by-root-on-???
==1770== embedded gdbserver: shared mem   /tmp/vgdb-pipe-shared-mem-vgdb-1770-by-root-on-???
==1770== 
==1770== TO CONTROL THIS PROCESS USING vgdb (which you probably
==1770== don't want to do, unless you know exactly what you're doing,
==1770== or are doing some strange experiment):
==1770==   /usr/lib/valgrind/../../bin/vgdb --pid=1770 ...command...
==1770== 
==1770== TO DEBUG THIS PROCESS USING GDB: start GDB like this
==1770==   /path/to/gdb roomcontroller
==1770== and then give GDB the following command
==1770==   target remote | /usr/lib/valgrind/../../bin/vgdb --pid=1770
==1770== --pid is optional if only one valgrind process is running
==1770== 
==1770== Conditional jump or move depends on uninitialised value(s)
==1770==    at 0x40745EC: ??? (in /lib/libc.so)
==1770==    by 0x4085A60: ??? (in /lib/libc.so)
==1770== 
==1770== Conditional jump or move depends on uninitialised value(s)
==1770==    at 0x4073A78: ??? (in /lib/libc.so)
==1770==    by 0x4074044: ??? (in /lib/libc.so)
==1770== 
==1770== Conditional jump or move depends on uninitialised value(s)
==1770==    at 0x407460C: ??? (in /lib/libc.so)
==1770==    by 0x4085A60: ??? (in /lib/libc.so)
==1770== 
vex mips->IR: unhandled instruction bytes: 0xB0 0xC4 0xB5 0x40
==1770== Invalid read of size 4
==1770==    at 0x4014B1: ??? (in /usr/bin/roomcontroller)
==1770==    by 0x401CF34: ??? (in /lib/libc.so)
==1770==  Address 0xfffffff0 is not stack'd, malloc'd or (recently) free'd
==1770== 
==1770== 
==1770== Process terminating with default action of signal 10 (SIGBUS)
==1770==    at 0x4014B1: ??? (in /usr/bin/roomcontroller)
==1770==    by 0x401CF34: ??? (in /lib/libc.so)
==1770== 
==1770== HEAP SUMMARY:
==1770==     in use at exit: 0 bytes in 0 blocks
==1770==   total heap usage: 0 allocs, 0 frees, 0 bytes allocated
==1770== 
==1770== All heap blocks were freed -- no leaks are possible
==1770== 
==1770== Use --track-origins=yes to see where uninitialised values come from
==1770== ERROR SUMMARY: 5 errors from 4 contexts (suppressed: 0 from 0)
==1770== 
==1770== 1 errors in context 1 of 4:
==1770== Invalid read of size 4
==1770==    at 0x4014B1: ??? (in /usr/bin/roomcontroller)
==1770==    by 0x401CF34: ??? (in /lib/libc.so)
==1770==  Address 0xfffffff0 is not stack'd, malloc'd or (recently) free'd
==1770== 
==1770== 
==1770== 1 errors in context 2 of 4:
==1770== Conditional jump or move depends on uninitialised value(s)
==1770==    at 0x407460C: ??? (in /lib/libc.so)
==1770==    by 0x4085A60: ??? (in /lib/libc.so)
==1770== 
==1770== 
==1770== 1 errors in context 3 of 4:
==1770== Conditional jump or move depends on uninitialised value(s)
==1770==    at 0x40745EC: ??? (in /lib/libc.so)
==1770==    by 0x4085A60: ??? (in /lib/libc.so)
==1770== 
==1770== 
==1770== 2 errors in context 4 of 4:
==1770== Conditional jump or move depends on uninitialised value(s)
==1770==    at 0x4073A78: ??? (in /lib/libc.so)
==1770==    by 0x4074044: ??? (in /lib/libc.so)
==1770== 
==1770== ERROR SUMMARY: 5 errors from 4 contexts (suppressed: 0 from 0)
Bus error


EXPECTED RESULT

No crash...

SOFTWARE/OS VERSIONS
OpenWrt 19.07.3 r11063-85e04e9f46
Valgrind is stable 3.16.1

ADDITIONAL INFORMATION

The app loads the following libraries:
root@OpenWrt:~# ldd /usr/bin/roomcontroller
        /lib/ld-musl-mipsel-sf.so.1 (0x77e5a000)
        libmosquitto.so.1 => /usr/lib/libmosquitto.so.1 (0x77e39000)
        libjson-c.so.2 => /usr/lib/libjson-c.so.2 (0x77e21000)
        libuci.so => /lib/libuci.so (0x77e09000)
        libubox.so => /lib/libubox.so (0x77df0000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77dcc000)
        libc.so => /lib/ld-musl-mipsel-sf.so.1 (0x77e5a000)
        libssl.so.1.1 => /usr/lib/libssl.so.1.1 (0x77d4d000)
        libcrypto.so.1.1 => /usr/lib/libcrypto.so.1.1 (0x77b75000)
Comment 1 Petar Jovanovic 2021-03-18 18:04:48 UTC 
It looks like you are trying to run a binary that has been compiled with -mips16.
Valgrind does not support that. If you want to use Valgrind, please rebuild the software without mips16 flag.