[valgrind] [Bug 500979] New: botch of 'notrack' prefix for i386

Sun, 02 Mar 2025 17:20:08 -0800 

https://bugs.kde.org/show_bug.cgi?id=500979

            Bug ID: 500979
           Summary: botch of 'notrack' prefix for i386
    Classification: Developer tools
           Product: valgrind
           Version: 3.24.0
          Platform: Other
                OS: Linux
            Status: REPORTED
          Severity: normal
          Priority: NOR
         Component: memcheck
          Assignee: jsew...@acm.org
          Reporter: jrei...@bitwagon.com
  Target Milestone: ---

SUMMARY
Memcheck emulates incorrectly the 'notrack' instruction prefix of i386 code
when run on amd64.

STEPS TO REPRODUCE
0. $ cat notrack.S   # the i386 assembly code
_start: .globl _start
    push $0   # keep stack 2-word aligned after 'call'
    call jmp_back
    hlt

jmp_back:
    push %esp
    pop %ebp
    .byte 0x3e; jmp *(%ebp)

1. gcc -m32 -g -nostartfiles -nostdlib -o notrack notrack.S  # compile and
build for i386 on amd64
2. valgrind ./notrack  # run on amd64 with Linux support for executing i386
programs
3. gdb notrack   # detailed examination of code; see below


OBSERVED RESULT
$ valgrind ./notrack
==748797== Memcheck, a memory error detector
==748797== Copyright (C) 2002-2024, and GNU GPL'd, by Julian Seward et al.
==748797== Using Valgrind-3.24.0 and LibVEX; rerun with -h for copyright info
==748797== Command: ./notrack
==748797== 
==748797== 
==748797== Process terminating with default action of signal 11 (SIGSEGV):
dumping core
==748797==  General Protection Fault
==748797==    at 0x804900A: ??? (notrack.S:8)
==748797== 

$ gdb ./notrack   # step-by-step run without valgrind (memcheck)
(gdb) b jmp_back
Breakpoint 1 at 0x8049008: file notrack.S, line 7.
(gdb) run
Starting program: ./notrack 

Breakpoint 1, jmp_back () at notrack.S:7
7           push %esp
(gdb) x/i $pc
=> 0x8049008 <jmp_back>:        push   %esp
(gdb) p $esp
$1 = (void *) 0xffffcc78
(gdb) stepi
8           pop %ebp
=> 0x8049009 <jmp_back+1>:      pop    %ebp
(gdb) stepi
0x0804900a in jmp_back () at notrack.S:8
8           pop %ebp
=> 0x804900a <jmp_back+2>:      notrack jmp *0x0(%ebp)   ## the address of
memcheck complaint
(gdb) x/xw $ebp
0xffffcc78:     0x08049007
(gdb) x/i 0x08049007
   0x8049007 <_start+7>:        hlt
(gdb) stepi
_start () at notrack.S:4
4           hlt   ## successful return to the instruction after the 'call'
(gdb) q

EXPECTED RESULT
No complaint

SOFTWARE/OS VERSIONS
Windows: 
macOS: 
(available in the Info Center app, or by running `kinfo` in a terminal window)
Linux/KDE Plasma: Linux 6.12.13 (Fedora 40)
KDE Plasma Version: 
KDE Frameworks Version: 
Qt Version: 

ADDITIONAL INFORMATION
$ uname -a
Linux fedora 6.12.13-100.fc40.x86_64 #1 SMP PREEMPT_DYNAMIC Sat Feb  8 17:10:01
UTC 2025 x86_64 GNU/Linux

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to