starting esp=0xABFFF130 eip=0x81000C10, esp=0xBFFFF030 ==10359== Calltree-0.9.6, a cache profiler for x86-linux. ==10359== Copyright (C) 2002, and GNU GPL'd, by N.Nethercote and J.Weidendorfer. ==10359== Using valgrind-2.1.0, a program supervision framework for x86-linux. ==10359== Copyright (C) 2000-2003, and GNU GPL'd, by Julian Seward. ==10359== Estimated CPU clock rate is 599 MHz ==10359== For more details, rerun with: -v ==10359== ==== BB 0 (0x81000C10) in 0B, out 0B, BBs exec'd 0 ==== Original x86 code to UCode: 0x81000C10: movl %esp,%eax 0: GETL %ESP, t0 1: PUTL t0, %EAX 2: INCEIPo $2 0x81000C12: call 0x81000D10 3: GETL %ESP, t6 4: MOVL t6, t2 5: SUBL $0x4, t2 6: PUTL t2, %ESP 7: MOVL $0x81000C17, t4 8: STL t4, (t2) 9: JMPo -c$0x81000D10 Instrumented UCode: 0: MOVL $0xB813727C, t8 1: CCALLo 0xB017AC56(t8) 2: GETL %ESP, t0 3: PUTL t0, %EAX 4: MOVL $0x48, t10 5: CCALLo 0xB017C128(t10) 6: INCEIPo $2 7: GETL %ESP, t6 8: SUBL $0x4, t6 9: PUTL t6, %ESP 10: MOVL $0x81000C17, t4 11: MOVL t6, t12 12: STL t4, (t6) 13: MOVL $0xB018EB0C, t16 14: MOVL $0x1, t14 15: STL t14, (t16) 16: MOVL $0x68, t18 17: CCALLo 0xB017C773(t18, t12) 18: JMPo -c$0x81000D10 ($5) Generated x86 code: 0: 83 2D 1C D9 0A B8 01 subl $1, (0xB80AD91C) 7: 75 00 jnz-8,pt %eip+(8) 9: BD 1D 00 00 00 movl $0x1D, %ebp 14: C3 ret (target to jump site 8; delta: 6) 0: MOVL $0xB813727C, %eax [a-----] 15: B8 7C 72 13 B8 movl $0xB813727C, %eax 1: CCALLo 0xB017AC56(%eax) [------] 20: FF 55 3C call * 60(%ebp) 2: GETL %ESP, %ebx [-b----] 23: 8B 5D 10 movl 0x10(%ebp), %ebx 3: PUTL %ebx, %EAX [------] 26: 89 5D 00 movl %ebx, 0x0(%ebp) 4: MOVL $0x48, %ecx [--c---] 29: B9 48 00 00 00 movl $0x48, %ecx 5: CCALLo 0xB017C128(%ecx) [------] 34: 89 C8 movl %ecx, %eax 36: FF 55 24 call * 36(%ebp) 6: INCEIPo $2 [------] 39: C6 45 40 12 movb $0x12, 0x40(%ebp) 7: GETL %ESP, %edx [---d--] 43: 8B 55 10 movl 0x10(%ebp), %edx 8: SUBL $0x4, %edx [---d--] 46: 83 EA 04 subl $0x4, %edx 9: PUTL %edx, %ESP [---d--] 49: 89 55 10 movl %edx, 0x10(%ebp) 10: MOVL $0x81000C17, %esi [---dS-] 52: BE 17 0C 00 81 movl $0x81000C17, %esi 11: MOVL %edx, %edi [---dSD] 57: 89 D7 movl %edx, %edi 12: STL %esi, (%edx) [-----D] 59: 64 89 32 movl %esi, (%edx) 13: MOVL $0xB018EB0C, %eax [a----D] 62: B8 0C EB 18 B0 movl $0xB018EB0C, %eax 14: MOVL $0x1, %ebx [ab---D] 67: BB 01 00 00 00 movl $0x1, %ebx 15: STL %ebx, (%eax) [-----D] 72: 64 89 18 movl %ebx, (%eax) 16: MOVL $0x68, %eax [a----D] 75: B8 68 00 00 00 movl $0x68, %eax 17: CCALLo 0xB017C773(%eax, %edi) [------] 80: 89 FA movl %edi, %edx 82: FF 55 30 call * 48(%ebp) 18: JMPo -c$0x81000D10 ($5) [------] 85: B8 10 0D 00 81 movl $0x81000D10, %eax 90: 89 45 40 movl %eax, 0x40(%ebp) 93: 0F 0B 0F 0B 90 ud2; ud2; nop /* call VG_(patchme) */ ==10359== ==10359== Process terminating with default action of signal 11 (SIGSEGV): dumping core ==10359== at 0x81000C12: (within /lib/ld-2.3.2.so) ==10359== ==10359== I refs: 1 ==10359== I1 misses: 1 ==10359== L2i misses: 1 ==10359== I1 miss rate: 100.0% ==10359== L2i miss rate: 100.0% ==10359== ==10359== D refs: 0 (0 rd + 0 wr) ==10359== D1 misses: 0 (0 rd + 0 wr) ==10359== L2d misses: 0 (0 rd + 0 wr) ==10359== D1 miss rate: 0.0% (0.0% + 0.0% ) ==10359== L2d miss rate: 0.0% (0.0% + 0.0% ) ==10359== ==10359== L2 refs: 1 (1 rd + 0 wr) ==10359== L2 misses: 1 (1 rd + 0 wr) ==10359== L2 miss rate: 50.0% (50.0% + 0.0% )