|
From: Yeshurun, M. <mei...@in...> - 2005-12-09 17:21:18
|
Thanks! I'll do what you suggested.
Meir
-----Original Message-----
From: val...@li...
[mailto:val...@li...] On Behalf Of Julian
Seward
Sent: Friday, December 09, 2005 4:34 PM
To: val...@li...
Subject: Re: FW: [Valgrind-users] Valgrind log file corruption
Meir,
Line 7809 is the first place at which the JIT picks up insn bytes. If
it
segfaults at this point it generally means V's idea of what parts of the
address space are valid have diverged from what the kernel thinks,
because V would not have attempted to translate at this address if
it thought the area did not have x permission.
I suggest you re-run with --sanity-level=3D3. This should pick up any
V/kernel disagreements about page permissions. If you do get a
complaint (I can't remember the exact wording) then run yet again
but also adding --trace-syscalls=3Dyes, so we can see if the =
disagreement
was caused by V mishandling a syscall somewhere.
J
On Friday 09 December 2005 07:02, Yeshurun, Meir wrote:
> Hi,
>
>
>
> Below is the context of line 7809 of toIR.c
>
>
>
> Could it be that I hit something very close to a magic number (my
> application is very large), which caused more expressions inside the
> 'if' condition to be evaluated, until an invalid read occurred?
>
>
>
> Thanks,
>
> Meir
>
>
>
>
>
> /* We may be asked to update the guest RIP before going further. */
>
> if (put_IP)
>
> stmt( IRStmt_Put( OFFB_RIP, mkU64(guest_RIP_curr_instr)) );
>
>
>
> /* Spot the client-request magic sequence. */
>
> {
>
> UChar* code =3D (UChar*)(guest_code + delta);
>
> /* Spot this:
>
> C1C01D roll $29, %eax
>
> C1C003 roll $3, %eax
>
> C1C81B rorl $27, %eax
>
> C1C805 rorl $5, %eax
>
> C1C00D roll $13, %eax
>
> C1C013 roll $19, %eax
>
> */
>
> if (code[ 0] =3D=3D 0xC1 && code[ 1] =3D=3D 0xC0 && code[ 2] =
=3D=3D 0x1D &&
-
> line 7809
>
> code[ 3] =3D=3D 0xC1 && code[ 4] =3D=3D 0xC0 && code[ 5] =
=3D=3D 0x03 &&
>
> code[ 6] =3D=3D 0xC1 && code[ 7] =3D=3D 0xC8 && code[ 8] =
=3D=3D 0x1B &&
>
> code[ 9] =3D=3D 0xC1 && code[10] =3D=3D 0xC8 && code[11] =
=3D=3D 0x05 &&
>
> code[12] =3D=3D 0xC1 && code[13] =3D=3D 0xC0 && code[14] =
=3D=3D 0x0D &&
>
> code[15] =3D=3D 0xC1 && code[16] =3D=3D 0xC0 && code[17] =
=3D=3D 0x13
>
> ) {
>
> DIP("%%edx =3D client_request ( %%eax )\n");
>
> delta +=3D 18;
>
> jmp_lit(Ijk_ClientReq, guest_RIP_bbstart+delta);
>
> dres.whatNext =3D Dis_StopHere;
>
> goto decode_success;
>
> }
>
> }
>
>
>
> /* Eat prefixes, summarising the result in pfx and sz, and
rejecting
>
> as many invalid combinations as possible. */
>
> n_prefixes =3D 0;
>
> while (True) {
>
> if (n_prefixes > 5) goto decode_failure;
>
>
>
> ________________________________
>
> From: val...@li...
> [mailto:val...@li...] On Behalf Of
> Yeshurun, Meir
> Sent: Thursday, December 08, 2005 10:21 PM
> To: val...@li...
> Subject: [Valgrind-users] Valgrind log file corruption
>
>
>
> Hi,
>
>
>
> I ran Valgrind and got this:
>
>
>
> valgrind: the 'impossible' happened:
>
> Killed by fatal signal
>
> =3D=3D4019=3D=3D at 0x8000D55FA: disInstr_AMD64_WRK (toIR.c:7809)
>
> =3D=3D4019=3D=3D by 0x8000E5492: disInstr_AMD64 (toIR.c:13376)
>
> =3D=3D4019=3D=3D by 0x80009ED3E: bb_to_IR (bb_to_IR.c:187)
>
> =3D=3D4019=3D=3D by 0x800074B75: LibVEX_Translate (vex_main.c:408)
>
> =3D=3D4019=3D=3D by 0x80003300A: vgPlain_translate
(libvex_basictypes.h:154)
>
> =3D=3D4019=3D=3D by 0x80004A156: handle_tt_miss (scheduler.c:566)
>
> =3D=3D4019=3D=3D by 0x80004A537: vgPlain_scheduler =
(scheduler.c:680)
>
> =3D=3D4019=3D=3D by 0x80006A863: vgModuleLocal_thread_wrapper
> (syswrap-linux.c:80)
>
> =3D=3D4019=3D=3D by 0x800065753: run_a_thread_NORETURN
> (syswrap-amd64-linux.c:144)
>
>
>
> sched status:
>
> running_tid=3D1
>
>
>
> Thread 1: status =3D VgTs_Runnable
>
>
>
>
>
> Is this an unsupported instruction? Any suggestions would be greatly
> appreciated.
>
>
>
>
>
> Thanks,
>
> Meir
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log
files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=3D7637&alloc_id=3D16865&op=3Dclick
_______________________________________________
Valgrind-users mailing list
Val...@li...
https://lists.sourceforge.net/lists/listinfo/valgrind-users
|