$ cat ident.S .section ".note.netbsd.ident", "a", @note .long 2f-1f .long 4f-3f .long 1 1: .asciz "NetBSD" 2: .p2align 2 3: .long 700000001 4: .p2align 2 185 kamil@chieftec /tmp $ cat main.c int _start(int argc, char **argv) { int a[10] = {}; a[argc + 20] = a[argc + 50]; // toast __asm__ __volatile__( "movq $1, %rax\n" // SYS_exit "syscall\n"); } $ $ gcc -g -O0 -nostdlib main.c ident.S $ LD_LIBRARY_PATH=/usr/local/lib lldb -- valgrind ./a.out (lldb) target create "valgrind" Current executable set to 'valgrind' (x86_64). (lldb) settings set -- target.run-args "./a.out" (lldb) r Process 5985 launched: '/usr/pkg/bin/valgrind' (x86_64) Process 5985 stopped * thread #1, stop reason = exec frame #0: 0x00000000380ffb3d valgrind`__start valgrind`__start: -> 0x380ffb3d <+0>: movq $0x3a79ad20, %rdi ; imm = 0x3A79AD20 0x380ffb44 <+7>: addq $0x2000, %rdi ; imm = 0x2000 0x380ffb4b <+14>: addq $0x100000, %rdi ; imm = 0x100000 0x380ffb52 <+21>: andq $-0x10, %rdi (lldb) c Process 5985 resuming ==5985== Memcheck, a memory error detector ==5985== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==5985== Using Valgrind-3.14.0 and LibVEX; rerun with -h for copyright info ==5985== Command: ./a.out ==5985== ==5985== Invalid read of size 4 ==5985== at 0x400142: ??? ==5985== Address 0x7fb0039b8 is not stack'd, malloc'd or (recently) free'd ==5985== Process 5985 stopped * thread #1, stop reason = signal SIGSEGV: invalid address (fault address: 0x0) frame #0: 0x0000000402a9524c -> 0x402a9524c: movl (%rbx), %r10d 0x402a9524f: movl %r10d, %ebx 0x402a95252: movq %r14, 0x3c0(%rbp) 0x402a95259: movq %rbx, 0x20(%rbp) (lldb) bt * thread #1, stop reason = signal SIGSEGV: invalid address (fault address: 0x0) * frame #0: 0x0000000402a9524c (lldb)