[CRASH] int 2e with EAX,EDX=0 crashes DynamoRIO on Windows 7 32-bit

Created by: dcdelia

Describe the bug DynamoRIO crashes when executing int 2e with EAX and EDX previously set to zero. The test is meant to obtain the EIP value of the instruction next to int 2e, however the engine crashes with an error in core\arch\arch.c:3284.

To Reproduce Attached C source and executable to run the following code:

DWORD expectedAddr, foundAddr;
__asm {
	xor eax, eax;
	xor edx, edx;
	int 0x2e;
nextAddr:
	mov foundAddr, edx;
	mov expectedAddr, offset nextAddr;
}
printf("Expected: %x\tFound: %x\n", expectedAddr, foundAddr);

drrun.exe -- int2e.exe will crash. Using the -debug flag reveals the failed ASSERT statement (see screenshot below).

int2e.zip

Expected behavior This test can expose DBI code caches and works only for 32-bit Windows. The trick is to call int 2e with a zero syscall ordinal, and Windows will simply expose the address of the instruction next to it in EDX. Upon fixing this crashing error, DynamoRIO should ideally provide the expected .text address for the adjacent instruction instead of a code cache one.

Screenshots Using -debug for drrun exposes the following error at core\arch\arch.c:3284:

Triggering an assert statement that checks the syscall method: new_method == get_syscall_method().

Versions I tried the latest DynamoRIO build 8.0.18611-2 on Windows 7 SP1 32-bit.

Additional context Issue #4426 (closed) may be related. My guess is that the handling code expects a real syscall to take place here?