Hi Christoph, >Very likely not. I saw SIGILL from other code, gdb pointed right to >the place. So, just as another example:
Just asking :) Yes, SIGILL should be precise on all cpus. >| (gdb) disassemble 0xb7fe40a8,0xb7fe40c8 >| Dump of assembler code from 0xb7fe40a8 to 0xb7fe40c8: >| 0xb7fe40a8: blt cr1,0xb7fe40b8 >| 0xb7fe40ac: addis r8,r3,8188 >| 0xb7fe40b0: lbz r3,13308(r8) >| 0xb7fe40b4: add r30,r30,r3 >| => 0xb7fe40b8: cmplw cr1,r30,r29 Perhaps it does not like the cr1 form? Unlikely though. >| 0xb7fe40bc: bge cr1,0xb7fe40d8 >| 0xb7fe40c0: lbz r3,0(r30) >| 0xb7fe40c4: cmpwi r3,65 >Can you enlighten me about the ways to debug JIT? For example, is >there a way to disassemble or at least dump the generated code for >further inspection? You can do that with gdb. There are multiple (I think three) entry points in pcre_jit_compile.c, but they all uses the call_executable_func(arguments) or call_executable_func(&arguments) form. So please search all call_executable_func calls and put a breakpoint to all of them. You can follow the executed machine instructions with the si (step instruction) command, and dump the jit code as well. The "display/i $pc" is a great help with si command. Since you are running the a full test, perhaps not the first call_executable_func crashes. With the "ignore" command you can find the offending call. E.g. b line -> breakpoint 1 created ignore 1 10000000 -> ignores the first 10000000 hits of the breakpoints c -> crash info breakpoints -> check how many times the breakpoint 1 ignored -> rerun the program and set the parameter of ignore to that number-1 ignore 1 number-1 -> now your program stops just before the crash display/i $pc si -> repeat "si" az many times as you want When the location of the code is ??? (we are in jit code) you can disassemble the whole function. Regards, Zoltan -- ## List details at https://lists.exim.org/mailman/listinfo/pcre-dev
