Hi Christoph,
>Very likely not. I saw SIGILL from other code, gdb pointed right to
>the place. So, just as another example:
Just asking :) Yes, SIGILL should be precise on all cpus.
>| (gdb) disassemble 0xb7fe40a8,0xb7fe40c8
>| Dump of assembler code from 0xb7fe40a8 to 0xb7fe40c8:
>| 0xb7fe40a8: blt cr1,0xb7fe40b8
>| 0xb7fe40ac: addis r8,r3,8188
>| 0xb7fe40b0: lbz r3,13308(r8)
>| 0xb7fe40b4: add r30,r30,r3
>| => 0xb7fe40b8: cmplw cr1,r30,r29
Perhaps it does not like the cr1 form? Unlikely though.
>| 0xb7fe40bc: bge cr1,0xb7fe40d8
>| 0xb7fe40c0: lbz r3,0(r30)
>| 0xb7fe40c4: cmpwi r3,65
>Can you enlighten me about the ways to debug JIT? For example, is
>there a way to disassemble or at least dump the generated code for
>further inspection?
You can do that with gdb. There are multiple (I think three) entry points in pcre_jit_compile.c, but they all uses the call_executable_func(arguments) or call_executable_func(&arguments) form. So please search all call_executable_func calls and put a breakpoint to all of them. You can follow the executed machine instructions with the si (step instruction) command, and dump the jit code as well. The "display/i $pc" is a great help with si command. Since you are running the a full test, perhaps not the first call_executable_func crashes. With the "ignore" command you can find the offending call. E.g.
b line
-> breakpoint 1 created
ignore 1 10000000
-> ignores the first 10000000 hits of the breakpoints
c
-> crash
info breakpoints
-> check how many times the breakpoint 1 ignored
-> rerun the program and set the parameter of ignore to that number-1
ignore 1 number-1
-> now your program stops just before the crash
display/i $pc
si
-> repeat "si" az many times as you want
When the location of the code is ??? (we are in jit code) you can disassemble the whole function.
Regards,
Zoltan
