Re: [pcre-dev] Win32 JIT Access Violation

Top Page

Reply to this message
Author: Zoltán Herczeg
Date:  
To: pcre-dev@exim.org, Ralf Junker
New-Topics: Re: [pcre-dev] Win32 JIT Access Violation - bisect results
Subject: Re: [pcre-dev] Win32 JIT Access Violation
Hi Ralph,

I suspect something is wrong with code generation. Maybe the total size of the buffer is incorrect. The four bytes after addr=:001DFFFE affects two pages, and I suspect something is wrong with the page starting from 001E0000 (not allocated or not writable).

Anyway I suspect Philip wants to release PCRE2 as soon as possible, so if you don't mind we could track this down after the release.

Regards,
Zoltan
 
-------- Eredeti levél --------
Feladó: Ralf Junker < ralfjunker@??? (Link -> mailto:ralfjunker@gmx.de) >
Dátum: 2019 november 15 12:50:03
Tárgy: Re: [pcre-dev] Win32 JIT Access Violation
Címzett: pcre-dev@??? < pcre-dev@??? (Link -> mailto:pcre-dev@exim.org) >
On 15.11.2019 09:01, Zoltán Herczeg wrote:
> thank you for the report. I don't have C++Builder, so I would need
> some help. The pattern is quite big, is it possible to simplify it?
> Also bisecting the change which broke it would be a great help as
> well.

Up front: If auto_callout is removed, the AV is removed as well.
Other than that, this is the smallest pattern which still triggers an
AV. I shortened from beginning and end. I also replaced the consecutive
"2" with a hex sequence in case this is easier to debug.
/{'{01{2{<!-- -->{3{<!-- -->{456{<!-- -->{7{'{89{A{BC{D/auto_callout
Interestingly, the AV is now in sljitNativeX86_common.c, line 316:
static SLJIT_INLINE void sljit_unaligned_store_sw(void *addr, sljit_sw
value)
{<!-- -->
SLJIT_MEMCPY(addr, &value, sizeof(value)); // AV now here
}
This is the call stack:
:004aee5e ; _internal_memmove
:004ac115 memcpy(void *,const void *,unsigned int) + 0xD
:0042DB1E sljit_unaligned_store_sw(addr=:001DFFFE, value=-412)
:0042E2EA sljit_generate_code(compiler=:01FE0B10)
:00463473 jit_compile(code=:01FF7B70, mode=1)
:0046383B pcre2_jit_compile_8(code=:01FF7B70, options=7)
:004A46BA process_pattern()
:004AB775 main(argc=2, argv=:020519F8)
:004b887f ; __startup
I will try to bisect later.
Ralf
--
## List details at https://lists.exim.org/mailman/listinfo/pcre-dev