Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Current State of JIT #44

Open
WilliamLCobb opened this issue Jan 2, 2016 · 93 comments
Open

Current State of JIT #44

WilliamLCobb opened this issue Jan 2, 2016 · 93 comments

Comments

@WilliamLCobb
Copy link
Owner

In order to keep this organized, I'll update this comment with any progress on JIT.

So far JIT code is successfully compiled and running on iOS 8.3 on a 32bit processor. I'm sure iOS 9 on a 32 bit processor would also work fine, I just don't want to upgrade my iPad to test it. Inside armInnerLoop(), JIT code will run anywhere from 1 to 100 time before it crashes. The function where JIT execution is compiled and then run is cpuExecuteLJIT() inside ArmLJit.cpp.

The main problem we're facing is the code in the JIT block branches to many other functions inside ArmLJit.cpp. These functions then push the callee registers r4-r8. Oddly, these callee saved registers are not pushed back onto the stack before returning to the JIT block as they should be. This causes bad access errors and the crashing we currently see.

Interestingly, the current implementation runs the same without root privileges and will probably run on non jailbroken phones.

@ghost
Copy link

ghost commented Jan 2, 2016

I wish I had your skills but that's awesome.

@WilliamLCobb
Copy link
Owner Author

Haha thanks man. I learned most of this in the past year, and I'm really just learning it as I go. Working on projects like this teaches you a ton really quickly

@milch
Copy link
Contributor

milch commented Jan 2, 2016

Looking at the source, the relevant sections are in RegisterMapImp::StartBlock and RegisterMapImp::EndBlock. The first one calls out to jit_prolog (which is actually implemented in arm_prolog) and the second one calls out to jit_ret (implemented in arm_ret). Both pushes and pops are handled in those functions.

@WilliamLCobb
Copy link
Owner Author

Thanks @milch I think those write the push and pops at the beginning and end of the JIT block though and seem working okay.

For anyone trying to debug the JIT generated code you can change EMU_setCpuMode in emulatorViewController.mm from 1 to 2 to turn on JIT and set a breakpoint at the end of armExecuteLJIT(). Then view the memory at opfun by right clicking opfun and click view memory and that's the generated JIT code.

@WilliamLCobb
Copy link
Owner Author

WilliamLCobb commented Apr 28, 2016

It works!!! I've been working on JIT all day and finally got it working on 32 bit devices. The bad news is the way I fixed it was to run it very slowly. For some reason slowing it down to around 100 instructions per second fixed the random register clears. This is way too slow to play any games but it's huge progress. If I fix whatever is messing with the registers when the program is not slowed down, JIT will work 100% meaning full speed for all devices. It will even work on non-jailbroken iPhones

@WilliamLCobb
Copy link
Owner Author

WilliamLCobb commented Apr 28, 2016

Just got 60 fps on my iPad mini on a simple homebrew game (up from 16 fps). There's still problems but I'm going to talk to a professor tomorrow and hopefully he can help me sort it out.

@WilliamLCobb
Copy link
Owner Author

JIT is finished for 32bit devices. I hope it works on non-jailbroken phones. I'm going to work on getting it for 64bit arm devices next

@ghost
Copy link

ghost commented Apr 28, 2016

Yay !!!

@Anuskuss
Copy link

Wow, this is awesome. Your work here is incredible, and if I read that right you're saying that it might work even for non-jailbreakon phones? Simply amazing, keep it up!

@WilliamLCobb
Copy link
Owner Author

WilliamLCobb commented Apr 28, 2016

I hope so I really need someone to test it for me. If anyone has a stock 32bit phone (before the iPhone 6) and is able to side load the app and run it with JIT on, please let me know

@Pepperoony
Copy link

It'd have to be a iPhone 5 or below, the iPhone 5s is 64 bit

Luke Rooney/ Director of Productions
luke.rooney@servitehs.org(mailto:luke_rooney@icloud.com)/(562)-360-4258(tel:(562)-360-4258)

Trinity Corporation
ServiteHS.org
1952 W La Palma Ave, Anaheim(x-apple-data-detectors://5/2)

On Apr 28, 2016, 9:02 AM -0700, Will Cobbnotifications@github.com, wrote:

I hope so I really need someone to test it for me. If anyone has a 32bit phone (before the iPhone 6) and is able to side load the app and run it, please let me know


You are receiving this because you are subscribed to this thread.
Reply to this email directly orview it on GitHub(#44 (comment))

@Anuskuss
Copy link

I have an old stock iPad mini. Can I use it to help you?

@WilliamLCobb
Copy link
Owner Author

WilliamLCobb commented Apr 28, 2016

Yea! Try building it from XCode and set the emulator engine to JIT in the settings. If it runs that means JIT will work on non-jailbroken devices

@Anuskuss
Copy link

Anuskuss commented Apr 28, 2016

Report

Version: iNDS 1.5.1 (Debug)
Origin: Git
Device: iPad mini - iOS 9.2.1 (jailed)
Settings: Default
Tested Games:

  • Speed Racer - The Videogame [E]
  • Pokemon - Black Version [E]
  • Golden Sun - Dark Dawn [U]

All games are working in Interpretor Interpreter mode, but crashing with JIT Recompiler (Beta).

Running with Xcode

2016-04-28 22:27:52.521 iNDS[24241:3587555] Loading ROM /var/mobile/Containers/Data/Application/FF0BB3C4-7BDC-4F0D-A1EC-6D276ED639A6/Documents/2317 - Speed Racer - The Videogame (E)(XenoPhobia).nds
2 cores detected
Init NDSSlot 2: MPCF Flash Card Device
MMU init
Mic Init
Microphone successfully inited.
DeSmuME 0.9.10 debug ARM-JIT NOSSE
SoftRast Initialized with cores=2
Init sound core
Already decrypted.

ROM game code: YYRP
ROM crc: E231B00B
ROM serial: NTR-YYRP-EUR
ROM internal name: SPEED RACER

Backup size: 3 Kbit
Loading cheatfile at path: /var/mobile/Containers/Data/Application/FF0BB3C4-7BDC-4F0D-A1EC-6D276ED639A6/Documents/Battery/2317 - Speed Racer - The Videogame (E)(XenoPhobia).dct
DEBUG_reset: 003DFC00
Using CFlash directory: 
Trying with 1 sectors/cluster:
FAT12: #clu=73266, fatlen=215, maxclu=4080, limit=4080
FAT12: too much clusters
FAT16: #clu=73124, fatlen=286, maxclu=65520, limit=65520
FAT16: too much clusters
FAT16: would be misdetected as FAT12
FAT32: #clu=72562, fatlen=567, maxclu=72576, limit=268435440
Using sector 6 as backup boot sector (0 = none)
Mic_Reset
Backup size: 3 Kbit
armcpu_setjitmode : Arm LJit
PageSize : 4096
CodeBuffer : start=0x40000000, size1=4194304, size2=268435456
Reserving CPU
sizeof(armcpu_t) = 256
sizeof(Decoded) = 52
sizeof(JitBlock) = 56
Loading /var/mobile/Containers/Data/Application/FF0BB3C4-7BDC-4F0D-A1EC-6D276ED639A6/Documents/2317 - Speed Racer - The Videogame (E)(XenoPhobia).nds was successful
SoftRast Initialized with cores=2
2016-04-28 22:27:59.281 iNDS[24241:3587555] Initiaizing GL
2016-04-28 22:28:00.163 iNDS[24241:3587905] Communications error: <OS_xpc_error: <error: 0x37007654> { count = 1, contents =
    "XPCErrorDescription" => <string: 0x37007854> { length = 22, contents = "Connection interrupted" }
}>
2016-04-28 22:28:00.254 iNDS[24241:3587555] Is multi: 0
2016-04-28 22:28:00.796 iNDS[24241:3587836] Starting controller discovery...

Game doesn't crash now, but hangs on a black screen with ? FPS. Also there's a blue (lldb) waiting for my input (in the Xcode output).

ArmLJit.cpp
TEMPLATE static u32 cpuExecuteLJIT()
{
...
return opfun(); //Thread 9: EXC_BAD_ACCESS (code=2, address=0x40000000)
}

Edit: Formating

@DarknesGaming
Copy link
Contributor

I really wish I had your skills @WilliamLCobb

@WilliamLCobb
Copy link
Owner Author

WilliamLCobb commented Apr 29, 2016

Thanks for posting that. Sadly it looks like KPP in iOS 9 is preventing JIT and it's unlikely I'll find a way around it. JIT will work on jailbroken 32bit iOS 9 devices and all 32bit iOS 8 devices but thats it. Maybe someone or I will find a way around this but for now JIT is very limited.

@Razzile
Copy link

Razzile commented Apr 30, 2016

@WilliamLCobb unsure if it will work on iOS 9, but on OS X 10.11 it's possible to create executable pages ad-hoc by calling mmap with the flags MAP_ANON, MAP_PRIVATE and MAP_JIT, could be used to implement JIT on 64 bit devices? On OS X this doesn't require any entitlements either but I have a feeling it will need some sort of entitlement on iOS (if it even works). This method also seems to have far less restrictions than the usual vm_allocate method.

if this is what the JIT core already does then just ignore my message haha, I haven't yet looked at the source

EDIT: IT WORKS!
img

tested some shellcode at runtime on an iPhone 6+ on iOS 9.0.2

@WilliamLCobb
Copy link
Owner Author

WilliamLCobb commented Apr 30, 2016

Thanks!

I'm not using those flags right now but I'll definitely give them a shot in a minute and I'll let you know if it works

@WilliamLCobb
Copy link
Owner Author

Wow! Thats jailed ios9?

@Razzile
Copy link

Razzile commented Apr 30, 2016

i'm jailbroken, but if it works on stock OS X i guess it should work on jailed iOS 9

@WilliamLCobb
Copy link
Owner Author

WilliamLCobb commented Apr 30, 2016

You did it! JIT works on iOS 9 jailed devices

Oddly if you add MAP_JIT on iOS 8 is makes mapp fail. But great work. I'll push out an update soon and start working on arm64

I was wrong, JIT does not work on jailed iOS 9 devices

@WilliamLCobb
Copy link
Owner Author

Well it just crashed but I'm hopeful this will help me get it to work.

@Razzile
Copy link

Razzile commented Apr 30, 2016

@WilliamLCobb glad to hear it, but I have a feeling that this is a shortcoming on apple's part for not checking signing on the pages rather than a planned feature 😞 wouldn't be surprised if they patch it in later iOS versions

@Anuskuss
Copy link

Anuskuss commented May 1, 2016

Awesome! @WilliamLCobb and @Razzile, do you mind sharing your experience with the PPSSPP team (#8122)?

Plus now that you're working on the amd64 JIT, I have an jailbroken iPhone 6 8.4 (pre-KPP) if you need my help.

@WilliamLCobb
Copy link
Owner Author

WilliamLCobb commented May 1, 2016

I was wrong when I said it ran on jailed devices. I've been testing some more and I can't get it to work again. It might have defaulted to the interpreter without me knowing but I didn't save the output to check.

I'm going to try to look for an exploit to break outside of the sandbox in order to protect memory pages for execution. I don't have a ton of experience in security but I have enough to get started. Anyway the speedup from JIT is kind of disappointing. I haven't optimized anything yet but it's only like 10% on my iPad mini and I thought it would be much higher.

I'll definitely work on it this summer but until we find a way to get JIT running on jailed devices, working on the JIT implementation is pretty pointless.

@Razzile
Copy link

Razzile commented May 1, 2016

@WilliamLCobb I am now unjailbroken (funny what a day can do). I'll investigate JIT on jailed devices too and post any results

@Razzile
Copy link

Razzile commented May 1, 2016

my initial test i posted yesterday throws Invalid argument on jailed iOS 9.3.1 :/ still looking into it

EDIT: with a little tweaking i managed to get my above example to work on iOS 9.3.1

char shell[] = {0x10, 0x20, 0x70, 0x47}; // return 16;

- (void)viewDidLoad {
    void *page = mmap(NULL, 4096, PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, -1, 0);
    if (page == (void*)-1) {
        perror(NULL);
        return;
    }
    memcpy(page, shell, sizeof(shell));
    typedef int (*shell_execute)();
    shell_execute exe = (shell_execute)((int)page+1);
    mprotect(page, 4096, PROT_READ | PROT_EXEC);
    NSString *string = [NSString stringWithFormat:@"%d", exe()];
    self.label.text = string;
    [super viewDidLoad];
    // Do any additional setup after loading the view, typically from a nib.
}

i had to map the page as RW and then after copying the code map it as RX. I used shellcode rather than dynamically generated JIT code but the effect should be the same. Still not sure why MAP_JIT is "invalid" on 9.3.1

this makes me think that the crashes you had may be due to incorrectly generated JIT code rather than code signing issues.

@WilliamLCobb
Copy link
Owner Author

Woah really? I was getting a bad access with an error code of 2 meaning the privileges were off. What device is this on?

@WilliamLCobb
Copy link
Owner Author

I'm about to update my iPad and I'll check it out

@Razzile
Copy link

Razzile commented May 1, 2016

iphone 6+ 9.3.1

@DarknesGaming
Copy link
Contributor

I did research on the iPhone 5C and the iPhone 5. Both of them use the same CPU, same GPU, and same memory type and speed. Other than the colors, there really isn't a difference in terms of performance.
There is a way that we can optimize JIT. Still working on configuring and porting though.

@DarknesGaming
Copy link
Contributor

I'm still working on iNDS 2.0.0, and every bug that was fixed in the master branch after May 3 still isn't fixed in the 2.0 branch. I made a pull request about that.
So far, I am currently working on upgrading TinyXML, 7-zip, minizip, and a bunch of other stuff. I really need help.

@DarknesGaming
Copy link
Contributor

I'm going to test the ArmThreadedInterpreter, ArmCJit and ArmLJit on DeSmuME 0.9.11. How do people even manage to build those?

@DarknesGaming
Copy link
Contributor

What is void*4?

@Razzile
Copy link

Razzile commented May 16, 2016

@DarknesGaming what context? a check like if sizeof(void*) == 4 is to determine whether or not the process is running in 32 bit or 64 bit because sizeof(void*) in 64 bit environments = 8

@DarknesGaming
Copy link
Contributor

Thank you for the valuable information @razzle. That explains why JIT still isn't available for 64-bit devices, and it shows how much of a noob I am with C++ and Objective-C code.

@DarknesGaming
Copy link
Contributor

DarknesGaming commented May 18, 2016

I just looked into the GNU Lightning 1.2 source code, and compared it to the new 2.1 code. That explains how @WilliamLCobb managed to port GNU Lightning in the first place, but doesn't explain how the ArmLJit.cpp file was created.
I guess in 2004, GNU Lightning did not support ARM because it came out later in time, and it took 9 years to add support to that and a bunch of other backends.
Some more experimenting. 😄

@Anuskuss
Copy link

Hey @WilliamLCobb, I know we need a better Renderer but have you looked at the (newly implemented) IR Interpreter (Intermediate Representation) from the PPSSPP team [#8725]?

unknownbrackets
We have recently implemented (mostly @​hrydgard) a new, experimental interpreter - it still doesn't use jit, but it pre-processes the MIPS code to generate something that is faster to interpret. In other words, it does the 25% of what jit does, the part that is allowed on Apple devices.

@DarknesGaming
Copy link
Contributor

@Anuskuss not to sound like a critic or anything, but do you think that would work with DeSmuME? DeSmuME already has a JIT compiler, but to enable that is by getting into the terminal of Apple devices to use --cpu-mode=1.

@Anuskuss
Copy link

@DarknesGaming We can't use the JIT compiler on iOS9 so this was a suggestion to look at an alternative.

@Razzile
Copy link

Razzile commented May 20, 2016

i've got JIT working on non jailbroken devices again woo.

thanks to qwertyoruiop for telling me how to 'bypass' codesigning.

basically you do the same as what i was doing above (map a page as RW, copy JIT code to it, map it as RX) but before then, you need to call ptrace(0,0,0,0); this disables codesigning on pages in the process including the newly created page, allowing it to run.

image
The above will output hello, world to stdout. works when launched from xcode or springboard.
note the 1st line syscall(26, 0, 0, 0, 0); is just the same as calling ptrace(0, 0, 0, 0);

One other thing to note is that qwertyoruiop mentioned that this wouldn't work if the binary was signed for distribution. It would only work when signed with a developer certificate. I'm not sure how iNDS is distributed for jailed devices and I'm no expert with certs because I don't have an enterprise cert to check anything so you're on your own for that part.

Absolute worst case scenario just tell people to build it themselves if they want JIT.

@DuIslingr
Copy link

Based on what he wrote. It should work fine on jailbroken devices. Jailed however requires it to be signed with a dev certificate. And I believe that the other projects mentioned above can use this as well.

@WilliamLCobb
Copy link
Owner Author

Wow that's awesome! I'll add that in a second and see how it goes.

The last thing we need is information on upgrading GNU lightning to 2.1. The syntax isn't that different from 1.2 but I've found no documentation for 2.x other than a few examples. No change log in the source or anything for upgrading from 1.2.

@WilliamLCobb
Copy link
Owner Author

The other alternative if to keep using 1.2 and add a custom arm64 support. I'd be surprised if someone hasn't already done this but I haven't been able to find it.

Also I know 64bit processors are able to execute 32bit instructions but I don't know if it's possible to switch mid execution on iOS. If we could enable this somehow, very little work would be needed for JIT on all devices.

@DarknesGaming
Copy link
Contributor

I've been trying to get GNU Lightning 2.1 to function, but all the guides and manuals haven't been updated in over 10 years.
I'll just have to come up with my own way to do this.
@Razzile that picture you uploaded. Which lines contain that code, and on which file?
I need to start reading those Apple coding guides I downloaded from iBooks.

@Pepperoony
Copy link

Just so I can it out quick before I forget (this probably isn't the place to put this) but the 1.5.3 update started pumping any sound from the volume bumper from the top of my iPhone instead from the speakers. I don't have volume bumpers turned on or microphone and I have no idea how to fix it!

Luke Rooney/ Director of Productions
luke.rooney@servitehs.org(mailto:luke_rooney@icloud.com)/(562)-360-4258(tel:(562)-360-4258)

Trinity Corporation
ServiteHS.org
1952 W La Palma Ave, Anaheim(x-apple-data-detectors://5/2)

On May 20, 2016, 10:41 AM -0700, DarknesGamingnotifications@github.com, wrote:

I've been trying to get GNU Lightning 2.1 to function, but all the guides and manuals haven't been updated in over 10 years.
I'll just have to come up with my own way to do this.
@Razzile(https://github.com/Razzile)that picture you uploaded. Which lines contain that code, and on which file?
I need to start reading those Apple coding guides I downloaded from iBooks.


You are receiving this because you commented.
Reply to this email directly orview it on GitHub(#44 (comment))

@Razzile
Copy link

Razzile commented May 20, 2016

All the code is in the screenshot.

#include <sys/mman.h> for mmap(). shell is the byte code representation of syscall(SYS_write, stdout, arg1, arg2) [or equivalent] to write to stdout

On 20 May 2016, at 18:41, DarknesGaming notifications@github.com wrote:

I've been trying to get GNU Lightning 2.1 to function, but all the guides and manuals haven't been updated in over 10 years.
I'll just have to come up with my own way to do this.
@Razzile that picture you uploaded. Which lines contain that code, and on which file?
I need to start reading those Apple coding guides I downloaded from iBooks.


You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub

@WilliamLCobb
Copy link
Owner Author

It works! I wish we could get the JIT flag somehow because the memory has to be protected twice every time a block is compiled (Only JIT marked pages can be write and exec).

One weird thing is after adding the syscall my iPad is completely unusable until I restart it after I close iNDS. Buttons stop working and it stops responding to events. If I tap a button or icon the animation happens but nothing else. It also refuses to unlock after I lock it telling me my passcode is incorrect.

Very odd, I'll upload the change and see if anyone else has similar problems

@Razzile
Copy link

Razzile commented May 21, 2016

@WilliamLCobb the JIT flag requires the entitlement dynamic-codesigning. if you can somehow sign your app with that entitlement (I tried on my free dev account and xcode just rejected it) you can use MAP_JIT. obviously on jailbroken devices you can just pseudosign with ldid and a plist containing something like this:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
    <dict>
        <key>dynamic-codesigning</key>
        <true/>
        <key>get-task-allow</key>
        <true/>
    </dict>
</plist>

(not sure if get-task-allow is needed but included for good measure)

@Razzile
Copy link

Razzile commented May 21, 2016

also @WilliamLCobb that device freezing happened to me too but only once out of the 5 or so times i was testing JIT. it's very odd indeed. you could try calling ptrace(-1, 0, 0, 0) which is an invalid flag, hopefully ptrace would just error but the system would still disable codesigning first. wouldn't change anything though if it was the mapped pages causing problems and not ptrace

@DarknesGaming
Copy link
Contributor

I would try this, but after @WilliamLCobb's device going nuts I don't think that would be a good idea. I'm assuming his iPad is 32-bit because it's still not available for 64-bit devices yet.
Also, if you have a 9.7" iPad Pro, don't update to iOS 9.3.2. It bricks your device and iTunes can't fix it, and creates error 56.

@DuIslingr
Copy link

DuIslingr commented May 22, 2016

@DarknesGaming Lol you dont have to worry about the 9.3.2 update. Apple pulled it. Second time they have pulled an update and that last one was recent too. Regarding your comment about it not being on 64 bit device, I don't know what you mean since @Razzile has mentioned above that hes been doing his testing on an iPhone 6+ 9.3.1

Summary of JIT status on iOS 9
Jailbroken 32 bit devices have JIT functioning(due to the jailbreak on those devices disabling Rootless(KPP). However they didn't do this on ARM64 for reasons I can't remember. Now based on what I have read regarding this issue, if they get JIT to function 100% on jailed iOS 9 devices then this should also solve jailbroken ARM64 devices not being able to use JIT.

So as of right now thanks to Razzile we are now a step closer to getting it working. Just need to work out bugs with it.

If I am wrong about my understanding of the situation then someone can correct me on it :p

@DarknesGaming
Copy link
Contributor

We could add an arm64 backend to GNU Lightning, but that means using the 2.0-2.1 source code and editing the ArmLJit.cpp file. Plus, the GNU Lightning source code refers "arm64" as "aarch64" instead.

@AMorgaut
Copy link

For your information Apple recently announced changes in the way JSCore & its JIT are managed in iOS 10

“Hardened WebKit JIT Mapping” protects the Safari Browser on iOS. Most other devices, including Amazon Kindle, compile JavaScript code in beforehand. But iOS assures quick JavaScript execution by compiling JavaScript just before execution, (JIT). But there is a downside to JIT implementation- it demands far much less strict code-signing, thereby making the system vulnerable.
Apple addressed the issue in the latest security measures on iOS. Apple patched the JIT security concerns by dedicating specific areas of application memory to particular tasks. Unlike before, JavaScript is now not allowed to run code in raw data storage in iOS 9 and previous versions; raw data storage is highly vulnerable to attacks. On the iOS 10, the compiled JavaScript code runs on execution-particular memory. Once the code is running on this memory, it cannot be changed, thus preventing on-the-fly code alterations attacks.

http://www.opptrends.com/2016/08/apple-security-measures-on-ios-detailed-at-the-black-hat-conference/

@Razzile
Copy link

Razzile commented Aug 29, 2016

That doesn't look like good news 😔 fortunately the JIT method mentioned above isn't used by safari but by debugserver instead. Hopefully it remains unchanged

@druidwarrior
Copy link

Talk to the devs of ppsspp I am currently using iOS 9.3.3 and they got hit working on ppsspp.

@druidwarrior
Copy link

iPhone 6 Plus by the way

@Razzile
Copy link

Razzile commented Oct 2, 2016

I'm not sure the current state of JIT. I've been away from iNDS for a while, but I have been messing around with mmap again on iOS 9.3.3.

if your app has the dynamic-codesigning entitlement, you can use the MAP_JIT flag in mmap to have memory as truly RWX (i think i mentioned this before actually).

not sure if this is useful for iNDS or if the current system (interpreted or anything else) is okay as it is

@Razzile
Copy link

Razzile commented Jan 14, 2018

here I am, bringing up dead issues again hehe

I noticed in coolstar's latest iOS 11 jailbreak code this commit seems to be make code run like it's being debugged, I talked about loong ago. If that's the case then I see no reason why JIT wouldn't work with this jailbreak. I haven't tested yet though

@kprinssu
Copy link

kprinssu commented Mar 25, 2018

@Razzile iNDS displays a black screen wih the controller overlay and any subsequent launches results in the same black screen and the app is unusable. My fix is to do a hard reset (restart my iPhone). My guess is that iNDS has 32bit instructions that is not supported on iOS 11 (please do correct me).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

13 participants