Crash on input on 32-bit powerpc: Program received signal EXC_BAD_INSTRUCTION, Illegal instruction/operand #89
Description
@bnoordhuis I know that V8 does not support Darwin ppc (and apparently is broken even on Linux and *BSD ppc), however maybe you – or someone – may suggest something to try here. It builds with a few extra patches on top of what upstream had for Linux (not merged in full to the master), but is crashes on any input.
$ sudo gdb --args /opt/local/libexec/v8-8.3/bin/d8 /opt/local/ppcports/devel/nodejs12/test.js
Password:
GNU gdb 6.3.50-20050815 (Apple version gdb-1515) (Sat Jan 15 08:32:01 UTC 2011)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "powerpc-apple-darwin"...Reading symbols for shared libraries ...... done
(gdb) run
Starting program: /opt/local/libexec/v8-8.3/bin/d8 /opt/local/ppcports/devel/nodejs12/test.js
Reading symbols for shared libraries .+++++. done
Program received signal EXC_BAD_INSTRUCTION, Illegal instruction/operand.
0x3f606314 in ?? ()
(gdb) where
#0 0x3f606314 in ?? ()
#1 0x00637b10 in Builtins_JSRunMicrotasksEntry ()
#2 0x7d6802a6 in ?? ()
Cannot access memory at address 0x7c0802a6
Previous frame inner to this frame (gdb could not unwind past this frame)
(gdb) disassemble $pc-0x10 $pc+0x10
Dump of assembler code from 0x3f606304 to 0x3f606324:
0x3f606304: lis r27,4385
0x3f606308: lis r27,1633
0x3f60630c: lis r27,4385
0x3f606310: lis r27,4845
0x3f606314: .long 0x4
0x3f606318: lwz r0,6(0)
0x3f60631c: .long 0x64
0x3f606320: .long 0x64
End of assembler dump.
(gdb) info registers
r0 0x79a0a0 7970976
r1 0xbfffed78 3221220728
r2 0x205ddb8 33938872
r3 0x2003060 33566816
r4 0x3f60027d 1063256701
r5 0x5fa8ef01 1604906753
r6 0x50c80965 1355286885
r7 0x0 0
r8 0x0 0
r9 0x0 0
r10 0x0 0
r11 0x0 0
r12 0x3f606301 1063281409
r13 0x0 0
r14 0x99dbd0 10083280
r15 0x98ce04 10014212
r16 0xbffff038 3221221432
r17 0xbffff3c0 3221222336
r18 0xbfffeff8 3221221368
r19 0x0 0
r20 0x50c80965 1355286885
r21 0xbffff23c 3221221948
r22 0x5fa8ef01 1604906753
r23 0x3f60027d 1063256701
r24 0x2000480 33555584
r25 0xbfffeff8 3221221368
r26 0x5 5
r27 0x12ed0000 317521920
r28 0x0 0
r29 0x2001a70 33561200
r30 0x2000400 33555456
r31 0xbfffed94 3221220756
pc 0x3f606314 1063281428
ps 0x100000000208f930 1152921504640989488
cr 0x24004244 603996740
lr 0x637b10 6519568
ctr 0x3f606301 1063281409
xer 0x20000000 536870912
mq 0x0 0
fpscr 0x82004000 2181054464
vscr 0x10000 65536
vrsave 0x0 0
(gdb)
I thought that it could be rldicl usage (this instruction seems not to be supported on 32-bit, though documentation is unclear):
However I did not find in the source where this instruction is generated for 32-bit ppc. Apparently all instances sit inside protective macros and should be triggered only for ppc64.
I do not know how to debug this really or what to try.