280885 2024-10-04 04:47:31 -0700 webkitgtk-2.46.4: libjavascriptcoregtk-6.0.so.1: illegal instruction (roundss/roundsd) on older amd64 laptop 2024-12-08 14:26:32 -0800 1 1 1 Unclassified WebKit JavaScriptCore WebKit Local Build Unspecified Unspecified NEW P2 Normal --- 1 michael webkit-unassigned oldest_to_newest 2065440 0 michael 2024-10-04 04:47:31 -0700 I'm unable to get a useful backtrace on this machine because it doesn't have enough RAM to build WebKit with debugging info, but maybe we can guess what the illegal instruction is. The symptom is a WebKitWebProcess crash that leads to a "something went wrong" in epiphany, after which [198811.209860] traps: WebCore: Worker[10795] trap invalid opcode ip:7f9cf0745684 sp:7f9c61ffe770 error:0 in libjavascriptcoregtk-6.0.so.1.2.8[145684,7f9cf06f4000+15d9000] appears in dmesg. The core file confirms that it's a SIGILL: Core was generated by `/usr/libexec/webkitgtk-6.0/WebKitWebProcess 24 48 50'. Program terminated with signal SIGILL, Illegal instruction. The machine has two cores, but the second is identical to the first so I've omitted it: $ cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 15 model name : Intel(R) Core(TM)2 Duo CPU L7700 @ 1.80GHz stepping : 11 microcode : 0xb6 cpu MHz : 1196.988 cache size : 4096 KB physical id : 0 siblings : 2 core id : 0 cpu cores : 2 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 10 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good nopl cpuid aperfmperf pni dtes64 monitor ds_cpl est tm2 ssse3 cx16 xtpr pdcm lahf_lm pti dtherm bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit mmio_unknown bogomips : 3592.58 clflush size : 64 cache_alignment : 64 address sizes : 36 bits physical, 48 bits virtual power management: I'm not sure if it's relevant, but in the past I've hit corner cases on this machine because it lacks support for popcnt. 2065441 1 michael 2024-10-04 04:48:24 -0700 (This is with v2.44.4 by the way) 2065709 2 michael 2024-10-06 06:16:44 -0700 Looking at the code in Source/JavaScriptCore/assembler/MacroAssemblerX86_64.h, I think missing popcnt is the prime suspect. For example: void countPopulation64(RegisterID src, RegisterID dst) { ASSERT(supportsCountPopulation()); m_assembler.popcntq_rr(src, dst); } just assumes that it is there. 2066072 3 michael 2024-10-07 19:07:16 -0700 Popcnt was a red herring, it's actually "roundss" causing the SIGILL. If I switch GDB to its asm layout, Program terminated with signal SIGILL, Illegal instruction. #0 0x00007fbf70f45684 in ?? () from /usr/lib64/libjavascriptcoregtk-6.0.so.1 (gdb) layout asm 0x7fbf70f45684 roundss $0x1,%xmm0,%xmm1 This machine lacks SSE4_1, so I don't think roundss should have been emitted. 2071081 4 michael 2024-10-28 15:50:02 -0700 Something similar happens in 2.46.2 except with roundsd instead of roundss