RESOLVED DUPLICATE of bug 222805 222358
SIGILL crash in JSC::operationLinkCall 
https://bugs.webkit.org/show_bug.cgi?id=222358
Summary SIGILL crash in JSC::operationLinkCall
Dennis Nezic
Reported 2021-02-24 07:40:29 PST
These sites: https://www.nyse.com/quote/index/SPX https://community.ui.com/ cause kernel traps, like: kernel: traps: WebKitWebProces[19538] trap invalid opcode ip:7f1fc039e0e5 sp:7fff970dc810 error:0 I don't think these sites were ever able to work with webkit-gtk, including the latest stable 2.30.5. Do they work for anyone else?
Attachments
backtrace of the crashed thread (550.80 KB, text/plain)
2021-02-25 11:40 PST, Jernej Jakob 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Carlos Garcia Campos
Comment 1 2021-02-24 22:57:02 PST
Both work for me
Dennis Nezic
Comment 2 2021-02-25 06:19:16 PST
Fascinating! You're using webkit-gtk 2.30.5?
Carlos Garcia Campos
Comment 3 2021-02-25 06:47:46 PST
What's your hardware? Can you try running the program with JavaScriptCoreUseJIT=0?
Dennis Nezic
Comment 4 2021-02-25 07:12:46 PST
Yes!! Exporting that environment variable worked! Awesome.
Carlos Garcia Campos
Comment 5 2021-02-25 07:20:34 PST
That means it's JSC bug. Could you provide details about your hardware? It would help jsc developers to find the problem.
Jernej Jakob
Comment 6 2021-02-25 11:40:21 PST
Created attachment 421549 [details] backtrace of the crashed thread Backtrace of the crashing thread. This is what I could get on my machine with only 8GB RAM. Trying to get a backtrace of all threads made gdb run out of memory. Some things are missing, I'm not sure why.
Radar WebKit Bug Importer
Comment 7 2021-03-03 07:41:12 PST
<rdar://problem/74984105>
Jernej Jakob
Comment 8 2021-03-09 06:18:40 PST
(In reply to Jernej Jakob from comment #6) > Created attachment 421549 [details] > backtrace of the crashed thread > > Backtrace of the crashing thread. This is what I could get on my machine > with only 8GB RAM. Trying to get a backtrace of all threads made gdb run out > of memory. Some things are missing, I'm not sure why. The backtrace has problems, probably because I still had -O2 on my flags. Since the workaround was found I won't be debugging this myself any more. If anyone wants to debug this on Gentoo, in addition to the general debugging process described in the Gentoo Handbook, he can try to add -Og to his CFLAGS/CXXFLAGS using package.env, or use another way to override his global compiler flags before rebuilding.
Carlos Garcia Campos
Comment 9 2021-03-15 03:01:57 PDT
The only JSC change in 2.30.5 is bug #219288. I don't know if that's related, though
Michael Catanzaro
Comment 10 2021-03-15 05:57:13 PDT
That could be related if this is on aarch64. I doubt it. :P
Michael Catanzaro
Comment 11 2021-03-15 05:59:42 PDT
I can't reproduce with 2.30.5 or with 2.31.91.
Michael Catanzaro
Comment 12 2021-03-15 06:02:02 PDT
Carlos suspects bug #222805, unlikely but possible. What is your CPU model?
Carlos Garcia Campos
Comment 13 2021-03-15 06:06:01 PDT
(In reply to Michael Catanzaro from comment #12) > Carlos suspects bug #222805, unlikely but possible. What is your CPU model? Only because this was reported for 2.30.5 and that's the only jsc change in that version.
Dennis Nezic
Comment 14 2021-03-15 13:53:23 PDT
I'm on x86_64 (no sse4)
Michael Catanzaro
Comment 15 2021-03-15 14:14:10 PDT
Wow. OK, for final confirmation, you could run: (gdb) layout asm. But I guess this is very likely bug #222805. That bug is newer, but it also has proof. *** This bug has been marked as a duplicate of bug 222805 ***
Jernej Jakob
Comment 16 2021-03-15 14:52:38 PDT
My system is a Core 2 Quad without SSE4 as well, which would add weight that this is the bug. I've looked through my merge history and the bug was present since the beginning (since I installed webkit-gtk), on versions 2.28.4, 2.30.3, 2.30.5.
Note You need to log in before you can comment on or make changes to this bug.