Bug#1012548: libwebkit2gtk-4.1-0: Offline renderer SIGSEGV on i386

karogyoker karogyoker2+debbug at gmail.com
Mon Jun 13 10:00:03 BST 2022 

Package: libwebkit2gtk-4.1-0
Version: 2.36.3-1
Followup-For: Bug #1012548
X-Debbugs-Cc: karogyoker2+debbug at gmail.com

Dear Maintainer,

Please reopen this case because it turned out that it is not a hardware failure
at all!

I figured out everything about why epiphany is crashing for me, so this is what
is happening:
1. Opening the Win10 ISO download page[1] tries to use offline rendering of Web
Audio API
2. In DenormalDisabler.h stmxcsr is being called, it returns mxcsr's default
value (0x1f80)
3. Then 0x1f80 is being OR-ed with 0x8040, that gives 0x9fc0 (it can be seen in
eax)
4. In 0x9fc0 the 6th bit (0 based counting) is 1
5. ldmxcsr is being called with 0x9fc0
6. This gives a general protection fault because on 32 bit hardware the 6th bit
is a reserved bit [2][3]
7. This is going to be a SIGSEGV on Linux (access violation on Windows)

I thought that it is a hardware failure because on my other machine I didn't
get an exception when I set the 6th bit to 1. But then I found these docs[2][3]
and turned out that only real 32 bit CPUs are generating a GP (general
protection fault). That's why it didn't crash for you in QEMU. QEMU's emulation
is not implemented properly in this case. On my Haswell I can set the 6th bit
to 1. It seems that in newer CPUs the 6th bit is not reserved anymore. Setting
bits 16-31 are still generating a GP though.

I think the solution is not to use the code where the ORing happens with 0x8040
(in case of i386 releases because this combination is not supported by
hardware). For 32 bit CPUs the manual flushing must be used (the "FIXME: worst
case" part in the code).

I guess that deleting "defined(__i386__) || " from line #39 and #86 would solve
the issue.

I'll try to cross-compile WebKit on a faster PC (because on this one it would
take ages) and test my hypothesis on real 32 bit hardware.

[1]: https://www.microsoft.com/en-us/software-download/windows10ISO
[2]: https://qcd.phys.cmu.edu/QCDcluster/intel/vtune/reference/vc148.htm
[3]:
https://help.totalview.io/previous_releases/2019/html/Reference_Guide/Intelx86MXSCRRegister_2.html




-- System Information:
Debian Release: bookworm/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 5.17.0-1-686-pae (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages libwebkit2gtk-4.1-0 depends on:
ii  bubblewrap                      0.6.2-1
ii  gstreamer1.0-plugins-base       1.20.2-2
ii  gstreamer1.0-plugins-good       1.20.2-1
ii  libatk1.0-0                     2.38.0-1
ii  libc6                           2.33-7
ii  libcairo2                       1.16.0-5
ii  libegl1                         1.4.0-1
ii  libenchant-2-2                  2.3.2-1
ii  libfontconfig1                  2.13.1-4.4
ii  libfreetype6                    2.12.1+dfsg-2
ii  libgcc-s1                       12.1.0-2
ii  libgcrypt20                     1.10.1-2
ii  libgdk-pixbuf-2.0-0             2.42.8+dfsg-1
ii  libglib2.0-0                    2.72.1-1
ii  libglx0                         1.4.0-1
ii  libgstreamer-gl1.0-0            1.20.2-2
ii  libgstreamer-plugins-base1.0-0  1.20.2-2
ii  libgstreamer1.0-0               1.20.2-1
ii  libgtk-3-0                      3.24.34-1
ii  libharfbuzz-icu0                2.7.4-1+b1
ii  libharfbuzz0b                   2.7.4-1+b1
ii  libhyphen0                      2.8.8-7
ii  libicu71                        71.1-3
ii  libjavascriptcoregtk-4.1-0      2.36.3-1
ii  libjpeg62-turbo                 1:2.1.2-1
ii  liblcms2-2                      2.12~rc1-2
ii  libmanette-0.2-0                0.2.6-3
ii  libnotify4                      0.7.12-1
ii  libopengl0                      1.4.0-1
ii  libopenjp2-7                    2.4.0-6
ii  libpango-1.0-0                  1.50.7+ds-1
ii  libpng16-16                     1.6.37-5
ii  libseccomp2                     2.5.4-1
ii  libsecret-1-0                   0.20.5-2
ii  libsoup-3.0-0                   3.0.6-1
ii  libsqlite3-0                    3.38.5-1
ii  libstdc++6                      12.1.0-2
ii  libsystemd0                     250.4-1
ii  libtasn1-6                      4.18.0-4
ii  libwayland-client0              1.20.0-1
ii  libwayland-egl1                 1.20.0-1
ii  libwayland-server0              1.20.0-1
ii  libwebp7                        1.2.2-2+b1
ii  libwebpdemux2                   1.2.2-2+b1
ii  libwoff1                        1.0.2-1+b1
ii  libwpe-1.0-1                    1.12.0-1
ii  libwpebackend-fdo-1.0-1         1.12.0-1
ii  libx11-6                        2:1.7.5-1
ii  libxcomposite1                  1:0.4.5-1
ii  libxdamage1                     1:1.1.5-2
ii  libxml2                         2.9.14+dfsg-1
ii  libxslt1.1                      1.1.34-4
ii  xdg-dbus-proxy                  0.1.4-1
ii  zlib1g                          1:1.2.11.dfsg-4

Versions of packages libwebkit2gtk-4.1-0 recommends:
ii  gstreamer1.0-gl           1.20.2-2
ii  gstreamer1.0-libav        1.20.2-1
ii  gstreamer1.0-plugins-bad  1.20.2-1
ii  libgl1-mesa-dri           22.0.5-1
ii  xdg-desktop-portal-gtk    1.14.0-1

Versions of packages libwebkit2gtk-4.1-0 suggests:
ii  gstreamer1.0-alsa  1.20.2-2

-- no debconf information

More information about the Pkg-webkit-maintainers mailing list