[Webkit-unassigned] [Bug 96286] New: Another SIGILL in JavaScriptCore on a Geode processor

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Sep 10 10:20:04 PDT 2012 

https://bugs.webkit.org/show_bug.cgi?id=96286

           Summary: Another SIGILL in JavaScriptCore on a Geode processor
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: dsd at laptop.org
                CC: oliver at apple.com


An issue similar to bug #82496 has re-emerged in WebKit-1.9.x.

Testing webkitgtk3-1.9.91 on AMD Geode LX (inside OLPC XO-1 laptop), loading Google crashes with SIGILL. Looks like it is unhappy with the mulsd instruction.

Program received signal SIGILL, Illegal instruction.
0xb37743cf in llint_op_mul () from /lib/libjavascriptcoregtk-3.0.so.0
(gdb) bt
#0  0xb37743cf in llint_op_mul () from /lib/libjavascriptcoregtk-3.0.so.0
#1  0xadfef088 in ?? ()
#2  0xb370e009 in JSC::Interpreter::execute ()
   from /lib/libjavascriptcoregtk-3.0.so.0
#3  0xb37fffaf in JSC::evaluate () from /lib/libjavascriptcoregtk-3.0.so.0
#4  0xb1259b0c in ?? ()
#5  0x00000000 in ?? ()

(gdb) x/20i $pc-12
   0xb37743c3 <llint_op_mul+182>:    movd   %ecx,%mm7
   0xb37743c6 <llint_op_mul+185>:    psllq  $0x20,%xmm7
   0xb37743cb <llint_op_mul+190>:    por    %xmm7,%xmm0
=> 0xb37743cf <llint_op_mul+194>:    mulsd  %xmm1,%xmm0
   0xb37743d3 <llint_op_mul+198>:    movsd  %xmm0,(%edi,%edx,8)
   0xb37743d8 <llint_op_mul+203>:    add    $0x14,%esi
   0xb37743db <llint_op_mul+206>:    jmp    *(%esi)
   0xb37743dd <llint_op_mul+208>:    mov    0x4(%esi),%ecx
   0xb37743e0 <llint_op_mul+211>:    cmp    $0xfffffff9,%ebx
   0xb37743e3 <llint_op_mul+214>:    ja     0xb3774408 <llint_op_mul+251>
   0xb37743e5 <llint_op_mul+216>:    cvtsi2sd %eax,%xmm0
   0xb37743e9 <llint_op_mul+220>:    movd   %edx,%xmm1
   0xb37743ed <llint_op_mul+224>:    movd   %ebx,%xmm7
   0xb37743f1 <llint_op_mul+228>:    psllq  $0x20,%xmm7
   0xb37743f6 <llint_op_mul+233>:    por    %xmm7,%xmm1
   0xb37743fa <llint_op_mul+237>:    mulsd  %xmm1,%xmm0
   0xb37743fe <llint_op_mul+241>:    movsd  %xmm0,(%edi,%ecx,8)
   0xb3774403 <llint_op_mul+246>:    add    $0x14,%esi
   0xb3774406 <llint_op_mul+249>:    jmp    *(%esi)
   0xb3774408 <llint_op_mul+251>:    mov    %edi,(%esp)

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list