[Webkit-unassigned] [Bug 241588] General Protection Fault in WebKitWebProcess on 32bit CPUs
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jun 14 10:15:22 PDT 2022
https://bugs.webkit.org/show_bug.cgi?id=241588
--- Comment #1 from karogyoker2+webkit at gmail.com ---
A little background[1] on the topic.
"Executing a program on a Pentium III processor enables the FTZ flag, but not DAZ."[2]
DAZ is not supported by Pentium 3[3] nor VIA Nehemiah[3]:
(This is VIA Nehemiah[4].)
DAZ is also not supported by AMD Athlon XP. (I have one and I can see.)
"Some processor steppings support SSE2 but do not support the DAZ mode."[5]
>From page #60[5] there is an example how to detect DAZ support.
"Initial steppings of Pentium® 4 processors did not support DAZ."[6]
An incorrect way to detect DAZ[7]. As we can see above[6], there is no guarantee that if SSE2 is available then DAZ is supported as well.
"But is this for all i386 CPUs or only for older models? How come this
never crashed before?"[8]
Because browser-fingerprinter scripts which are utilizing Web Audio API were not that widespread as they are now. Also, not many people are using real 32 bit CPUs.
The proper solution would be to detect DAZ support. We can keep using the 0x8000 mask if there is SSE as it is now. But if there is DAZ as well, use 0x8040. This way we can get the most optimal performance on most CPUs.
If SSE2 detection happens all around, this should be detected as well. The number of CPU steppings having DAZ support is even less than those having SSE2 support. As the usage of Web Audio API for browser-fingerprinting[9] gets even more ubiquitous, this segfault will happen more and more often.
[1]: https://en.wikipedia.org/wiki/Subnormal_number
[2]: http://physics.ujep.cz/~zmoravec/prga/main_for/mergedProjects/optaps_for/common/optaps_dsp_rtme.htm
[3]: https://www.carlh.net/plugins/denormals.php
[4]: https://en.wikipedia.org/wiki/List_of_VIA_Eden_microprocessors#%22Nehemiah%22_(130_nm)
[5]: https://bochs.sourceforge.io/techspec/24161821.pdf
[6]: http://web.archive.org/web/20111101165633/http://software.intel.com/en-us/articles/x87-and-sse-floating-point-assists-in-ia-32-flush-to-zero-ftz-and-denormals-are-zero-daz/
[7]: https://bugs.webkit.org/show_bug.cgi?id=134060
[8]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012548#47
[9]: https://fingerprint.com/blog/audio-fingerprinting/
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220614/b093c6dc/attachment.htm>
More information about the webkit-unassigned
mailing list