You can trigger a crash immediately on a machine without SSE2 by
running firefox 54 like so:
firefox https://www.quirksmode.org/html5/videos/big_buck_bunny.mp4
(Note that it must be an mp4 video. VP8 and Vorbis still work fine.)
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1697800
Title:
[regression] firefox dies with SIGILL on machines without SSE2
Status in firefox package in Ubuntu:
New
Bug description:
I'm running Ubuntu 16.04 on an old laptop. Firefox used to work on
fine until I did an 'apt upgrade'.
Worked: 50.1.0+build2-0ubuntu0.16.04.1
Fails: 53.0.3+build1-0ubuntu0.16.04.2
The bug was a little tricky to track down since AppArmor was killing
firefox. I believe the AppArmor error is irrelevant for this bug
report, but I mention it for completeness (and so other people can
google for this problem):
"/usr/bin/python3: error while loading shared libraries:
cannot apply additional memory protection after relocation:
Permission denied"
I disabled AppArmor (aa-disable '/usr/lib/firefox/firefox{,*[^s][^h]}')
and now Firefox dies like so:
ExceptionHandler::GenerateDump cloned child 14258
ExceptionHandler::SendContinueSignalToChild sent continue signal to child
ExceptionHandler::WaitForContinueSignal waiting for continue signal...
Failed to open curl lib from binary, use libcurl.so instead
Using gdb to figure it out, I see that the process is getting SIGILL
(Illegal Instruction). To figure out exactly which instruction is the
problem, I ran gdb as follows:
$ gdb /usr/lib/firefox/firefox
GNU gdb (Ubuntu 7.11.1-0ubuntu1~16.04) 7.11.1
[...]
Reading symbols from /usr/lib/firefox/firefox...(no debugging symbols
found)...done.
(gdb) set disassemble-next-line on
(gdb) run
Starting program: /usr/lib/firefox/firefox
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
[New Thread 0xb15c4b40 (LWP 14296)]
[Thread 0xb15c4b40 (LWP 14296) exited]
warning: Corrupted shared library list: 0xb794cc00 != 0xb794b800
[...]
Thread 1 "firefox" received signal SIGILL, Illegal instruction.
0x4b9f826c in ?? ()
=> 0x4b9f826c: f2 0f 11 74 24 30 movsd %xmm6,0x30(%esp)
MOVSD is an SSE2 instruction, which my machine does not support.
$ grep flags /proc/cpuinfo
flags : fpu vme de pse tsc msr pae mce cx8 sep mtrr pge mca
cmov pse36 mmx fxsr sse
I had been under the impression that firefox is supposed to only use
SSE2 if it is available. Is that not correct? It certainly used to
work. Perhaps there is something wrong in how Ubuntu is building the
binary.
[Side note: There are actually two "movsd" instructions for the Intel
x86 architecture. The original one (Move String, opcode A5) is
supported by everything back to the 80386, but this one (Move Scalar,
opcode F2 0F 11) requires SSE2. Maybe that is the source of the
confusion.]
Thank you.
$ lsb_release -rd
Description: Ubuntu 16.04.2 LTS
Release: 16.04
$ apt-cache policy firefox
firefox:
Installed: 53.0.3+build1-0ubuntu0.16.04.2
Candidate: 53.0.3+build1-0ubuntu0.16.04.2
Version table:
*** 53.0.3+build1-0ubuntu0.16.04.2 500
500 http://us.archive.ubuntu.com/ubuntu xenial-updates/main i386
Packages
500 http://security.ubuntu.com/ubuntu xenial-security/main i386
Packages
100 /var/lib/dpkg/status
45.0.2+build1-0ubuntu1 500
500 http://us.archive.ubuntu.com/ubuntu xenial/main i386 Packages
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1697800/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
