New issue
Advanced search Search tips

Issue 706361 link

Starred by 1 user
Status: Archived
Owner: ----
Closed: Apr 2018
Cc:
rbasuvula@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug



Sign in to add a comment

Illegal instruction exception (SIGILL) on browser startup (opcode ud2)

Reported by w...@yuugen.jp, Mar 29 2017 
UserAgent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.111 Safari/537.36 Vivaldi/1.8.770.50

Steps to reproduce the problem:
1. Start the browser

What is the expected behavior?
The browser window opens

What went wrong?
> google-chrome-bin
Illegal instruction
Exit 132

The exception occurs immediately, no browser window even opens.

Crashed report ID: 

How much crashed? Whole browser

Is it a problem with a plugin? No 

Did this work before? N/A 

Chrome version: 57.0.2987.110  Channel: n/a
OS Version: Source Mage rolling release
Flash Version: none

From the disassemble of where the illegal instruction happened it seems that it is an explicit illegal instruction (ud2) and not some instruction that is not supported because the CPU is too old. According to the process memory map the instruction is within the chrome binary itself and not part of any loaded shared object. Unfortunately the chrome binary seems to be stripped so I have no idea what function it is in. What is terribly frustrating is that there is no usable output anywhere to tell me what is wrong. It may very well be some kind of configuration issue on my end, but without knowing what action failed or what condition is false I have no clue where to even begin to address this problem.

If anything the bug report is about the fact that chromium shouldn't just throw up its hands and jump to an explicit illegal instruction without first telling the user what went wrong.

FYI, I originally encountered the same problem using Vivaldi and then decided to try Chrome as well to make sure that it wasn't a Vivaldi specific problem. The failure pattern is exactly the same for both. An illegal instruction exception on a ud2 instruction with the same disassembly around it.

Detailed info:

chrome version 57.0.2987.110
   installed from https://dl.google.com/linux/direct/google-chrome-stable_current_x86_64.rpm
kernel version 4.9.3
glibc version 2.24

> cat /proc/cpuinfo 
processor	: 0
vendor_id	: GenuineIntel
cpu family	: 6
model		: 37
model name	: Intel(R) Core(TM) i5 CPU         650  @ 3.20GHz
stepping	: 5
microcode	: 0x2
cpu MHz		: 3191.578
cache size	: 4096 KB
physical id	: 0
siblings	: 4
core id		: 0
cpu cores	: 2
apicid		: 0
initial apicid	: 0
fpu		: yes
fpu_exception	: yes
cpuid level	: 11
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf eagerfpu pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 popcnt aes lahf_lm tpr_shadow vnmi flexpriority ept vpid dtherm ida arat
bugs		:
bogomips	: 6383.15
clflush size	: 64
cache_alignment	: 64
address sizes	: 36 bits physical, 48 bits virtual
power management:

(gdb) bt
#0  0x0000555556287cc0 in ?? ()
#1  0x000007e784da62c0 in ?? ()
#2  0x00007fffdda4d870 in ?? ()
#3  0x00007fffdda4d880 in ?? ()
#4  0x0000555556287956 in ?? ()
#5  0x0000555558193fe0 in ?? ()
#6  0x0000555556287e7a in ?? ()
#7  0x0000000000000038 in ?? ()
#8  0x00005555560a126c in operator new(unsigned long, std::nothrow_t const&) ()
#9  0x00007fffdda4d870 in ?? ()
#10 0x000007e784dfe7e0 in ?? ()
#11 0x000007e784eea8d0 in ?? ()
#12 0x00007fffdda4daa0 in ?? ()
#13 0x0000555558193fa0 in ?? ()
#14 0x000007e784da62c0 in ?? ()
#15 0x0000000000000000 in ?? ()
(gdb) x/30i 0x0000555556287c80
   0x555556287c80:	lret   $0x3d73
   0x555556287c83:	mov    %r14,%rdi
   0x555556287c86:	callq  *0x8(%rax)
   0x555556287c89:	mov    (%rbx),%rax
   0x555556287c8c:	mov    %rax,%rcx
   0x555556287c8f:	sub    %r15,%rcx
   0x555556287c92:	rol    $0x39,%rcx
   0x555556287c96:	cmp    $0x3,%rcx
   0x555556287c9a:	ja     0x555556287cc0
   0x555556287c9c:	mov    $0x9,%edx
   0x555556287ca1:	bt     %ecx,%edx
   0x555556287ca4:	jae    0x555556287cc0
   0x555556287ca6:	mov    %rbx,%rdi
   0x555556287ca9:	callq  *0x10(%rax)
   0x555556287cac:	test   %al,%al
   0x555556287cae:	je     0x555556287cc0
   0x555556287cb0:	mov    %rbx,0x6367d51(%rip)        # 0x55555c5efa08
   0x555556287cb7:	mov    %rbx,%rax
   0x555556287cba:	pop    %rbx
   0x555556287cbb:	pop    %r14
   0x555556287cbd:	pop    %r15
   0x555556287cbf:	retq   
=> 0x555556287cc0:	ud2    
   0x555556287cc2:	data16 data16 data16 data16 nopw %cs:0x0(%rax,%rax,1)
   0x555556287cd0:	lea    0x5f503f9(%rip),%rax        # 0x55555c1d80d0
   0x555556287cd7:	mov    %rax,(%rdi)
   0x555556287cda:	movq   $0x0,0x8(%rdi)
   0x555556287ce2:	retq   
   0x555556287ce3:	data16 data16 data16 nopw %cs:0x0(%rax,%rax,1)
   0x555556287cf0:	push   %r14

> grep 55555 /proc/24157/maps
555555554000-55555bff8000 r-xp 00000000 08:02 6839026                    /opt/google/chrome/chrome
55555bff9000-55555c5b4000 r--p 06aa4000 08:02 6839026                    /opt/google/chrome/chrome
55555c5b4000-55555c5d9000 rw-p 0705f000 08:02 6839026                    /opt/google/chrome/chrome
55555c5d9000-55555c7b7000 rw-p 00000000 00:00 0                          [heap]

> strace google-chrome-bin
...
writev(13, [{iov_base="w\0\1\0", iov_len=4}, {iov_base=NULL, iov_len=0}, {iov_base="", iov_len=0}], 3) = 4
poll([{fd=13, events=POLLIN}], 1, -1)   = 1 ([{fd=13, revents=POLLIN}])
recvmsg(13, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\1\4\257\0\10\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., iov_len=4096}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 64
recvmsg(13, {msg_namelen=0}, 0)         = -1 EAGAIN (Resource temporarily unavailable)
recvmsg(13, {msg_namelen=0}, 0)         = -1 EAGAIN (Resource temporarily unavailable)
poll([{fd=13, events=POLLIN|POLLOUT}], 1, -1) = 1 ([{fd=13, revents=POLLOUT}])
writev(13, [{iov_base="e\0\2\0\10\370@\1", iov_len=8}, {iov_base=NULL, iov_len=0}, {iov_base="", iov_len=0}], 3) = 8
poll([{fd=13, events=POLLIN}], 1, -1)   = 1 ([{fd=13, revents=POLLIN}])
recvmsg(13, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\1\7\260\0\310\6\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., iov_len=4096}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 4096
recvfrom(13, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 2880, 0, NULL, NULL) = 2880
recvmsg(13, {msg_namelen=0}, 0)         = -1 EAGAIN (Resource temporarily unavailable)
recvmsg(13, {msg_namelen=0}, 0)         = -1 EAGAIN (Resource temporarily unavailable)
madvise(0x17818965b000, 16384, MADV_DONTNEED) = 0
madvise(0x1781892f2000, 28672, MADV_DONTNEED) = 0
madvise(0x1781894b2000, 32768, MADV_DONTNEED) = 0
mmap(0x178189718000, 1048576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x178189718000
madvise(0x1781896b4000, 1458176, MADV_DONTNEED) = 0
sysinfo({uptime=4313871, loads=[0, 0, 0], totalram=8232484864, freeram=6531182592, sharedram=8294400, bufferram=154865664, totalswap=32267767808, freeswap=32267767808, procs=211, totalhigh=0, freehigh=0, mem_unit=1}) = 0
madvise(0x1781896b4000, 1458176, MADV_DONTNEED) = 0
access("/usr/share/fonts/TTF/Vera.ttf", R_OK) = 0
gettid()                                = 24029
madvise(0x1781896bc000, 1425408, MADV_DONTNEED) = 0
access("/usr/share/fonts/TTF/VeraBd.ttf", R_OK) = 0
open("/usr/share/fonts/TTF/Vera.ttf", O_RDONLY) = 68
fstat(68, {st_mode=S_IFREG|0644, st_size=65932, ...}) = 0
mmap(NULL, 65932, PROT_READ, MAP_PRIVATE, 68, 0) = 0x7f412efdc000
close(68)                               = 0
gettid()                                = 24029
write(45, "\0", 1)                      = 1
futex(0x55b4c1229d10, FUTEX_WAKE_PRIVATE, 1) = 1
+++ killed by SIGILL +++

Comment 1 by rbasuvula@chromium.org, Mar 31 2017

Cc: rbasuvula@chromium.org
Labels: Needs-Feedback
Thanks for filing the issue.Tested in chrome #57.0.2987.110  and Stable #57.0.2987.133 on Ubuntu 14.04 and not able to reproduce the issue.Please fond the screen shot for reference.

@Reporter: Could you please let me know if i have missed anything and if possible, Please download the builds from below link and re-check once and provide us with a crash id from chrome://crashes and sample test steps of the issue which would help us to triage the issue further.

Builds URL: https://www.chromium.org/getting-involved/dev-channel

Thanks in Advance.
706361.png
70.3 KB View Download

Comment 2 by w...@yuugen.jp, Mar 31 2017 

Hello,

I have tried with the latest stable build;
> google-chrome-bin --version
Google Chrome 57.0.2987.133

Still the same problem;
> google-chrome-bin
Illegal instruction
Exit 132

I am not able to give anything from chrome://crashes as Chrome doesn't even start, no window is ever opened.
Project Member

Comment 3 by sheriffbot@chromium.org, Mar 31 2017

Labels: -Needs-Feedback
Thank you for providing more feedback. Adding requester "rbasuvula@chromium.org" to the cc list and removing "Needs-Feedback" label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 4 by durga.behera@chromium.org, Apr 3 2017

Components: UI
Labels: TE-NeedsTriageHelp

Comment 5 by w...@yuugen.jp, Apr 14 2017 

Any update on this issue?
Project Member

Comment 6 by sheriffbot@chromium.org, Apr 16 2018

Status: Archived (was: Unconfirmed)
Issue has not been modified or commented on in the last 365 days, please re-open or file a new bug if this is still an issue.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment