[regression] firefox dies with SIGILL on machines without SSE2
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
firefox (Ubuntu) |
Confirmed
|
Undecided
|
Ubuntu Security Team |
Bug Description
I'm running Ubuntu 16.04 on an old laptop. Firefox used to work on
fine until I did an 'apt upgrade'.
Worked: 50.1.0+
Fails: 53.0.3+
The bug was a little tricky to track down since AppArmor was killing
firefox. I believe the AppArmor error is irrelevant for this bug
report, but I mention it for completeness (and so other people can
google for this problem):
"/usr/
cannot apply additional memory protection after relocation:
Permission denied"
I disabled AppArmor (aa-disable '/usr/lib/
and now Firefox dies like so:
ExceptionHa
ExceptionHa
ExceptionHa
Failed to open curl lib from binary, use libcurl.so instead
Using gdb to figure it out, I see that the process is getting SIGILL
(Illegal Instruction). To figure out exactly which instruction is the
problem, I ran gdb as follows:
$ gdb /usr/lib/
GNU gdb (Ubuntu 7.11.1-
[...]
Reading symbols from /usr/lib/
(gdb) set disassemble-
(gdb) run
Starting program: /usr/lib/
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-
[New Thread 0xb15c4b40 (LWP 14296)]
[Thread 0xb15c4b40 (LWP 14296) exited]
warning: Corrupted shared library list: 0xb794cc00 != 0xb794b800
[...]
Thread 1 "firefox" received signal SIGILL, Illegal instruction.
0x4b9f826c in ?? ()
=> 0x4b9f826c: f2 0f 11 74 24 30 movsd %xmm6,0x30(%esp)
MOVSD is an SSE2 instruction, which my machine does not support.
$ grep flags /proc/cpuinfo
flags : fpu vme de pse tsc msr pae mce cx8 sep mtrr pge mca cmov pse36 mmx fxsr sse
I had been under the impression that firefox is supposed to only use
SSE2 if it is available. Is that not correct? It certainly used to
work. Perhaps there is something wrong in how Ubuntu is building the
binary.
[Side note: There are actually two "movsd" instructions for the Intel
x86 architecture. The original one (Move String, opcode A5) is
supported by everything back to the 80386, but this one (Move Scalar,
opcode F2 0F 11) requires SSE2. Maybe that is the source of the
confusion.]
Thank you.
$ lsb_release -rd
Description: Ubuntu 16.04.2 LTS
Release: 16.04
$ apt-cache policy firefox
firefox:
Installed: 53.0.3+
Candidate: 53.0.3+
Version table:
*** 53.0.3+
500 http://
500 http://
100 /var/lib/
500 http://
tags: | added: regression-update |
summary: |
- firefox dies with SIGILL on machines without SSE2 + [regression] firefox dies with SIGILL on machines without SSE2 |
Changed in firefox (Ubuntu): | |
assignee: | nobody → Canonical Security Team (canonical-security) |
Changed in firefox (Ubuntu): | |
assignee: | Canonical Security Team (canonical-security) → Ubuntu Security Team (ubuntu-security) |
Looks like it would be intentional according to https:/ /www.mozilla. org/en- US/firefox/ 53.0/releasenot es/ :
"Ended Firefox Linux support for processors older than Pentium 4 and AMD Opteron"
Also, for Windows, they require SSE2 since Firefox 49.