[SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

nash · 2023-11-14 21:38:33

Installed vivaldi and tried it. It broke the same way with and without the codecs package installed.

However even when enabling debuginfod it didn't show the symbols for the stack trace.

seth · 2023-11-14 21:58:06

I'll just guess there're no debug packages for vivaldi.
That's too systematic. Can FF open the webpage?
Do you btw. have any adblockers (eg. "ublock origin") installed? (And what if you do)

nash · 2023-11-14 22:15:08

Firefox can open it fine.

I have add-ons but it also breaks with the add-ons disabled, with chromium profiles without add-ons and we also tested it with a new user so that one had a clean chromium.

Plus vivaldi also broke with no add-ons.

nash · 2023-11-14 22:19:25

Maybe one approach could be to check the functions that are at the top of the stack when the crashes happen and see if they have something in common?

I think it's these 2:

From the Zoom meet crash

From the MAL crash

I don't understand much tho. Also sorry I'm not sure if these are even from the same chromium version from the repos.

Last edited by nash (2023-11-14 22:20:43)

seth · 2023-11-14 23:40:27

The idea was rather to install an adblocker (if you don't already have) to get personalized/regionalized content out of the equation.

Since the error is so specific and reproducible, we can rule out broken RAM, but SIGILL then is likely due to a corrupted stack. You'll not find that by looking at code of that complexity.
Can you reproduce this with the LTS kernel?

nash · 2023-11-17 17:18:51

Yes it happens with Linux LTS as well.

seth · 2023-11-17 21:14:39

So multiple (electron-based) clients consistently SIGILL unrelated to the kernel, but you're not running OOM.
Do you use zram?

nash · 2023-11-18 16:19:17

No, I don't use zram.

seth · 2023-11-18 20:19:10

Please post your complete system journal for the boot:

sudo journalctl -b | curl -F 'file=@-' 0x0.st

Maybe something suspicious shows up.
The issue is too deterministic to be the HW, to widespread (in clients) and isolated (to your system) to be a userspace bug and we've ruled out the kernel or OOM.

nash · 2023-11-23 15:35:07

Sorry for taking so long. Here's the journal. I just logged in and triggered the crash, then logged out.

http://0x0.st/Hwjd.txt

seth · 2023-11-25 20:15:01

Feel relaxed, I could not have read or respond half of that time anyway.

Does it happen w/o the GPU (there's a recent pattern of ugly amdgpu oopses; nothing of that in your journal, but still try)

killall chromium
chromium --disable-gpu

The other thing that immediately caught my eye is fcitx5 - do you critically rely on that? Can you try without it?

Edit: and a third thing, you're running pulseaudio and pipewire - you probably want to use https://archlinux.org/packages/extra/x8 … ire-pulse/

Last edited by seth (2023-11-25 20:18:30)

another · 2023-11-26 08:13:23

Hi,
got hit with the FFmpegGlue bug as well while opening https://www.tesla.com/ownersmanual/mode … 18787.html .

Even with `--disable-gpu`. Even in a brand new profile.

Program terminated with signal SIGILL, Illegal instruction.
#0  0x0000564c1086a273 in media::FFmpegGlue::OpenContext(bool) ()
=> 0x0000564c1086a273 <_ZN5media10FFmpegGlue11OpenContextEb+627>:	0f 0b              	ud2

(gdb) disassemble $pc-16,$pc+16
Dump of assembler code from 0x564c1086a263 to 0x564c1086a283:
   0x0000564c1086a263 <_ZN5media10FFmpegGlue11OpenContextEb+611>:	add    BYTE PTR [rax],al
   0x0000564c1086a265 <_ZN5media10FFmpegGlue11OpenContextEb+613>:	mov    r14d,DWORD PTR [r14+0x18]
   0x0000564c1086a269 <_ZN5media10FFmpegGlue11OpenContextEb+617>:	test   r14d,r14d
   0x0000564c1086a26c <_ZN5media10FFmpegGlue11OpenContextEb+620>:	jne    0x564c1086a30b <_ZN5media10FFmpegGlue11OpenContextEb+779>
   0x0000564c1086a272 <_ZN5media10FFmpegGlue11OpenContextEb+626>:	int3
=> 0x0000564c1086a273 <_ZN5media10FFmpegGlue11OpenContextEb+627>:	ud2
   0x0000564c1086a275 <_ZN5media10FFmpegGlue11OpenContextEb+629>:	xor    r15d,r15d
   0x0000564c1086a278 <_ZN5media10FFmpegGlue11OpenContextEb+632>:	jmp    0x564c1086a332 <_ZN5media10FFmpegGlue11OpenContextEb+818>
   0x0000564c1086a27d <_ZN5media10FFmpegGlue11OpenContextEb+637>:	mov    DWORD PTR [r14+0x18],0x19
End of assembler dump.

Anyway, here's is the upstream bug report: https://bugs.chromium.org/p/chromium/is … id=1494905

nash · 2023-11-26 23:23:23

seth wrote:

Does it happen w/o the GPU

Yes it does.

seth wrote:

The other thing that immediately caught my eye is fcitx5

I use it for Japanese input. I think it might be a can of worms tho cause I use Mozc as the IME and it seems it hasn't been updated in quite a while.

Also the env variables that the wiki specifies (GTK_IM_MODULE, etc) were defined in the pam_envirnment file which apparently is obsolete now so those variables never get defined. However, the input still works. Maybe it has to do with KDE. I will have to take a look at that.

seth wrote:

and a third thing, you're running pulseaudio and pipewire - you probably want to use https://archlinux.org/packages/extra/x8 … ire-pulse/

Ok thanks.

another wrote:

got hit with the FFmpegGlue bug as well

That breaks for me too. Does the MAL link in the op break for u as well?

another wrote:

here's is the upstream bug report

Thanks. I will try to keep up with that

kittykat · 2023-11-27 02:03:46

Though I had what appeared to be the same problem that I could replicate on 2 different machines.

I can confirm that after recent updates I can no longer replicate the issue on either machine.

linux: 6.6.2.arch1-1
chromium: 119.0.6045.159-1

another · 2023-11-27 06:54:51

nash wrote:

another wrote:
got hit with the FFmpegGlue bug as well
That breaks for me too. Does the MAL link in the op break for u as well?

Just tried it and yes, it breaks as well.

Program terminated with signal SIGILL, Illegal instruction.
#0  0x000055c2307f0694 in blink::NGLineBreaker::BreakText(blink::NGInlineItemResult*, blink::NGInlineItem const&, blink::ShapeResult const&, blink::LayoutUnit, blink::LayoutUnit, blink::NGLineInfo*) ()
=> 0x000055c2307f0694 <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2116>:	0f 0b              	ud2

(gdb) disassemble /r $pc-32,$pc+32
Dump of assembler code from 0x55c2307f0674 to 0x55c2307f06b4:
   0x000055c2307f0674 <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2084>:	89 e7              	mov    edi,esp
   0x000055c2307f0676 <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2086>:	e8 15 2d 85 ff     	call   0x55c230043390 <_ZN3WTF13StringBuilderD2Ev>
   0x000055c2307f067b <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2091>:	e9 5f fc ff ff     	jmp    0x55c2307f02df <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+1167>
   0x000055c2307f0680 <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2096>:	67 0f b9 40 02     	ud1    eax,DWORD PTR [eax+0x2]
   0x000055c2307f0685 <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2101>:	e8 96 c6 32 03     	call   0x55c233b1cd20 <__stack_chk_fail@plt>
   0x000055c2307f068a <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2106>:	cc                 	int3
   0x000055c2307f068b <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2107>:	0f 0b              	ud2
   0x000055c2307f068d <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2109>:	cc                 	int3
   0x000055c2307f068e <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2110>:	0f 0b              	ud2
   0x000055c2307f0690 <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2112>:	cc                 	int3
   0x000055c2307f0691 <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2113>:	0f 0b              	ud2
   0x000055c2307f0693 <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2115>:	cc                 	int3
=> 0x000055c2307f0694 <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2116>:	0f 0b              	ud2
   0x000055c2307f0696 <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2118>:	cc                 	int3
   0x000055c2307f0697 <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2119>:	0f 0b              	ud2
   0x000055c2307f0699 <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2121>:	cc                 	int3
   0x000055c2307f069a <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2122>:	0f 0b              	ud2
   0x000055c2307f069c <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2124>:	cc                 	int3
   0x000055c2307f069d <_ZN5blink13NGLineBreaker9BreakTextEPNS_18NGInlineItemResultERKNS_12NGInlineItemERKNS_11ShapeResultENS_10LayoutUnitES9_PNS_10NGLineInfoE+2125>:	0f 0b              	ud2
   0x000055c2307f069f:	cc                 	int3
   0x000055c2307f06a0 <_ZN5blink13NGLineBreaker6RewindEjPNS_10NGLineInfoE+0>:	55                 	push   rbp
   0x000055c2307f06a1 <_ZN5blink13NGLineBreaker6RewindEjPNS_10NGLineInfoE+1>:	48 89 e5           	mov    rbp,rsp
   0x000055c2307f06a4 <_ZN5blink13NGLineBreaker6RewindEjPNS_10NGLineInfoE+4>:	41 57              	push   r15
   0x000055c2307f06a6 <_ZN5blink13NGLineBreaker6RewindEjPNS_10NGLineInfoE+6>:	41 56              	push   r14
   0x000055c2307f06a8 <_ZN5blink13NGLineBreaker6RewindEjPNS_10NGLineInfoE+8>:	41 55              	push   r13
   0x000055c2307f06aa <_ZN5blink13NGLineBreaker6RewindEjPNS_10NGLineInfoE+10>:	41 54              	push   r12
   0x000055c2307f06ac <_ZN5blink13NGLineBreaker6RewindEjPNS_10NGLineInfoE+12>:	53                 	push   rbx
   0x000055c2307f06ad <_ZN5blink13NGLineBreaker6RewindEjPNS_10NGLineInfoE+13>:	48 83 ec 18        	sub    rsp,0x18
   0x000055c2307f06b1 <_ZN5blink13NGLineBreaker6RewindEjPNS_10NGLineInfoE+17>:	49 89 d6           	mov    r14,rdx
End of assembler dump.

Note: I do not have fcitx5 installed.

nash · 2023-11-28 23:02:07

kittykat wrote:

I can confirm that after recent updates I can no longer replicate the issue on either machine.

I'm on the same versions and it still breaks. Did anything else change for you?

malta · 2023-11-29 00:28:09

same issue with me. using the latest chromium. but only in a few websites.

nash wrote:

Apparently this happens in other chromium based browsers in other distros as well and sometimes the cause appears to be faulty hardware. I really hope it's not that. I've yet to run CPU and RAM checks. I have an Intel i5-7400.

I have thorium installed also (chromium based browser) but this issue does not occur there. only chromium. maybe some config in there does the trick.

nash · 2023-11-29 01:19:10

We've tested with vivaldi and it broke there as well. Maybe thorium hasn't pulled the chromium version that's causing the issue?

malta · 2023-11-29 02:01:15

thorium is using chromium version 117

malta · 2023-11-29 02:11:33

just downgraded to chromium 117 and the issue is gone. the problem is with chromium vesion 118 and 119.

Last edited by malta (2023-11-29 02:18:08)

nash · 2023-11-29 03:05:38

malta wrote:

the problem is with chromium vesion 118 and 119.

Yep. A post in the chromium bug report says something related to that.

Unfortunately since arch doesn't support partial upgrades, downgrading isn't a solution.

At this point it's probably just a chromium bug that we can't do much about other than report it and give some info I think.

malta · 2023-11-29 04:03:20

nash wrote:

Unfortunately since arch doesn't support partial upgrades, downgrading isn't a solution.

don't know what exactly you mean by that. but you can use downgrade app to go to 117 and mark the package to ignore updates. you'll be able upgrade the whole system except chromium. when a working version comes out, just remove the mark.

seth · 2023-11-29 07:38:38

https://wiki.archlinux.org/title/System … nsupported
But that doesn't mean you can't try - you just have to be aware what you're doing and be prepared for resulting issues.
But if/as long as the downgraded chromium works better, there's nothing fundamentally wrong in using that.
It gets way more dicy when you downgrade some of the foundational libraries against new versions of their clients etc.

malta · 2023-12-06 10:19:21

new version 120 solved the problem

kittykat · 2023-12-06 11:33:05

nash wrote:

kittykat wrote:
I can confirm that after recent updates I can no longer replicate the issue on either machine.
I'm on the same versions and it still breaks. Did anything else change for you?

Nothing that I'm aware of. But everything is still going fine for me now, so what ever was causing it for me is fixed.

I'm using all arch packages for most things, and these are my current ffmpeg versions.
ffmpeg 2:6.1-1
ffmpeg4.4 4.4.4-3

Arch Linux

#26 2023-11-14 21:38:33

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#27 2023-11-14 21:58:06

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#28 2023-11-14 22:15:08

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#29 2023-11-14 22:19:25

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#30 2023-11-14 23:40:27

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#31 2023-11-17 17:18:51

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#32 2023-11-17 21:14:39

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#33 2023-11-18 16:19:17

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#34 2023-11-18 20:19:10

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#35 2023-11-23 15:35:07

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#36 2023-11-25 20:15:01

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#37 2023-11-26 08:13:23

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#38 2023-11-26 23:23:23

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#39 2023-11-27 02:03:46

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#40 2023-11-27 06:54:51

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#41 2023-11-28 23:02:07

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#42 2023-11-29 00:28:09

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#43 2023-11-29 01:19:10

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#44 2023-11-29 02:01:15

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#45 2023-11-29 02:11:33

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#46 2023-11-29 03:05:38

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#47 2023-11-29 04:03:20

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#48 2023-11-29 07:38:38

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#49 2023-12-06 10:19:21

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

#50 2023-12-06 11:33:05

Re: [SOLVED] "Aw, Snap!" error in Chromium. Trap invalid opcode

Board footer