108619 – (32bitjavacrash) Java Crash on x86 in jfw_plugin_startJavaVirtualMachine w/ recent linux kernels

Bug 108619 (32bitjavacrash) - Java Crash on x86 in jfw_plugin_startJavaVirtualMachine w/ recent linux kernels

Summary: Java Crash on x86 in jfw_plugin_startJavaVirtualMachine w/ recent linux kernels

Status:	RESOLVED NOTOURBUG

Alias:	32bitjavacrash

Product:	LibreOffice
Classification:	Unclassified
Component:	LibreOffice (show other bugs)
Version: (earliest affected)	5.2.7.2 release
Hardware:	x86 (IA32) Linux (All)

Importance:	highest critical
Assignee:	Not Assigned

URL:	http://nabble.documentfoundation.org/...
Whiteboard:
Keywords:	haveBacktrace

Duplicates (22):	108854 109014 109101 109327 110748 112357 112479 112930 113491 113904 114638 114639 114689 114898 114977 115222 115631 118677 119078 119487 119614 122062 (view as bug list)
Depends on:
Blocks:

Reported:	2017-06-18 14:20 UTC by Xavier Van Wijmeersch
Modified:	2021-09-29 08:37 UTC (History)
CC List:	24 users (show)

See Also:	http://bugs.debian.org/865303 https://launchpad.net/bugs/1699772 https://bugzilla.redhat.com/show_bug.cgi?id=1468436 110748 114689 114898
Crash report or crash signature:

Attachments
starting backtrace with scalc (12.56 KB, text/plain) 2017-06-18 14:20 UTC, Xavier Van Wijmeersch	Details
bactrace for openjdk7 (15.28 KB, text/x-log) 2017-06-27 15:32 UTC, Xavier Van Wijmeersch	Details
strace for openjdk (4.07 MB, text/x-log) 2017-06-27 15:33 UTC, Xavier Van Wijmeersch	Details
full backtrace with debug symbols of base crashing at database creation (39.77 KB, text/plain) 2017-07-05 15:54 UTC, Olivier Tilloy	Details
backtrace for LibreOffice Writer 5.2.7.2 on Debian Stretch x86 (45.90 KB, text/plain) 2017-07-05 17:40 UTC, Norbert X	Details
backtrace for LibreOffice Base 5.2.7.2 on Debian Stretch x86 (43.53 KB, text/plain) 2017-07-05 19:52 UTC, Norbert X	Details
backtrace for LibreOffice Writer 5.1.6.2 on Ubuntu 16.04 LTS x86 (58.76 KB, text/plain) 2017-07-05 21:38 UTC, Norbert X	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Xavier Van Wijmeersch 2017-06-18 14:20:40 UTC

Created attachment 134111 [details]
starting backtrace with scalc

I started scalc V6.0.0.0alpha1 with backtrace
and it crashed
its not always reproduced

Comment 1 Buovjaga 2017-06-27 12:54:57 UTC

René Engelhard pointed to something similar:
https://buildd.debian.org/status/fetch.php?pkg=libreoffice&arch=i386&ver=1%3A5.3.4-1&stamp=1498442560&raw=0)

#0 0xead28975 in _expand_stack_to(unsigned char*) () from /usr/lib/jvm/java-8-openjdk-i386/jre/lib/i386/server/libjvm.so 

He commented:
"Linux's stack clash fixes break Java (and thus whenever LO tries to use Java)"

Not sure, if related.

Comment 2 Michael Stahl (allotropia) 2017-06-27 13:01:59 UTC

the JVM regularly receives SIGSEGV especially during startup,
and that is annoying but not a problem at all.

if Calc does indeed crash, that must be a later SIGSEGV that is
not handled by the JVM.

please attach a backtrace of the last SIGSEGV i.e. the one
that is in LO code and isn't handled by JVM.

Comment 3 Xavier Van Wijmeersch 2017-06-27 14:42:31 UTC

thanks for the info and i have tested with openjdk7 and no crashes anymore
second i fond that it loaded the file faster than with openjdk8

thanks again

Comment 4 Xavier Van Wijmeersch 2017-06-27 15:30:59 UTC

Sorry is spoke to soon
crashes with openjdk7 i have backtrace and strace logs

Comment 5 Xavier Van Wijmeersch 2017-06-27 15:32:07 UTC

Created attachment 134315 [details]
bactrace for openjdk7

Comment 6 Xavier Van Wijmeersch 2017-06-27 15:33:16 UTC

Created attachment 134316 [details]
strace for openjdk

wil test without java in advance options

Comment 7 Xavier Van Wijmeersch 2017-06-27 15:42:06 UTC

i have downloaded the 5.3.4.2 and there are is no crash
now i don't now anymore

Comment 8 Olivier Tilloy 2017-07-05 15:53:22 UTC

That specific crash has been reported both on debian (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865303) and ubuntu (https://launchpad.net/bugs/1702165). It started happening with a recent linux kernel update related to stack clash fixes (see https://launchpad.net/bugs/1699772). Subsequent kernel updates appear to have fixed all userspace apps affected by that crash, except for libreoffice on x86, which is still crashing. Libreoffice on x86-64 is fine.

I can reliably reproduce the crash in an Ubuntu 17.04 x86 virtual machine by ensuring that java is enabled in libreoffice's advanced options (using the openjdk-8 package), launching base and creating a new database.

A full backtrace with debug symbols is available there: https://launchpadlibrarian.net/326892034/libreoffice-base-zesty-full-backtrace.txt.

Comment 9 Olivier Tilloy 2017-07-05 15:54:47 UTC

Created attachment 134497 [details]
full backtrace with debug symbols of base crashing at database creation

Attaching the full backtrace I mentioned above.

Comment 10 Norbert X 2017-07-05 17:40:58 UTC

Created attachment 134499 [details]
backtrace for LibreOffice Writer 5.2.7.2 on Debian Stretch x86

This problem was discovered in LibreOffice Writer 5.2.7.2 on Debian Stretch (see for example my backtrace at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865303#220 ) or in attachment.
In brief:
#0  0xa904a975 in _expand_stack_to(address) (bottom=0xbf805fff <error: Cannot access memory at address 0xbf805fff>, bottom@entry=0xbf805000 <error: Cannot access memory at address 0xbf805000>)
    at ./src/hotspot/src/os/linux/vm/os_linux.cpp:673
        sp = 0xbfffcc88 "\r"
        size = 8350857
        p = 0xbf805fe0 <error: Cannot access memory at address 0xbf805fe0>
#1  0xa904d184 in os::Linux::manually_expand_stack(JavaThread*, unsigned char*) (t=0x8106c800, addr=0xbf805000 <error: Cannot access memory at address 0xbf805000>) at ./src/hotspot/src/os/linux/vm/os_linux.cpp:686
        mask_all = {__val = {2147483647, 4294967294, 4294967295 <repeats 30 times>}}
        old_sigset = 
            {__val = {0, 0, 3221212536, 3221212568, 2829768134, 96, 3221212536, 2835641696, 3017451961, 2164710288, 2164710288, 2839724032, 2835430804, 2164710320, 2837838588, 63, 2835430768, 2839724032, 2164717328, 3221212616, 2835654623, 2164710288, 0, 2837838588, 1, 180, 3221212616, 2835654507, 2839724032, 2164717328, 2164717328, 3221212648}}
        t = 0x8106c800
        addr = 0xbf805000 <error: Cannot access memory at address 0xbf805000>



I do not know how many users use Java in Writer, but it is enabled by default and Writer silently crashes.
It's critical bug!

Comment 11 Norbert X 2017-07-05 19:52:40 UTC

Created attachment 134502 [details]
backtrace for LibreOffice Base 5.2.7.2 on Debian Stretch x86

Base in Debian Stretch x86 is affected too (see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865303#225 ).

I ran "gdb --args /usr/lib/libreoffice/program/soffice.bin --base", 'run', in Database Wizard selected 'Create a new database', 'Embedded database:' -> 'HSQLDB Embedded', click 'Next', click 'Finish', save database file in /tmp/db.odb.

Backtrace in brief:
#0  0xa24e7975 in _expand_stack_to(address) (bottom=0xbf805fff <error: Cannot access memory at address 0xbf805fff>, bottom@entry=0xbf805000 <error: Cannot access memory at address 0xbf805000>)
    at ./src/hotspot/src/os/linux/vm/os_linux.cpp:673
        sp = 0xbfffc6c8 "\r"
        size = 8349385
        p = 0xbf805fe0 <error: Cannot access memory at address 0xbf805fe0>
#1  0xa24ea184 in os::Linux::manually_expand_stack(JavaThread*, unsigned char*) (t=0x8112d800, addr=0xbf805000 <error: Cannot access memory at address 0xbf805000>) at ./src/hotspot/src/os/linux/vm/os_linux.cpp:686
        mask_all = {__val = {2147483647, 4294967294, 4294967295 <repeats 30 times>}}
        old_sigset = 
            {__val = {0, 0, 3221211064, 3221211096, 2717164998, 96, 3221211064, 2723038560, 3017451961, 2165500688, 2165500688, 2727120896, 2722827668, 2165500720, 2725235452, 63, 2722827632, 2727120896, 2165500504, 3221211144, 2723051487, 2165500688, 0, 2725235452, 1, 180, 3221211144, 2723051371, 2727120896, 2165500504, 2165500504, 3221211176}}
        t = 0x8112d800
        addr = 0xbf805000 <error: Cannot access memory at address 0xbf805000>

Comment 12 Norbert X 2017-07-05 21:32:10 UTC

LibreOffice Base 5.3.1.2 on Ubuntu 17.04 x86 is affected too. I can't get backtrace here.

Comment 13 Norbert X 2017-07-05 21:38:49 UTC

Created attachment 134504 [details]
backtrace for LibreOffice Writer 5.1.6.2 on Ubuntu 16.04 LTS x86

LibreOffice Base 5.1.6.2 on Ubuntu 16.04 LTS x86 is affected too. 
See attached backtrace (jfw_plugin_startJavaVirtualMachine is mentioned here).

Comment 14 Norbert X 2017-07-05 21:49:16 UTC

It seems that bug may be fixed soon in kernel (see https://lkml.org/lkml/2017/7/3/1008 ), not in LibreOffice.
I'm sorry for the noise.

Comment 15 Xisco Faulí 2017-07-10 12:25:49 UTC

(In reply to Norbert X from comment #14)
> It seems that bug may be fixed soon in kernel (see
> https://lkml.org/lkml/2017/7/3/1008 ), not in LibreOffice.
> I'm sorry for the noise.

Thank your very much for investigating it.
I guess we can close this as RESOLVED NOTOURBUG

Comment 16 Luke 2017-07-24 02:49:50 UTC

There are 2 workarounds for this issue:

Add kernel parameter stack_guard_gap=1

Or 

Start Libreoffice, click on Tools, click on options and under Libreoffice section click on Advanced.
And instead of changing parameteres, considering I don't use java in Libreoffice, I've simply deselected "Use a Java runtime environment".

from: https://bbs.archlinux.org/viewtopic.php?id=227597

Comment 17 Christian Lohmaier 2017-07-25 14:52:56 UTC

pointers to the openjdk code / showing why only 32bit is affected

https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1437925.html

Comment 18 Michael Stahl (allotropia) 2017-07-28 11:52:07 UTC

*** Bug 109327 has been marked as a duplicate of this bug. ***

Comment 19 Alex Thurgood 2017-07-31 11:54:44 UTC

*** Bug 108854 has been marked as a duplicate of this bug. ***

Comment 20 Alex Thurgood 2017-07-31 11:54:52 UTC

*** Bug 109101 has been marked as a duplicate of this bug. ***

Comment 21 Alex Thurgood 2017-08-03 08:19:49 UTC

*** Bug 110748 has been marked as a duplicate of this bug. ***

Comment 22 Michael Stahl (allotropia) 2017-08-16 11:34:28 UTC

*** Bug 109014 has been marked as a duplicate of this bug. ***

Comment 23 Alex Thurgood 2017-09-13 08:34:12 UTC

*** Bug 112357 has been marked as a duplicate of this bug. ***

Comment 24 Alex Thurgood 2017-09-19 07:40:09 UTC

*** Bug 112479 has been marked as a duplicate of this bug. ***

Comment 25 Luke 2017-09-23 16:23:01 UTC

The build time manifestation of this bug is a CppunitTest_dbaccess_hsqldb_test or CppunitTest_dbaccess_RowSetClones test failure. For details see:

http://nabble.documentfoundation.org/CppunitTest-dbaccess-hsqldb-test-CppunitTest-dbaccess-RowSetClones-Failing-after-System-Update-td4218769.html

Comment 26 Xisco Faulí 2017-10-08 10:17:39 UTC

*** Bug 112930 has been marked as a duplicate of this bug. ***

Comment 27 Julien Nabet 2017-10-29 20:19:49 UTC

*** Bug 113491 has been marked as a duplicate of this bug. ***

Comment 28 Buovjaga 2017-11-17 18:55:53 UTC

*** Bug 113904 has been marked as a duplicate of this bug. ***

Comment 29 Mike Kaganski 2017-12-25 16:52:05 UTC

*** Bug 114689 has been marked as a duplicate of this bug. ***

Comment 30 Mike Kaganski 2018-01-07 20:13:46 UTC

*** Bug 114898 has been marked as a duplicate of this bug. ***

Comment 31 Xisco Faulí 2018-01-10 10:13:13 UTC

*** Bug 114639 has been marked as a duplicate of this bug. ***

Comment 32 Xisco Faulí 2018-01-10 10:15:56 UTC

*** Bug 114638 has been marked as a duplicate of this bug. ***

Comment 33 Aron Budea 2018-01-12 12:50:13 UTC

*** Bug 114977 has been marked as a duplicate of this bug. ***

Comment 34 Jan-Peter Rühmann 2018-01-12 13:04:15 UTC

Why then every other Java Programm not showing errors?
LibreOffice is the only one.
Thanks,

Comment 35 Julien Nabet 2018-02-11 20:06:59 UTC

*** Bug 115631 has been marked as a duplicate of this bug. ***

Comment 36 Xisco Faulí 2018-02-13 11:57:42 UTC

*** Bug 115222 has been marked as a duplicate of this bug. ***

Comment 37 Xisco Faulí 2018-07-18 21:39:21 UTC

*** Bug 118677 has been marked as a duplicate of this bug. ***

Comment 38 Xisco Faulí 2018-08-27 08:16:57 UTC

*** Bug 119078 has been marked as a duplicate of this bug. ***

Comment 39 Xisco Faulí 2018-08-27 08:17:52 UTC

*** Bug 119487 has been marked as a duplicate of this bug. ***

Comment 40 Buovjaga 2018-09-24 07:04:41 UTC

*** Bug 119614 has been marked as a duplicate of this bug. ***

Comment 41 Xisco Faulí 2018-12-14 11:42:32 UTC

*** Bug 122062 has been marked as a duplicate of this bug. ***

Comment 42 Dave Notman 2018-12-15 19:17:57 UTC Comment hidden (obsolete)

xubuntu 18.04.1 32-bit (4.15.0-42-generic #45-Ubuntu)

My experience was rather different.  LibreOffice would always crash at a point about 35% through the splash screen, so I couldn't use the UI to disable the use of Java.

I checked with sysctl -a and also by dumping all strings in the kernel, and "stack_guard_gap" isn't a valid kernel parameter.

If I edited the LibreOffice config file "javasettings_Linux_x86.xml"

to look like this:

<?xml version="1.0" encoding="UTF-8"?>
<!--This is a generated file. Do not alter this file!-->
<java xmlns="http://openoffice.org/2004/java/framework/1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<enabled xsi:nil="false"/>
<userClassPath xsi:nil="true"/>
<vmParameters xsi:nil="true"/>
<jreLocations xsi:nil="true"/>
<javaInfo xsi:nil="true"/>
</java>

LibreOffice 6.0.6.2 00m0(Build:2) would find the java virtual machine, update the config file, and then crash as before.

The (partial) solution was to rename /usr/bin/java and /usr/lib/jvm/ AND code the javasettings file as above.  With these steps taken I can at least edit documents in --writer and spreadsheets with --calc.  Creating a native database requires Java, so that doesn't work, but I was able to attach to a spreadsheet and treat it like a database.  Not sure about Access/Jet or SqLite databases yet.

Of course, anything else that requires Java is now broken.  Java version is

OpenJDK Runtime Environment (build 10.0.2+13-Ubuntu-1ubuntu0.18.04.4)
OpenJDK Server VM (build 10.0.2+13-Ubuntu-1ubuntu0.18.04.4, mixed mode)

I tried creating a "Hello World" Java program and it worked as expected.

Hmmm... "Mixed Mode?"  Also, this version of was intended for Ubuntu 18.04.**4**, whereas I have 18.04.**1**.

Comment 43 Luke 2019-02-27 19:30:34 UTC

(In reply to Dave Notman from comment #42)
> "stack_guard_gap" isn't a valid kernel parameter.

Yes, the correct parameter "stack_guard_gap=1"

With ubuntu 18.04.2 32-bit, the master branch is building with this parameter.

Comment 44 funnylittleman76 2021-09-29 08:37:37 UTC Comment hidden (spam)

Very informative post. Thanks for sharing it. <a href="https://www.rubbishremovalgeelong.com.au/">rubbish removal Geelong</a>

79045_79045
afeher
andy.ems
chan2703
cyrille.bernizet
den_lin
dick.stomp
djn4823
djnesic
hjk4LO
ilmari.lauhakangas
jan-peter
jbfaure
jimleslie9
libreofficebugs
lukebenes
nrbrtx
ogoltsoff
olivier.tilloy
preludi
roeldijkema
traumschule
wapirone
xiscofauli