Bug 108619 (32bitjavacrash) - Java Crash on x86 in jfw_plugin_startJavaVirtualMachine w/ recent linux kernels
Summary: Java Crash on x86 in jfw_plugin_startJavaVirtualMachine w/ recent linux kernels
Status: RESOLVED NOTOURBUG
Alias: 32bitjavacrash
Product: LibreOffice
Classification: Unclassified
Component: LibreOffice (show other bugs)
Version:
(earliest affected)
5.2.7.2 release
Hardware: x86 (IA32) Linux (All)
: highest critical
Assignee: Not Assigned
URL: http://nabble.documentfoundation.org/...
Whiteboard:
Keywords: haveBacktrace
: 108854 109014 109101 109327 110748 112357 112479 112930 113491 113904 114638 114639 114689 114898 114977 115222 115631 118677 119078 119487 119614 122062 (view as bug list)
Depends on:
Blocks:
 
Reported: 2017-06-18 14:20 UTC by Xavier Van Wijmeersch
Modified: 2019-04-04 13:00 UTC (History)
24 users (show)

See Also:
Crash report or crash signature:


Attachments
starting backtrace with scalc (12.56 KB, text/plain)
2017-06-18 14:20 UTC, Xavier Van Wijmeersch
Details
bactrace for openjdk7 (15.28 KB, text/x-log)
2017-06-27 15:32 UTC, Xavier Van Wijmeersch
Details
strace for openjdk (4.07 MB, text/x-log)
2017-06-27 15:33 UTC, Xavier Van Wijmeersch
Details
full backtrace with debug symbols of base crashing at database creation (39.77 KB, text/plain)
2017-07-05 15:54 UTC, Olivier Tilloy
Details
backtrace for LibreOffice Writer 5.2.7.2 on Debian Stretch x86 (45.90 KB, text/plain)
2017-07-05 17:40 UTC, Norbert X
Details
backtrace for LibreOffice Base 5.2.7.2 on Debian Stretch x86 (43.53 KB, text/plain)
2017-07-05 19:52 UTC, Norbert X
Details
backtrace for LibreOffice Writer 5.1.6.2 on Ubuntu 16.04 LTS x86 (58.76 KB, text/plain)
2017-07-05 21:38 UTC, Norbert X
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Xavier Van Wijmeersch 2017-06-18 14:20:40 UTC
Created attachment 134111 [details]
starting backtrace with scalc

I started scalc V6.0.0.0alpha1 with backtrace
and it crashed
its not always reproduced
Comment 1 Buovjaga 2017-06-27 12:54:57 UTC
René Engelhard pointed to something similar:
https://buildd.debian.org/status/fetch.php?pkg=libreoffice&arch=i386&ver=1%3A5.3.4-1&stamp=1498442560&raw=0)

#0 0xead28975 in _expand_stack_to(unsigned char*) () from /usr/lib/jvm/java-8-openjdk-i386/jre/lib/i386/server/libjvm.so 

He commented:
"Linux's stack clash fixes break Java (and thus whenever LO tries to use Java)"

Not sure, if related.
Comment 2 Michael Stahl (CIB) 2017-06-27 13:01:59 UTC
the JVM regularly receives SIGSEGV especially during startup,
and that is annoying but not a problem at all.

if Calc does indeed crash, that must be a later SIGSEGV that is
not handled by the JVM.

please attach a backtrace of the last SIGSEGV i.e. the one
that is in LO code and isn't handled by JVM.
Comment 3 Xavier Van Wijmeersch 2017-06-27 14:42:31 UTC
thanks for the info and i have tested with openjdk7 and no crashes anymore
second i fond that it loaded the file faster than with openjdk8

thanks again
Comment 4 Xavier Van Wijmeersch 2017-06-27 15:30:59 UTC
Sorry is spoke to soon
crashes with openjdk7 i have backtrace and strace logs
Comment 5 Xavier Van Wijmeersch 2017-06-27 15:32:07 UTC
Created attachment 134315 [details]
bactrace for openjdk7
Comment 6 Xavier Van Wijmeersch 2017-06-27 15:33:16 UTC
Created attachment 134316 [details]
strace for openjdk

wil test without java in advance options
Comment 7 Xavier Van Wijmeersch 2017-06-27 15:42:06 UTC
i have downloaded the 5.3.4.2 and there are is no crash
now i don't now anymore
Comment 8 Olivier Tilloy 2017-07-05 15:53:22 UTC
That specific crash has been reported both on debian (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865303) and ubuntu (https://launchpad.net/bugs/1702165). It started happening with a recent linux kernel update related to stack clash fixes (see https://launchpad.net/bugs/1699772). Subsequent kernel updates appear to have fixed all userspace apps affected by that crash, except for libreoffice on x86, which is still crashing. Libreoffice on x86-64 is fine.

I can reliably reproduce the crash in an Ubuntu 17.04 x86 virtual machine by ensuring that java is enabled in libreoffice's advanced options (using the openjdk-8 package), launching base and creating a new database.

A full backtrace with debug symbols is available there: https://launchpadlibrarian.net/326892034/libreoffice-base-zesty-full-backtrace.txt.
Comment 9 Olivier Tilloy 2017-07-05 15:54:47 UTC
Created attachment 134497 [details]
full backtrace with debug symbols of base crashing at database creation

Attaching the full backtrace I mentioned above.
Comment 10 Norbert X 2017-07-05 17:40:58 UTC
Created attachment 134499 [details]
backtrace for LibreOffice Writer 5.2.7.2 on Debian Stretch x86

This problem was discovered in LibreOffice Writer 5.2.7.2 on Debian Stretch (see for example my backtrace at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865303#220 ) or in attachment.
In brief:
#0  0xa904a975 in _expand_stack_to(address) (bottom=0xbf805fff <error: Cannot access memory at address 0xbf805fff>, bottom@entry=0xbf805000 <error: Cannot access memory at address 0xbf805000>)
    at ./src/hotspot/src/os/linux/vm/os_linux.cpp:673
        sp = 0xbfffcc88 "\r"
        size = 8350857
        p = 0xbf805fe0 <error: Cannot access memory at address 0xbf805fe0>
#1  0xa904d184 in os::Linux::manually_expand_stack(JavaThread*, unsigned char*) (t=0x8106c800, addr=0xbf805000 <error: Cannot access memory at address 0xbf805000>) at ./src/hotspot/src/os/linux/vm/os_linux.cpp:686
        mask_all = {__val = {2147483647, 4294967294, 4294967295 <repeats 30 times>}}
        old_sigset = 
            {__val = {0, 0, 3221212536, 3221212568, 2829768134, 96, 3221212536, 2835641696, 3017451961, 2164710288, 2164710288, 2839724032, 2835430804, 2164710320, 2837838588, 63, 2835430768, 2839724032, 2164717328, 3221212616, 2835654623, 2164710288, 0, 2837838588, 1, 180, 3221212616, 2835654507, 2839724032, 2164717328, 2164717328, 3221212648}}
        t = 0x8106c800
        addr = 0xbf805000 <error: Cannot access memory at address 0xbf805000>



I do not know how many users use Java in Writer, but it is enabled by default and Writer silently crashes.
It's critical bug!
Comment 11 Norbert X 2017-07-05 19:52:40 UTC
Created attachment 134502 [details]
backtrace for LibreOffice Base 5.2.7.2 on Debian Stretch x86

Base in Debian Stretch x86 is affected too (see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865303#225 ).

I ran "gdb --args /usr/lib/libreoffice/program/soffice.bin --base", 'run', in Database Wizard selected 'Create a new database', 'Embedded database:' -> 'HSQLDB Embedded', click 'Next', click 'Finish', save database file in /tmp/db.odb.

Backtrace in brief:
#0  0xa24e7975 in _expand_stack_to(address) (bottom=0xbf805fff <error: Cannot access memory at address 0xbf805fff>, bottom@entry=0xbf805000 <error: Cannot access memory at address 0xbf805000>)
    at ./src/hotspot/src/os/linux/vm/os_linux.cpp:673
        sp = 0xbfffc6c8 "\r"
        size = 8349385
        p = 0xbf805fe0 <error: Cannot access memory at address 0xbf805fe0>
#1  0xa24ea184 in os::Linux::manually_expand_stack(JavaThread*, unsigned char*) (t=0x8112d800, addr=0xbf805000 <error: Cannot access memory at address 0xbf805000>) at ./src/hotspot/src/os/linux/vm/os_linux.cpp:686
        mask_all = {__val = {2147483647, 4294967294, 4294967295 <repeats 30 times>}}
        old_sigset = 
            {__val = {0, 0, 3221211064, 3221211096, 2717164998, 96, 3221211064, 2723038560, 3017451961, 2165500688, 2165500688, 2727120896, 2722827668, 2165500720, 2725235452, 63, 2722827632, 2727120896, 2165500504, 3221211144, 2723051487, 2165500688, 0, 2725235452, 1, 180, 3221211144, 2723051371, 2727120896, 2165500504, 2165500504, 3221211176}}
        t = 0x8112d800
        addr = 0xbf805000 <error: Cannot access memory at address 0xbf805000>
Comment 12 Norbert X 2017-07-05 21:32:10 UTC
LibreOffice Base 5.3.1.2 on Ubuntu 17.04 x86 is affected too. I can't get backtrace here.
Comment 13 Norbert X 2017-07-05 21:38:49 UTC
Created attachment 134504 [details]
backtrace for LibreOffice Writer 5.1.6.2 on Ubuntu 16.04 LTS x86

LibreOffice Base 5.1.6.2 on Ubuntu 16.04 LTS x86 is affected too. 
See attached backtrace (jfw_plugin_startJavaVirtualMachine is mentioned here).
Comment 14 Norbert X 2017-07-05 21:49:16 UTC
It seems that bug may be fixed soon in kernel (see https://lkml.org/lkml/2017/7/3/1008 ), not in LibreOffice.
I'm sorry for the noise.
Comment 15 Xisco Faulí 2017-07-10 12:25:49 UTC
(In reply to Norbert X from comment #14)
> It seems that bug may be fixed soon in kernel (see
> https://lkml.org/lkml/2017/7/3/1008 ), not in LibreOffice.
> I'm sorry for the noise.

Thank your very much for investigating it.
I guess we can close this as RESOLVED NOTOURBUG
Comment 16 Luke 2017-07-24 02:49:50 UTC
There are 2 workarounds for this issue:

Add kernel parameter stack_guard_gap=1

Or 

Start Libreoffice, click on Tools, click on options and under Libreoffice section click on Advanced.
And instead of changing parameteres, considering I don't use java in Libreoffice, I've simply deselected "Use a Java runtime environment".

from: https://bbs.archlinux.org/viewtopic.php?id=227597
Comment 17 Christian Lohmaier 2017-07-25 14:52:56 UTC
pointers to the openjdk code / showing why only 32bit is affected

https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1437925.html
Comment 18 Michael Stahl (CIB) 2017-07-28 11:52:07 UTC
*** Bug 109327 has been marked as a duplicate of this bug. ***
Comment 19 Alex Thurgood 2017-07-31 11:54:44 UTC
*** Bug 108854 has been marked as a duplicate of this bug. ***
Comment 20 Alex Thurgood 2017-07-31 11:54:52 UTC
*** Bug 109101 has been marked as a duplicate of this bug. ***
Comment 21 Alex Thurgood 2017-08-03 08:19:49 UTC
*** Bug 110748 has been marked as a duplicate of this bug. ***
Comment 22 Michael Stahl (CIB) 2017-08-16 11:34:28 UTC
*** Bug 109014 has been marked as a duplicate of this bug. ***
Comment 23 Alex Thurgood 2017-09-13 08:34:12 UTC
*** Bug 112357 has been marked as a duplicate of this bug. ***
Comment 24 Alex Thurgood 2017-09-19 07:40:09 UTC
*** Bug 112479 has been marked as a duplicate of this bug. ***
Comment 25 Luke 2017-09-23 16:23:01 UTC
The build time manifestation of this bug is a CppunitTest_dbaccess_hsqldb_test or CppunitTest_dbaccess_RowSetClones test failure. For details see:

http://nabble.documentfoundation.org/CppunitTest-dbaccess-hsqldb-test-CppunitTest-dbaccess-RowSetClones-Failing-after-System-Update-td4218769.html
Comment 26 Xisco Faulí 2017-10-08 10:17:39 UTC
*** Bug 112930 has been marked as a duplicate of this bug. ***
Comment 27 Julien Nabet 2017-10-29 20:19:49 UTC
*** Bug 113491 has been marked as a duplicate of this bug. ***
Comment 28 Buovjaga 2017-11-17 18:55:53 UTC
*** Bug 113904 has been marked as a duplicate of this bug. ***
Comment 29 Mike Kaganski 2017-12-25 16:52:05 UTC
*** Bug 114689 has been marked as a duplicate of this bug. ***
Comment 30 Mike Kaganski 2018-01-07 20:13:46 UTC
*** Bug 114898 has been marked as a duplicate of this bug. ***
Comment 31 Xisco Faulí 2018-01-10 10:13:13 UTC
*** Bug 114639 has been marked as a duplicate of this bug. ***
Comment 32 Xisco Faulí 2018-01-10 10:15:56 UTC
*** Bug 114638 has been marked as a duplicate of this bug. ***
Comment 33 Aron Budea 2018-01-12 12:50:13 UTC
*** Bug 114977 has been marked as a duplicate of this bug. ***
Comment 34 Jan-Peter Rühmann 2018-01-12 13:04:15 UTC
Why then every other Java Programm not showing errors?
LibreOffice is the only one.
Thanks,
Comment 35 Julien Nabet 2018-02-11 20:06:59 UTC
*** Bug 115631 has been marked as a duplicate of this bug. ***
Comment 36 Xisco Faulí 2018-02-13 11:57:42 UTC
*** Bug 115222 has been marked as a duplicate of this bug. ***
Comment 37 Xisco Faulí 2018-07-18 21:39:21 UTC
*** Bug 118677 has been marked as a duplicate of this bug. ***
Comment 38 Xisco Faulí 2018-08-27 08:16:57 UTC
*** Bug 119078 has been marked as a duplicate of this bug. ***
Comment 39 Xisco Faulí 2018-08-27 08:17:52 UTC
*** Bug 119487 has been marked as a duplicate of this bug. ***
Comment 40 Buovjaga 2018-09-24 07:04:41 UTC
*** Bug 119614 has been marked as a duplicate of this bug. ***
Comment 41 Xisco Faulí 2018-12-14 11:42:32 UTC
*** Bug 122062 has been marked as a duplicate of this bug. ***
Comment 42 Dave Notman 2018-12-15 19:17:57 UTC Comment hidden (obsolete)
Comment 43 Luke 2019-02-27 19:30:34 UTC
(In reply to Dave Notman from comment #42)
> "stack_guard_gap" isn't a valid kernel parameter.

Yes, the correct parameter "stack_guard_gap=1"

With ubuntu 18.04.2 32-bit, the master branch is building with this parameter.