Bug#865303: Bug#865343: SIGSEGV in jsvc / LibreOffice after kernel update

2017-06-26 Thread Sasa Skevin 
I have tested both 3.16.43-2+deb8u2 and 4.9.30-2+deb9u2 and everything
works. Thanks!

Sasa

On Thu, Jun 22, 2017 at 2:03 PM Ben Hutchings  wrote:

> I have candidate fixes for this regression which are available at:
> https://people.debian.org/~benh/packages/CVE-2017-1000364/
>
> The changes files there are signed with my GPG key so you can verify
> them.
>
> (The sources for these are at
> https://anonscm.debian.org/cgit/kernel/linux.git on branches
> benh/{wheezy,jessie,stretch}-security.)
>
> I have tested these using Charles Leclerc's sample jsvc service and my
> own stack clash test program, but would appreciate other testing
> results.
>
> Ben.
>
> --
> Ben Hutchings
> Sturgeon's Law: Ninety percent of everything is crap.
>

Bug#865343: linux-image-4.9.0-3-amd64: On latest kernel java exits with SIGSEGV

2017-06-20 Thread Sasa Skevin 
On Tue, 20 Jun 2017, 22:52 Ben Hutchings,  wrote:

> On Tue, 2017-06-20 at 21:47 +0100, Ben Hutchings wrote:
> > Control: tag -1 - moreinfo
> > Control: notfound -1 4.9.30-2
> > Control: found -1 4.9.30-2+deb9u1
> > Control: found -1 3.16.43-2+deb8u1
> >
> > Thanks for the extra information.
>
> One more question: are these applications started using jsvc?
>

Yes. Initially it was version 1.0.12 but later upgraded to latest 1.0.15
but still issue happened.

Sasa

Bug#865343: linux-image-4.9.0-3-amd64: On latest kernel java exits with SIGSEGV

2017-06-20 Thread Sasa Skevin 
On Tue, Jun 20, 2017 at 9:01 PM Ben Hutchings  wrote:

> >
> > I'm administering several Debian servers of which some are Jessie and
> > some are Stretch. On both of them after upgrading to latest kernel that
> > was released yesterday (4.9 on Stretch and 3.16 on Jessie), Java web
> > applications do not work any more. They stop with SIGSEGV in the Java
> > startup process.
>
> So I think you meant to report this against versions 3.16.43-2+deb8u1
> and 4.9.30-2+deb9u1, not 4.9.30-2.  Is that right?
>

Correct.


> > Have tried more different Java web applications and while booting all of
> > them break with SIGSEGV while Java internaly loads rt.jar.
> >
> > Have tried with Oracle Java 1.8.0_130, Oracje Java 1.8.0_131 and latest
> > OpenJDK 8 and the same error happens.
> >
> > Even the servers on which this is tried are from different hosting
> > companies.
> [...]
>
> Does this go away if you add the kernel parameter "stack_guard_gap=1"?
> (That should effectively revert the fix for CVE-2017-1000364.)
>

Yes, it goes away with this kernel parameter.


> Has the stack limit for these applications been changed from the
> default (e.g. "ulimit -s unlimited" in a startup script)?
>

No, they are on default values.

Sasa

Bug#865343: linux-image-4.9.0-3-amd64: On latest kernel java exits with SIGSEGV

2017-06-20 Thread Sasa Skevin 
Package: src:linux
Version: 4.9.30-2
Severity: important

Dear Maintainer,

I'm administering several Debian servers of which some are Jessie and
some are Stretch. On both of them after upgrading to latest kernel that
was released yesterday (4.9 on Stretch and 3.16 on Jessie), Java web
applications do not work any more. They stop with SIGSEGV in the Java
startup process.

Have tried more different Java web applications and while booting all of
them break with SIGSEGV while Java internaly loads rt.jar.

Have tried with Oracle Java 1.8.0_130, Oracje Java 1.8.0_131 and latest
OpenJDK 8 and the same error happens.

Even the servers on which this is tried are from different hosting
companies.


-- Package-specific info:
** Version:
Linux version 4.9.0-3-amd64 (debian-ker...@lists.debian.org) (gcc version 6.3.0 
20170516 (Debian 6.3.0-18) ) #1 SMP Debian 4.9.30-2 (2017-06-12)

** Command line:
BOOT_IMAGE=/boot/vmlinuz-4.9.0-3-amd64 
root=UUID=ddab18d5-7316-4587-aed9-0d7a41b523c0 ro console=tty0 
console=ttyS0,115200

** Not tainted

** Kernel log:
[1.053416] ACPI: bus type USB registered
[1.054238] usbcore: registered new interface driver usbfs
[1.055229] usbcore: registered new interface driver hub
[1.056735] ACPI: PCI Interrupt Link [LNKC] enabled at IRQ 10
[1.056917] usbcore: registered new device driver usb
[1.059050] virtio-pci :00:03.0: virtio_pci: leaving for legacy driver
[1.060611] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[1.062255] virtio-pci :00:04.0: virtio_pci: leaving for legacy driver
[1.065479] libata version 3.00 loaded.
[1.065487] ACPI: PCI Interrupt Link [LNKA] enabled at IRQ 10
[1.066823] virtio-pci :00:05.0: virtio_pci: leaving for legacy driver
[1.070356] input: VirtualPS/2 VMware VMMouse as 
/devices/platform/i8042/serio1/input/input3
[1.073013] ACPI: PCI Interrupt Link [LNKB] enabled at IRQ 11
[1.074177] input: VirtualPS/2 VMware VMMouse as 
/devices/platform/i8042/serio1/input/input2
[1.074189] virtio-pci :00:06.0: virtio_pci: leaving for legacy driver
[1.077124] ata_piix :00:01.1: version 2.13
[1.081607] uhci_hcd: USB Universal Host Controller Interface driver
[1.083572] AVX version of gcm_enc/dec engaged.
[1.084441] AES CTR mode by8 optimization enabled
[1.085985] scsi host0: ata_piix
[1.087256] scsi host1: ata_piix
[1.088037] ata1: PATA max MWDMA2 cmd 0x1f0 ctl 0x3f6 bmdma 0xc000 irq 14
[1.089241] ata2: PATA max MWDMA2 cmd 0x170 ctl 0x376 bmdma 0xc008 irq 15
[1.092208] uhci_hcd :00:01.2: UHCI Host Controller
[1.093167] uhci_hcd :00:01.2: new USB bus registered, assigned bus 
number 1
[1.094600] uhci_hcd :00:01.2: detected 2 ports
[1.096131] uhci_hcd :00:01.2: irq 11, io base 0xc020
[1.097416] usb usb1: New USB device found, idVendor=1d6b, idProduct=0001
[1.098666] usb usb1: New USB device strings: Mfr=3, Product=2, 
SerialNumber=1
[1.100166] usb usb1: Product: UHCI Host Controller
[1.101121] usb usb1: Manufacturer: Linux 4.9.0-3-amd64 uhci_hcd
[1.102317] usb usb1: SerialNumber: :00:01.2
[1.103481] hub 1-0:1.0: USB hub found
[1.104550] hub 1-0:1.0: 2 ports detected
[1.117111]  vda: vda1
[1.123851] FDC 0 is a S82078B
[1.124191]  vdb: vdb1
[1.263787] ata2.01: NODEV after polling detection
[1.264085] ata2.00: ATAPI: QEMU DVD-ROM, 0.12.1, max UDMA/100
[1.265613] ata2.00: configured for MWDMA2
[1.267078] scsi 1:0:0:0: CD-ROMQEMU QEMU DVD-ROM 2.5+ 
PQ: 0 ANSI: 5
[1.295953] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray
[1.297218] cdrom: Uniform CD-ROM driver Revision: 3.20
[1.298475] sr 1:0:0:0: Attached scsi CD-ROM sr0
[1.435402] usb 1-1: new full-speed USB device number 2 using uhci_hcd
[1.476157] random: fast init done
[1.477288] PM: Starting manual resume from disk
[1.478190] PM: Hibernation image partition 254:17 present
[1.478191] PM: Looking for hibernation image.
[1.479256] PM: Image not found (code -22)
[1.479257] PM: Hibernation image not present or could not be loaded.
[1.608778] usb 1-1: New USB device found, idVendor=0627, idProduct=0001
[1.609969] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=5
[1.611196] usb 1-1: Product: QEMU USB Tablet
[1.612025] usb 1-1: Manufacturer: QEMU
[1.612844] usb 1-1: SerialNumber: 42
[1.618124] hidraw: raw HID events driver (C) Jiri Kosina
[1.623191] usbcore: registered new interface driver usbhid
[1.624214] usbhid: USB HID core driver
[1.626175] input: QEMU QEMU USB Tablet as 
/devices/pci:00/:00:01.2/usb1/1-1/1-1:1.0/0003:0627:0001.0001/input/input4
[1.628688] hid-generic 0003:0627:0001.0001: input,hidraw0: USB HID v0.01 
Pointer [QEMU QEMU USB Tablet] on usb-:00:01.2-1/input0
[1.767175] EXT4-fs (vda1): mounting ext3 file system using the ext4 
subsystem
[1.907432] tsc: