Let Java segfault in 6 lines

This is the first post. Please note that it may be unsightly.

Since it has become popular to segfault each language from python ...

Segfault python in three lines Segfault python in 2 lines Segfault with 16 characters in C language Segfault Python with 33 characters Segfault Rust in 5 lines Segfault with 5 characters in C language

Actual code

As a result of forcibly making 6 lines

a.java

import java.lang.reflect.*;
import sun.misc.Unsafe;
class A {public static void main(String[] a) throws Exception {Constructor<Unsafe> b=Unsafe.class.getDeclaredConstructor();
    b.setAccessible(true);
    b.newInstance().putLong(0, 0);} }

It's overkill and has no readability If you organize the code

a.java

import java.lang.reflect.*;
import sun.misc.Unsafe;
class A {
    public static void main(String[] a) throws Exception{
        Constructor<Unsafe> b=Unsafe.class.getDeclaredConstructor();
        b.setAccessible(true);
        b.newInstance().putLong(0, 0);
    }
}

It doesn't change much ...

Execution result

For Linux (Ubuntu)

Ubuntu

#
# A fatal error has been detected by the Java Runtime Environment:
#
#  SIGSEGV (0xb) at pc=0x00007f8b7c08ba84, pid=1986, tid=1987 　#Here segfault(Access violation)Is happening
#
# JRE version: OpenJDK Runtime Environment (14.0.1+7) (build 14.0.1+7-Ubuntu-1ubuntu1)
# Java VM: OpenJDK 64-Bit Server VM (14.0.1+7-Ubuntu-1ubuntu1, mixed mode, sharing, tiered, compressed oops, g1 gc, linux-amd64)
# Problematic frame:
# V  [libjvm.so+0xe99a84]
#
# No core dump will be written. Core dumps have been disabled. To enable core dumping, try "ulimit -c unlimited" before starting Java again
#
# An error report file with more information is saved as:
# /home/user/hs_err_pid1986.log
#
# If you would like to submit a bug report, please visit:
#   Unknown
#
Aborted

(Ubuntu+OpenJDK Runtime Environment 14.0.1)

Since it was run on WSL2, the actual result may differ.

When executed, it produces a terrifying error statement and an error statement with nearly 750 lines.

Paying attention to the 5th line of the error statement ...

4th line

SIGSEGV(0xb)atpc=0x00007f8b7c08ba84,pid=1986, tid=1987

As you can see, you are receiving a SIGSEGV (access violation) signal.

In addition, the log file is a detailed generation of the called file and memory dump.

Ubuntu log file line 49:

has_err_pid{posess_id}.log

49:siginfo: si_signo: 11 (SIGSEGV), si_code: 1 (SEGV_MAPERR), si_addr: 0x0000000000000000

Access to the address 0 and SEGV_MAPERR (error that occurs when accessing unmapped memory) You can see that is happening

For Windows

Windows

#
# A fatal error has been detected by the Java Runtime Environment:
#
#  EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x00007ffd4fa119b7, pid=18520, tid=8224
#
# JRE version: Java(TM) SE Runtime Environment (14.0.1+7) (build 14.0.1+7)
# Java VM: Java HotSpot(TM) 64-Bit Server VM (14.0.1+7, mixed mode, sharing, tiered, compressed oops, g1 gc, windows-amd64)
# Problematic frame:
# V  [jvm.dll+0x7219b7]
#
# No core dump will be written. Minidumps are not enabled by default on client versions of Windows
#
# An error report file with more information is saved as:
# C:\Users\User\aa\hs_err_pid18520.log
#
# If you would like to submit a bug report, please visit:
#   https://bugreport.java.com/bugreport/crash.jsp
#

(Windows + Java(TM) SE Runtime Environment 14.0.1)

A log file will be generated in the same directory as the class file with the same terrible error statement as Ubuntu.

If you pay attention to the 4th line

4th line

#  EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x00007ffd4fa119b7, pid=18520, tid=8224

You can see that ʻEXCEPTION_ACCESS_VIOLATION` (access violation) has occurred. If you look in the log file generated in the same directory as the class file as well

Line 40 of the Windows log file:

has_err_pid{prosess_id}.log

40:#siginfo: EXCEPTION_ACCESS_VIOLATION (0xc0000005), writing address 0x0000000000000000

You can see that an access violation has occurred by writing at address 0 in the memory.

About Segfo

what is it! It's not a Segmentation Fault error! Scam! I think some people think that,

"[Wikipedia -Segment fault-](https://ja.wikipedia.org/wiki/%E3%82%BB%E3%82%B0%E3%83%A1%E3%83%B3%E3%83 % 86% E3% 83% BC% E3% 82% B7% E3% 83% A7% E3% 83% B3% E9% 81% 95% E5% 8F% 8D) "

On UNIX-like operating systems, processes that access rogue memory receive a SIGSEGV signal. On Microsoft Windows, processes accessing illegal memory receive a STATUS_ACCESS_VIOLATION exception.

Therefore, I treat it as a segfault.

Super rough commentary

With sun.misc.Unsafe, you can get the ability to access memory even in Java.

Then ʻUnsafe.getUnsafe (). PutLong (0, 0) `can't be shorter? You might think,

As the name implies, java's ʻunsafeis a very unsafe class. You can change the value of final, allocate memory, access it, and do whatever you want (although there seems to be some restrictions) Therefore, the constructor is private andgetunsafe () can only be instantiated if getclassloder () `is null.

The loophole is to force instantiation with the reflection API, and then use setAccessible (true) to access methods that are normally inaccessible.

Finally, with putLong (address, x);, I was able to attract the segfault even with java by entering the memory address in ʻaddress and an appropriate value in x` !!

Referenced sites, etc.

Magic power of sun.misc.Unsafe Power skills that can be used quickly at any time-Reflection [Segmentation violation-wikipedia](https://ja.wikipedia.org/wiki/%E3%82%BB%E3%82%B0%E3%83%A1%E3%83%B3%E3%83%86% E3% 83% BC% E3% 82% B7% E3% 83% A7% E3% 83% B3% E9% 81% 95% E5% 8F% 8D)

Feel free to send us edit requests. It's a poor text, but thank you for reading to the end!