On 8017264: Java app crash on it's startup after Java updated to 7u25 from 7u21

Weijun Wang weijun.wang at oracle.com
Wed Jun 26 12:44:29 UTC 2013 

Hi David

I'm able to reproduce the problem on my computer and has pinpointed the 
exact Win32 API failing: The LSA login function returns a ticket with 
size 131074 bytes. Normally a ticket is smaller than several KB. There 
must be something wrong.

It's a windows-i586 JRE running on a windows-x64 machine. I tried 7u21 
and 8b94 and they all fails. So at least not a regression.

Thanks
Max

On 6/26/13 8:38 PM, David Holmes wrote:
> Max,
>
> Is a minidump available (not that I know how to work with them but they
> are more reliable than stack traces) ?
>
> I suspect the symbolic information in the stacktrace is reflecting
> closest available symbol rather than actual symbol. As you say the
> sequence of calls don't really make sense.
>
> David
>
> On 26/06/2013 11:23 AM, Weijun Wang wrote:
>> Hi, Hotspot guys
>>
>> We (SE security) received a bug report on a new crash for 7u25 and need
>> some help from you:
>>
>>     http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8017264
>>
>> Here the top frames look like:
>>
>> C  [msvcr100.dll+0x10b3b]  wcspbrk+0x12d
>> V  [jvm.dll+0xa9b63]
>> C  [w2k_lsa_auth.dll+0x167c]  JNI_OnUnload+0x1c1
>> j
>> sun.security.krb5.Credentials.acquireDefaultNativeCreds()Lsun/security/krb5/Credentials;+0
>>
>>
>>
>> acquireDefaultNativeCreds() is a native method and it's defined at
>>
>>
>> http://hg.openjdk.java.net/jdk8/jdk8/jdk/file/3c08c9ebd1fb/src/windows/native/sun/security/krb5/NativeCreds.c
>>
>>
>>
>> I'm not sure why JNI_OnUnload is called so immediately, and as you can
>> see it's simply
>>
>>        338     if ((*jvm)->GetEnv(jvm, (void **)&env, JNI_VERSION_1_2)) {
>>        339         return; /* Nothing else we can do */
>>        340     }
>>        341
>>        342     if (ticketClass != NULL) {
>>        343         (*env)->DeleteWeakGlobalRef(env,ticketClass);
>>        344     }
>>        ... More DeleteWeakGlobalRefs
>>
>> How is it able to call wcspbrk and get crashed?
>>
>> BTW, the .c file has not been changed for 2 years.
>>
>> Also, according to the report, the customer (whose automatic reply has
>> "out of office with no internet access till 15 July") runs 7u25 b16 but
>> the public release on java.com is b17. Does it matter?
>>
>> Thanks
>> Max

More information about the security-dev mailing list