Date: Tue, 9 Dec 2003 09:31:50 -0800 (PST) From: Nick Johnson <freebsd@spatula.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/60083: Unsafe use of getaddrinfo in jvm 1.4.2-p5 Message-ID: <20031209173150.1B175A927@turing.morons.org> Resent-Message-ID: <200312091740.hB9He9Om078316@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 60083
>Category: ports
>Synopsis: Unsafe use of getaddrinfo in jvm 1.4.2-p5
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Dec 09 09:40:09 PST 2003
>Closed-Date:
>Last-Modified:
>Originator: Nick Johnson
>Release: FreeBSD 4.8-STABLE i386
>Organization:
morons.org
>Environment:
System: FreeBSD turing.morons.org 4.8-STABLE FreeBSD 4.8-STABLE #1: Tue Jul 8 14:36:45 PDT 2003 freebsd@turing.morons.org:/usr/src/sys/compile/TURING i386
Java JVM 1.4.2-p5
>Description:
getaddrinfo isn't threadsafe, but it is used from j2se/src/solaris/native/java/net/Inet6AddressImpl.c and net_util_md.c
which can cause the JVM to lock up and chew CPU.
Here's an example dump of what happens:
An unexpected exception has been detected in native code outside the VM.
Unexpected Signal : 11 occurred at PC=0x280C32AF
Function=_flockfile_debug+0x2B
Library=/usr/lib/libc_r.so.4
Current Java thread:
at java.net.Inet6AddressImpl.getLocalHostName(Native Method)
at java.net.InetAddress.getLocalHost(InetAddress.java:1178)
at javax.mail.internet.InternetAddress.getLocalAddress(InternetAddress.java:472)
at javax.mail.internet.UniqueValue.getUniqueMessageIDValue(UniqueValue.java:70)
at javax.mail.internet.MimeMessage.updateHeaders(MimeMessage.java:1844)
at javax.mail.internet.MimeMessage.saveChanges(MimeMessage.java:1822)
at javax.mail.Transport.send(Transport.java:80)
The stack dump from gdb looks like this:
#0 0x280a9bf4 in kill () from /usr/lib/libc_r.so.4
#1 0x280f7e86 in abort () from /usr/lib/libc_r.so.4
#2 0x285afd1e in os::abort(int) () from /web/contrib/java-p5/control/build/bsd-i586/lib/i386/server/libjvm.so
#3 0x285ada88 in os::handle_unexpected_exception(Thread*, int, unsigned char*, void*) ()
from /web/contrib/java-p5/control/build/bsd-i586/lib/i386/server/libjvm.so
#4 0x285b2509 in JVM_handle_bsd_signal () from /web/contrib/java-p5/control/build/bsd-i586/lib/i386/server/libjvm.so
#5 0x285b0cf9 in signalHandler () from /web/contrib/java-p5/control/build/bsd-i586/lib/i386/server/libjvm.so
#6 0x280bba5e in _thread_sig_handler () from /usr/lib/libc_r.so.4
#7 0x280bb8de in _thread_sig_handler () from /usr/lib/libc_r.so.4
#8 0xbfbfffac in ?? ()
#9 0x280c3446 in flockfile () from /usr/lib/libc_r.so.4
#10 0x280dc2ab in fgets () from /usr/lib/libc_r.so.4
#11 0x280cd782 in getservent () from /usr/lib/libc_r.so.4
#12 0x280ccc3d in getservbyname () from /usr/lib/libc_r.so.4
#13 0x280cb48c in getaddrinfo () from /usr/lib/libc_r.so.4
#14 0x280cb3b7 in getaddrinfo () from /usr/lib/libc_r.so.4
#15 0x280cb090 in getaddrinfo () from /usr/lib/libc_r.so.4
#16 0x280ca830 in getaddrinfo () from /usr/lib/libc_r.so.4
#17 0x402c5c91 in Java_java_net_Inet6AddressImpl_getLocalHostName ()
from /web/contrib/java-p5/control/build/bsd-i586/lib/i386/libnet.so
getservent isn't threadsafe, and it's used from getaddrinfo. getaddrinfo's manpage notes that it is also not threadsafe.
The JVM code assumes that getaddrinfo IS threadsafe, and does no locking around that call.
>How-To-Repeat:
Make calls to getLocalHost in java.net.InetAddress from multiple threads at the same time. It may even happen
just by making calls from multiple threads at different times (unclear).
>Fix:
Disable ipv6 when compiling Java.
Possibly add a lock around calls to getaddrinfo, or make getaddrinfo threadsafe.
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031209173150.1B175A927>