[Java] Segfo Java with 6 lines

3 minute read

This is my first post. Please understand that there may be some unsightly points.

Since it became popular to make each language segfo from python…

Segfo python in three lines Segfo python with 2 lines Segfo with 16 characters in C language Segfo with 33 characters in Python Segfo Rust in 5 lines Segfo with 5 characters in C language

Actual code

The result of forcibly changing to 6 lines

a.java


import java.lang.reflect.*;
import sun.misc.Unsafe;
class A {public static void main(String[] a) throws Exception {Constructor<Unsafe> b=Unsafe.class.getDeclaredConstructor();
    b.setAccessible(true);
    b.newInstance().putLong(0, 0);}}

It’s overkill, and there’s no readability If you organize the code

a.java


import java.lang.reflect.*;
import sun.misc.Unsafe;
class A {
    public static void main(String[] a) throws Exception{
        Constructor<Unsafe> b=Unsafe.class.getDeclaredConstructor();
        b.setAccessible(true);
        b.newInstance().putLong(0, 0);
    }
}

It doesn’t change much…

Execution result

For Linux (Ubuntu)

Ubuntu


#
# A fatal error has been detected by the Java Runtime Environment:
#
# SIGSEGV (0xb) at pc=0x00007f8b7c08ba84, pid=1986, tid=1987 # There is a segfo (access violation) here
#
# JRE version: OpenJDK Runtime Environment (14.0.1+7) (build 14.0.1+7-Ubuntu-1ubuntu1)
# Java VM: OpenJDK 64-Bit Server VM (14.0.1+7-Ubuntu-1ubuntu1, mixed mode, sharing, tiered, compressed oops, g1 gc, linux-amd64)
# Problematic frame:
# V [libjvm.so+0xe99a84]
#
# No core dump will be written.Core dumps have been disabled.To enable core dumping, try "ulimit -c unlimited" before starting Java again
#
# An error report file with more information is saved as:
# /home/user/hs_err_pid1986.log
#
# If you would like to submit a bug report, please visit:
# Unknown
#
Aborted

(Ubuntu+OpenJDK Runtime Environment 14.0.1)

Since it was executed with WSL2, the actual result may differ.

When executed, it produces a horrible error statement and an error statement near line 750.

Paying attention to the 5th line of the error statement…

line 4


SIGSEGV(0xb)atpc=0x00007f8b7c08ba84,pid=1986, tid=1987

As you can see, I received the SIGSEGV (access violation) signal.

In addition, the log file is a detailed generation of called files and memory dumps.

Ubuntu log file line 49:

has_err_pid{posess_id}.log


49:siginfo: si_signo: 11 (SIGSEGV), si_code: 1 (SEGV_MAPERR), si_addr: 0x0000000000000000

As you can see, SEGV_MAPERR (error that occurs when accessing unmapped memory) by accessing address 0 You can see that is happening

For Windows

Windows


#
# A fatal error has been detected by the Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x00007ffd4fa119b7, pid=18520, tid=8224
#
# JRE version: Java(TM) SE Runtime Environment (14.0.1+7) (build 14.0.1+7)
# Java VM: Java HotSpot(TM) 64-Bit Server VM (14.0.1+7, mixed mode, sharing, tiered, compressed oops, g1 gc, windows-amd64)
# Problematic frame:
# V [jvm.dll+0x7219b7]
#
# No core dump will be written.Minidumps are not enabled by default on client versions of Windows
#
# An error report file with more information is saved as:
# C:\Users\User\aa\hs_err_pid18520.log
#
# If you would like to submit a bug report, please visit:
# https://bugreport.java.com/bugreport/crash.jsp
#

(Windows + Java(TM) SE Runtime Environment 14.0.1)

A log file will be generated in the same directory as the class file, along with the same error messages as in Ubuntu.

If you pay attention to the 4th line

line 4


# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x00007ffd4fa119b7, pid=18520, tid=8224

You can see that EXCEPTION_ACCESS_VIOLATION (access violation) has occurred. If you look at the log file created in the same directory as the class file,

Line 40 in the Windows log file:

has_err_pid{prosess_id}.log


40:#siginfo: EXCEPTION_ACCESS_VIOLATION (0xc0000005), writing address 0x0000000000000000

You can see that an access violation has occurred by writing to the memory at address 0.

About Segfo

what is it! I didn’t get a Segmentation Fault error! Scam! I think some people think that,

wikipedia-Segmentation Violation-

On UNIX-like operating systems, a process accessing illegal memory receives a SIGSEGV signal. On Microsoft Windows, a process accessing illegal memory receives a STATUS_ACCESS_VIOLATION exception

Therefore, I treat it as Segfo.

Super rough commentary

You can also get the ability to access memory in Java with sun.misc.Unsafe.

Then, Unsafe.getUnsafe().putLong(0, 0) can’t be made shorter? You might think,

As the name suggests, unsafe in java is a very unsafe class. You can change the value of final, reserve memory, access and do whatever you want (although there seems to be some restrictions) Therefore, the constructor is private, and getunsafe() can create an instance only if getclassloder() is null.

The way around that is to force the reflection API to instantiate it and then use setAccessible(true) to access the methods that would otherwise be inaccessible.

Finally, by using putLong(address, x); by putting a memory address in address and an appropriate value in x, we were able to pull the segfo even in java!!

Referenced sites etc.

The magical power of sun.misc.Unsafe Skills that can be used quickly at some time-Reflection [Segmentation Violation-wikipedia](https://en.wikipedia.org/wiki/%E3%82%BB%E3%82%B0%E3%83%A1%E3%83%B3%E3%83%86%(E3%83%BC%E3%82%B7%E3%83%A7%E3%83%B3%E9%81%95%E5%8F%8D)

Please feel free to send us edit requests.It’s a poor text, but thank you for reading until the end!