Using a JAVA Remote call causes the program to automatically drop, jdk1.5 debug mode System Vulnerability __java

Source: Internet
Author: User

On the project encountered a system will suddenly down the problem, because there is no detailed log information, baffled, and finally one day the problem appears again, the captured log information is:
Error:transport error 202:handshake failed-connection prematurally closed ["transport.c", L41]
JDWP exit Error Jvmti_error_none (0): Could not connect, timeout or fatal error
A search on the internet, the truth is that it was jkd1.5 a bug about how debug runs, because the JVM crashes because it receives packets that do not conform to the JDWP protocol. problem Reason:

This failure is a flaw in the JVM's remote debug that occurs only when the remote debug port is turned on, because the JVM crashes because it receives packets that do not conform to the JDWP protocol.
To verify that the vulnerability exists in the system, you can check the Java startup parameters for the following related configuration:
-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=9001
or-xdebug-xrunjdwp:transport=dt_socket,server=y,suspend=n,address=9001.
In the case of a related configuration, the vulnerability exists when Java starts the remote debugging port, where the JVM virtual machine, as the service provider for debugging, listens on a connection through Port 8787, and the debugger interacts with the virtual machine through the connection.

Extract several configuration cases from the official document:
-xrunjdwp:transport=dt_socket,server=y,address=8000
To listen for socket connections on port 8000, suspend VM (suspend defaults to Y) and do not load run main function until debug request arrives
-xrunjdwp:transport=dt_shmem,server=y,suspend=n
Select an available shared memory (because no address is specified) and listen for the memory connection while loading the run main function without suspending the VM
-xrunjdwp:transport=dt_socket,address=myhost:8000
Connect to the debug service provided by myhost:8000 (Server=n to debug client presence), suspend VM and do not load run main function
-xrunjdwp:transport=dt_shmem,address=mysharedmemory
Connect to the debug service through shared memory, suspend the VM, and do not load the run main function
-xrunjdwp:transport=dt_socket,server=y,address=8000,onthrow=java.io.ioexception,launch=/usr/local/bin/ Debugstub
Wait for the java.io.IOException to be thrown, then suspend the VM and listen for a 8000-port connection,/usr/local/bin/debugstub Dt_socket myhost:8000 execution After receiving the debug request
-xrunjdwp:transport=dt_shmem,server=y,onuncaught=y,launch=d:/bin/debugstub.exe
Wait for a runtimeexception to be thrown, then suspend the VM and listen for an available shared memory, and order D:/bin/debugstub.exe Dt_shmem <address> execute after receiving the debug request,< Address> is the shared memory available

Problem Solving:

General online applications do not open Remote Debug mode, the default configuration of each application server is also not open, even if the debug port is turned on there will be firewall protection.
There are two ways to solve this problem:
1, in the JDK1.5 environment to turn off the remote debugging mode, but the deployment of online environment script must be carefully review the line;
2, upgrade JDK to 1.6b49 above version, this depends on the application of compatibility, generally do not have any problems;

3, Stupid method: Not in the use of this method, haha:-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=9001

4, or use the following configuration temporary replacement:-dcom.sun.management.jmxremote.port=8999-dcom.sun.management.jmxremote.authenticate=false- Dcom.sun.management.jmxremote.ssl=false


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.