Bugzilla – Bug 1022638
java segfaults during EC keypair generation because of NSS update
Last modified: 2017-01-31 18:30:27 UTC
An NSS update broke Java 1.8.0 ECDSA keypair generation. https://bugzilla.mozilla.org/show_bug.cgi?id=1334108 Packages: mozilla-nss-3.28.1-1.1.x86_64 java-1_8_0-openjdk-headless-1.8.0.111-1.1.x86_64 java segfaults during EC keypair generation: Stack: [0x00007f21a2e2d000,0x00007f21a2f2e000], sp=0x00007f21a2f2b438, free space=1017k Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code) C [libc.so.6+0x853a4] __memcpy_sse2_unaligned_erms+0x1a4 C [libsunec.so+0x1270] C [libsunec.so+0x13da] Java_sun_security_ec_ECKeyPairGenerator_generateECKeyPair+0x12a j sun.security.ec.ECKeyPairGenerator.generateECKeyPair(I[B[B)[Ljava/lang/Object;+0 j sun.security.ec.ECKeyPairGenerator.generateKeyPair()Ljava/security/KeyPair;+56 j java.security.KeyPairGenerator$Delegate.generateKeyPair()Ljava/security/KeyPair;+23 j sun.security.ssl.ECDHCrypt.<init>(Ljava/lang/String;Ljava/security/SecureRandom;)V+28 j sun.security.ssl.ServerHandshaker.setupEphemeralECDHKeys()Z+88 j sun.security.ssl.ServerHandshaker.trySetCipherSuite(Lsun/security/ssl/CipherSuite;)Z+638 j sun.security.ssl.ServerHandshaker.chooseCipherSuite(Lsun/security/ssl/HandshakeMessage$ClientHello;)V+151 j sun.security.ssl.ServerHandshaker.clientHello(Lsun/security/ssl/HandshakeMessage$ClientHello;)V+1304 j sun.security.ssl.ServerHandshaker.processMessage(BI)V+127 j sun.security.ssl.Handshaker.processLoop()V+96 j sun.security.ssl.Handshaker$1.run()Ljava/lang/Void;+4 j sun.security.ssl.Handshaker$1.run()Ljava/lang/Object;+1 v ~StubRoutines::call_stub V [libjvm.so+0x5d62c9] JavaCalls::call_helper(JavaValue*, methodHandle*, JavaCallArguments*, Thread*)+0xed9 V [libjvm.so+0x624f29] JVM_DoPrivileged+0x499 J 176 java.security.AccessController.doPrivileged(Ljava/security/PrivilegedExceptionAction;Ljava/security/AccessControlContext;)Ljava/lang/Object; (0 bytes) @ 0x00007f220d161155 [0x00007f220d161080+0xd5] j sun.security.ssl.Handshaker$DelegatedTask.run()V+24 j org.simpleframework.transport.Handshake.execute()V+16 j org.simpleframework.transport.Handshake.read(I)Lorg/simpleframework/transport/PhaseType;+85 j org.simpleframework.transport.Handshake.read()Lorg/simpleframework/transport/PhaseType;+2 j org.simpleframework.transport.Handshake.exchange()Lorg/simpleframework/transport/PhaseType;+50 j org.simpleframework.transport.Handshake.process()Ljava/lang/Runnable;+1 j org.simpleframework.transport.Handshake.resume()V+1 j org.simpleframework.transport.Phase.execute()V+30 j org.simpleframework.transport.Phase.run()V+1 j org.simpleframework.transport.Handshake.resume()V+10 j org.simpleframework.transport.Handshake.begin()V+1 j org.simpleframework.transport.Handshake.run()V+39 j java.util.concurrent.ThreadPoolExecutor.runWorker(Ljava/util/concurrent/ThreadPoolExecutor$Worker;)V+95 j java.util.concurrent.ThreadPoolExecutor$Worker.run()V+5 j java.lang.Thread.run()V+11 v ~StubRoutines::call_stub V [libjvm.so+0x5d62c9] JavaCalls::call_helper(JavaValue*, methodHandle*, JavaCallArguments*, Thread*)+0xed9 V [libjvm.so+0x5d38a7] JavaCalls::call_virtual(JavaValue*, KlassHandle, Symbol*, Symbol*, JavaCallArguments*, Thread*)+0x2c7 V [libjvm.so+0x5d3e77] JavaCalls::call_virtual(JavaValue*, Handle, KlassHandle, Symbol*, Symbol*, Thread*)+0x57 V [libjvm.so+0x6160eb] thread_entry(JavaThread*, Thread*)+0x8b V [libjvm.so+0x9169a5] JavaThread::thread_main_inner()+0x195 V [libjvm.so+0x7f1d28] java_start(Thread*)+0xd8 C [libpthread.so.0+0x7454] start_thread+0xc4 Looks like the issue is a NSS update: See https://bugzilla.mozilla.org/show_bug.cgi?id=1334108 https://bugzilla.redhat.com/show_bug.cgi?id=1415137
Created attachment 712228 [details] TestECDSA.java $ javac -d . TestECDSA.java $ java TestECDSA Exception in thread "main" java.security.ProviderException: java.lang.NegativeArraySizeException at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:147) at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:703) at TestECDSA.main(TestECDSA.java:30) Caused by: java.lang.NegativeArraySizeException at sun.security.ec.ECKeyPairGenerator.generateECKeyPair(Native Method) at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:128) ... 2 more
I've installed java-1_8_0-openjdk-headless-1.8.0.121-215.1.x86_64 and the issue is fixed. java TestECDSA Signature: 3045022100bc1c5ef98023f238ad612b1122a47cc26948a6c0a034ecc351a69596b1e5673402206cef73b972e78805928b1f02d2122ba331272622f78f4c55f26a7b078cbfadc1 Test passed. I think this can be closed, but if you update nss on 42.2 this will happen again ...
duplicate of bug 1022053 *** This bug has been marked as a duplicate of bug 1022053 ***