Qoo Alt created DAEMON-465:
------------------------------
Summary: prunsrv.exe (Tomcat10.exe) crash in certain cases
Key: DAEMON-465
URL: https://issues.apache.org/jira/browse/DAEMON-465
Project: Commons Daemon
Issue Type: Bug
Components: prunsrv
Affects Versions: 1.4.0
Environment: Windows 11 (but also occurs with Windows Server 2019)
JRE: IBM Semeru Runtime Open Edition (JDK) 17.0.7+7 (also occurs with 17.0.11+9)
Reporter: Qoo Alt
Attachments: helloworldsvg.zip
Tomcat service in Windows crashes when certain java code is executed. This
seems to be a Commons Daemon issue in conjunction with specific java code. The
problem does occur when the code attached is executed, but not only with it.
This is just the simplest way I found to recreate the problem.
The same code works with Tomcat 10.1.24 (which uses Commons Daemon 1.3.4, if
I'm not wrong), but crashes both with 10.1.25 and 10.1.26 (both using Commons
Daemon 1.4.0).
Steps to reproduce:
1. Download 10.1.25 or 10.1.26 Windows Installer from
https://tomcat.apache.org/download-10.cgi and install it.
2. Uncompress and build the attached maven project (helloworldsvg.zip).
3. Deploy the war file generated in step 2 onto the Tomcat installed in 1.
4. Visit http://localhost:8080/helloworldsvg
No significant messages are written in the log files, and the error shown in
the event shows the following information:
{{Faulting application name: Tomcat10125.exe, version: 1.4.0.0, time stamp:
0x664770c7}}
{{Faulting module name: ntdll.dll, version: 10.0.22621.3733, time stamp:
0x67ca8829}}
{{Exception code: 0xc0000409}}
{{Fault offset: 0x000000000006d915}}
{{Faulting process id: 0x0xCF60}}
{{Faulting application start time: 0x0x1DAD29C07116CFB}}
{{Faulting application path: C:\Program Files\Apache Software Foundation\Tomcat
10.1_Tomcat10125\bin\Tomcat10125.exe}}
{{Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll}}
{{Report Id: 59f71851-e580-428b-84ce-d1ac220970f4}}
{{Faulting package full name: }}
{{Faulting package-relative application ID:}}
Based on my research, the issue seems to be related to this commit
[https://github.com/apache/commons-daemon/commit/fed36896cbac1c7b524a047f4e973228d2d41ab7]
The tests I performed:
I built prunsrv.exe in debug mode, replaced Tomcat10.exe by it, and it does not
crash.
I built prunsrv.exe in release mode, replaced Tomcat10.exe by it, and it does
crash.
I built prunsrv.exe in release mode *commenting out* the Control Flow Guard
flag introduced in that commit, and it does not crash.
For your reference, I first reported the bug in Tomcat's bugzilla:
[https://bz.apache.org/bugzilla/show_bug.cgi?id=69180]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
