0003097: OpenJDK glitches on Kali Linux 2.0 - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0003097	Kali Linux	General Bug	public	2016-02-26 05:07	2016-07-11 08:55

Reporter	rsmudge2	Assigned To	rhertzog
Priority	normal	Severity	crash	Reproducibility	always
Status	closed	Resolution	fixed
Product Version	2016.1
Fixed in Version	2016.2

Summary	0003097: OpenJDK glitches on Kali Linux 2.0
Description	I'm the developer of Armitage and Cobalt Strike. I'm seeing several issues with the OpenJDK Java 1.7 present on Kali 2.0 by default. The same problems apply with OpenJDK Java 1.8 as well. Graphical glitches. Grapbical updates to my applications sometimes flicker or paint the wrong way. This is only present in OpenJDK CPU/Memory Starvation. OpenJDK on Kali Linux 2.0 binds with Gnome's Accessibility Toolkit (ATK) using a Lib ATK Wrapper package. I worked with a user to track down and was able to reproduce an issue where my applications gradually consume more CPU and memory until they crash. We tracked down the thread consuming the CPU time and it's an ATK-created thread. Oracle's Java doesn't integrate with this package. Apparently, a bug in this package is creating issues for other Java apps too: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809087 I suspect I'm being bit by the same bug (or something similar). I'd like to ask for one of the following: Supported steps to install an Oracle Java Virtual Machine on Kali Linux 2.0. I would use these supported steps to advise people who use my software on the Kali 2.0 platform. Or... Consideration for default non-OpenJDK Java package on Kali Linux 2.0.
Steps To Reproduce	To reproduce the resource starvation with Armitage: I'm using Kali 2.0 rolling x64 (the VM downloaded from the site). Ran apt-get dist-upgrade and restarted earlier today. Start Metasploit to pre-populate the database and all that jazz. Start Armitage = Graphical Glitches = Go to Armitage -> Set Target View -> Table View Go to Hosts -> Add Hosts Type in six bogus addresses (e.g., 192.168.1.1, 192.168.1.2, etc.) Highlight all of the entries and let Armitage sit. Notice that the table occasionally flickers. This is an artifact present when OpenJDK is in use on Kali Linux 2.0. = Resource Starvation = Let Armitage run for about 45 minutes to one hour. Leave it active, but don't worry about interacting with it. You don't need to. Watch the CPU use of the application with top. You'll notice, it goes up over time... if you wait long enough, Armitage will become unusable. Why? Run ps -eLo pid,lwp,pcpu,args \| grep [armitage PID] The third column in this output is % CPU use. The second column is a light-weight-process ID. Find the light-weight-process using the most CPU (e.g., 29439) and convert this value to hex (e.g., 72ff). This hex value is your native thread ID. Run jstack [armitage PID] This will give back a list of threads running inside of Armitage. Look for a thread with the nid= to your hex value from step 8. This is the thread eating up all of the CPU. Chances are you'll see that the hogging thread has a name Thread-X and no Java stacktrace associated with it. If you wait long enough and try multiple times, you might be lucky and see a Java stacktrace associated with this thread that indicates it's associated with the ATK wrapper. (e.g., part of the stack trace will include: org.GNOME.Accessibility.AtkWrapper.emitSignal(Native Method)) [this part takes a lot of patience...] These steps also work to produce graphical glitches/resource starvation in Cobalt Strike. Despite the surface similarities, Cobalt Strike and Armitage share very little code in common nowadays. CS 3.0 was a complete rewrite. Chances are other Java applications are effected by glitchy behavior with OpenJDK on Kali Linux 2.0 as well. Oracle's Java 1.8.0 does not exhibit this behavior. I installed Oracle's Java from the PPA at: http://www.webupd8.org/2014/03/how-to-install-oracle-java-8-in-debian.html
Additional Information	Note: the Steps to Reproduce should be run in order.

rhertzog 2016-02-26 11:05 administrator ~0004765	Thanks for the detailed report. Since you pointed out the java ATK wrapper bug and since I saw it got fixed on the Debian side, I ensured that the fix is present in kali-rolling (version 0.33.3-6 of libatk-wrapper-java*). You did your tests with Kali Linux 2, can you redo them with a Kali 2016.1 install fully upgraded to current Kali Rolling ? (We no longer support Kali 2.0) Hopefully this will be enough to solve those issues as we have no plans to support Oracle JDK (if anything we prefer to fix OpenJDK).

rsmudge2 2016-02-26 15:57 reporter ~0004769	All of these tests were done with Kali 2016.1 Rolling. I thought it was called Kali 2.0 still too. :)

rhertzog 2016-02-27 13:25 administrator ~0004777	So what about libatk-wrapper-java* 0.33.3-6? Does this update solve (part of) the issues reported?

rhertzog 2016-04-07 09:38 administrator ~0005100	Can you upgrade to latest version of kali-rolling and let us know if the problems are fixed or not? Thank you.

rhertzog 2016-05-09 10:24 administrator ~0005212	Ping. Can you let us know if the last version of libatk-wrapper-java fixed the issues you reported?

rhertzog 2016-07-11 08:55 administrator ~0005497	I believe that the latest version of libatk-wrapper-java should fix the issues reported here.

Date Modified	Username	Field	Change
2016-02-26 05:07	rsmudge2	New Issue
2016-02-26 10:42	rhertzog	Assigned To	=> rhertzog
2016-02-26 10:42	rhertzog	Status	new => assigned
2016-02-26 11:05	rhertzog	Note Added: 0004765
2016-02-26 11:06	rhertzog	Status	assigned => feedback
2016-02-26 15:57	rsmudge2	Note Added: 0004769
2016-02-26 15:57	rsmudge2	Status	feedback => assigned
2016-02-27 13:25	rhertzog	Note Added: 0004777
2016-04-07 09:38	rhertzog	Note Added: 0005100
2016-04-07 09:38	rhertzog	Status	assigned => feedback
2016-05-09 10:24	rhertzog	Note Added: 0005212
2016-07-11 08:55	rhertzog	Note Added: 0005497
2016-07-11 08:55	rhertzog	Status	feedback => closed
2016-07-11 08:55	rhertzog	Resolution	open => fixed
2016-07-11 08:55	rhertzog	Fixed in Version	=> 2016.2