This article needs additional citations for verification. (December 2013) (Learn how and when to remove this template message)
In computing, a crash (or system crash) occurs when a computer program, such as a software application or an operating system, stops functioning properly and exits. The program responsible may appear to hang until a crash reporting service reports the crash and any details relating to it. If the program is a critical part of the operating system, the entire system may crash or hang, often resulting in a kernel panic or fatal system error.
Most crashes are the result of executing invalid machine instructions. Typical causes include incorrect address values in the program counter, buffer overflow, overwriting a portion of the affected program code due to an earlier bug, accessing invalid memory addresses, using an illegal opcode or triggering an unhandled exception. The original software bug that started this chain of events is typically considered to be the cause of the crash, which is discovered through the process of debugging. The original bug can be far removed from the code that actually crashed.
In earlier personal computers, attempting to write data to hardware addresses outside the system's main memory could cause hardware damage. Some crashes are exploitable and allow a malicious program or hacker to execute arbitrary code allowing for the replication of viruses or the acquisition of data which would normally be inaccessible.
An application typically crashes when it performs an operation which is not allowed by the operating system. The operating system then triggers an exception or signal in the application. Unix applications traditionally responded to the signal by dumping core. Most Windows and Unix GUI applications respond by displaying a dialogue box (such as the one shown to the right) with the option to attach a debugger if one is installed. Some applications attempt to recover from the error and continue running instead of exiting.
Typical errors that result in application crashes include:
- attempting to read or write memory that is not allocated for reading or writing by that application (segmentation fault) or x86 specific (general protection fault)
- attempting to execute privileged or invalid instructions
- attempting to perform I/O operations on hardware devices to which it does not have permission to access
- passing invalid arguments to system calls
- attempting to access other system resources to which the application does not have permission to access
- attempting to execute machine instructions with bad arguments (depending on CPU architecture): divide by zero, operations on denorms or NaN values, memory access to unaligned addresses, etc.
Web server crashesEdit
The software running the web server behind a website may crash, rendering it inaccessible entirely or providing only an error message instead of normal content.
Operating system crashesEdit
An operating system crash commonly occurs when a hardware exception occurs that cannot be handled. Operating system crashes can also occur when internal sanity-checking logic within the operating system detects that the operating system has lost its internal self-consistency.
Security implications of crashesEdit
Many software bugs which cause crashes are also exploitable for arbitrary code execution and other types of privilege escalation. For example, a stack buffer overflow can overwrite the return address of a subroutine with an invalid value, which will cause a segmentation fault when the subroutine returns. However, if an exploit overwrites the return address with a valid value, the code in that address will be executed.
- "Analyze Crashes to Find Security Vulnerabilities in Your Apps". Msdn.microsoft.com. 2007-04-26. Retrieved 2014-06-26.
- "Jesse Ruderman » Memory safety bugs in C++ code". Squarefree.com. 2006-11-01. Retrieved 2014-06-26.