Revive ZAP with a Java Swap

Recently, I encountered persistent crashes while running ZAP 2.15 on macOS. The issue seemed to stem from the bundled Java version. After some debugging and testing, I found a solution by downgrading the bundled Java version in ZAP.

Here’s a detailed account of the process and the steps I took to resolve the issue.

The Problem

When I ran ZAP, it was forcibly terminated during the initial loading process. Then, an Apple Crash log was generated. The crash logs indicated issues related to the Java runtime environment. Here’s a snippet of the crash log:

Process:               java [70259]
Path:                  /Applications/ZAP.app/Contents/PlugIns/jre-jdk-11.0.23+9-jre/Contents/Home/bin/java
Identifier:            java
Version:               ???
Code Type:             ARM-64 (Native)
Parent Process:        launchd [1]
....

Thread 0 Crashed::  Dispatch queue: com.apple.main-thread
0   AppKit                        	       0x18a8ba4e4 _NSCarbonMenuCrashIfNeeded + 488
1   AppKit                        	       0x18a8ba294 _NSGetCarbonMenu + 24
2   JavaRuntimeSupport            	       0x1f1e5dde8 -[JRSMenu installCarbonEventHandlers:] + 172
3   CoreFoundation                	       0x1865ea820 __CFNOTIFICATIONCENTER_IS_CALLING_OUT_TO_AN_OBSERVER__ + 148
4   CoreFoundation                	       0x18667e8ec ___CFXRegistrationPost_block_invoke + 88
5   CoreFoundation                	       0x18667e834 _CFXRegistrationPost + 440
....

Debug

ZAP Log Analysis

When I looked at the zap.sh file, there were no specific logs. However, the logs stop after the message indicating that an extension was loaded, and the crash occurs around this point.

[ZAP-BootstrapGUI] INFO  ExtensionFactory - Loading extensions
[ZAP-BootstrapGUI] INFO  TlsUtils - Using supported SSL/TLS protocols: [TLSv1.2, TLSv1.3]
[ZAP-BootstrapGUI] INFO  ExtensionFactory - Extensions loaded

.... ☠️

Will it crash if run from the CLI?

Yes, running ZAP with the CLI also results in a crash too.

./zap.sh
Found Java version 11.0.23
Available memory: 32768 MB
Using JVM args: -Xmx8192m

.... ☠️

The terminal displayed a Trace/BPT trap: 5 error when the crash occurred.

Will it crash if run with system Java?

ZAP on macOS runs using the bundled Java by default. So, I was curious whether it would run using the system Java instead. Therefore, I tested it, and the result was…

java -version
openjdk version "22.0.1" 2024-04-16

The crash continued even when using the system Java 😭

Process:               java [73376]
Path:                  /Library/Java/JavaVirtualMachines/temurin-22.jdk/Contents/Home/bin/java
Identifier:            java
Version:               ???
Code Type:             ARM-64 (Native)
Parent Process:        zsh [96583]
Responsible:           stable [84233]

Will it crash if run with daemon mode?

I wondered if it might be a GUI issue, so I decided to try running it in daemon mode.

./zasp.sh -daemon

# This worked fine

Running ZAP in daemon mode worked without issues!!

Is ZAP 2.14 okay?

Out of curiosity, I reinstalled version 2.14 and it ran smoothly. This led me to believe the issue might be related to differences between 2.14 and 2.15, possibly related to the GUI.

And it reminded me of a past issue.

Solution

Years ago, I resolved an other issue by swapping out some Java code, and that memory flashed through my mind as I examined the cause of this current issue. I decided to try the swap again, and it was successful.

Downgrading to ZAP 2.14 resolved the issue. This led me to suspect the Java version bundled with ZAP 2.15. Here’s a summary of the findings:

- ZAP 2.14 with bundled Java Works fine.
- ZAP 2.15 with ZAP 2.14’s Java Works fine.
- ZAP 2.15 with its bundled Java Fails.
- System Java with ZAP 2.15 Fails.
- System Java with ZAP 2.14 Fails.

The ironic thing is that on my other Apple Silicon Mac, ZAP 2.15 works fine even with the bundled Java. It’s a mystery 😱

Now that I’ve figured out how to run version 2.15 properly, I can proceed with the Java swap. On MacOS, ZAP uses bundled Java first; if you look at zap.sh, you’ll see that you choose Java to run with regular expressions.

Using this approach, I adjusted it so that version 2.15 runs using the bundled Java from version 2.14.

Fix: Replace Java in ZAP 2.15

  1. Install ZAP 2.14 and Copy its Java:

     # Navigate to ZAP directory
     cd /Applications/ZAP.app/Contents/PlugIns
        
     # Backup ZAP 2.14's Java
     cp -R jre-jdk-11.0.20.1+1-jre/ ~
    
  2. Re-Install ZAP(2.15) and Backup to 2.15’s Java:

     # Workdir: /Applications/ZAP.app/Contents/PlugIns
     mv jre-jdk-11.0.23+9-jre/ backup_jre-jdk-11.0.23+9-jre/
    
  3. Replace ZAP 2.15’s Java with ZAP 2.14’s Java:

     # Workdir: /Applications/ZAP.app/Contents/PlugIns
     mv ~/jre-jdk-11.0.20.1+1-jre .
    

Now, ZAP 2.15 runs using the JRE (jre-jdk-11.0.20.1+1-jre) from version 2.14, and no errors occur.

Yea 🙌🏼

Conclusion

The issue with ZAP 2.15 crashing on macOS was actually because of the bundled Java version. Switching to the Java runtime from ZAP 2.14 fixed it perfectly in my setup. It seems like this wasn’t a common problem and might be specific to certain setups.

It’d be great if they could look into it in ZAP Core too, just my take on it.

This workaround lets you keep enjoying ZAP’s latest features without running into crashes. If you run into similar issues, try downgrading ZAP’s bundled Java or finding a compatible alternative :D