Return-Path: Delivered-To: apmail-incubator-harmony-dev-archive@www.apache.org Received: (qmail 78087 invoked from network); 19 Oct 2006 05:31:34 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 19 Oct 2006 05:31:34 -0000 Received: (qmail 91731 invoked by uid 500); 19 Oct 2006 05:31:29 -0000 Delivered-To: apmail-incubator-harmony-dev-archive@incubator.apache.org Received: (qmail 91682 invoked by uid 500); 19 Oct 2006 05:31:29 -0000 Mailing-List: contact harmony-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: harmony-dev@incubator.apache.org Delivered-To: mailing list harmony-dev@incubator.apache.org Received: (qmail 91671 invoked by uid 99); 19 Oct 2006 05:31:29 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 18 Oct 2006 22:31:29 -0700 X-ASF-Spam-Status: No, hits=2.8 required=10.0 tests=DNS_FROM_RFC_ABUSE,HTML_MESSAGE,MAILTO_TO_SPAM_ADDR,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: domain of liyilei1979@gmail.com designates 64.233.182.185 as permitted sender) Received: from [64.233.182.185] (HELO nf-out-0910.google.com) (64.233.182.185) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 18 Oct 2006 22:31:27 -0700 Received: by nf-out-0910.google.com with SMTP id m18so399865nfc for ; Wed, 18 Oct 2006 22:31:05 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=pywcfQu6L5Win6WK7MthAatQi4Qk5gM7c+euorVOkop/gIY+WPXE3LKGOch4T4+zkXLpJa+U4QvbmtACMh7UfhsxMDoEFe7V+SVudd+7UPfBm7Q3pC2tBI+a/VSPmpqQGOQGZfMpnTLK4JkGmbBjN0C47zGBu/W+A64ncnN5x2M= Received: by 10.78.94.37 with SMTP id r37mr11175207hub; Wed, 18 Oct 2006 22:31:05 -0700 (PDT) Received: by 10.78.158.8 with HTTP; Wed, 18 Oct 2006 22:31:05 -0700 (PDT) Message-ID: Date: Thu, 19 Oct 2006 13:31:05 +0800 From: "Leo Li" To: harmony-dev@incubator.apache.org Subject: Re: [classlib][archive]Security policy leads to vm crashes in loading class of JarFile In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_81335_23167779.1161235865376" References: <453608DE.8060407@gmail.com> <4536373A.3050300@gmail.com> X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N ------=_Part_81335_23167779.1161235865376 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline It is ok if we have made a decision. I just want to avoid adding more contract between classlib and vm, for example, the vm have to read some property files or other ways.:) On 10/19/06, Alexey Varlamov wrote: > > 2006/10/19, Leo Li : > > But there really contains code about launcher in Harmony/luni, and this > > part is maintained by Harmony classlib but not VM. :) > Um, I thought all Harmony code is maintained by us community ;) > As discussed in an older thread, launcher will be moved to "tools" some > day. > > > > > On 10/19/06, Alexey Varlamov wrote: > > > > > > 2006/10/19, Leo Li : > > > > It is quite a dilemma: VM is free to choose the strategy of loading > > > library > > > > while the sequence is related to classlib. > > > > In my opinion, it is classlib that has enough information and the > > > > responsibility to decide the library loading sequence. > > > > Since the launcher is in the control of classlib, is it possible > that > > > after > > > > getting the JavaVM, manually load the required library then run the > main > > > > method? > > > > > > Nope, the launcher is not a part of classlib and will not present in > > > all configurations (e.g. browser plugin or direct use of Invocation > > > API). > > > IMHO #3 is too crooked therefore inacceptable, and indeed we have to > > > state a VMI contract for loading natives needed by classlib: #1, #4 or > > > some other. I may suggest: > > > 5. Reuse "bootclasspath.properties" solution. That is, there is always > > > mandatory hyluni lib, which can set up some property value indicating > > > a list of required libraries - as it is done now for bootclasspath > > > jars. After loading hyluni and calling its JNI_OnLoad, VM can read > > > this list and load other libs. > > > > > > NB. Currently DRLVM follows #1, that's why it works. > > > > > > > > > > > > > > > On 10/18/06, Paulex Yang wrote: > > > > > > > > > > Alexey Varlamov wrote: > > > > > > Can't we use lazy initialization here? I had similar experience > with > > > > > > this class in the past, and think it should not be so fragile to > > > > > > initialization sequence. And definitely it should not affect > whole > > > VM > > > > > > run. > > > > > Hmm...lazily loading for Msg class is good, but I'm afraid it's > not > > > the > > > > > "sweet point" of this problem, because in this case, the exception > is > > > > > *really* thrown by j.n.URL, so that you cannot avoid loading > resource > > > > > bundle(btw, I just found that the full stacktrace hasn't been > pasted > > > > > yet[1]). lI suspect the issue is that the hyarchive.dll/so has > not > > > been > > > > > loaded yet when this exception happens, so I added this line to > the > > > > > static initialization part of ZipFile > > > > > > > > > > static { > > > > > + System.loadLibrary("hyarchive"); //$NON-NLS-1$ > > > > > ntvinit(); > > > > > } > > > > > > > > > > The test codes pass happily. I want to commit this as work around > if > > > no > > > > > one objects, but I still think a general solution for this kind of > > > issue > > > > > is necessary. There are several classes in archive module need > native > > > > > library, Adler32, CRC32, Deflater, Inflater and ZipFile, only > > > explicitly > > > > > load hyarchive here cannot guarantee bug free, and some other > modules > > > > > (nio, text etc) have same risk. I have some proposals: > > > > > > > > > > 1. Load classlib native libraries as early as possible in VM, as > what > > > we > > > > > do for hyluni, this is safe but the concern is all the Harmony > > > > > compatible VM needs to do this, unacceptable. > > > > > 2. Load them early enough, like what we do now in IBM VME, the > > > hyarchive > > > > > is loaded during j.l.System static init, it was considered early > > > enough, > > > > > but sadly this case shows that we cannot image all cases, even for > a > > > > > relative general case > > > > > 3. Create an init class like below, and all classes needs native > > > library > > > > > must load this init class at first, this works but works in ugly > > > way... > > > > > public class Init{ > > > > > static{ > > > > > System.loadLibrary("blabla"); > > > > > } > > > > > } > > > > > public class SomeClassNeedsNative{ > > > > > static{ > > > > > Class.forName("Init"); // the class loading should > only > > > > > happen once so that the native library is loaded only once. > > > > > } > > > > > } > > > > > 4. Produce some contract like Jar_OnLoad() which is described in > > > > > MANIFEST.MF, so that any class loader loading the jar at first > time > > > will > > > > > execute that method, like JNI_OnLoad or so. This solution seems > > > general > > > > > and elegant, but needs yet another agreement between Harmony VM > and > > > > > classlib, further it may make the jar not compatible with other > VM. > > > > > > > > > > Comments? More ideas? > > > > > > > > > > [1] java.lang.UnsatisfiedLinkError: > java/util/zip/ZipFile.ntvinit()V > > > > > at java.util.zip.ZipFile.(ZipFile.java:50) > > > > > at java.lang.J9VMInternals.initializeImpl(Native Method) > > > > > at java.lang.J9VMInternals.initialize(J9VMInternals.java:177) > > > > > at java.lang.J9VMInternals.initialize(J9VMInternals.java:144) > > > > > at > > > > > com.ibm.oti.vm.AbstractClassLoader.fillCache( > AbstractClassLoader.java > > > :95) > > > > > at > > > > > com.ibm.oti.vm.AbstractClassLoader.getResourceAsStream( > > > > > AbstractClassLoader.java:134) > > > > > at java.util.ResourceBundle$1.run(ResourceBundle.java:282) > > > > > at java.util.ResourceBundle$1.run(ResourceBundle.java:1) > > > > > at > > > > > java.security.AccessController.doPrivileged(AccessController.java > :179) > > > > > at java.util.ResourceBundle.handleGetBundle(ResourceBundle.java > > > :277) > > > > > at java.util.ResourceBundle.getBundle(ResourceBundle.java:134) > > > > > at org.apache.harmony.luni.util.MsgHelp$1.run(MsgHelp.java:114) > > > > > at > > > > > java.security.AccessController.doPrivileged(AccessController.java > :179) > > > > > at org.apache.harmony.luni.util.MsgHelp.setLocale(MsgHelp.java > :112) > > > > > at org.apache.harmony.luni.util.Msg.(Msg.java:49) > > > > > at java.lang.J9VMInternals.initializeImpl(Native Method) > > > > > at java.lang.J9VMInternals.initialize(J9VMInternals.java:177) > > > > > at java.net.URL.(URL.java:296) > > > > > at java.net.URL.(URL.java:156) > > > > > at > > > > > org.apache.harmony.security.fortress.PolicyUtils.getPolicyURLs( > > > > > PolicyUtils.java:445) > > > > > at > > > > > org.apache.harmony.security.fortress.DefaultPolicy.refresh( > > > > > DefaultPolicy.java:278) > > > > > at > > > > > org.apache.harmony.security.fortress.DefaultPolicy.( > > > > > DefaultPolicy.java:184) > > > > > at > > > > > org.apache.harmony.security.fortress.DefaultPolicy.( > > > > > DefaultPolicy.java:173) > > > > > at java.lang.Class.newInstanceImpl(Native Method) > > > > > at java.lang.Class.newInstance(Class.java:1250) > > > > > at java.security.Policy$1.run(Policy.java:156) > > > > > at > > > > > java.security.AccessController.doPrivileged(AccessController.java > :179) > > > > > at java.security.Policy.getDefaultProvider(Policy.java:151) > > > > > at java.security.Policy.getAccessiblePolicy(Policy.java:191) > > > > > at java.security.Policy.getPolicy(Policy.java:132) > > > > > at org.apache.harmony.luni.util.PriviAction.run( > PriviAction.java > > > :133) > > > > > at > > > > > java.security.AccessController.doPrivileged(AccessController.java > :179) > > > > > at java.lang.System.setSecurityManager(System.java:825) > > > > > at java.lang.System.installSecurityManager(System.java:155) > > > > > at java.lang.System.completeInitialization(System.java:117) > > > > > at java.lang.Thread.(Thread.java:129) > > > > > > > > > > > > 2006/10/18, Paulex Yang : > > > > > >> A little further hack shows that, the cause is > o.a.h.luni.util.Msg > > > > > >> cannot be initialized so early, which is the exception message > i18n > > > > > >> helper class. Its static init codes try to load ResourceBundle > but > > > > > >> failed. The new i18n helper o.a.h.l.internal.nls.Messages has > same > > > > > >> issue. I modified the java.net.URL ln.296 as below, and the > test > > > > > passed. > > > > > >> - throw new MalformedURLException( > > > > > >> - > org.apache.harmony.luni.util.Msg.getString > > > ( > > > > > >> - "K00d8", spec)); //$NON-NLS-1$ > > > > > >> + throw new MalformedURLException("exception > message > > > > > >> here"); > > > > > >> > > > > > >> Leo Li wrote: > > > > > >> > Hi, all: > > > > > >> > During the self-hosting of Derby, I found a security > > > policy if > > > > > is > > > > > >> > applied will lead to errors in loading the class of JarFile. > IBM > > > vm > > > > > >> > will throw java/lang/UnsatisfiedLinkError: > > > java/util/zip/ZipFile.ntvi > > > > > >> > while > > > > > >> > drlvm will crash with "SEH handler: shutdown errorSEH > handler: > > > too > > > > > >> many > > > > > >> > shutdown errors..." > > > > > >> > > > > > > >> > Here is the testcase: > > > > > >> > > > > > > >> > > > > > > >> > import java.util.jar.*; > > > > > >> > public class TestJarFile { > > > > > >> > > > > > > >> > public static void main(String[] args) throws Exception{ > > > > > >> > System.out.println(JarFile.CENATT); > > > > > >> > } > > > > > >> > > > > > > >> > } > > > > > >> > > > > > > >> > And the attachment is the derby_tests.policy. > > > > > >> > > > > > > >> > Then run: > > > > > >> > > > > > > >> > java -Djava.security.manager > > > > > >> > -Djava.security.policy=derby_tests.policyTestJarFile > > > > > >> > > > > > > >> > Run passes, > > > > > >> > > > > > > >> > Harmony on IBM VM fails with java/lang/UnsatisfiedLinkError: > > > > > >> > java/util/zip/ZipFile.ntvi > > > > > >> > > > > > > >> > Harmony on Drlvm fails with SEH handler: shutdown errorSEH > > > handler: > > > > > >> > too many > > > > > >> > shutdown errors > > > > > >> > > > > > > >> > If the security manager is not specified, Harmony passes. > > > > > >> > > > > > > >> > > > > > > >> > > > > > >> > > > > > >> -- > > > > > >> Paulex Yang > > > > > >> China Software Development Lab > > > > > >> IBM > > > > > >> > > > > > >> > > > > > >> > > > --------------------------------------------------------------------- > > > > > >> Terms of use : http://incubator.apache.org/harmony/mailing.html > > > > > >> To unsubscribe, e-mail: > > > harmony-dev-unsubscribe@incubator.apache.org > > > > > >> For additional commands, e-mail: > > > harmony-dev-help@incubator.apache.org > > > > > >> > > > > > >> > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > > > Terms of use : http://incubator.apache.org/harmony/mailing.html > > > > > > To unsubscribe, e-mail: > harmony-dev-unsubscribe@incubator.apache.org > > > > > > For additional commands, e-mail: > > > harmony-dev-help@incubator.apache.org > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > Paulex Yang > > > > > China Software Development Lab > > > > > IBM > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > > Terms of use : http://incubator.apache.org/harmony/mailing.html > > > > > To unsubscribe, e-mail: > harmony-dev-unsubscribe@incubator.apache.org > > > > > For additional commands, e-mail: > harmony-dev-help@incubator.apache.org > > > > > > > > > > > > > > > > > > > > > > -- > > > > Leo Li > > > > China Software Development Lab, IBM > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > Terms of use : http://incubator.apache.org/harmony/mailing.html > > > To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org > > > For additional commands, e-mail: harmony-dev-help@incubator.apache.org > > > > > > > > > > > > -- > > Leo Li > > China Software Development Lab, IBM > > > > > > --------------------------------------------------------------------- > Terms of use : http://incubator.apache.org/harmony/mailing.html > To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org > For additional commands, e-mail: harmony-dev-help@incubator.apache.org > > -- Leo Li China Software Development Lab, IBM ------=_Part_81335_23167779.1161235865376--