RFR: JAXP in JDK8/7u40 : 8022548 : SPECJVM2008 has errors introduced in 7u40-b34

huizhe wang huizhe.wang at oracle.com
Mon Aug 12 16:33:41 UTC 2013 

On 8/12/2013 2:10 AM, Alan Bateman wrote:
> On 10/08/2013 00:55, huizhe wang wrote:
>> :
>>
>> It's not using a standard interface.  It goes straight to the 
>> implementation, here's how it's done:
>>     class JDK15XML1_0Parser extends SAXParser {
>>
>>         JDK15XML1_0Parser() throws org.xml.sax.SAXException {
>>
>>             super(new DTDConfiguration());
>>             // workaround for Java 1.5 beta 2 bugs
>> com.sun.org.apache.xerces.internal.util.SecurityManager manager =
>>                     new 
>> com.sun.org.apache.xerces.internal.util.SecurityManager();
>>             setProperty(Constants.XERCES_PROPERTY_PREFIX + 
>> Constants.SECURITY_MANAGER_PROPERTY, manager);
>>
>>         }
>>     }
>>
>> where:
>> SAXParser is com.sun.org.apache.xerces.internal.parsers.SAXParser
>> DTDConfiguration is 
>> com.sun.org.apache.xerces.internal.parsers.DTDConfiguration
>>
> Okay, I see it now:
>
> $ jdeps --verbose-level=class xom-1.2.10.jar |grep "JDK internal API"
>       -> com.sun.org.apache.xerces.internal.parsers.DTDConfiguration 
> JDK internal API (rt.jar)
>       -> com.sun.org.apache.xerces.internal.parsers.SAXParser JDK 
> internal API (rt.jar)
>       -> com.sun.org.apache.xerces.internal.util.SecurityManager JDK 
> internal API (rt.jar)
>       -> 
> com.sun.org.apache.xerces.internal.xni.parser.XMLParserConfiguration 
> JDK internal API (rt.jar)
>
> In that case, this is not really a bug, it's that XOM needs to realize 
> that extending com.sun.org.apache.xerces.internal.** means they have a 
> dependency on JDK internal classes so they can break at any time. Also 
> as com.sun.org.apache.xerces.internal.** is on the restricted package 
> list then I assume they have problems running with a security manager.

I agree it's not a bug. But in light of the history and tradition of 
using internal Xerces, we decided to accommodate XOM's usage.  The order 
by which XOM look for a parser is Xerces, JDK, and XMLReaderFactory. So 
if Xerces is not on the path, and security manager is present, it will 
fall back to the SAX/XMLReaderFactory API.


>
> I wasn't aware that SPECjvm2008 uses XOM. Unless XOM is fixed then I 
> can imagine this causing problems in the future, in particular if/when 
> visibility of JDK internal classes is restricted.

I will discuss with the owner and others on these issues.

-Joe

>
> -Alan
>
>

More information about the core-libs-dev mailing list