JDK 9 RFR of 8031067:java/util/concurrent/atomic/AtomicUpdaters.java: java.lang.Error: Unexpected reflective access

Mon Jan 6 11:44:19 UTC 2014

The test sets a security manager to ensure that appropriate permission 
checks are performed. It expects to be denied reflective access to a 
private field in a different package. Access, to this field, is granted 
if the code has RuntimePermission "accessDeclaredMembers". This 
permission is not expected, but the default policy implementation 
combines the java.home/lib/security/java.policy and 
user.home/.java.policy. So if a policy file, .java.policy, with 
RuntimePermission "accessDeclaredMembers", just happens to be in the 
users home directory when this test is run, it will fail as above.

The solution, trivially, is for the test to set its own policy, and 
remove any dependency on the default policy.

diff --git a/test/java/util/concurrent/atomic/AtomicUpdaters.java 
b/test/java/util/concurrent/atomic/AtomicUpdaters.java
--- a/test/java/util/concurrent/atomic/AtomicUpdaters.java
+++ b/test/java/util/concurrent/atomic/AtomicUpdaters.java
@@ -33,7 +33,7 @@
   */
  import java.util.concurrent.atomic.*;
  import java.lang.reflect.*;
-import java.security.AccessControlException;
+import java.security.*;

  public class  AtomicUpdaters {
      enum TYPE { INT, LONG, REF }
@@ -102,6 +102,8 @@
                  verbose = true;
              }
              else if ("UseSM".equals(arg)) {
+                // Ensure that the test is not influenced by the 
default users policy.
+                Policy.setPolicy(new NoPermissionsPolicy());
                  SecurityManager m = System.getSecurityManager();
                  if (m != null)
                      throw new RuntimeException("No security manager 
should initially be installed");
@@ -186,4 +188,24 @@
              throw new Error("Some tests failed - see previous 
stacktraces");
          }
      }
+
+    /**
+     * Policy with no permissions.
+     */
+    private static class NoPermissionsPolicy extends Policy {
+        @Override
+        public PermissionCollection getPermissions(CodeSource cs) {
+            return Policy.UNSUPPORTED_EMPTY_COLLECTION;
+        }
+
+        @Override
+        public PermissionCollection getPermissions(ProtectionDomain pd) {
+            return Policy.UNSUPPORTED_EMPTY_COLLECTION;
+        }
+
+        @Override
+        public boolean implies(ProtectionDomain pd, Permission p) {
+            return Policy.UNSUPPORTED_EMPTY_COLLECTION.implies(p);
+        }
+    }
  }

-Chris.

