RFR[ 9u-dev] JDK-8075773 - jps running as root fails after the fix of JDK-8050807

Langer, Christoph christoph.langer at sap.com
Wed Oct 21 14:18:34 UTC 2015 

Hi Cheleswer, Dan,

On AIX the issue is reproducing, I just tested it on an AIX box:

<oldjdk>/bin/jps
1368310 -- process information unavailable
1146978 Jps
1585374 -- process information unavailable
532592 -- process information unavailable

With changes to perfMemory_aix.cpp as of http://cr.openjdk.java.net/~clanger/webrevs/8075773.0/ it will result like this:
<newjdk>/bin/jps
1368310 -- process information unavailable
1146980 Jps
1585374 -- process information unavailable
532592 DummyProcess

It shows information about my "DummyProcess".

And I could also verify that on a MacOS X system jps doesn't show nothing at all. So there's no issue to fix on Mac. But for the sake of synchrony, I guess we should consider putting the change in place there, too.

I opened a new Bug: https://bugs.openjdk.java.net/browse/JDK-8140244

Shall a change for MacOS X be done as well or just AIX?

Best regards
Christoph

From: cheleswer sahu [mailto:cheleswer.sahu at oracle.com]
Sent: Dienstag, 20. Oktober 2015 12:37
To: daniel.daugherty at oracle.com
Cc: Langer, Christoph <christoph.langer at sap.com>; hotspot-runtime-dev at openjdk.java.net
Subject: Re: RFR[ 9u-dev] JDK-8075773 - jps running as root fails after the fix of JDK-8050807

Hi Dan,
In MacOS X If  "jps" command is executed as a root user, then also it doesn't list java process running by the other users in the same system (tested in 7u72, 7u71 ). This behavior has been not changed in 7u75 (Version in which, bug was introduced). So basically there was no regression for MacOS X. Since there was no regression I had not investigated this for MacOS X.

In Linux/Solaris If "jps" command is executed as a root user, then it list all the java process running in the system, including other users. (This other users, process information were not getting printed correctly after 7u75 )
Since  as a root user "MacOs X" is not listing the process running by the other users, this problem is not getting produced here.

Documentation for "jps" command says:
 The list of JVMs produced by the jps command may be limited by the permissions granted to the principal running the command. The command will only list the JVMs for which the principle has access rights as determined by operating system specific access control mechanisms.

The difference in behavior for "jps" command in "Linux" and "MacOS X"  is may be because of operating system specific access control mechanism.

Regards,
Cheleswer

On 10/16/2015 7:03 PM, Daniel D. Daugherty wrote:

Cheleswer,

Interesting BSD/MacOS X results. Do you have a theory about why this
problem does not show up there?

Please note: I can find no mention of BSD or MacOS X relative to this
bug prior to Christoph Langer's e-mail on 2015.10.14. Perhaps this
was discussed off thread with Jerry or one of your other reviewers.

Dan

On 10/16/15, 6:50 AM, cheleswer sahu wrote:

Hi Dan,
I had tested it before for BSD/MacOS X also, but was not able to reproduce it, therefore the fix has been done only for Posix and Linux.

Regards,
Cheleswer

On 10/15/2015 6:55 PM, Daniel D. Daugherty wrote:

Cheleswer,

The original issue needs to be tested and fixed on all of the
platforms that we (Oracle) support. That includes BSD/MacOS X.

Christoph, I presume that you can test an AIX specific patch
for Cheleswer since I don't think we have any AIX setups in
either the JPRT farm or the Aurora farm (Oracle internal).

Dan

On 10/15/15, 5:31 AM, cheleswer sahu wrote:

Hi Christoph,
I had done fixes only for those platforms which were available to me at that point of time. Thanks for reporting the issue on AIX. I will create a new Bug for this and fix this issue asap.

Regards,
Cheleswer

On 10/15/2015 3:50 AM, Langer, Christoph wrote:

Hi,
Is there any particular reason why you fixed this for Posix and Linux only? I see the same issue occurring on AIX and I believe BSD will have it as well.
If not, I suggest the following fix: http://cr.openjdk.java.net/~clanger/webrevs/8075773.0/ <http://cr.openjdk.java.net/%7Eclanger/webrevs/8075773.0/><http://cr.openjdk.java.net/%7Eclanger/webrevs/8075773.0/>
Please review and sponsor.
This is the bug ID: /https://bugs.openjdk.java.net/browse/JDK-8075773///<https://bugs.openjdk.java.net/browse/JDK-8075773/>
//
/Thanks/
/Christoph/

------------------------------------------------------------

Hi,
Thanks Dmitry and Jerry for your review comments. I have fixed the
spacing and indentation issue.
Update web review link:
http://cr.openjdk.java.net/~poonam/8075773/webrev.01/ <http://cr.openjdk.java.net/%7Epoonam/8075773/webrev.01/><http://cr.openjdk.java.net/%7Epoonam/8075773/webrev.01/>
Regards,
Cheleswer
On 7/28/2015 3:13 AM, Gerald Thornbrugh wrote:
>/Hi Cheleswer,/
>//
>/Other than the issues Dimitry mentioned below your changes look good./
>//
>/I am also not a "Reviewer"./
>//
>/Thanks!/
>//
>/Jerry/
>>/Cheleswer,/
>>//
>>/src/os/linux/vm/perfMemory_linux.cpp/
>>//
>>/220 space missed after ///
>>/222 space missed after !=/
>>//
>>/src/os/solaris/vm/perfMemory_solaris.cpp/
>>//
>>/222 extra space before // (wrong indent)/
>>//
>>/Otherwise looks good. (not a Reviewer)/
>>//
>>/-Dmitry/
>>//
>>//
>>/On 2015-07-27 20:07, cheleswer sahu wrote:/
>>>/Hi,/
>>>//
>>>/Please review the code changes for/
>>>/"//https://bugs.openjdk.java.net/browse/JDK-8075773//<https://bugs.openjdk.java.net/browse/JDK-8075773/>" ./
>>>/Web review Link: //http://cr.openjdk.java.net/~poonam/8075773/webrev.00/ <http://cr.openjdk.java.net/%7Epoonam/8075773/webrev.00/><http://cr.openjdk.java.net/%7Epoonam/8075773/webrev.00/>///
>>>//
>>>/Bug brief: This bug was introduced after the fix of JDK-8050807. JPS/
>>>/reads the process information from/
>>>/"/tmp/hsperfdata_$username_$ProcessID". In order to ensure the file is/
>>>/secure to open and read, it tries to match the UID with the effective/
>>>/user ID of that file. When JPS is run as root user this check gets /
>>>/failed./
>>>//
>>>/Fix: If JPS is running as a root user, then the check which matches, /
>>>/UID/
>>>/with effective user id is skipped./
>>>//
>>>/I have test this fix, it's working fine and found no security issue./
>>>//
>>>//
>>>/Regards,/
>>>/Cheleswer/
>>//
>

More information about the hotspot-runtime-dev mailing list