Thoughts on possible options to JDK-8027598
Bradford Wetmore
bradford.wetmore at oracle.com
Wed Nov 20 01:44:02 UTC 2013
On 11/19/2013 4:19 PM, Rajan Halade wrote:
> I am working towards fixing JDK-8027598
> <https://bugs.openjdk.java.net/browse/JDK-8027598>, there are multiple
> options available here and would appreciate your thoughts on this. It
> was filed to address the issue at large reported inJDK-8027526
> <https://bugs.openjdk.java.net/browse/JDK-8027526>.
>
> Problem - When a regression test is run in agentvm mode and alters
> security providers, it can cause adverse effects on next tests executed
> in the batch. We have been batteling with few intermittent failures
> which are caused by scenario like this so I think it is important to
> have this fix.
>
> Possible approaches -
> 1. Enhance JTREG - This option would require change in jtreg to
> store/restore security providers when run in agentvm mode.
That is my preference. I'm also cc'ing Jonathan Gibbons who should also
be involved.
I believe you can just look to see if the provider list has been
updated, then restore only if that is the case.
> 2. Update impacting tests to run in othervm - simple change but may slow
> down batch execution slightly.
Correct.
I am not suggesting the following, but one other thing that was proposed
was to update the Makefiles to run the java_security* targets in
othervm, but that doesn't work when calling jtreg directly, and impacts
all tests in that target.
> 3. Update each test to use library
> java/security/KeyPairGenerator/Failover.java like done in
> java/security/Provider tests - another easy change and tests would
> continue to run agentvm but would have added overhead of restoring
> providers.
>
> We will continue to pursue option 1 but many not be possible. Option 2 &
> 3 above are equally good and are debatable so would like your thoughts
> on it.
I would suggest pursing in order 1, 3, 2.
Brad
>
> Thanks,
> Rajan
>
>
More information about the security-dev
mailing list