Thoughts on possible options to JDK-8027598

Bradford Wetmore bradford.wetmore at
Tue Nov 19 17:44:02 PST 2013

On 11/19/2013 4:19 PM, Rajan Halade wrote:
> I am working towards fixing JDK-8027598
> <>, there are multiple
> options available here and would appreciate your thoughts on this. It
> was filed to address the issue at large reported inJDK-8027526
> <>.
> Problem - When a regression test is run in agentvm mode and alters
> security providers, it can cause adverse effects on next tests executed
> in the batch. We have been batteling with few intermittent failures
> which are caused by scenario like this so I think it is important to
> have this fix.
> Possible approaches -
> 1. Enhance JTREG - This option would require change in jtreg to
> store/restore security providers when run in agentvm mode.

That is my preference.  I'm also cc'ing Jonathan Gibbons who should also 
be involved.

I believe you can just look to see if the provider list has been 
updated, then restore only if that is the case.

> 2. Update impacting tests to run in othervm - simple change but may slow
> down batch execution slightly.


I am not suggesting the following, but one other thing that was proposed 
was to update the Makefiles to run the java_security* targets in 
othervm, but that doesn't work when calling jtreg directly, and impacts 
all tests in that target.

> 3. Update each test to use library
> java/security/KeyPairGenerator/ like done in
> java/security/Provider tests - another easy change and tests would
> continue to run agentvm but would have added overhead of restoring
> providers.
> We will continue to pursue option 1 but many not be possible. Option 2 &
> 3 above are equally good and are debatable so would like your thoughts
> on it.

I would suggest pursing in order 1, 3, 2.


> Thanks,
> Rajan

More information about the security-dev mailing list