Strange test failure when referencing a class in a deprivileged module
Wang Weijun
weijun.wang at oracle.com
Tue Jul 5 03:53:22 UTC 2016
This test fails:
import java.security.Permission;
import java.sql.SQLPermission;
public class SSL extends SecurityManager {
@Override
public void checkPermission(Permission perm, Object context) {
checkPermission(perm);
}
public void checkPermission(Permission perm) {
if (!(perm instanceof SQLPermission)) {
return;
}
}
public static void main(String[] args) throws Exception {
System.setSecurityManager(new SSL());
X.go();
}
static class X {
static void go() {
System.out.println(12);
}
}
}
The exception is at the end of this mail. The test passes if I change X.go() to calling a method inside this class, or change SQLPermission to something defined in one of BOOT_MODULES.
Note: the test is a simplified form of test/sun/security/krb5/auto/SSL.java (hence the name) and it fails when I am trying to deprivilege java.security.jgss.
More observations:
1. If I directly run the test (not with jtreg), error is "java.lang.NoClassDefFoundError: SSL$X".
2. If I directly run the test but with javatest.jar in CLASSPATH, the failure is the same with jtreg run.
Anyway, this test runs fine on jdk8u. Or, must I break the test into 2 parts and grant the SecurityManager part AllPermission? (I haven't tried it though).
Thanks
Max
------
Exception: java.lang.IllegalStateException thrown from the UncaughtExceptionHandler in thread "MainThread"
STATUS:Failed.`main' threw exception: java.lang.IllegalStateException: Recursive update
Exception in thread "main" java.lang.IllegalStateException: Recursive update
at java.util.concurrent.ConcurrentHashMap.computeIfAbsent(java.base at 9-internal/ConcurrentHashMap.java:1767)
at jdk.internal.loader.BuiltinClassLoader.moduleReaderFor(java.base at 9-internal/BuiltinClassLoader.java:727)
at jdk.internal.loader.BuiltinClassLoader.defineClass(java.base at 9-internal/BuiltinClassLoader.java:484)
at jdk.internal.loader.BuiltinClassLoader.lambda$findClassInModuleOrNull$2(java.base at 9-internal/BuiltinClassLoader.java:449)
at java.security.AccessController.doPrivileged(java.base at 9-internal/Native Method)
at jdk.internal.loader.BuiltinClassLoader.findClassInModuleOrNull(java.base at 9-internal/BuiltinClassLoader.java:450)
at jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(java.base at 9-internal/BuiltinClassLoader.java:390)
at jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(java.base at 9-internal/BuiltinClassLoader.java:425)
at jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(java.base at 9-internal/BuiltinClassLoader.java:394)
at jdk.internal.loader.BuiltinClassLoader.loadClass(java.base at 9-internal/BuiltinClassLoader.java:364)
at jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(java.base at 9-internal/ClassLoaders.java:185)
at java.lang.ClassLoader.loadClass(java.base at 9-internal/ClassLoader.java:419)
at SSL.checkPermission(SSL.java:42)
at java.lang.SecurityManager.checkPropertyAccess(java.base at 9-internal/SecurityManager.java:1285)
at java.lang.System.getProperty(java.base at 9-internal/System.java:762)
at sun.security.action.GetPropertyAction.run(java.base at 9-internal/GetPropertyAction.java:87)
at sun.security.action.GetPropertyAction.run(java.base at 9-internal/GetPropertyAction.java:53)
at java.security.AccessController.doPrivileged(java.base at 9-internal/Native Method)
at sun.security.action.GetPropertyAction.privilegedGetProperty(java.base at 9-internal/GetPropertyAction.java:107)
at sun.net.www.protocol.jrt.JavaRuntimeURLConnection.getPermission(java.base at 9-internal/JavaRuntimeURLConnection.java:164)
at java.lang.module.SystemModuleFinder$ImageModuleReader.checkPermissionToConnect(java.base at 9-internal/SystemModuleFinder.java:258)
at java.lang.module.SystemModuleFinder$ImageModuleReader.<init>(java.base at 9-internal/SystemModuleFinder.java:266)
at java.lang.module.SystemModuleFinder$1.get(java.base at 9-internal/SystemModuleFinder.java:174)
at java.lang.module.SystemModuleFinder$1.get(java.base at 9-internal/SystemModuleFinder.java:171)
at java.lang.module.ModuleReference.open(java.base at 9-internal/ModuleReference.java:163)
at jdk.internal.loader.BuiltinClassLoader.createModuleReader(java.base at 9-internal/BuiltinClassLoader.java:735)
at jdk.internal.loader.BuiltinClassLoader.lambda$moduleReaderFor$3(java.base at 9-internal/BuiltinClassLoader.java:727)
at java.util.concurrent.ConcurrentHashMap.computeIfAbsent(java.base at 9-internal/ConcurrentHashMap.java:1716)
at jdk.internal.loader.BuiltinClassLoader.moduleReaderFor(java.base at 9-internal/BuiltinClassLoader.java:727)
at jdk.internal.loader.BuiltinClassLoader.defineClass(java.base at 9-internal/BuiltinClassLoader.java:484)
at jdk.internal.loader.BuiltinClassLoader.lambda$findClassInModuleOrNull$2(java.base at 9-internal/BuiltinClassLoader.java:449)
at java.security.AccessController.doPrivileged(java.base at 9-internal/Native Method)
at jdk.internal.loader.BuiltinClassLoader.findClassInModuleOrNull(java.base at 9-internal/BuiltinClassLoader.java:450)
at jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(java.base at 9-internal/BuiltinClassLoader.java:390)
at jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(java.base at 9-internal/BuiltinClassLoader.java:425)
at jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(java.base at 9-internal/BuiltinClassLoader.java:394)
at jdk.internal.loader.BuiltinClassLoader.loadClass(java.base at 9-internal/BuiltinClassLoader.java:364)
at jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(java.base at 9-internal/ClassLoaders.java:185)
at java.lang.ClassLoader.loadClass(java.base at 9-internal/ClassLoader.java:419)
at SSL.checkPermission(SSL.java:42)
at java.lang.SecurityManager.checkExit(java.base at 9-internal/SecurityManager.java:753)
at java.lang.Runtime.exit(java.base at 9-internal/Runtime.java:120)
at java.lang.System.exit(java.base at 9-internal/System.java:1666)
at com.sun.javatest.Status.exit(Status.java:293)
at com.sun.javatest.regtest.agent.MainWrapper.main(MainWrapper.java:81)
More information about the security-dev
mailing list