RFR: 8367583: sun/security/util/AlgorithmConstraints/InvalidCryptoDisabledAlgos.java fails after JDK-8244336
Jaikiran Pai
jpai at openjdk.org
Sat Sep 13 13:55:19 UTC 2025
On Sat, 13 Sep 2025 05:13:39 GMT, Jaikiran Pai <jpai at openjdk.org> wrote:
> Can I please get a review of this test-only change which addresses the test failure in `sun/security/util/AlgorithmConstraints/InvalidCryptoDisabledAlgos.java`?
>
> As noted in https://bugs.openjdk.org/browse/JDK-8367583, this test fails when run in our CI. The test intentionally sets up some Security property which is expected to cause a `ExceptionInInitializerError` when a security API is used. The test also uses the `jdk.test.lib.Utils` test library which in its static block has a piece of code which intializes a `MessageDigest` conditionally depending on whether or not the `build` part of the `Runtime.version()` is greater than `0`. The initialization of `MessageDigest` during the static initialization of the `Utils` class leads to certain security APIs to be used too early and thus causing the `ExceptionInInitializerError` much before the test expected. The test thus ends up failing in that case.
>
> For local builds, build number is by default 0, so this failure wasn't observed locally. In order to reproduce this issue, I built a local JDK with:
>
>
> bash configure --with-version-build=42
> make clean images
>
> I then ran this test against this built JDK and it was able to reproduce this failure.
>
> The change in this PR updates the test to no longer use the test library's `Utils` class and thus avoids this issue. The test continues to test the same APIs and expectations that it was previously doing, except that it does it without the use of this test utility class. I have run this test change locally against a JDK with build number 0 and against a JDK build number greater than 0 and it passes against both.
>
> I'll launched a CI run just to make sure nothing else fails with this change.
I spoke to Weijun and we decided to integrate this.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/27269#issuecomment-3288388358
More information about the security-dev
mailing list