RFR: JDK-8142508: To bring j.u.z.ZipFile's native implementation to Java to remove the expensive jni cost and mmap crash risk

Seán Coffey sean.coffey at oracle.com
Tue Dec 8 10:38:53 UTC 2015 

Looks good Sherman.

I'll look after the possible zerror enhancement as part of 
https://bugs.openjdk.java.net/browse/JDK-8144055

I think printing just the file name itself without path is safe. We 
could decide whether installation of a security manager should be a 
factor for such cases. Zip exceptions often come to us without a hint of 
which file was being worked on at time of exception. It'll certainly 
help to have this info.

Regards,
Sean.

On 07/12/2015 19:03, Xueming Shen wrote:
> Hi Sean,
>
> Thanks for the review. Webrev has been updated accordingly. The
> only suggestion I did not follow is to append the file name into the
> zip error/exception message. I would assume it might have vuln
> concern if the file name is published in such exception. It might be
> OK to only publish the "name" part (exclude the parent path) in such
> scenario, but I would prefer to leave this to a separate rfe, if desired.
>
> http://cr.openjdk.java.net/~sherman/8142508/webrev
>
> Thanks,
> Sherman
>
> On 12/07/2015 08:51 AM, Seán Coffey wrote:
>> Hi Sherman,
>>
>> Nice work. It'll certainly help protect the VM from bad application 
>> code. I've no major issues with the new code. Some comments below.
>>
>> src/java.base/share/classes/java/util/zip/ZipFile.java
>> unused import :
>>> import java.nio.file.Path;
>>
>> line 840 : This could be marked final
>>> private Key key;
>>
>> line 914 :  Same here (final)
>>
>>> private static HashMap<Key, Source> files = new HashMap<>();
>>
>> While in this class, could you also mark inflaterCache as final (line 
>> 451)
>>
>>
>> -        String prop = 
>> sun.misc.VM.getSavedProperty("sun.zip.disableMemoryMapping");
>> With this property removed, I think you'll need to update 
>> src/java.base/share/classes/sun/misc/VM.java line 278 also. It 
>> becomes redundant code.
>>
>> We'll also need to log a sub-task to track doc updates to highlight 
>> that this property is no longer relevant.
>>
>> ZipFile : line 195 :
>>
>> Objects.requireNonNull(charset, "charset");
>>
>> You've changed the order of exception throwing here. To aid with a 
>> possible backport (and behaviour), could you consider moving the 
>> check to post the 'mode' checks ? If you can't, I'll just remember it 
>> when backporting!
>>
>> line 525 :
>>
>> byte[] cen = zsrc.cen;
>>
>> It might be no harm to insert a comment here saying that the caller 
>> method must check for 'ensureOpen' ?
>>
>> I think you need a ensureOpen check on the new initDataOffset() 
>> method. You could hit an NPE otherwise. E.g. :
>>>     ZipFile zf = new ZipFile(new File("/tmp/jtreg.zip"));
>>>     ZipEntry ze = zf.getEntry("jtreg/release");
>>>     InputStream is = zf.getInputStream(ze);
>>>     zf.close();
>>>     is.skip(1);
>>
>> There might be room for a small improvement on the zerror method. Could
>> you pre-append the name of the File to each exception message via 
>> this method ?
>>
>> On the new test, are you planning to add this to the jtreg tests or 
>> will it be
>> a manual stand alone ? It would have to be tuned down in terms of 
>> resources
>> if added to the auto-test list.
>> Regards,
>> Sean.
>> On 11/11/15 20:22, Xueming Shen wrote:
>>> Hi
>>>
>>> Please help review the changes for JDK-8142508 (third try)
>>>
>>> Issue: https://bugs.openjdk.java.net/browse/JDK-8142508
>>> webrev: http://cr.openjdk.java.net/~sherman/8142508/webrev
>>>
>>> Mainly to address the issues in current j.u.z.ZipFile implementation 
>>> as listed
>>> below
>>>
>>> (1) The ZIP file format support code is in native C (shared with the 
>>> VM via
>>>      ZipFile.c -> zip_util.c). Any entry lookup, creation operation 
>>> requires multiple
>>>      round-trips of expensive jni calls.
>>>
>>> (2) The native C implementation which uses mmap to map in the 
>>> central directory
>>>      table appears to be a big risk of vm crash when the underlying 
>>> jar file gets
>>>      overwritten with new contents while it is still being used by 
>>> other ZipFile. The
>>>      crash reports keep coming in even after we have introduced in 
>>> system flag
>>>      to disable it (sun.zip.disableMemoryMapping).
>>>
>>> (3) The use of "filename + lastModified()" cache (zip_util.c) 
>>> appears to be broken
>>>      if the timestamp is in low resolution/precision 
>>> (File.getModified() for example,
>>>      might only have "second" ersolution on solaris/linux), and/or 
>>> the file is being
>>>      overwritten.
>>>
>>> The clean solution appears to bring the ZIP format support code 
>>> completely from
>>> native to Java to remove the jni invocation cost and the mmap risk. 
>>> Also to use
>>> the fileKey and lastModified from 
>>> java.nio.file.attribute.BasicFileAttributes to have
>>> better/correct cache matching.
>>>
>>> Benchmark:
>>>
>>> This simple jmh measurement suggests a big boost of the performance of
>>> ZipFile.getEntry()/entries()/getStream() which are basically entry 
>>> related
>>> accesses (the "open only" has some regression, which is expected as we
>>> switched from the mmap to simply read the cen table in into a byte[])
>>>
>>> http://cr.openjdk.java.net/~sherman/8142508/MyBenchmark.java
>>>
>>> # JDK9 base
>>>
>>> Benchmark                  Mode  Cnt    Score    Error  Units
>>> MyBenchmark.testEntries    avgt   50   13.671 ±  0.385  ms/op
>>> MyBenchmark.testGetEntry   avgt   50   17.414 ±  0.803  ms/op
>>> MyBenchmark.testGetStream  avgt   50   42.398 ± 10.136  ms/op
>>> MyBenchmark.testOpen       avgt   50    3.049 ±  0.094  ms/op
>>> MyBenchmark.testRead       avgt   50  215.179 ±  9.926  ms/op
>>> MyBenchmark.testReadAll    avgt   50  244.422 ± 19.375  ms/op
>>> -------------------------------------------------------------------------------------- 
>>>
>>> # JDK9 ZipFile without jni invocation
>>>
>>> Benchmark                  Mode  Cnt    Score    Error  Units
>>> MyBenchmark.testEntries    avgt   50    6.436 ±  0.422  ms/op
>>> MyBenchmark.testGetEntry   avgt   50   10.021 ±  0.699  ms/op
>>> MyBenchmark.testGetStream  avgt   50   38.713 ± 16.687  ms/op
>>> MyBenchmark.testOpen       avgt   50    3.288 ±  0.119  ms/op
>>> MyBenchmark.testRead       avgt   50  220.653 ±  8.529  ms/op
>>> MyBenchmark.testReadAll    avgt   50  249.798 ± 18.438  ms/op
>>> --------------------------------------------------------------------------------------- 
>>>
>>>
>>> Test:
>>> http://cr.openjdk.java.net/~sherman/8142508/webrev/test/java/util/zip/ZipFile/TestZipFile.java.html 
>>>
>>>
>>> Verified the new ZipFile runs as expected when the underlying 
>>> jar/zip file get
>>> deleted/overwritten when the zip still be used. The "old" ZipFile 
>>> fails to continue
>>> to work but no crash, and the "new" one works correctly on updated 
>>> zip file
>>> without problem (The test runs a little long, have not decided if it 
>>> should be
>>> checked in as unit test).
>>>
>>> -Sherman
>>>
>>
>

More information about the core-libs-dev mailing list