Andres Luuk [Mon, 9 Jul 2018 08:05:25 +0000 (11:05 +0300)]
Custom URL stream handler in ByteArrayClassPath
Otherwise a normal streamhandler lookup is made and if javassist is used early on server startup protses this can lead to a deadlock on rare cases on WebSpheare.
For example. A new StreamHandlerFactory is registered but not jet fully initialized. Now javassist is used at the same time but form another thread and it will be the first one to invoke the new StreamHandlerFactory and now it can deadlock with the other thread:
Snipets from my deadlock:
3XMTHREADINFO "main" J9VMThread:0x000000000175EC00, omrthread_t:0x00007F4120008100, java/lang/Thread:0x00000000624290B8, state:B, prio=5
3XMTHREADBLOCK Blocked on: org/osgi/util/tracker/ServiceTracker$Tracked@0x00000000627F0A90 Owned by: "other-thread" (J9VMThread:0x0000000001B26300, java/lang/Thread:0x00000000629F1458)
3XMHEAPALLOC Heap bytes allocated since last GC cycle=0 (0x0)
3XMTHREADINFO3 Java callstack:
4XESTACKTRACE at org/osgi/util/tracker/ServiceTracker.getServiceReferences(ServiceTracker.java:525)
4XESTACKTRACE at org/eclipse/osgi/framework/internal/protocol/StreamHandlerFactory.createInternalURLStreamHandler(StreamHandlerFactory.java:162)
4XESTACKTRACE at org/eclipse/osgi/framework/internal/protocol/StreamHandlerFactory.createURLStreamHandler(StreamHandlerFactory.java:118)
4XESTACKTRACE at java/net/URL.getURLStreamHandler(URL.java:1154)
4XESTACKTRACE at java/net/URL.<init>(URL.java:611(Compiled Code))
4XESTACKTRACE at java/net/URL.<init>(URL.java:502(Compiled Code))
4XESTACKTRACE at java/net/URL.<init>(URL.java:451)
4XESTACKTRACE at javassist/ByteArrayClassPath.find(JRebel:92)
...
4XESTACKTRACE at java/lang/ClassLoader.loadClassHelper(ClassLoader.java:924(Compiled Code))
5XESTACKTRACE (entered lock: org/eclipse/core/launcher/Main$StartupClassLoader@0x0000000062F3AA88, entry count: 1)
3XMTHREADINFO "other-thread" J9VMThread:0x0000000001B26300, omrthread_t:0x00007F4120A5D060, java/lang/Thread:0x00000000629F1458, state:B, prio=5
3XMTHREADBLOCK Blocked on: org/eclipse/core/launcher/Main$StartupClassLoader@0x0000000062F3AA88 Owned by: "main" (J9VMThread:0x000000000175EC00, java/lang/Thread:0x00000000624290B8)
3XMHEAPALLOC Heap bytes allocated since last GC cycle=0 (0x0)
3XMTHREADINFO3 Java callstack:
4XESTACKTRACE at org/osgi/util/tracker/AbstractTracked.size(AbstractTracked.java:356)
4XESTACKTRACE at org/osgi/util/tracker/ServiceTracker.getServiceReferences(ServiceTracker.java:526)
5XESTACKTRACE (entered lock: org/osgi/util/tracker/ServiceTracker$Tracked@0x00000000627F0A90, entry count: 1)
4XESTACKTRACE at org/eclipse/osgi/framework/internal/protocol/StreamHandlerFactory.createInternalURLStreamHandler(StreamHandlerFactory.java:162)
4XESTACKTRACE at org/eclipse/osgi/framework/internal/protocol/StreamHandlerFactory.createURLStreamHandler(StreamHandlerFactory.java:118)
4XESTACKTRACE at java/net/URL.getURLStreamHandler(URL.java:1154)
4XESTACKTRACE at java/net/URL.<init>(URL.java:611(Compiled Code))
4XESTACKTRACE at java/net/URL.<init>(URL.java:502(Compiled Code))
4XESTACKTRACE at java/net/URL.<init>(URL.java:451)
4XESTACKTRACE at java/net/URI.toURL(URI.java:1100)
4XESTACKTRACE at com/ibm/jsse2/av.a(av.java:92)
4XESTACKTRACE at com/ibm/jsse2/av.engineInit(av.java:7)
4XESTACKTRACE at javax/net/ssl/TrustManagerFactory.init(TrustManagerFactory.java:25)
nickl- [Sat, 11 Nov 2017 20:34:34 +0000 (22:34 +0200)]
Fix #152 inner class modifiers.
Applied fix for #152 "Wrong modifiers returned for nested classes" as suggested by @pietrobraione.
Includes unit tests for all access modifiers and static.
nickl- [Fri, 10 Nov 2017 17:13:01 +0000 (19:13 +0200)]
Unit Test: CtField.make referencing 'this'.
As per question raised in #161 passing 'this' reference for CtField value new object instance.
Also added assert for testing referncing 'this' for newly added field.
nickl- [Sun, 29 Oct 2017 21:42:49 +0000 (23:42 +0200)]
Fixes to javassist.scopepool
Applied parameters and squashed all compiler warnings.
Changed loops to enhanced for where appropriate.
Fixed SoftValueHashMap:
Made it a raw type.
Overwritten implementation of the `get` method correctly unwrapped the reference but the methods
`containsValue` and `entrySet` needed to be fixed.
Implemented the remaining outstanding methods from the `java.util.Map` contract `values`, `putAll`
and `keySet`.
Dropped `AbstractMap` inheritance as we were not inheriting anything anymore.
Changed internal map to `ConcurrentHashMap' to be atomic and parallel safe.
Found original unit tests from jboss retro which are now updated to reflect the javassist
versions of the scoped pool classes. Added tests for the SoftValueHashMap including
test which overloads the heap to ensure the cache cleans itself appropriately.
nickl- [Fri, 27 Oct 2017 06:33:55 +0000 (08:33 +0200)]
Some functional unit tests proofs.
Proves that you cannot access restricted functionality then goes ahead and
mock test all 3 exposures JAVA_9, JAVA_7+ and OTHERS by changing the
private static final class referenced default chosen on initialise.
nickl- [Fri, 27 Oct 2017 06:10:22 +0000 (08:10 +0200)]
Even now Oracle still not happy.
Runtime still throws warnings illegal actions even after all that, there's
just no logic to it. We can use Unsafe but don't touch setAccessible. O well
might as well enjoy Unsafe while we still can.
Wrapped the Unsafe and added method cache with varargs method for invoke calls.
Can still do a lot with it but it does what it needs to for now.
nickl- [Fri, 27 Oct 2017 05:55:08 +0000 (07:55 +0200)]
Add caller class checking.
The only thing remotely inforceable is caller class checking. You cannot
bypass an exception with setAccesible. Oracle went and removed
Reflection.getCallerClass() completely in favour of StackWalker. At least
we can share the SecurityManage ClassContext, SecurityActions seems the
appropriate venue for our stack trace peek to support the older versions
nickl- [Fri, 27 Oct 2017 05:36:38 +0000 (07:36 +0200)]
MethodHandles for JDK7+.
Java 7 and 8 does support method handles so we can cater for them. When doing
repeated invokes to the same method, keeping a reference to the Method handle
is much faster than reflection. Also the API is cleaner not having to Object[]
args etc. Worth the effort...
nickl- [Fri, 27 Oct 2017 04:43:49 +0000 (06:43 +0200)]
Add getMethodHandle to SecurityActions.
The main advantage is that we can do the privileged setAccessible during creation and
then freely invoke via the authorized method handle.
As per the javadocs:
Access checks are applied in the factory methods of Lookup, when a method handle is created.
his is a key difference from the Core Reflection API, since java.lang.reflect.Method.invoke
performs access checking against every caller, on every call.
nickl- [Wed, 25 Oct 2017 18:40:04 +0000 (20:40 +0200)]
Make an effort to secure privileged use.
Oracle (or maybe it was still Sun) warns that we should prevent from exposing access we gain to
privileged functionality like the unsafe etc. Before Oracle decides to restrict us even more lets
make an effort at least.
nickl- [Mon, 30 Oct 2017 18:43:30 +0000 (20:43 +0200)]
Squash compiler warnings in tests.
With the unit tests warnings were squashed by suppressing them with SuppressWarnings annotations, instead of
reparing the issues as was done with the source. Reasons being...
* The tests might be relying on the types as they were defined.
* If the tests were written to test against the correct forms they would've/should've stipulated those.
* Even unused members might be important to tests so we attempt to change as little as possible.
The following were applied during multiple itterations through the source.
* Parameterize raw types.
* Mark unused members.
* Annotate override and deprecated methods.
* Convert loops to enhance for loop.
* Remove redundant else statements.
* Widening collection type references.
* Optimize code for improved readability.
* Squash compiler warnings.
* Identify smells.
nickl- [Wed, 25 Oct 2017 22:33:39 +0000 (00:33 +0200)]
Upgrade junit from ver 3 to 4.
There were minimal changes:
Some tests had their own runners these were discontinued as IDEs/maven run the tests anyway.
Removed the main methods for these.
2 tests were dependent on the running order so added the test sorter.
Andres Luuk [Mon, 10 Apr 2017 14:18:07 +0000 (17:18 +0300)]
Update ClassFile.java
A fix for older JDK8 versions: https://bugs.openjdk.java.net/browse/JDK-8041920
This caused random failures a little time after startup. Reported now so that when we upgrade javassist for JDK9 then we would not have to fork this class.
chibash [Tue, 20 Dec 2016 09:07:11 +0000 (18:07 +0900)]
updates the test code to run on Java 9 EA+149.
Due to the specification change of jigsaw, ClassLoader#defineClass()
cannot be invoked through reflection API. As a workaround,
--add-opens java.base/java.lang=ALL-UNNAMED
must be given to the JVM. The ant target "runtest9" adds this jvm
argument.