Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ExecutionException on JacksonDatabind-{58..112} #72

Open
jose opened this issue Jun 19, 2023 · 3 comments
Open

ExecutionException on JacksonDatabind-{58..112} #72

jose opened this issue Jun 19, 2023 · 3 comments

Comments

@jose
Copy link
Member

jose commented Jun 19, 2023

A ExecutionException is thrown when GZoltar is executed on JacksonDatabind-{58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112} (D4J v2.0.0 (<= b8954f0)):

java.util.concurrent.ExecutionException: java.lang.ClassCircularityError: java/security/Permission
        at java.util.concurrent.FutureTask.report(FutureTask.java:122)
        at java.util.concurrent.FutureTask.get(FutureTask.java:192)
        at com.gzoltar.internal.core.test.TestRunner.run(TestRunner.java:39)
        at com.gzoltar.cli.commands.RunTestMethods.execute(RunTestMethods.java:105)
        at com.gzoltar.cli.Main.execute(Main.java:105)
        at com.gzoltar.cli.Main.main(Main.java:40)
Caused by: java.lang.ClassCircularityError: java/security/Permission
        at com.fasterxml.jackson.databind.misc.AccessFixTest$CauseBlockingSecurityManager.checkPermission(AccessFixTest.java:16)
        at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
        at java.io.File.exists(File.java:825)
        at sun.misc.URLClassPath$FileLoader.getResource(URLClassPath.java:1377)
        at sun.misc.URLClassPath.getResource(URLClassPath.java:249)
        at java.net.URLClassLoader$1.run(URLClassLoader.java:366)
        at java.net.URLClassLoader$1.run(URLClassLoader.java:363)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.net.URLClassLoader.findClass(URLClassLoader.java:362)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:418)
        at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:352)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:351)
        at junit.framework.TestResult.addError(TestResult.java:37)
        at junit.framework.TestResult.runProtected(TestResult.java:148)
        at junit.framework.TestResult.run(TestResult.java:125)
        at junit.framework.TestCase.run(TestCase.java:129)
        at junit.framework.TestSuite.runTest(TestSuite.java:255)
        at junit.framework.TestSuite.run(TestSuite.java:250)
        at org.junit.internal.runners.JUnit38ClassRunner.run(JUnit38ClassRunner.java:84)
        at org.junit.runner.JUnitCore.run(JUnitCore.java:160)
        at org.junit.runner.JUnitCore.run(JUnitCore.java:138)
        at com.gzoltar.internal.core.test.junit.JUnitTestTask.call(JUnitTestTask.java:57)
        at com.gzoltar.internal.core.test.junit.JUnitTestTask.call(JUnitTestTask.java:25)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at java.lang.Thread.run(Thread.java:748)
Exception in thread "main" java.lang.ClassCircularityError: java/security/Permission
        at com.fasterxml.jackson.databind.misc.AccessFixTest$CauseBlockingSecurityManager.checkPermission(AccessFixTest.java:16)
        at java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:1262)
        at java.lang.System.setProperties(System.java:680)
        at com.gzoltar.cli.commands.RunTestMethods.execute(RunTestMethods.java:109)
        at com.gzoltar.cli.Main.execute(Main.java:105)
        at com.gzoltar.cli.Main.main(Main.java:40)
@jose jose mentioned this issue Jul 3, 2023
Open
@hondouhe
Copy link

hondouhe commented Aug 6, 2024

I modified the source code of the class com.gzoltar.core.util.IsolatingClassLoader.java by adding the following condition to method loadClass. And it works for JacksonDatabind 58..112.
The added code in line 48:
name.startsWith("java.security.Permission")
As shown in the following picture.
Screenshot from 2024-08-06 23-06-30

I do not know whether this is right. @jose

@hondouhe
Copy link

hondouhe commented Aug 7, 2024
edited
Loading

Since buggy version 58 of JacksonDatabind, a new test class com.fasterxml.jackson.databind.misc.AccessFixTest.java is added. In this class, the inner static class CauseBlockingSecurityManager uses java.security.Permission as a parameter.
Screenshot from 2024-08-07 10-12-53

While this class may have been loaded by the java runtime. Because I found that the rt.jar in JDK/JRE will be loaded when jvm start. And the package java.security is within rt.jar.
Thus, when gzoltar run this test, the IsolatingClassLoader starts to load related classes. When reloading java.security.Permission, a java.lang.ClassCircularityError occurs because java.security.Permission has been loaded by super ClassLoader.
Screenshot from 2024-08-07 10-12-05
Screenshot from 2024-08-07 10-11-42

As the overall classes in package java.security are loaded by super java runtime ClassLoader, when reloading these classes, they can be loaded from super directly. Thus I modified class com.gzoltar.core.util.IsolatingClassLoader.java in line 48 like this.
Screenshot from 2024-08-07 10-21-28

@jose
Copy link
Member Author

jose commented Aug 13, 2024

Many thanks @hondouhe for taking the time to debug this issue and for proposing a fix. I will give it a try on a few bugs from the Defects4J dataset and let you know.

In the meantime, any chance you could create a pull-request with that change to line 48?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jose @hondouhe