Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8179515

Class java.util.concurrent.ThreadLocalRandom fails to Initialize when using SecurityManager

    Details

    • Subcomponent:
    • Resolved In Build:
      b170
    • CPU:
      generic
    • OS:
      generic
    • Verification:
      Not verified

      Backports

        Description

        FULL PRODUCT VERSION :
        java version "1.8.0_121"
        Java(TM) SE Runtime Environment (build 1.8.0_121-b13)
        Java HotSpot(TM) 64-Bit Server VM (build 25.121-b13, mixed mode)


        ADDITIONAL OS VERSION INFORMATION :
        Linux 2.6.32-696.el6.x86_64

        A DESCRIPTION OF THE PROBLEM :
        The Java VM was launched with a SecurityManager enabled. The following Java system properties were set on the command line used to launch the Java VM:
        -Djava.security.policy=my.policy -Djava.security.manager

        The ThreadLocalRandom class failed to initialize. The following stack trace was seen:

        Caused by: java.lang.NullPointerException
               at java.util.concurrent.ThreadLocalRandom.getProbe(ThreadLocalRandom.java:981)
               at java.util.concurrent.ConcurrentHashMap.fullAddCount(ConcurrentHashMap.java:2526)
               at java.util.concurrent.ConcurrentHashMap.addCount(ConcurrentHashMap.java:2266)
               at java.util.concurrent.ConcurrentHashMap.replaceNode(ConcurrentHashMap.java:1166)
               at java.util.concurrent.ConcurrentHashMap.remove(ConcurrentHashMap.java:1097)
               at java.security.ProtectionDomain$PDCache.processQueue(ProtectionDomain.java:522)
               at java.security.ProtectionDomain$PDCache.get(ProtectionDomain.java:507)
               at sun.security.provider.PolicyFile.implies(PolicyFile.java:1080)
               at java.security.ProtectionDomain.implies(ProtectionDomain.java:285)
               at java.security.AccessControlContext.checkPermission(AccessControlContext.java:450)
               at java.security.AccessController.checkPermission(AccessController.java:884)
               at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
               at com.iontrading.arc.bootstrap.security.VerboseSecurityManager.checkPermission(VerboseSecurityManager.java:23)
               at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1294)
               at java.lang.System.getProperty(System.java:717)
               at sun.security.action.GetPropertyAction.run(GetPropertyAction.java:84)
               at sun.security.action.GetPropertyAction.run(GetPropertyAction.java:49)
               at java.security.AccessController.doPrivileged(Native Method)
               at java.util.concurrent.ThreadLocalRandom.initialSeed(ThreadLocalRandom.java:138)
               at java.util.concurrent.ThreadLocalRandom.<clinit>(ThreadLocalRandom.java:135)
               ... 29 more

        All but one of the above code lines come from classes in the standard Oracle JDK version 8u121. The class com.iontrading.arc.bootstrap.security.VerboseSecurityManager is a lightweight wrapper around class java.lang.SecurityManager which it extends. The code line cited in the stack trace (VerboseSecurityManager.java:23) simply delegates to the superclass (calls super.checkPermission). So I claim that the VerboseSecurityManager is not relevant to the issue and the issue could occur with the standard SecurityManager.

        The problem appears to me to be caused as follows: java.util.concurrent.ThreadLocalRandom class initializer requires to use the java.lang.SecurityManager to read a system property. The SecurityManager requires ThreadLocalRandom class to process the policy file. So there appears to be a cyclic dependency in the Oracle JDK.



        REGRESSION. Last worked in version 8u111

        ADDITIONAL REGRESSION INFORMATION:
        java version "1.8.0_102"
        Java(TM) SE Runtime Environment (build 1.8.0_102-b14)
        Java HotSpot(TM) 64-Bit Server VM (build 25.102-b14, mixed mode)

        STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
        I do not have a step by step process to reproduce what I describe in the description field of this form. I have supplied sample code below to reproduce a problem when using java.util.concurrent.ThreadLocalRandom class in the SecurityManager class.


        ERROR MESSAGES/STACK TRACES THAT OCCUR :
        Please see description above.

        REPRODUCIBILITY :
        This bug can be reproduced occasionally.

        ---------- BEGIN SOURCE ----------
        The following sample source code illustrates the problem with using the class java.util.concurrent.ThreadLocalRandom in the SecurityManager. The sample source does not do exactly the same as the java.lang.SecurityManager class and it does not recreate the stack trace that I have provided in the description of this bug. However I claim that the sample source shows the nature of the problem found in the Oracle JDK.

        file TLR.java :

        public class TLR {

            public static void main(String[] args) {
                java.util.concurrent.ThreadLocalRandom tlr = java.util.concurrent.ThreadLocalRandom.current();
                System.out.println(tlr.nextLong());
            }
        }

        file MySecMan.java

        import java.security.Permission;

        public class MySecMan extends SecurityManager {

            @Override
            public void checkPermission(final Permission p) {
                java.util.concurrent.ThreadLocalRandom tlr = java.util.concurrent.ThreadLocalRandom.current();
                System.out.println(tlr.nextLong() + String.valueOf(p));
                super.checkPermission(p);
            }
            
            @Override
            public void checkPermission(Permission p, Object context) {
                java.util.concurrent.ThreadLocalRandom tlr = java.util.concurrent.ThreadLocalRandom.current();
                System.out.println(tlr.nextLong() + String.valueOf(p));
                super.checkPermission(p, context);
            }
            
        }

        command line to execute:
        java -cp . -Djava.security.manager=MySecMan TLR

        ---------- END SOURCE ----------

        CUSTOMER SUBMITTED WORKAROUND :
        No workaround found.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  dholmes David Holmes
                  Reporter:
                  webbuggrp Webbug Group
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  10 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: