Skip to content

Commit

Permalink
Remove tests that rely on a SecurityManager.
Browse files Browse the repository at this point in the history 
`SecurityManager` functionality is being removed from Java and these tests already fail with the latest JDK snapshots. The problem that the tests address is only pertinent when there actually is a `SecurityManager`, so the need for them evaporates at the same time.

Also update the remaining part of `FinalizableReferenceQueueClassLoaderUnloadingTest` by migrating from JUnit 3 to JUnit 4 and by using Truth assertions.

RELNOTES=n/a
PiperOrigin-RevId: 705230335
  • Loading branch information
@eamonnmcmanus
eamonnmcmanus authored and Google Java Core Libraries committed Dec 11, 2024
1 parent 2aa8fd9 commit e307cae
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 306 deletions.
167 changes: 14 additions & 153 deletions ...-tests/test/com/google/common/base/FinalizableReferenceQueueClassLoaderUnloadingTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,27 +17,22 @@
package com.google.common.base;

import static com.google.common.base.StandardSystemProperty.JAVA_CLASS_PATH;
import static com.google.common.base.StandardSystemProperty.JAVA_SPECIFICATION_VERSION;
import static com.google.common.base.StandardSystemProperty.PATH_SEPARATOR;
import static java.util.concurrent.TimeUnit.SECONDS;
import static com.google.common.truth.Truth.assertThat;

import com.google.common.collect.ImmutableList;
import com.google.common.testing.GcFinalization;
import java.io.Closeable;
import java.io.File;
import java.lang.ref.WeakReference;
import java.lang.reflect.Constructor;
import java.lang.reflect.Field;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLClassLoader;
import java.security.Permission;
import java.security.Policy;
import java.security.ProtectionDomain;
import java.util.concurrent.Callable;
import java.util.concurrent.Semaphore;
import java.util.concurrent.atomic.AtomicReference;
import junit.framework.TestCase;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.JUnit4;

/**
* Tests that the {@code ClassLoader} of {@link FinalizableReferenceQueue} can be unloaded. These
Expand All @@ -46,9 +41,9 @@
*
* @author Eamonn McManus
*/


public class FinalizableReferenceQueueClassLoaderUnloadingTest extends TestCase {
@AndroidIncompatible
@RunWith(JUnit4.class)
public class FinalizableReferenceQueueClassLoaderUnloadingTest {

/*
* The following tests check that the use of FinalizableReferenceQueue does not prevent the
Expand Down Expand Up @@ -76,13 +71,6 @@ public MyFinalizableWeakReference(Object x, FinalizableReferenceQueue queue) {
public void finalizeReferent() {}
}

private static class PermissivePolicy extends Policy {
@Override
public boolean implies(ProtectionDomain pd, Permission perm) {
return true;
}
}

private WeakReference<ClassLoader> useFrqInSeparateLoader() throws Exception {
final ClassLoader myLoader = getClass().getClassLoader();
URLClassLoader sepLoader = new URLClassLoader(getClassPathUrls(), myLoader.getParent());
Expand All @@ -94,7 +82,7 @@ private WeakReference<ClassLoader> useFrqInSeparateLoader() throws Exception {

Class<?> frqC = FinalizableReferenceQueue.class;
Class<?> sepFrqC = sepLoader.loadClass(frqC.getName());
assertNotSame(frqC, sepFrqC);
assertThat(frqC).isNotSameInstanceAs(sepFrqC);
// Check the assumptions above.

// FRQ tries to load the Finalizer class (for the reference-collecting thread) in a few ways.
Expand All @@ -117,13 +105,13 @@ private WeakReference<ClassLoader> useFrqInSeparateLoader() throws Exception {
Constructor<?> sepFwrCons = sepFwrC.getConstructor(Object.class, sepFrqC);
// The object that we will wrap in FinalizableWeakReference is a Stopwatch.
Class<?> sepStopwatchC = sepLoader.loadClass(Stopwatch.class.getName());
assertSame(sepLoader, sepStopwatchC.getClassLoader());
assertThat(sepLoader).isSameInstanceAs(sepStopwatchC.getClassLoader());
AtomicReference<Object> sepStopwatchA =
new AtomicReference<Object>(sepStopwatchC.getMethod("createUnstarted").invoke(null));
AtomicReference<WeakReference<?>> sepStopwatchRef =
new AtomicReference<WeakReference<?>>(
(WeakReference<?>) sepFwrCons.newInstance(sepStopwatchA.get(), sepFrqA.get()));
assertNotNull(sepStopwatchA.get());
assertThat(sepStopwatchA.get()).isNotNull();
// Clear all references to the Stopwatch and wait for it to be gc'd.
sepStopwatchA.set(null);
GcFinalization.awaitClear(sepStopwatchRef.get());
Expand All @@ -132,131 +120,14 @@ private WeakReference<ClassLoader> useFrqInSeparateLoader() throws Exception {
return new WeakReference<ClassLoader>(sepLoader);
}

private void doTestUnloadable() throws Exception {
WeakReference<ClassLoader> loaderRef = useFrqInSeparateLoader();
GcFinalization.awaitClear(loaderRef);
}

/**
* Tests that the use of a {@link FinalizableReferenceQueue} does not subsequently prevent the
* loader of that class from being garbage-collected.
*/
public void testUnloadableWithoutSecurityManager() throws Exception {
if (isJdk9OrHigher()) {
return;
}
SecurityManager oldSecurityManager = System.getSecurityManager();
try {
System.setSecurityManager(null);
doTestUnloadable();
} finally {
System.setSecurityManager(oldSecurityManager);
}
}

/**
* Tests that the use of a {@link FinalizableReferenceQueue} does not subsequently prevent the
* loader of that class from being garbage-collected even if there is a {@link SecurityManager}.
* The {@link SecurityManager} environment makes such leaks more likely because when you create a
* {@link URLClassLoader} with a {@link SecurityManager}, the creating code's {@link
* java.security.AccessControlContext} is captured, and that references the creating code's {@link
* ClassLoader}.
*/
public void testUnloadableWithSecurityManager() throws Exception {
if (isJdk9OrHigher()) {
return;
}
Policy oldPolicy = Policy.getPolicy();
SecurityManager oldSecurityManager = System.getSecurityManager();
try {
Policy.setPolicy(new PermissivePolicy());
System.setSecurityManager(new SecurityManager());
doTestUnloadable();
} finally {
System.setSecurityManager(oldSecurityManager);
Policy.setPolicy(oldPolicy);
}
}

public static class FrqUser implements Callable<WeakReference<Object>> {
public static FinalizableReferenceQueue frq = new FinalizableReferenceQueue();
public static final Semaphore finalized = new Semaphore(0);

@Override
public WeakReference<Object> call() {
WeakReference<Object> wr =
new FinalizableWeakReference<Object>(new Integer(23), frq) {
@Override
public void finalizeReferent() {
finalized.release();
}
};
return wr;
}
}

public void testUnloadableInStaticFieldIfClosed() throws Exception {
if (isJdk9OrHigher()) {
return;
}
Policy oldPolicy = Policy.getPolicy();
SecurityManager oldSecurityManager = System.getSecurityManager();
try {
Policy.setPolicy(new PermissivePolicy());
System.setSecurityManager(new SecurityManager());
WeakReference<ClassLoader> loaderRef = doTestUnloadableInStaticFieldIfClosed();
GcFinalization.awaitClear(loaderRef);
} finally {
System.setSecurityManager(oldSecurityManager);
Policy.setPolicy(oldPolicy);
}
}

// If you have a FinalizableReferenceQueue that is a static field of one of the classes of your
// app (like the FrqUser class above), then the app's ClassLoader will never be gc'd. The reason
// is that we attempt to run a thread in a separate ClassLoader that will detect when the FRQ
// is no longer referenced, meaning that the app's ClassLoader has been gc'd, and when that
// happens. But the thread's supposedly separate ClassLoader actually has a reference to the app's
// ClasLoader via its AccessControlContext. It does not seem to be possible to make a
// URLClassLoader without capturing this reference, and it probably would not be desirable for
// security reasons anyway. Therefore, the FRQ.close() method provides a way to stop the thread
// explicitly. This test checks that calling that method does allow an app's ClassLoader to be
// gc'd even if there is a still a FinalizableReferenceQueue in a static field. (Setting the field
// to null would also work, but only if there are no references to the FRQ anywhere else.)
private WeakReference<ClassLoader> doTestUnloadableInStaticFieldIfClosed() throws Exception {
final ClassLoader myLoader = getClass().getClassLoader();
URLClassLoader sepLoader = new URLClassLoader(getClassPathUrls(), myLoader.getParent());

Class<?> frqC = FinalizableReferenceQueue.class;
Class<?> sepFrqC = sepLoader.loadClass(frqC.getName());
assertNotSame(frqC, sepFrqC);

Class<?> sepFrqSystemLoaderC =
sepLoader.loadClass(FinalizableReferenceQueue.SystemLoader.class.getName());
Field disabled = sepFrqSystemLoaderC.getDeclaredField("disabled");
disabled.setAccessible(true);
disabled.set(null, true);

Class<?> frqUserC = FrqUser.class;
Class<?> sepFrqUserC = sepLoader.loadClass(frqUserC.getName());
assertNotSame(frqUserC, sepFrqUserC);
assertSame(sepLoader, sepFrqUserC.getClassLoader());

Callable<?> sepFrqUser = (Callable<?>) sepFrqUserC.getDeclaredConstructor().newInstance();
WeakReference<?> finalizableWeakReference = (WeakReference<?>) sepFrqUser.call();

GcFinalization.awaitClear(finalizableWeakReference);

Field sepFrqUserFinalizedF = sepFrqUserC.getField("finalized");
Semaphore finalizeCount = (Semaphore) sepFrqUserFinalizedF.get(null);
boolean finalized = finalizeCount.tryAcquire(5, SECONDS);
assertTrue(finalized);

Field sepFrqUserFrqF = sepFrqUserC.getField("frq");
Closeable frq = (Closeable) sepFrqUserFrqF.get(null);
frq.close();

return new WeakReference<ClassLoader>(sepLoader);
@Test
public void testUnloadable() throws Exception {
WeakReference<ClassLoader> loaderRef = useFrqInSeparateLoader();
GcFinalization.awaitClear(loaderRef);
}

private URL[] getClassPathUrls() {
Expand Down Expand Up @@ -286,14 +157,4 @@ private static ImmutableList<URL> parseJavaClassPath() {
}
return urls.build();
}

/**
* These tests fail in JDK 9 and JDK 10 for an unknown reason. It might be the test; it might be
* the underlying functionality. Fixing this is not a high priority; if you need it to be fixed,
* please comment on <a href="https://github.com/google/guava/issues/3086">issue 3086</a>.
*/
private static boolean isJdk9OrHigher() {
return JAVA_SPECIFICATION_VERSION.value().startsWith("9")
|| JAVA_SPECIFICATION_VERSION.value().startsWith("10");
}
}
Loading

0 comments on commit e307cae

Please sign in to comment.