dragonwell-releng / dragonwell-adoptium

0 stars 0 forks source link

【dragonwell21】在x64/aarch64平台security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java运行失败 #269

Closed owanqian closed 11 months ago

owanqian commented 11 months ago

https://tone.aliyun-inc.com/ws/xesljfzh/test_result/244256?tab=2

【环境准备】

wget -O binary.tar.gz https://dragonwell.oss-cn-shanghai.aliyuncs.com/test-59/OpenJDK21U-jdk_x64_linux_dragonwell_2023-11-02-02-07.tar.gz
wget -O test-image.tar.gz https://dragonwell.oss-cn-shanghai.aliyuncs.com/test-59/OpenJDK21U-testimage_x64_linux_dragonwell_2023-11-02-02-07.tar.gz
wget -O jtreg.zip https://compiler-ci-bucket.oss-cn-hangzhou.aliyuncs.com/jdk/tools/jtreg-7.3.1.zip
git clone https://github.com/dragonwell-project/dragonwell21.git -b wip_dragonwell_standard_merge_branch jdk-repo

mkdir binary-download 
tar xzvf binary.tar.gz -C binary-download ; cd binary-download && export JAVA_HOME=$PWD ; export PATH=$JAVA_HOME/bin:$PATH ; export TEST_JDK_HOME=$JAVA_HOME &&cd -
make test-image ; tar xzvf test-image.tar.gz -C test-image
unzip jtreg.zip; cd jtreg ; export JT_HOME=$PWD ; export PATH=$PWD/bin:$PATH ; cd -

test=\
jdk-repo/test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java

args='-Xmixed'
native='-nativepath:./test-image/hotspot/jtreg/native'
jtreg -w jt-work -nr -v:fail,error  $native $args $test

1个用例共计38个子项的测试全是同样问题. security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#actalisauthenticationrootca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#affirmtrustcommercialca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#affirmtrustnetworkingca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#affirmtrustpremiumca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#affirmtrustpremiumeccca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#amazonrootca1 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#amazonrootca2 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#amazonrootca3 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#amazonrootca4 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#buypassclass2ca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#buypassclass3ca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#certignarootca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#comodoeccca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#comodorsaca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#entrustrootcaec1 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#entrustrootcag4 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#globalsigneccrootcar4 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#globalsignrootcar6 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#godaddyrootg2ca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#gtsrootcar1 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#gtsrootcar2 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#gtsrootecccar3 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#gtsrootecccar4 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#letsencryptisrgx1 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#microsoftecc2017 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#microsoftrsa2017 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#quovadisrootca1g3 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#quovadisrootca2g3 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#quovadisrootca3g3 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#sslrooteccca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#sslrootevrsaca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#sslrootrsaca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#starfieldrootg2ca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#teliarootcav2 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#teliasonerarootcav1 security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#twcaglobalrootca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#usertrusteccca security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#usertrustrsaca

【对比测试】

dragonwell21 release无

temurin21 同样问题 wget https://github.com/adoptium/temurin21-binaries/releases/download/jdk-21.0.1%2B12/OpenJDK21U-jdk_x64_linux_hotspot_21.0.1_12.tar.gz

[root@VM20190228-137 t21]# java -version; java -Xinternalversion
openjdk version "21.0.1" 2023-10-17 LTS
OpenJDK Runtime Environment Temurin-21.0.1+12 (build 21.0.1+12-LTS)
OpenJDK 64-Bit Server VM Temurin-21.0.1+12 (build 21.0.1+12-LTS, mixed mode, sharing)
OpenJDK 64-Bit Server VM (21.0.1+12-LTS) for linux-amd64 JRE (21.0.1+12-LTS), built on 2023-10-17T00:00:00Z by "admin" with gcc 11.2.0

【用例日志】

Tone完整日志:

ACTION: main -- Failed. Execution failed: `main' threw exception: java.lang.NullPointerException: Cannot invoke "java.security.cert.X509Certificate.getSubjectX500Principal()" because "this.rootCertificate" is null
REASON: User specified action: run main/othervm -Djava.security.debug=certpath,ocsp CAInterop usertrustrsaca OCSP
TIME:   0.326 seconds
messages:
command: main -Djava.security.debug=certpath,ocsp CAInterop usertrustrsaca OCSP
reason: User specified action: run main/othervm -Djava.security.debug=certpath,ocsp CAInterop usertrustrsaca OCSP
started: Tue Nov 14 10:29:18 CST 2023
Mode: othervm [/othervm specified]
finished: Tue Nov 14 10:29:18 CST 2023
elapsed time (seconds): 0.326
configuration:
STDOUT:
=====================================================
CONFIGURATION
=====================================================
http.proxyHost :null
http.proxyPort :null
https.proxyHost :null
https.proxyPort :null
https.socksProxyHost :null
https.socksProxyPort :null
jdk.certpath.disabledAlgorithms :MD2, MD5, SHA1 jdkCA & usage TLSServer, RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224, SHA1 usage SignedJAR & denyAfter 2019-01-01
com.sun.security.enableCRLDP :false
ocsp.enable :true
=====================================================
STDERR:
java.lang.NullPointerException: Cannot invoke "java.security.cert.X509Certificate.getSubjectX500Principal()" because "this.rootCertificate" is null
        at ValidatePathWithURL.<init>(ValidatePathWithURL.java:64)
        at CAInterop.validate(CAInterop.java:619)
        at CAInterop.main(CAInterop.java:564)
        at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
        at java.base/java.lang.reflect.Method.invoke(Method.java:580)
        at com.sun.javatest.regtest.agent.MainWrapper$MainTask.run(MainWrapper.java:138)
        at java.base/java.lang.Thread.run(Thread.java:1583)

JavaTest Message: Test threw exception: java.lang.NullPointerException: Cannot invoke "java.security.cert.X509Certificate.getSubjectX500Principal()" because "this.rootCertificate" is null
JavaTest Message: shutting down test

STATUS:Failed.`main' threw exception: java.lang.NullPointerException: Cannot invoke "java.security.cert.X509Certificate.getSubjectX500Principal()" because "this.rootCertificate" is null

【版本信息】

[root@VM20190228-137 d21]# uname -a ; cat /etc/os-release ; free -h; lscpu| head -n 25;java -version; java -Xinternalversion
Linux VM20190228-137 5.10.134-14.al8.x86_64 #1 SMP Thu Apr 27 16:46:29 CST 2023 x86_64 x86_64 x86_64 GNU/Linux
NAME="Alibaba Cloud Linux"
VERSION="3 (Soaring Falcon)"
ID="alinux"
ID_LIKE="rhel fedora centos anolis"
VERSION_ID="3"
PLATFORM_ID="platform:al8"
PRETTY_NAME="Alibaba Cloud Linux 3 (Soaring Falcon)"
ANSI_COLOR="0;31"
HOME_URL="https://www.aliyun.com/"

              total        used        free      shared  buff/cache   available
Mem:           15Gi       618Mi       446Mi       778Mi        14Gi        13Gi
Swap:            0B          0B          0B
Architecture:        x86_64
CPU op-mode(s):      32-bit, 64-bit
Byte Order:          Little Endian
CPU(s):              4
On-line CPU(s) list: 0-3
Thread(s) per core:  2
Core(s) per socket:  1
Socket(s):           2
NUMA node(s):        1
Vendor ID:           GenuineIntel
BIOS Vendor ID:      Alibaba Cloud
CPU family:          6
Model:               85
Model name:          Intel(R) Xeon(R) Platinum 8163 CPU @ 2.50GHz
BIOS Model name:     pc-i440fx-2.1
Stepping:            4
CPU MHz:             2500.012
BogoMIPS:            5000.02
Hypervisor vendor:   KVM
Virtualization type: full
L1d cache:           32K
L1i cache:           32K
L2 cache:            1024K
L3 cache:            33792K
NUMA node0 CPU(s):   0-3
openjdk version "21.0.1" 2023-10-17
OpenJDK Runtime Environment (Alibaba Dragonwell Standard Edition)-21.0.1.0.1+12-GA (build 21.0.1)
OpenJDK 64-Bit Server VM (Alibaba Dragonwell Standard Edition)-21.0.1.0.1+12-GA (build 21.0.1, mixed mode, sharing)
OpenJDK 64-Bit Server VM (21.0.1) for linux-amd64 JRE (21.0.1), built on 2023-10-17T00:00:00Z by "dragonwell" with gcc 11.2.0
sendaoYan commented 11 months ago

https://github.com/dragonwell-project/dragonwell21/issues/7

sendaoYan commented 11 months ago

https://code.alibaba-inc.com/os-quality/tone-matrix/codereview/14714417