To solve my deadlock and infinite loop issue, I'd like to know if it's configurable to disable the dependency on java.security.Policy, or specify a different Java Policy for VFSClassLoaderPolicy.

You can change the CLPolicy, by changing the CLDeployer.

See VFSClassLoaderDescribeDeployer in conf/bootstrap/deployers.xml.

Can you provide a thread snapshot of this lock and post it here?

I don't think this is a JBoss issue.

I can reproduce the problem with a slightly modified URLClassLoader - the modification is only to move the test.support.* classes

(including the policy implementation) outside the bootstrap classloader.

package test;

import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.net.URL;
import java.net.URLClassLoader;
import java.security.CodeSource;
import java.security.PermissionCollection;
import java.security.Policy;
import java.security.ProtectionDomain;

public class EmulateNonBootstrapClassLoader extends URLClassLoader
{
   public EmulateNonBootstrapClassLoader()
   {
      super(new URL[0]);
   }
   
   protected synchronized Class<?> loadClass(String name, boolean resolve) throws ClassNotFoundException
   {
      System.out.println ("loadClass: " + name);
      
      if (name.startsWith("test.support"))
      {
         byte[] buffer = loadByteCode(name);
         ProtectionDomain pd = getProtectionDomain();
         return defineClass(name, buffer, 0, buffer.length, pd);
      }
      return super.loadClass(name, resolve);
   }

   private byte[] loadByteCode(String name) throws ClassNotFoundException
   {
      try
      {
         String resourceName = name.replace('.', '/') + ".class";
         InputStream stream = getResourceAsStream(resourceName);
         ByteArrayOutputStream baos = new ByteArrayOutputStream();
         byte[] buffer = new byte[1024];
         int bytes = stream.read(buffer);
         while (bytes >= 0)
         {
            baos.write(buffer, 0, bytes);
            bytes = stream.read(buffer);
         }
         return baos.toByteArray();
      }
      catch (Exception e)
      {
         throw new ClassNotFoundException("CNFE: " + name, e);
      }
   }

   private ProtectionDomain getProtectionDomain()
   {
      // The actual codesource doesn't matter it is in the classloading in getPermissions that causes the problem 
      CodeSource cs = getClass().getProtectionDomain().getCodeSource();
      PermissionCollection pc = Policy.getPolicy().getPermissions(cs); 
      return new ProtectionDomain(cs, pc);
   }
}

The key issue is that the policy is loading classes from the non-bootstrap classloader which leads to recursion/deadlock

i.e. it can't define the policy for the new class until it can load the new class.

So I created a simple policy that does a classloading request from the same classloader during getPermissions().

package test.support;

import java.security.CodeSource;
import java.security.PermissionCollection;
import java.security.Policy;

public class TestPolicyProvider extends Policy
{
   public PermissionCollection getPermissions(CodeSource cs)
   {
      try
      {
         getClass().getClassLoader().loadClass("test.support.B");
      }
      catch (ClassNotFoundException e)
      {
         throw new Error("Error loading B", e);
      }
      return super.getPermissions(cs);
   }
}

The test driver is the following

package test;

import java.security.Policy;

public class Main
{
   public static void main(String[] args) throws Exception
   {
      // Create a non-bootstrap classloader
      ClassLoader cl = new EmulateNonBootstrapClassLoader();
      
      // Load the policy provider from it
      Class<?> clazz = cl.loadClass("test.support.TestPolicyProvider");
      dumpClass(clazz);

      // Create a new instance and install it
      Policy policy = (Policy) clazz.newInstance();
      Policy.setPolicy(policy);
      
      // Now try to load a class, it will loop when the policy tries to load test.support.B
      clazz = cl.loadClass("test.support.A");
      dumpClass(clazz);
   }
   
   public static void dumpClass(Class<?> clazz)
   {
      System.out.println(clazz.getName() + " cl=" +clazz.getClassLoader() + " pd=" + clazz.getProtectionDomain());
   }
}

The classes A and B are just simple empty classes. The important part is they are not in the bootstrap classloader.

CONCLUSION:

None of the code above contains any jboss specific code. The issue is caused by where the Policy's support classes are located.

This is only works out of the box if the Policy implementation and its support classes are in the bootstrap classloader, i.e. the classpath.

You can see this if you change the first line of Main to use ClassLoader.getSystemClassLoader().

Presumably the bootstrap classloader is doing something special to avoid the problem?

A simple workaround would be to preload the Policy's support classes before installing it.

In this case, it looks to be a custom principal class from the stack trace?

Any docs for configuring VFSClassLoaderDescribeDeployer in bootstrap/deployers.xml with regard to ClassLoaderPolicy?

I played around this in my demos and DZone article:

* http://anonsvn.jboss.org/repos/jbossas/projects/demos/microcontainer/trunk/classloader/src/main/java/org/jboss/demos/classloader/deployers/

* http://java.dzone.com/articles/jboss-microcontainer-classloading

In method determinePolicy() of DecrypterClassLoaderPolicyModule which inherits VFSDeploymentClassLoaderPolicyModule, it calls getRoots() and getExcludedRoots() when instantiating CrypterClassLoaderPolicy, it doesn't seem that both methods are part of VFSDeploymentClassLoaderPolicyModule or its parent classes.

 

CrypterClassLoaderPolicy(getContextName(), getRoots(), getExcludedRoots(), decrypter);

 

Am I miss anything here?

You're probably looking at an older version:

* http://anonsvn.jboss.org/repos/jbossas/projects/jboss-deployers/trunk/deployers-vfs/src/main/java/org/jboss/deployers/vfs/plugins/classloader/VFSDeploymentClassLoaderPolicyModule.java