Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Changes needed to work with Java 24 #2623

Open
merks opened this issue Dec 3, 2024 · 3 comments
Open

Changes needed to work with Java 24 #2623

merks opened this issue Dec 3, 2024 · 3 comments

Comments

@merks
Copy link
Contributor

merks commented Dec 3, 2024

The latest early access version of Java 24, i.e, 24+26 fails to start when -Djava.security.manager=allow is specified. I.e., eclipse quietly fails to start; via the console we see why/how it fails to start:

$eclipse/eclipse.exe -consoleLog 2>&1 | tee log
CompileCommand: exclude org/eclipse/jdt/internal/core/dom/rewrite/ASTRewriteAnalyzer.getExtendedRange bool exclude = true
WARNING: Using incubator modules: jdk.incubator.vector
Error occurred during initialization of VM
java.lang.Error: A command line option has attempted to allow or enable the Security Manager. Enabling a Security Manager is not supported.
        at java.lang.System.initPhase3(java.base@24-beta/System.java:1948)

That option is specified in the eclipse.ini and is used in quite a few places (in the Platform SDK setup):

image

Even if we were to remove this option from the product, existing installations would retain the option in the eclipse.ini when updating.

Starting with -Djava.security.manager=disallow allows the IDE to start, though it's not so pretty!

$eclipse/eclipse.exe -consoleLog -vmargs -Djava.security.manager=disallow 2>&1 | tee log
CompileCommand: exclude org/eclipse/jdt/internal/core/dom/rewrite/ASTRewriteAnalyzer.getExtendedRange bool exclude = true
WARNING: Using incubator modules: jdk.incubator.vector
WARNING: A terminally deprecated method in sun.misc.Unsafe has been called
WARNING: sun.misc.Unsafe::staticFieldOffset has been called by org.eclipse.osgi.internal.url.MultiplexingFactory (file:/D:/Users/test38/.p2/pool/plugins/org.eclipse.osgi_3.22.100.v20241127-0924.jar)
WARNING: Please consider reporting this to the maintainers of class org.eclipse.osgi.internal.url.MultiplexingFactory
WARNING: sun.misc.Unsafe::staticFieldOffset will be removed in a future release
Dez. 03, 2024 9:31:20 AM org.apache.aries.spifly.BaseActivator log
INFO: Registered provider org.slf4j.simple.SimpleServiceProvider of service org.slf4j.spi.SLF4JServiceProvider in bundle slf4j.simple
WARNING: A restricted method in java.lang.System has been called
WARNING: java.lang.System::loadLibrary has been called by org.eclipse.swt.internal.Library in an unnamed module (file:/D:/Users/test38/sdk-4-35/eclipse/../../.p2/pool/plugins/org.eclipse.swt.win32.win32.x86_64_3.129.0.v20241128-1821.jar)
WARNING: Use --enable-native-access=ALL-UNNAMED to avoid a warning for callers in this module
WARNING: Restricted methods will be blocked in a future release unless native access is enabled

WARNING: Annotation classes from the 'javax.inject' or 'javax.annotation' package found.
It is recommended to migrate to the corresponding replacements in the jakarta namespace.
The Eclipse E4 Platform will remove support for those javax-annotations in a future release.
To suppress this warning, set the VM property: -Declipse.e4.inject.javax.warning=false
To disable processing of 'javax' annotations entirely, set the VM property: -Declipse.e4.inject.javax.disabled=true

!SESSION 2024-12-03 09:31:19.320 -----------------------------------------------
eclipse.buildId=4.35.0.I20241201-1800
java.version=24-beta
java.vendor=Eclipse Adoptium
BootLoader constants: OS=win32, ARCH=x86_64, WS=win32, NL=en_US
Command-line arguments:  -os win32 -ws win32 -arch x86_64 -consoleLog

!ENTRY org.eclipse.ui.workbench 4 0 2024-12-03 09:31:26.740
!MESSAGE Failed to obtain 'WinDefend' service state
!STACK 0
java.io.IOException: Process timed-out and it was attempted to forcefully termiante it
        at org.eclipse.ui.internal.WindowsDefenderConfigurator.runProcess(WindowsDefenderConfigurator.java:405)
        at org.eclipse.ui.internal.WindowsDefenderConfigurator.runPowershell(WindowsDefenderConfigurator.java:379)
        at org.eclipse.ui.internal.WindowsDefenderConfigurator.isWindowsDefenderServiceRunning(WindowsDefenderConfigurator.java:302)
        at org.eclipse.ui.internal.WindowsDefenderConfigurator.runExclusionCheck(WindowsDefenderConfigurator.java:159)
        at org.eclipse.ui.internal.WindowsDefenderConfigurator.lambda$0(WindowsDefenderConfigurator.java:106)
        at org.eclipse.core.runtime.jobs.Job$2.run(Job.java:187)
        at org.eclipse.core.internal.jobs.Worker.run(Worker.java:63)

For further testing, I provisioned the Oomph Platform SDK setup using Java 24 and specifying -Djava.security.manager=disallow. That mostly works fine:

image

I think we shouldn't be logging error from Ant when failing to set the security manager is an expected thing.

image

I think in preparation for upcoming releases of Java we should use -Djava.security.manager=disallow and fix any problems related to that.

Note

  • sun.misc.Unsafe will become a bigger problem eventually
  • --enable-native-access=ALL-UNNAMED will eventually be needed
  • WindowsDefenderConfigurator doesn't work

Locate EA versions of Java 24:

https://api.adoptium.net/v3/assets/feature_releases/24/ea?image_type=jdk&jvm_impl=hotspot&project=jdk&vendor=eclipse

image

@merks
Copy link
Contributor Author

merks commented Dec 12, 2024

Here's another problem with Java 24 that causes loading of p2 update sites to fail:

eclipse-tycho/tycho#4526

I think we'd need to set properties in org.eclipse.equinox.internal.p2.persistence.XMLParser.getParser() where the parser is created.

This demonstrates that the properties are respected when set (to some very small value) so some variation of this should work:

image

HannesWell added a commit to HannesWell/eclipse.pde that referenced this issue Dec 13, 2024
Since Java-24 the security-manager cannot be used anymore and launching
a Java-24 VM fails to launch if the argument
'-Djava.security.manager=allow' is set.

Part of eclipse-platform/eclipse.platform.releng.aggregator#2623
HannesWell added a commit to HannesWell/eclipse.pde that referenced this issue Dec 13, 2024
Since Java-24 the security-manager cannot be used anymore and launching
a Java-24 VM fails to launch if the VM-argument
'-Djava.security.manager=allow' is specified.

Part of eclipse-platform/eclipse.platform.releng.aggregator#2623
HannesWell added a commit to HannesWell/eclipse.platform.releng.aggregator that referenced this issue Dec 13, 2024
HannesWell added a commit to eclipse-pde/eclipse.pde that referenced this issue Dec 14, 2024
Since Java-24 the security-manager cannot be used anymore and launching
a Java-24 VM fails to launch if the VM-argument
'-Djava.security.manager=allow' is specified.

Part of eclipse-platform/eclipse.platform.releng.aggregator#2623
HannesWell added a commit to HannesWell/eclipse.platform.releng.aggregator that referenced this issue Dec 14, 2024
HannesWell added a commit to HannesWell/eclipse.platform that referenced this issue Dec 15, 2024
This avoids trowing+catching an UnsupportedOperationException and
additional (error) logs if setting a SecurityManager is disallowed.
The latter breaks ant-tests that check the log output.

Part of eclipse-platform/eclipse.platform.releng.aggregator#2623
HannesWell added a commit to HannesWell/eclipse.platform that referenced this issue Dec 15, 2024
This avoids trowing+catching an UnsupportedOperationException and
additional (error) logs if setting a SecurityManager is disallowed.
The latter breaks ant-tests that check the log output.

Part of eclipse-platform/eclipse.platform.releng.aggregator#2623
@HannesWell
Copy link
Member

One advantage of disabling the SecurityManager entirely is that the annoying warnings about the deprecation of the SecurityManager vanish:

WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by org.eclipse.ant.internal.core.ant.InternalAntRunner (file: ...)
WARNING: Please consider reporting this to the maintainers of org.eclipse.ant.internal.core.ant.InternalAntRunner
WARNING: System::setSecurityManager will be removed in a future release

On the other hand, one disadvantage when running on Java-17 and disabling a SecurityManager explicitly is that ANT does not handle it's non-support not gracefully as described in:

Don't want to judge the severity of the latter (given that most EPP packages run on 21), but ideally we would just remove existing -Djava.security.manager=allow declarations in existing installations.

HannesWell added a commit to HannesWell/eclipse.platform that referenced this issue Dec 15, 2024
This avoids trowing+catching an UnsupportedOperationException and
additional (error) logs if setting a SecurityManager is disallowed.
The latter breaks ant-tests that check the log output.

Part of eclipse-platform/eclipse.platform.releng.aggregator#2623
HannesWell added a commit to eclipse-platform/eclipse.platform that referenced this issue Dec 15, 2024
This avoids trowing+catching an UnsupportedOperationException and
additional (error) logs if setting a SecurityManager is disallowed.
The latter breaks ant-tests that check the log output.

Part of eclipse-platform/eclipse.platform.releng.aggregator#2623
@jukzi
Copy link
Contributor

jukzi commented Dec 17, 2024

Please note failure eclipse-platform/eclipse.platform#1660, which is likely related

merks added a commit to merks/eclipse.platform.releng.aggregator that referenced this issue Dec 17, 2024
- Define an unconfigure touchpoint to remove
-Djava.security.manager=allow from the eclipse.ini which is done to
ensure that updates will leave installations in a state that can run
with Java 24.
- Do the above for both products and ensure that both products specify
-Dosgi.requiredJavaVersion=21

eclipse-platform#2623
merks added a commit to merks/eclipse.platform.releng.aggregator that referenced this issue Dec 17, 2024
- Define an unconfigure touchpoint to remove
-Djava.security.manager=allow from the eclipse.ini which is done to
ensure that updates will leave installations in a state that can run
with Java 24.
- Do the above for both products and ensure that both products specify
-Dosgi.requiredJavaVersion=21

eclipse-platform#2623
merks added a commit to merks/eclipse.platform.releng.aggregator that referenced this issue Dec 17, 2024
- Define an unconfigure touchpoint to remove
-Djava.security.manager=allow from the eclipse.ini which is done to
ensure that updates will leave installations in a state that can run
with Java 24.
- Do the above for both products and ensure that both products specify
-Dosgi.requiredJavaVersion=21

eclipse-platform#2623
merks added a commit to merks/eclipse.platform.releng.aggregator that referenced this issue Dec 17, 2024
- Define an unconfigure touchpoint to remove
-Djava.security.manager=allow from the eclipse.ini which is done to
ensure that updates will leave installations in a state that can run
with Java 24.
- Do the above for both products and ensure that both products specify
-Dosgi.requiredJavaVersion=21

eclipse-platform#2623
akurtakov pushed a commit to merks/eclipse.platform.releng.aggregator that referenced this issue Dec 17, 2024
- Define an unconfigure touchpoint to remove
-Djava.security.manager=allow from the eclipse.ini which is done to
ensure that updates will leave installations in a state that can run
with Java 24.
- Do the above for both products and ensure that both products specify
-Dosgi.requiredJavaVersion=21

eclipse-platform#2623
merks added a commit that referenced this issue Dec 18, 2024
- Define an unconfigure touchpoint to remove
-Djava.security.manager=allow from the eclipse.ini which is done to
ensure that updates will leave installations in a state that can run
with Java 24.
- Do the above for both products and ensure that both products specify
-Dosgi.requiredJavaVersion=21

#2623
merks added a commit to merks/eclipse.platform.releng.aggregator that referenced this issue Dec 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants