-
Notifications
You must be signed in to change notification settings - Fork 283
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use package prefix to direct search for helper dependencies in OSGi #5973
Merged
+56
−47
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BenchmarksStartupParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 62 cases. Startup time reports for insecure-bankgantt
title insecure-bank - global startup overhead: candidate=1.22.0-SNAPSHOT~ba5a3304e7, baseline=1.22.0-SNAPSHOT~7f4a3c3f59
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.017 s) : 0, 1016845
Total [baseline] (8.666 s) : 0, 8665736
Agent [candidate] (1.012 s) : 0, 1011941
Total [candidate] (8.675 s) : 0, 8674523
section appsec
Agent [baseline] (1.108 s) : 0, 1108427
Total [baseline] (8.753 s) : 0, 8752932
Agent [candidate] (1.099 s) : 0, 1098681
Total [candidate] (8.773 s) : 0, 8773325
section iast
Agent [baseline] (1.119 s) : 0, 1118713
Total [baseline] (9.199 s) : 0, 9199043
Agent [candidate] (1.119 s) : 0, 1119284
Total [candidate] (9.226 s) : 0, 9226420
section profiling
Agent [baseline] (1.182 s) : 0, 1182150
Total [baseline] (8.901 s) : 0, 8900964
Agent [candidate] (1.193 s) : 0, 1193230
Total [candidate] (8.885 s) : 0, 8885093
gantt
title insecure-bank - break down per module: candidate=1.22.0-SNAPSHOT~ba5a3304e7, baseline=1.22.0-SNAPSHOT~7f4a3c3f59
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (632.713 ms) : 0, 632713
BytebuddyAgent [candidate] (628.809 ms) : 0, 628809
GlobalTracer [baseline] (293.637 ms) : 0, 293637
GlobalTracer [candidate] (293.02 ms) : 0, 293020
AppSec [baseline] (49.282 ms) : 0, 49282
AppSec [candidate] (49.11 ms) : 0, 49110
Remote Config [baseline] (665.15 µs) : 0, 665
Remote Config [candidate] (691.434 µs) : 0, 691
Telemetry [baseline] (6.033 ms) : 0, 6033
Telemetry [candidate] (5.961 ms) : 0, 5961
section appsec
BytebuddyAgent [baseline] (634.224 ms) : 0, 634224
BytebuddyAgent [candidate] (628.776 ms) : 0, 628776
GlobalTracer [baseline] (294.852 ms) : 0, 294852
GlobalTracer [candidate] (292.199 ms) : 0, 292199
AppSec [baseline] (138.362 ms) : 0, 138362
AppSec [candidate] (137.238 ms) : 0, 137238
Remote Config [baseline] (642.313 µs) : 0, 642
Remote Config [candidate] (636.875 µs) : 0, 637
Telemetry [baseline] (5.807 ms) : 0, 5807
Telemetry [candidate] (5.719 ms) : 0, 5719
section iast
BytebuddyAgent [baseline] (741.375 ms) : 0, 741375
BytebuddyAgent [candidate] (741.249 ms) : 0, 741249
GlobalTracer [baseline] (276.819 ms) : 0, 276819
GlobalTracer [candidate] (276.863 ms) : 0, 276863
AppSec [baseline] (45.869 ms) : 0, 45869
AppSec [candidate] (46.308 ms) : 0, 46308
Remote Config [baseline] (545.04 µs) : 0, 545
Remote Config [candidate] (553.564 µs) : 0, 554
Telemetry [baseline] (5.72 ms) : 0, 5720
Telemetry [candidate] (5.751 ms) : 0, 5751
IAST [baseline] (14.182 ms) : 0, 14182
IAST [candidate] (14.352 ms) : 0, 14352
section profiling
BytebuddyAgent [baseline] (640.198 ms) : 0, 640198
BytebuddyAgent [candidate] (645.998 ms) : 0, 645998
GlobalTracer [baseline] (352.999 ms) : 0, 352999
GlobalTracer [candidate] (356.546 ms) : 0, 356546
AppSec [baseline] (49.144 ms) : 0, 49144
AppSec [candidate] (49.384 ms) : 0, 49384
Remote Config [baseline] (671.368 µs) : 0, 671
Remote Config [candidate] (680.578 µs) : 0, 681
Telemetry [baseline] (6.066 ms) : 0, 6066
Telemetry [candidate] (6.101 ms) : 0, 6101
ProfilingAgent [baseline] (79.919 ms) : 0, 79919
ProfilingAgent [candidate] (81.048 ms) : 0, 81048
Profiling [baseline] (79.943 ms) : 0, 79943
Profiling [candidate] (81.072 ms) : 0, 81072
Startup time reports for petclinicgantt
title petclinic - global startup overhead: candidate=1.22.0-SNAPSHOT~ba5a3304e7, baseline=1.22.0-SNAPSHOT~7f4a3c3f59
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.017 s) : 0, 1017434
Total [baseline] (9.225 s) : 0, 9225109
Agent [candidate] (1.012 s) : 0, 1012224
Total [candidate] (9.208 s) : 0, 9208417
section appsec
Agent [baseline] (1.096 s) : 0, 1096448
Total [baseline] (9.251 s) : 0, 9250546
Agent [candidate] (1.098 s) : 0, 1098302
Total [candidate] (9.249 s) : 0, 9249036
section iast
Agent [baseline] (1.125 s) : 0, 1124849
Total [baseline] (9.418 s) : 0, 9417542
Agent [candidate] (1.121 s) : 0, 1121233
Total [candidate] (9.401 s) : 0, 9401472
section profiling
Agent [baseline] (1.183 s) : 0, 1182761
Total [baseline] (9.506 s) : 0, 9505856
Agent [candidate] (1.189 s) : 0, 1189492
Total [candidate] (9.452 s) : 0, 9452269
gantt
title petclinic - break down per module: candidate=1.22.0-SNAPSHOT~ba5a3304e7, baseline=1.22.0-SNAPSHOT~7f4a3c3f59
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (633.089 ms) : 0, 633089
BytebuddyAgent [candidate] (629.077 ms) : 0, 629077
GlobalTracer [baseline] (293.906 ms) : 0, 293906
GlobalTracer [candidate] (293.08 ms) : 0, 293080
AppSec [baseline] (49.181 ms) : 0, 49181
AppSec [candidate] (49.121 ms) : 0, 49121
Remote Config [baseline] (667.972 µs) : 0, 668
Remote Config [candidate] (655.164 µs) : 0, 655
Telemetry [baseline] (6.085 ms) : 0, 6085
Telemetry [candidate] (6.002 ms) : 0, 6002
section appsec
BytebuddyAgent [baseline] (627.61 ms) : 0, 627610
BytebuddyAgent [candidate] (628.288 ms) : 0, 628288
GlobalTracer [baseline] (290.986 ms) : 0, 290986
GlobalTracer [candidate] (291.903 ms) : 0, 291903
AppSec [baseline] (137.313 ms) : 0, 137313
AppSec [candidate] (137.448 ms) : 0, 137448
Remote Config [baseline] (638.033 µs) : 0, 638
Remote Config [candidate] (642.157 µs) : 0, 642
Telemetry [baseline] (5.724 ms) : 0, 5724
Telemetry [candidate] (5.728 ms) : 0, 5728
section iast
BytebuddyAgent [baseline] (744.931 ms) : 0, 744931
BytebuddyAgent [candidate] (742.171 ms) : 0, 742171
GlobalTracer [baseline] (278.184 ms) : 0, 278184
GlobalTracer [candidate] (277.741 ms) : 0, 277741
AppSec [baseline] (46.374 ms) : 0, 46374
AppSec [candidate] (46.474 ms) : 0, 46474
Remote Config [baseline] (562.028 µs) : 0, 562
Remote Config [candidate] (561.24 µs) : 0, 561
Telemetry [baseline] (5.812 ms) : 0, 5812
Telemetry [candidate] (5.788 ms) : 0, 5788
IAST [baseline] (14.577 ms) : 0, 14577
IAST [candidate] (14.343 ms) : 0, 14343
section profiling
BytebuddyAgent [baseline] (639.92 ms) : 0, 639920
BytebuddyAgent [candidate] (645.242 ms) : 0, 645242
GlobalTracer [baseline] (353.831 ms) : 0, 353831
GlobalTracer [candidate] (355.297 ms) : 0, 355297
AppSec [baseline] (48.931 ms) : 0, 48931
AppSec [candidate] (49.142 ms) : 0, 49142
Remote Config [baseline] (662.034 µs) : 0, 662
Remote Config [candidate] (670.705 µs) : 0, 671
Telemetry [baseline] (6.103 ms) : 0, 6103
Telemetry [candidate] (6.033 ms) : 0, 6033
ProfilingAgent [baseline] (80.317 ms) : 0, 80317
ProfilingAgent [candidate] (79.857 ms) : 0, 79857
Profiling [baseline] (80.343 ms) : 0, 80343
Profiling [candidate] (79.882 ms) : 0, 79882
LoadParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 24 cases. Request duration reports for insecure-bankgantt
title insecure-bank - request duration [CI 0.99] : candidate=1.22.0-SNAPSHOT~ba5a3304e7, baseline=1.22.0-SNAPSHOT~7f4a3c3f59
dateFormat X
axisFormat %s
section baseline
no_agent (360.456 µs) : 341, 380
. : milestone, 360,
appsec (701.649 µs) : 681, 722
. : milestone, 702,
iast (462.768 µs) : 442, 483
. : milestone, 463,
iast_FULL (513.847 µs) : 493, 534
. : milestone, 514,
iast_INACTIVE (431.497 µs) : 411, 452
. : milestone, 431,
profiling (439.077 µs) : 419, 459
. : milestone, 439,
tracing (437.453 µs) : 416, 459
. : milestone, 437,
section candidate
no_agent (369.218 µs) : 348, 390
. : milestone, 369,
appsec (693.884 µs) : 673, 714
. : milestone, 694,
iast (463.428 µs) : 443, 484
. : milestone, 463,
iast_FULL (524.58 µs) : 504, 545
. : milestone, 525,
iast_INACTIVE (435.439 µs) : 414, 456
. : milestone, 435,
profiling (437.378 µs) : 416, 459
. : milestone, 437,
tracing (430.646 µs) : 410, 451
. : milestone, 431,
Request duration reports for petclinicgantt
title petclinic - request duration [CI 0.99] : candidate=1.22.0-SNAPSHOT~ba5a3304e7, baseline=1.22.0-SNAPSHOT~7f4a3c3f59
dateFormat X
axisFormat %s
section baseline
no_agent (1.332 ms) : 1313, 1352
. : milestone, 1332,
appsec (1.721 ms) : 1697, 1746
. : milestone, 1721,
iast (1.454 ms) : 1430, 1478
. : milestone, 1454,
profiling (1.466 ms) : 1441, 1490
. : milestone, 1466,
tracing (1.464 ms) : 1440, 1489
. : milestone, 1464,
section candidate
no_agent (1.337 ms) : 1318, 1356
. : milestone, 1337,
appsec (1.678 ms) : 1653, 1702
. : milestone, 1678,
iast (1.463 ms) : 1439, 1487
. : milestone, 1463,
profiling (1.452 ms) : 1428, 1477
. : milestone, 1452,
tracing (1.471 ms) : 1447, 1495
. : milestone, 1471,
|
mcculls
changed the title
WIP
Use package prefix to direct search for helper dependencies in OSGi
Oct 3, 2023
mcculls
force-pushed
the
mcculls/limit-osgi-visibility-fix
branch
from
October 3, 2023 10:39
41217e9
to
d9a6ff0
Compare
mcculls
force-pushed
the
mcculls/limit-osgi-visibility-fix
branch
from
October 3, 2023 21:33
d9a6ff0
to
7a3abce
Compare
…package with a common prefix to the class being loaded.
mcculls
force-pushed
the
mcculls/limit-osgi-visibility-fix
branch
from
October 4, 2023 09:19
7a3abce
to
ba5a330
Compare
bantonsson
approved these changes
Oct 6, 2023
return false; // no common package prefix | ||
} | ||
if (c == '.' && ++segmentsMatched >= 3) { | ||
break; // three package segments matched, assume related |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Three is a magic number
Yes it is, it's a magic number
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation
When tracing a library we often need to inject a helper type into its class-loader. Occasionally when a library is deployed across multiple OSGi bundles the helper being injected may need to refer to a super-type that isn't imported. This is usually because the bundle being injected doesn't directly use the super-type, it only uses sub-types exported from a different package. The super-type is in a separate bundle indirectly used by the original bundle, but its package is not accessible due to modularity rules.
When this happens the tracer must temporarily bypass these modularity rules to access that super-type. Previously the tracer did this by searching all direct bundle dependencies for the type. However in rare circumstances this can lead to loader constraint issues.
For example, an application might have a dynamically updated
URLClassLoader
that has the bundle class-loader as its parent, and the bundle might import a package from the system bundle. Both the system bundle and the dynamic loader have access to log4j2, but from different jar locations, and the app bundle doesn't import any log4j2 packages.Assume we inject a log4j2 helper class into the dynamic loader for tracing purposes. That triggers a load request for a log4j2 interface type. The dynamic loader delegates this request to its parent, the app bundle class-loader, which would normally throw a
ClassNotFoundException
because it doesn't provide or import any log4j2 types. However our OSGi support will also check direct dependencies, and in this case it would find the log4j interface type in the system bundle. Unfortunately this is a different type to the one in the dynamic loader, if we returned this then we could break a loader constraint.Note that we cannot easily tell that a downstream class-loader will find the class. Ideally we would like to defer our wider search until the entire multi-class-loader search has been exhausted, but that is not feasible. Similarly class-loader design makes it hard to pass information back to the original class-loader, because it immediately discards any parent CNF exceptions.
We therefore need to direct our search to only those bundles which the original bundle imports related packages from. In other words if the app bundle imported a log4j2 package from the system bundle, and the type being looked up was under a related package then we can be relatively confident about returning that type from the search. In the previous example, the original bundle doesn't import any log4j2 packages and therefore we wouldn't bother searching the system bundle for log4j2 types.
This modified search still satisfies the original injection issue while avoiding the above loader constraint issue.