RFR 8167546: enhance os::file_name_strncmp() on Mac OSX (original) (raw)

Ioi Lam ioi.lam at oracle.com
Tue Oct 9 17:47:19 UTC 2018

Hi Gerard,

Thanks for being patient with my review comments :-)

I like the latest changes. My only suggestions are for the string operations:

There's a chance that num may be longer than PATH_MAX;

     char path2[PATH_MAX] = {'\0'};      strncpy(path2, s2, num);

Also, I am not exactly sure on osx if PATH_MAX includes the trailing NUL character. So it's better safe than sorry:

    if (num > PATH_MAX) {         return -1;     }

    char path2[PATH_MAX+1] = {'\0'};     strncpy(path2, s2, min(num, PATH_MAX));

Also, resolved1 and resolved2 are safer with PATH_MAX+1.

Also, realpath() returns NULL in case of error, so it's better to check for that as well.

Thanks

On 10/9/18 9:30 AM, Gerard Ziemski wrote:

hi Ioi, Jiangli,

After Ioi provided me with some interesting use cases I gave it some more thought, and I believe that the solution we need here is to fully resolve the paths using “realpath()” API. This new implementation http://cr.openjdk.java.net/~gziemski/8167546rev4 is currently undergoing testing. I am also testing using only the “slow path” of the fix, which should increase our confidence in that code path. The idea is to have the filesystem (the OS) fully resolve the paths for us and return the absolute path to the destination, without us having to worry or check the filesystem capabilities, or manually complete the paths ourselves. For example this how the following paths will get resolved: (assume that "/caseinsensitivedisk/foo.jar” exists) #1 /caseinsensitivedisk/foo.jar —> /caseinsensitivedisk/foo.jar #2 /caseinsensitivedisk/Foo.jar —> /caseinsensitivedisk/foo.jar #3 /casesensitivedisk/foo.jar —> /casesensitivedisk/foo.jar #4 /casesensitivedisk/Foo.jar —> /casesensitivedisk/Foo.jar #5 /caseinsensitivedisk/../casesensitivedisk/foo.jar —> /casesensitivedisk/foo.jar #6 /caseinsensitivedisk/../casesensitivedisk/Foo.jar —> /casesensitivedisk/Foo.jar #7 /casesensitivedisk/../caseinsensitivedisk/foo.jar —> /caseinsensitivedisk/foo.jar #8 /casesensitivedisk/../caseinsensitivedisk/Foo.jar —> /caseinsensitivedisk/foo.jar #9 ./foo.jar —> /cwd/foo.jar etc. I believe this is a more robust and simpler solution to this problem. It’s also an approach that will probably fix JDK-8211723, which I filed for you the other day. Thank you for your patience and reviews!

cheers On Oct 4, 2018, at 10:01 PM, Ioi Lam <ioi.lam at oracle.com> wrote:

Hi Gerard, I can think of another case of mixed file systems. Assuming / is case sensitive, I think your function will treat /Volume/caseinsensitivedisk/foo.jar /volume/caseinsensitivedisk/foo.jar as the same file, while they are actually different. Thanks - Ioi

On 10/4/18 9:56 AM, Gerard Ziemski wrote: On Oct 4, 2018, at 10:49 AM, Ioi Lam <ioi.lam at oracle.com> wrote:

On 10/4/18 8:40 AM, Gerard Ziemski wrote: Thank you for the review. On Oct 3, 2018, at 7:00 PM, Ioi Lam <ioi.lam at oracle.com> wrote: Hi Gerard, I don't know much about Mac OS, so I am just commenting from a C/C++ perspective: 39 #include <unistd.h> This file has already been included above. I missed that, fixed. 46 if (path[0] != '/') { 47 // The path is relative, so use the current working directory 48 char cwd[PATHMAX]; 49 os::getcurrentdirectory(cwd, PATHMAX); 50 return (pathconf(cwd, PCCASESENSITIVE) != 1); 51 }

https://lists.apple.com/archives/darwin-dev/2007/Apr/msg00036.html suggests that pathconf is not reliable on NFS, SMBFS, etc. Also, what happens if path is a symbolic link that spans across two file systems, where one of them is case sensitive and the other is not? I tested symbolic links (on Mac) out of curiosity before and they just don’t work. Whether CDS wants to start supporting them or not is outside the scope here. Hi Gerard, Could you provide more details? Maybe file a bug? Filed https://bugs.openjdk.java.net/browse/JDK-8211723, there are other corner cases I listed there that do not work. I think isfilesystemcaseinsensitive could potentially return a false positive, which would cause two "unequal" file names to appear "equal". This would defeat the pathname validation in CDS. The false positive can be fixed by us explicitly checking for pathconf(PCCASESENSITIVE) returning 0, so the line 50 (and the other case) should be: 50 return (pathconf(cwd, PCCASESENSITIVE) == 0); That means we check using case insensitive comparison only if we are explicitly told by “pathconf” that the underlying file system does not support case sensitive names. If it does, then “pathconf” will return 1, and we know for sure that it’s case sensitive. In all other cases (like on NFS, SMBFS) it returns “-1” and we assume it’s case sensitive too (which may or may not lead to false negative, but is what we do now). That sounds safer. For the relative path, though, I think we still have a problem: 46 if (path[0] != '/') { 47 // The path is relative, so use the current working directory 48 char cwd[PATHMAX]; 49 os::getcurrentdirectory(cwd, PATHMAX); If your CWD is /Volumes/caseinsensitivedisk/foo and the path is ../../casesensitivedisk/bar Wouldn't you get an incorrect answer? Another case is, when / is case insensitive CDW = / path is Volumes/casesensitivedisk/foo Interesting corner cases - fixed by turning a relative path into a full path using CWD - please see rev3. bug: https://bugs.openjdk.java.net/browse/JDK-8167546 webrev: http://cr.openjdk.java.net/~gziemski/8167546rev3 testing: Mach5 hs-tier1,2,3,4,5,6,7 (in progress…) cheers

More information about the hotspot-runtime-dev mailing list