ADDITIONAL SYSTEM INFORMATION :
Seen on RHEL 8.x and Windows Server 2019
Occurs with Oracle Java 11.0.20+9.
Does not occur with OpenJDK distributions based on 11.0.20+8.
Does occur with OpenJDK distibutions based on pre-release 11.0.21
A DESCRIPTION OF THE PROBLEM :
The original error we saw was "java.lang.NoClassDefFoundError: Could not initialize class java.time.zone.ZoneRulesProvider"
Attaching a debugger (& having it break on exceptions) showed that the NoClassDefFoundError was caused by an underlying StackOverflowError having to do with class loading and jar file validation (signing?):
----------------------------------------------
2023/07/28 13:29:57.807 | INFO | jvm 2 | java.lang.ExceptionInInitializerError: Exception java.lang.StackOverflowError [in thread "main"]
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/java.security.AccessController.doPrivileged(Native Method)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/jdk.internal.logger.LazyLoggers.accessLoggerFinder(LazyLoggers.java:340) 2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/jdk.internal.logger.LazyLoggers.lambda$getLoggerFromFinder$0(LazyLoggers.java:392)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/java.security.AccessController.doPrivileged(Native Method)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/java.security.AccessController.doPrivileged(AccessController.java:430)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/jdk.internal.logger.LazyLoggers.getLoggerFromFinder(LazyLoggers.java:391)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/jdk.internal.logger.LazyLoggers.getLazyLogger(LazyLoggers.java:444)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/jdk.internal.logger.LazyLoggers.getLogger(LazyLoggers.java:414)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/java.lang.System.getLogger(System.java:1673)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/jdk.internal.event.EventHelper.isLoggingSecurity(EventHelper.java:145)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/sun.security.jca.JCAUtil.tryCommitCertEvent(JCAUtil.java:104)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:356)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/sun.security.pkcs.PKCS7.parseSignedData(PKCS7.java:302)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/sun.security.pkcs.PKCS7.parse(PKCS7.java:160)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/sun.security.pkcs.PKCS7.parse(PKCS7.java:128)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/sun.security.pkcs.PKCS7.<init>(PKCS7.java:110)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/sun.security.util.SignatureFileVerifier.<init>(SignatureFileVerifier.java:123)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/java.util.jar.JarVerifier.processEntry(JarVerifier.java:308)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/java.util.jar.JarVerifier.update(JarVerifier.java:239)
2023/07/28 13:29:57.807 | INFO | jvm 2 | at java.base/java.util.jar.JarFile.initializeVerifier(JarFile.java:765)
2023/07/28 13:29:57.808 | INFO | jvm 2 | at java.base/java.util.jar.JarFile.getInputStream(JarFile.java:853)
REGRESSION : Last worked in version 11
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
Our Java application consists of a number of signed jars with permissions configured via a jaas.policy files. The application fails to start up under Oracle Java 11.0.12 with a NoClassDefFoundError.
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Our signed jars are verified successfully and application starts normally
ACTUAL -
Application fails to start, due to errors listed above
CUSTOMER SUBMITTED WORKAROUND :
When the java.security.manager and java.security.policy system properties are removed, the application starts successfully.
FREQUENCY : always