reactor / BlockHound

Java agent to detect blocking calls from non-blocking threads.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Candidates to be included as default allowances

mschmnet opened this issue · comments

Motivation

After integrating BlockHound in a project, we've got these two detections (among others). They look like good candidates to be included in the BlockHound#allowances:

  • io.netty.util.internal.NativeLibraryLoader#load: This looks like a similar case as ClassLoader#class
  • java.util.ServiceLoader$LazyClassPathLookupIterator#hasNext

Desired solution

In case these are considered safe methods to be whitelisted, they could be included in the default list of BlockHound#allowances as they look like potentially common detections.

Considered alternatives

Not including them if assumption is not correct, or they don't seem to be common.

Additional context

One of them is detected when using BlobServiceAsyncClient (Azure):

	Suppressed: reactor.blockhound.BlockingOperationError: Blocking call! java.io.RandomAccessFile#readBytes
		at java.base/java.io.RandomAccessFile.readBytes(RandomAccessFile.java)
		at java.base/java.io.RandomAccessFile.read(RandomAccessFile.java:405)
		at java.base/java.io.RandomAccessFile.readFully(RandomAccessFile.java:469)
		at java.base/java.util.zip.ZipFile$Source.readFullyAt(ZipFile.java:1348)
		at java.base/java.util.zip.ZipFile$ZipFileInputStream.initDataOffset(ZipFile.java:915)
		at java.base/java.util.zip.ZipFile$ZipFileInputStream.read(ZipFile.java:931)
		at java.base/java.util.zip.ZipFile$ZipFileInflaterInputStream.fill(ZipFile.java:448)
		at java.base/java.util.zip.InflaterInputStream.read(InflaterInputStream.java:158)
		at java.base/java.io.InputStream.readNBytes(InputStream.java:506)
		at java.base/java.util.jar.JarFile.getBytes(JarFile.java:812)
		at java.base/java.util.jar.JarFile.checkForSpecialAttributes(JarFile.java:1002)
		at java.base/java.util.jar.JarFile.isMultiRelease(JarFile.java:389)
		at java.base/java.util.jar.JarFile.getEntry(JarFile.java:511)
		at java.base/sun.net.www.protocol.jar.URLJarFile.getEntry(URLJarFile.java:131)
		at java.base/sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:135)
		at java.base/sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:175)
		at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.parse(ServiceLoader.java:1172)
		at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.nextProviderClass(ServiceLoader.java:1213)
		at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.hasNextService(ServiceLoader.java:1228)
		at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.hasNext(ServiceLoader.java:1273)
		at java.base/java.util.ServiceLoader$2.hasNext(ServiceLoader.java:1309)
		at java.base/java.util.ServiceLoader$3.hasNext(ServiceLoader.java:1393)
		at java.xml/javax.xml.stream.FactoryFinder$1.run(FactoryFinder.java:350)
		at java.base/java.security.AccessController.doPrivileged(AccessController.java:318)
		at java.xml/javax.xml.stream.FactoryFinder.findServiceProvider(FactoryFinder.java:339)
		at java.xml/javax.xml.stream.FactoryFinder.find(FactoryFinder.java:310)
		at java.xml/javax.xml.stream.XMLInputFactory.newFactory(XMLInputFactory.java:288)
		at com.fasterxml.jackson.dataformat.xml.util.StaxUtil.defaultInputFactory(StaxUtil.java:144)
		at com.fasterxml.jackson.dataformat.xml.XmlFactory.<init>(XmlFactory.java:123)
		at com.fasterxml.jackson.dataformat.xml.XmlFactory.<init>(XmlFactory.java:110)
		at com.fasterxml.jackson.dataformat.xml.XmlFactory.<init>(XmlFactory.java:103)
		at com.fasterxml.jackson.dataformat.xml.XmlFactory.<init>(XmlFactory.java:87)
		at com.fasterxml.jackson.dataformat.xml.XmlMapper.<init>(XmlMapper.java:135)
		at com.fasterxml.jackson.dataformat.xml.XmlMapper.builder(XmlMapper.java:226)
		at com.azure.core.implementation.jackson.XmlMapperFactory.createXmlMapper(XmlMapperFactory.java:62)
		at com.azure.core.implementation.jackson.ObjectMapperFactory.createXmlMapper(ObjectMapperFactory.java:43)
		at com.azure.core.implementation.jackson.ObjectMapperShim.createXmlMapper(ObjectMapperShim.java:79)
		at com.azure.core.util.serializer.JacksonAdapter$GlobalXmlMapper.<clinit>(JacksonAdapter.java:40)
		at com.azure.core.util.serializer.JacksonAdapter.getXmlMapper(JacksonAdapter.java:306)
		at com.azure.core.util.serializer.JacksonAdapter.lambda$deserialize$8(JacksonAdapter.java:276)
		at com.azure.core.util.serializer.JacksonAdapter.useAccessHelper(JacksonAdapter.java:327)
		at com.azure.core.util.serializer.JacksonAdapter.deserialize(JacksonAdapter.java:275)
		at com.azure.core.implementation.serializer.HttpResponseBodyDecoder.deserialize(HttpResponseBodyDecoder.java:159)
		at com.azure.core.implementation.serializer.HttpResponseBodyDecoder.deserializeBody(HttpResponseBodyDecoder.java:132)
		at com.azure.core.implementation.serializer.HttpResponseBodyDecoder.decodeByteArray(HttpResponseBodyDecoder.java:56)
		at com.azure.core.implementation.serializer.HttpResponseDecoder$HttpDecodedResponse.getDecodedBody(HttpResponseDecoder.java:93)
		at com.azure.core.implementation.http.rest.AsyncRestProxy.lambda$ensureExpectedStatus$1(AsyncRestProxy.java:116)
		at reactor.core.publisher.FluxMapFuseable$MapFuseableSubscriber.onNext(FluxMapFuseable.java:113)

And this is the other one:

java.lang.Exception: Disallowed blocking call: java.io.RandomAccessFile#readBytes
        [...]
	at reactor.blockhound.BlockHound$Builder.lambda$install$8(BlockHound.java:472)
	at reactor.blockhound.BlockHoundRuntime.checkBlocking(BlockHoundRuntime.java:89)
	at java.base/java.io.RandomAccessFile.readBytes(RandomAccessFile.java)
	at java.base/java.io.RandomAccessFile.read(RandomAccessFile.java:405)
	at java.base/java.util.zip.ZipFile$Source.readAt(ZipFile.java:1361)
	at java.base/java.util.zip.ZipFile$ZipFileInputStream.read(ZipFile.java:941)
	at java.base/java.util.zip.ZipFile$ZipFileInflaterInputStream.fill(ZipFile.java:448)
	at java.base/java.util.zip.InflaterInputStream.read(InflaterInputStream.java:158)
	at java.base/java.io.InputStream.readNBytes(InputStream.java:506)
	at java.base/java.util.jar.JarFile.getBytes(JarFile.java:812)
	at java.base/java.util.jar.JarFile.checkForSpecialAttributes(JarFile.java:1002)
	at java.base/java.util.jar.JarFile.isMultiRelease(JarFile.java:389)
	at java.base/java.util.jar.JarFile.getEntry(JarFile.java:511)
	at java.base/sun.net.www.protocol.jar.URLJarFile.getEntry(URLJarFile.java:131)
	at java.base/sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:135)
	at java.base/sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:175)
	at java.base/java.net.URL.openStream(URL.java:1161)
	at io.netty.util.internal.NativeLibraryLoader.load(NativeLibraryLoader.java:197)
	at io.netty.resolver.dns.macos.MacOSDnsServerAddressStreamProvider.loadNativeLibrary(MacOSDnsServerAddressStreamProvider.java:92)
	at io.netty.resolver.dns.macos.MacOSDnsServerAddressStreamProvider.<clinit>(MacOSDnsServerAddressStreamProvider.java:77)
	at java.base/java.lang.Class.forName0(Native Method)
	at java.base/java.lang.Class.forName(Class.java:467)
	at io.netty.resolver.dns.DnsServerAddressStreamProviders$1.run(DnsServerAddressStreamProviders.java:50)
	at java.base/java.security.AccessController.doPrivileged(AccessController.java:318)
	at io.netty.resolver.dns.DnsServerAddressStreamProviders.<clinit>(DnsServerAddressStreamProviders.java:46)
	at io.netty.resolver.dns.DnsNameResolverBuilder.<init>(DnsNameResolverBuilder.java:61)