Re: Possible BUG in Mixed Code Security Warning?
On 7/2/2010 3:05 PM, FutureScalper wrote:
I believe this is a BUG but someone can enlighten me, please? Note
easily reproducible because things work for perhaps several hours
before problems occur. This app needs to run unattended 24 x 7.
I can run for hours, and then suddenly I get the Security Warning for
mixed code. Everything is signed, and the system is configured as
follows, with Web Start as the deployer.
The app does not contain any custom classloaders, nor do anything
except just run standalone.
This seems odd. You say it runs "standalone" and "unattended,"
yet the exception occurs on thread AWT-EventQueue-0, which suggests
that there's a GUI somewhere. The stack trace seems to show that a
mouse click is being processed by Swing components -- if the app is
standalone and unattended, who's clicking mouse buttons?
Also, the app doesn't merely "run for hours" and suddenly hit
trouble while doing the same things it's been doing all along. The
JVM is trying to load the com.twc.trader.SupportResistanceDialog$1
class, which it wouldn't be doing if it had been using that class
"for hours" and had thus loaded it earlier; this is the first time
com.twc.trader.SupportResistanceDialog$1 has been called for. (It's
possible for a class to be loaded, discarded, and re-loaded, but
since you say you're doing no ClassLoader trickery that seems fairly
unlikely.) I think you should focus your attention on the signing of
this seldom-used nested class, and see if that turns up anything of
interest. At the very least, knowing the particular class that's
involved may help you reproduce the problem with less waiting around.
I don't know whether it makes a difference, but the troublesome
class is being loaded from the network, not from a local source. Maybe
you've got a mismatched mixture of old, cached classes with fresh
somewhere-over-the-network classes? It might be helpful to turn on the
JVM's trace of class-loading activity, and see if anything's weird.