RE: OutOfMemory:PermGen with Tomcat App Server

Fri, 14 Nov 2014 10:08:06 -0800 

Hi All ,

Please find the attached servlet code (extension is modified to .txt). 

The Tomcat Version is : apache-tomcat-7.0.42-windows-x86
OS: Windows Server EnterPrise 2007 Service Pack-2
Java Version: jdk1.7.0_21

Thanks,
Nagaraja

-----Original Message-----
From: Mark Eggers [mailto:its_toas...@yahoo.com.INVALID] 
Sent: Friday, November 14, 2014 11:02 PM
To: Tomcat Users List
Subject: Re: OutOfMemory:PermGen with Tomcat App Server

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/14/2014 8:54 AM, Thakkilapati, Nagaraja wrote:
> Hi All,
> 
> The attached Servlet code is causing for a permgen leak. It appears to 
> me that this is due to Tomcat bug, the same issue is not seen with 
> other application servers. Any help in resolving this issue is greatly 
> appreciated.
> 
> I have also noticed in many other incidents in my code where
> AccessController.doPrivileged() is causing for Permgen memory leak. 
> Anyways to get around/fix this problem.
> 
> Thanks, Nagaraja

Nagaraja,

The list strips most attachments. Your code did not come through.

1. Tomcat version  - 7.0.57
2. Your OS, version, and bits - Windows 7 Home Premium 64 bit 3. Your JVM, 
version, and bits - Oracle 1.7.0_72-b14, 64 bit server VM

Inline the code.

However as Mark Thomas has already mentioned, fix your web application.

http://people.apache.org/~markt/presentations/2010-11-04-Memory-Leaks-60mins.pdf

. . . just my busy 2 cents
/mde/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBAgAGBQJUZjx+AAoJEEFGbsYNeTwtYkkH/31RwgtwVEfeaVsAd6HRBieu
G1qeUcpg3NEpm1S05KIN3gfocUkFEZ6731zPtqvHhZMYR0tctJ9eTfdCYOHuPZ8i
uQ34Qp/ZGCmXCKol1s4l+KMPEx4epX5aaWNJB7t+kQmYAxZFZ9zWvIC85VYWUph1
Otykbc1KMAWLsapN6oIYz1iHwCEss48Vv/5qv1uQkqrAE/abjn5YMvvKXcxPd3Sm
SJNrb6eerpPfdo6/xgmkxtpp4M6R49D4hwnUvArQzKBoYCivknv8Kpr+vg5oCn80
w6q+GgUGQaemEMS2b4Ys9WmznkFk5OSCxuzqpH+tqWwG5YonsaczVMlYjnuP6c0=
=Is9o
-----END PGP SIGNATURE-----

---
This email is free from viruses and malware because avast! Antivirus protection 
is active.
http://www.avast.com


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


package dfctest;

/**
 * Created by IntelliJ IDEA. User: Thakkn Date: 11/14/14 Time: 9:58 PM To 
change this template use File | Settings |
 * File Templates.
 */
import java.security.*;
import java.util.HashMap;
import java.util.Enumeration;
import java.util.Map;

/**
 * A decorator for the Java policy that allows you to add extra permissions to 
selected code sources.
 *
 * @since 6.0
 */
/*
 * CAUTION!!! While adding new dependencies to this class (e.g RolePermission 
put in m_extraPermissions), be sure that
 * such classes are excluded from instrumentation for the purpose of DFC 
tracing. see DFC-9763 with JBoss 5.1
 */
public class AugmentedPolicy extends Policy
{
    public AugmentedPolicy ()
    {
        this(Policy.getPolicy());
    }

    public AugmentedPolicy (Policy originalPolicy)
    {
        assert originalPolicy != null;

        m_originalPolicy = originalPolicy;
        m_extraPermissions = new HashMap<CodeSource, PermissionCollection>();
    }

    public void add (CodeSource codeSource, PermissionCollection 
extraPermissions)
    {
        m_extraPermissions.put(codeSource, extraPermissions);
    }

    public PermissionCollection getPermissions (CodeSource codeSource)
    {
        PermissionCollection permissions = 
m_originalPolicy.getPermissions(codeSource);

        PermissionCollection extraPermissions = 
m_extraPermissions.get(codeSource);
        if (extraPermissions != null)
            augmentPermissions(permissions, extraPermissions);

        return permissions;
    }

    private void augmentPermissions (PermissionCollection permissions, 
PermissionCollection extraPermissions)
    {
        for (Enumeration<Permission> en = extraPermissions.elements(); 
en.hasMoreElements();)
            permissions.add(en.nextElement());
    }

    public PermissionCollection getPermissions (ProtectionDomain domain)
    {
        PermissionCollection permissions = 
m_originalPolicy.getPermissions(domain);

        PermissionCollection extraPermissions = 
m_extraPermissions.get(domain.getCodeSource());
        if (extraPermissions != null)
            augmentPermissions(permissions, extraPermissions);

        return permissions;
    }

    public void refresh ()
    {
        m_originalPolicy.refresh();
    }

    public boolean implies (ProtectionDomain domain, Permission permission)
    {
        if (m_originalPolicy.implies(domain, permission))
            return true;

        PermissionCollection extraPermissions = 
m_extraPermissions.get(domain.getCodeSource());
        return extraPermissions != null && extraPermissions.implies(permission);
    }

    private Policy m_originalPolicy;
    private Map<CodeSource, PermissionCollection> m_extraPermissions;
}

package dfctest;

import java.io.IOException;
import java.io.PrintWriter;
import java.net.SocketPermission;
import java.security.*;
import java.util.PropertyPermission;

import javax.management.MBeanPermission;
import javax.management.MBeanServerPermission;
import javax.management.MBeanTrustPermission;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;



import com.documentum.fc.client.impl.bof.security.InternalAttributePermission;
import com.documentum.fc.client.impl.bof.security.RolePermission;


public class TempCabinetServlet extends HttpServlet {
        private static final long serialVersionUID = 1L;

    public TempCabinetServlet() {
    }

        protected void doGet(HttpServletRequest request, HttpServletResponse 
response) throws ServletException, IOException {
            doPost(request, response);
        }

        protected void doPost(HttpServletRequest request, HttpServletResponse 
response) throws ServletException, IOException {
           try {

            AccessController.doPrivileged( new PrivilegedAction()
            {
                public Object run()
                {
                    AugmentedPolicy augmentedPolicy = new AugmentedPolicy();
                    configurePolicy(augmentedPolicy);
                    Policy.setPolicy(augmentedPolicy);
                    return null;
                }
            });


        } catch (Exception e) {
            throw new ServletException(e);
        }
            

        }

    private void configurePolicy( AugmentedPolicy augmentedPolicy )
    {
        CodeSource codeSource = 
getClass().getProtectionDomain().getCodeSource();

        Permissions extraPermissions = new Permissions();

        // These permissions enable certain internal mechanisms. They are used 
regardless of whether or not a security
        // manager is present.

        extraPermissions.add(new RolePermission("*", "propagate"));
        extraPermissions.add(new InternalAttributePermission("*"));

        // The following is just the beginning of making DFC work under a 
security manager. The rest of the work is
        // left for some future release. For now just let the external policy 
files do all the work.

        extraPermissions.add(new RuntimePermission("modifyThread"));
        extraPermissions.add(new SocketPermission("*", "connect,resolve"));
        extraPermissions.add(new RuntimePermission("createClassLoader"));
        extraPermissions.add(new RuntimePermission("getClassLoader"));
        extraPermissions.add(new RuntimePermission("accessDeclaredMembers"));
        extraPermissions.add(new RuntimePermission("shutdownHooks"));
        extraPermissions.add(new RuntimePermission("getenv.*"));
        extraPermissions.add(new PropertyPermission("*", "read, write"));
        extraPermissions.add(new MBeanServerPermission("createMBeanServer"));
        extraPermissions.add(new MBeanPermission("*", "registerMBean"));
        extraPermissions.add(new MBeanTrustPermission("*"));

        augmentedPolicy.add(codeSource, extraPermissions);
    }

}

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to