compiling and running user code with JavaCompiler and ClassLoader

Question

hi,

I am writing web app for java learning. Using which users may compile their code on my serwer + run that code. Compiling is easy with JavaCompiler:

    JavaCompiler compiler = ToolProvider.getSystemJavaCompiler();
    DiagnosticCollector<JavaFileObject> diagnostics = new DiagnosticCollector<JavaFileObject>();
    CompilationTask task = compiler.getTask(null, null, diagnostics, null, null, prepareFile(nazwa, content));

    task.call();

    List<String> returnErrors = new ArrayList<String>();
    String tmp = new String();
    for (Diagnostic diagnostic : diagnostics.getDiagnostics()) {
        tmp = String.valueOf(diagnostic.getLineNumber());
        tmp += " msg: " + diagnostic.getMessage(null);
        returnErrors.add(tmp.replaceAll("\n", " "));
    }

I manage to load class with code:

    JavaCompiler compiler = ToolProvider.getSystemJavaCompiler();
    StandardJavaFileManager manager = compiler.getStandardFileManager(null, null, null);

    try {
        URL[] urls = {new URL("file:///root/"), new URL("file://C:\\serv\\Apache Tomcat 6.0.20\\bin\\")};
        ClassLoader cl_old = Thread.currentThread().getContextClassLoader();
        ClassLoader cl_new = new URLClassLoader(urls, cl_old);
        Class compiledClass = cl_new.loadClass(CLASS_NAME);
        Method myMethod = compiledClass.getMethod(METHOD_NAME);
        Object tmp = myMethod.invoke(null);
    } catch (Exception ex) {
        Logger.getLogger(ITaskCompile.class.getName()).log(Level.SEVERE, null, ex);
    }

How can i protect my app from endless loop, and evil students ;)

1. is there any way to run that code with a lifetime ?
2. is there any risk with memory leaks, and what can i do to fix this.
3. is this good solution, or can you suggest something better ?

thx. Tzim

Answer 1

How can i protect my app from endless loop, and evil students ;)

You cannot in one JVM. Evil students are particularly difficult to deal with because the smart ones will figure out some way to subvert your control mechanisms.

1) is there any way to run that code with a lifetime ?

No, unless you run it in a separate JVM.

2) is there any risk with memory leaks, and what can i do to fix this.

Yes there is, and there is nothing you can do about it (apart from separate JVMs). In fact, this would be a problem even if you could kill off student programs that get stuck in loops, etc. There are probably many ways that an application can cause the Java class libraries to leak memory / resources ... even after the application itself has finished and been GC'ed.

3) is this good solution, or can you suggest something better ?

Run each student application in a separate JVM that you launch from your server using Process and friends. You will need to write host operating system specific stuff to set execution time limits, and to kill of student applications that deadlock. Plus you've got all sorts of issues making sure that you don't accidentally trash the host machine performance by firing off too many JVMs.

A better answer is to provide each student a desktop computer or a virtual machine and let them do their own thing.

Answer 2

is there any way to run that code with a lifetime ?

Create a process which monitors child processes and terminates it if it takes too long.

is there any risk with memory leaks, and what can i do to fix this.

You should be able to do that, to some extent, by controlling how much memory is allocated (like the -Xmx parameter to Sun's JVM).

is this good solution, or can you suggest something better ?

I'm not sure a solution has been proposed, but here's a thought. Install a SecurityManager that greatly restricts what the executed code can do, such as access the filesystem, spawn processes, etc. Combine that with a process that monitors for timeouts, limits the allocated memory, runs the application under a separate user account, etc., and I think you can have something workable.

What you're looking for is possible, but may not be entirely so if your restricted to only Java.

Answer 3

Adding to Kaleb's answer, be sure to run the target JVM with a strict heap limit (eg. -Xmx16M). And, of course, you'll want to limit the number of JVMs running.

Answer 4

My current solution looks like that:

run code:

@RequestMapping("/student/runITask.action")
public String student_runITask(@ModelAttribute(value = "program") ProgramToCompile program, ModelMap map) {
    //1. code compile
    ITaskCompile itcompile = new ITaskCompile();
    List<String> errorList = itcompile.compileTask(program.getClassname(), program.getProgram());
    Date tmp = new Date();
    this.setPathName(program.getClassname() + tmp.hashCode());
    //2. if compiled... 
    if (errorList.size() < 1) {
        try {
            String[] cmd = {"/bin/sh", "-c", "java -Xmx16M -Xms2M -cp /root/ " + program.getClassname() + "> " + getPathName() + ".data"};
            Runtime rt = Runtime.getRuntime();
            final Process proc = rt.exec(cmd);
            Thread.sleep(1000);
            proc.destroy();
            if (proc.exitValue() > 0) {
                try {
                    killJavaProcesses();
                    map.addAttribute("comment", "Endless LOOP!");
                } catch (Exception ex1) {
                    Logger.getLogger(CompileITaskControler.class.getName()).log(Level.SEVERE, null, ex1);
                }
            } else {
                StringBuffer fileData = new StringBuffer(1000);
                BufferedReader reader = new BufferedReader(new FileReader("/root/" + getPathName() + ".data"));
                char[] buf = new char[1024];
                int numRead = 0;
                while ((numRead = reader.read(buf)) != -1) {
                    fileData.append(buf, 0, numRead);
                }
                reader.close();
                map.addAttribute("comment","Output: <br/><br/><br/><pre>"+fileData.toString()+"</pre>");
            }
        } catch (Exception ex) {
            try {
                killJavaProcesses();
                map.addAttribute("comment", "Endless LOOP!");
            } catch (Exception ex1) {
                Logger.getLogger(CompileITaskControler.class.getName()).log(Level.SEVERE, null, ex1);
            }
        }
    } else {
        map.addAttribute("errorList", errorList);
        map.addAttribute("comment", "PROGRAM NIE ZOSTAŁ URUCHOMIONY");

    } //3. return 
    return DISPLAY_COMP_MSG;


}

where killJavaProcesses() looks like that

public void killJavaProcesses() throws IOException, InterruptedException {
    String[] getProcessList = {"/bin/sh", "-c", "ps | grep java"};
    String[] killProcessByIdList = {"/bin/sh", "-c", "kill -9 "};
    Runtime rt = Runtime.getRuntime();
    Process proc = rt.exec(getProcessList);
    InputStream inputstream = proc.getInputStream();
    InputStreamReader inputstreamreader = new InputStreamReader(inputstream);
    BufferedReader bufferedreader = new BufferedReader(inputstreamreader);
    String line2;
    String kill = new String();
    while ((line2 = bufferedreader.readLine()) != null) {
        kill += line2 + "\n";
    }
    proc.destroy();
    String arraykill[] = kill.split("\n");
    String element2kill = "";
    String[] tmp;
    if (arraykill.length >= 1) {
        element2kill = arraykill[arraykill.length - 1].trim().split(" ")[0];
    }
    killProcessByIdList[2] += element2kill;
    Process proc2 = rt.exec(killProcessByIdList);
    proc2.waitFor();
}

I can't kill process different. Using proc.destroy() doesn't work right on Ubuntu/Win XP machines. Now i'll try to configure and use SecurityManager.