Several classes related to XML transformation causes build time initialisation of `com.sun.org.slf4j.internal.Logger`

[michael-simons]

Describe the issue

I found com.sun.org.apache.xml.internal.security.transforms.Transform and com.sun.org.apache.xml.internal.security.Init causes com.sun.org.slf4j.internal.Logger to be initialized at built time. They should not be safe, I guess.

This happens in 22.2.0 but not in the latest 22.3 dev build and can be fixed with --initialize-at-run-time=com.sun.org.apache.xml.internal.security, so I am unsure if you want to fix this, but I wanted to note it either way.

Steps to reproduce the issue

Source to reproduce:

package simons;

import java.io.ByteArrayOutputStream;
import java.nio.charset.StandardCharsets;
import java.util.Iterator;
import java.util.List;

import javax.xml.crypto.NodeSetData;
import javax.xml.crypto.XMLCryptoContext;
import javax.xml.crypto.dom.DOMCryptoContext;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.TransformService;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;

import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;

public class Main {

	public static void main(String... a) throws Exception {

		DocumentBuilderFactory documentFactory = DocumentBuilderFactory.newInstance();
		DocumentBuilder documentBuilder = documentFactory.newDocumentBuilder();
		Document document = documentBuilder.newDocument();

		Element element = document.createElement("foo");
		document.appendChild(element);

		try (ByteArrayOutputStream os = new ByteArrayOutputStream()) {
			XMLCryptoContext cryptoContext = new NoopDOMCryptoContext();
			TransformService transformService = TransformService.getInstance(CanonicalizationMethod.INCLUSIVE, "DOM");
			transformService.init(new DOMStructure(document.createElement("holder")), cryptoContext);
			transformService.transform(NodeSetDataImpl.of(List.of(element)), cryptoContext, os);

			os.flush();

			System.out.println(os.toString(StandardCharsets.UTF_8));
		}
	}

	static final class NoopDOMCryptoContext extends DOMCryptoContext {
	}

	static final class NodeSetDataImpl implements NodeSetData {

		public static NodeSetData of(List<Node> elements) {
			return new NodeSetDataImpl(elements);
		}

		private final List<Node> elements;

		private NodeSetDataImpl(List<Node> elements) {
			this.elements = elements;
		}

		@Override
		public Iterator<Node> iterator() {
			return this.elements.iterator();
		}
	}
}

Steps:

javac simons/Main.java --release 17  
native-image simons.Main main
./main

expected output is <foo></foo>.

22.2.0 fails:

[1/7] Initializing...                                                                                    (3,8s @ 0,08GB)
 Version info: 'GraalVM 22.2.0 Java 17 CE'
 Java version info: '17.0.4+8-jvmci-22.2-b06'
 C compiler: cc (apple, x86_64, 14.0.0)
 Garbage collector: Serial GC
[2/7] Performing analysis...  []                                                                         (1,7s @ 0,30GB)
   1.666 (71,93%) of  2.316 classes reachable
   1.540 (41,70%) of  3.693 fields reachable
   5.829 (63,32%) of  9.206 methods reachable
      27 classes,     0 fields, and     0 methods registered for reflection

Fatal error: com.oracle.graal.pointsto.util.AnalysisError$ParsingError: Error encountered while parsing org.jcp.xml.dsig.internal.dom.ApacheCanonicalizer.transform(javax.xml.crypto.Data, javax.xml.crypto.XMLCryptoContext, java.io.OutputStream) 

22.3 dev works:

[1/7] Initializing...                                                                                    (4,3s @ 0,10GB)
 Version info: 'GraalVM 22.3.0-dev Java 17 CE'
 Java version info: '17.0.5+3-jvmci-22.3-b04'
 C compiler: cc (apple, x86_64, 14.0.0)
 Garbage collector: Serial GC
[2/7] Performing analysis...  [*********]                                                               (13,6s @ 1,55GB)
   6.245 (84,32%) of  7.406 classes reachable
   9.420 (62,21%) of 15.143 fields reachable
  29.276 (52,65%) of 55.604 methods reachable
     274 classes,     0 fields, and   773 methods registered for reflection
      59 classes,    60 fields, and    52 methods registered for JNI access
       4 native libraries: -framework Foundation, dl, pthread, z

[fniephaus]

Great that things are working fine now with the latest 22.3 dev build. XML remains a bit fiddly at the moment but I think the new initialization policy that we are working on as part of #4684 should change that. Anyway, thanks for opening this issue!