-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
java.lang.UnsatisfiedLinkError: apple.security.KeychainStore._scanKeychain()V #1388
Comments
Do you have the source available to reproduce? Did you try using the agent in order to generate the JNI / Reflection configuration files? It looks like you try to use JNI, but there is no configuration file set for it, while create the native-image. The documentation for JNI: The documentation for the JVM agent: |
Hi, I had tried with your suggestion and generated the configuration files, but the error is the same. The relevante code is below : My JNI config file is below, generated by the agent, the agent does not create the _scanKeychain method (maybe this is the problem??) and I manually added to the file, but the error continues..
|
Hi, I'm going deep on this and discovered that KeychainStore has a System.loadLibrary in a static block :
I think this is the problem? There is a workaround? |
Disclosure: I do not have OSX, therefore I can not reproduce it. Furthermore I do not have any experience with JNI.
But I think, if the lib is not found, where would be first following Exception: |
@rsaulo , I did some further digging. I create a little JNI myself: From the java file I generated a header file and implemented the method in a c file.
Main
When I create the native-image, it will pass the generation and will run as expected: If I were to change the header-file and the c file to: the native-image generation will go through, but I get the same error as you get:
Conclusion: I actually do not how to investigate this problem further. Maybe look into the .so file, if posible? |
So I got the latest GraalVM 19.0.2 JVM for OSX. The KeyChainStore does look a little bit different, than yours.
The distribution also contains the "osx" librabry I looked at the disassembly of libosx.dylib and found following entry: This is exactly the same entry you require. Problem:
Example: You can also peek into your osxsecurity, if you find it, with https://onlinedisassembler.com/ . You can search for the substring scanKeychain in the symbols. You should not be abled to find "Java_apple_security_KeychainStore__1scanKeychain" in the disassembly your osxsecurity file. |
Hi, first thanks in advance for your help!! I did that you suggested, already using GraalVM 19.0.2, compiled with GraalVM build native image and the same error again... My build command :
Executing : My JVM lib dir has the osx lib : $ ls /Library/Java/JavaVirtualMachines/graalvm-ce-19.0.2/Contents/Home/jre/lib/libosx.dylib I do not understand why the env does not find the lib... |
Last shot, when I am out of ideas. I would need some OSX system to reproduce it. What you could also try is to set JAVA_HOME / GRAALVM_HOME to the GraalVM distribution and use the native-image application to generate the native-image. As I understand it, the native-image application will fork JVM process in order to generate the native-image. If you have set something other than the GraalVM, it might include the wrong class files in the image (only guessing, because I do not know how it actually works per-se). When the image is generated, please try using the command again: If it is still not working try ./fepweb-signer-1.3.0 -Djava.library.path=/ , which should generate the following stacktrace. In the stacktrace we will see, which library is not found.
When you get an error again, please post the stacktrace you get. I am all out of ideas, when you still get following issue. It somehow tries to load the wrong lib during runtime.
|
Hi!!
Executing with ./fepweb-signer-1.3.0 -Djava.library.path=/ does not return the lib that the VM is looking for..
|
@rsaulo did you find any workaround for this ? |
@rsaulo Hi rsaulo, First: the case
which obviously the same as yours. Then: solution a. by running with this command: b. by running with this command: I confirmed that, let the dylib been loaded with the executable do fix the error. c. solve it using the d. command like (forgive my English.) |
Hi Rsaulo, I understand that this is an old issue but if you're still interested please do let me know if you found the solution to your issue. I see some suggestions in the comments. Perhaps those solve the issue. Thank you. |
I am closing this issue because it's been over 2 weeks since my last interaction and I haven't received any updates yet. |
I'm trying to generate a native image from our app that uses KeyChain on OSX.
Using the command :
native-image --no-server -H:+ReportExceptionStackTraces -H:ReflectionConfigurationFiles=../../reflect.json --enable-all-security-services -H:+JNI --report-unsupported-elements-at-runtime -jar fepweb-signer-1.3.0.jar
The build is OK without erros, but when trying to execute receives :
Exception in thread "main" java.lang.UnsatisfiedLinkError: apple.security.KeychainStore.scanKeychain()V [symbol: Java_apple_security_KeychainStore__1scanKeychain or Java_apple_security_KeychainStore__1scanKeychain_]
at com.oracle.svm.jni.access.JNINativeLinkage.getOrFindEntryPoint(JNINativeLinkage.java:145)
at com.oracle.svm.jni.JNIGeneratedMethodSupport.nativeCallAddress(JNIGeneratedMethodSupport.java:57)
at apple.security.KeychainStore._scanKeychain(KeychainStore.java)
at apple.security.KeychainStore.engineLoad(KeychainStore.java:773)
at java.security.KeyStore.load(KeyStore.java:1445)
Tried to put all libs to java.library.path but does not change anything. Any help?
The text was updated successfully, but these errors were encountered: