-
-
Notifications
You must be signed in to change notification settings - Fork 280
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reflective illegal access to java.lang.SecurityManager.getClassContext() #663
Comments
I have the same issue as well. I am using the Spring Boot v2.6.4 |
me too. I'm using SpringDoc also, I don't know if it's related to this |
I am using SpringDoc as well. I have removed the dependency of springdoc but I still can see the same stack trace as yours. :( |
I'm using openjdk 11.0.2 2019-01-15. I've updated to openjdk 11.0.14.1 2022-02-08 LTS and there is no warnings |
Thanks for the report. I'm going to reopen this because there is almost certainly a way to fix it. ClassGraph uses several mechanisms to find the stack trace. The one that uses reflection needs to be de-prioritized in JDK9+ (other methods should be tried first). I'll work on this, although I'm traveling currently with limited time to fix it. |
Thanks, @lukehutch |
OK, this makes sense -- Can everyone else who experienced this issue please verify whether they were running an affected JVM version? I think this is the same bug reported in #646. I disabled the
If someone who is affected by this reflective access warning can please test the latest version of ClassGraph in git, I would appreciate it. Thanks! |
PS if anyone is curious as to how the stacktrace-obtaining code works, here it is: |
This should be fixed now, with the caveats described above. Released in 4.8.142. Thank you! |
When running a spring-boot application i have this warning.
Running with --illegal-access=debug i found this:
WARNING: Illegal reflective access by nonapi.io.github.classgraph.classpath.CallStackReader (file:.../.m2/repository/io/github/classgraph/classgraph/4.8.138/classgraph-4.8.138.jar) to method java.lang.SecurityManager.getClassContext()
at nonapi.io.github.classgraph.classpath.CallStackReader.getCallStackViaSecurityManager(CallStackReader.java:119)
at nonapi.io.github.classgraph.classpath.CallStackReader.access$100(CallStackReader.java:44)
at nonapi.io.github.classgraph.classpath.CallStackReader$3.call(CallStackReader.java:178)
at nonapi.io.github.classgraph.classpath.CallStackReader$3.call(CallStackReader.java:175)
at nonapi.io.github.classgraph.reflection.ReflectionUtils$PrivilegedActionInvocationHandler.invoke(ReflectionUtils.java:383)
at com.sun.proxy.$Proxy139.run(Unknown Source)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at nonapi.io.github.classgraph.reflection.ReflectionUtils.doPrivileged(ReflectionUtils.java:396)
at nonapi.io.github.classgraph.classpath.CallStackReader.getClassContext(CallStackReader.java:175)
at nonapi.io.github.classgraph.classpath.ClasspathFinder.(ClasspathFinder.java:163)
at io.github.classgraph.Scanner.(Scanner.java:169)
at io.github.classgraph.ClassGraph.scanAsync(ClassGraph.java:1531)
at io.github.classgraph.ClassGraph.scanAsync(ClassGraph.java:1559)
at io.github.classgraph.ClassGraph.scan(ClassGraph.java:1584)
at io.github.classgraph.ClassGraph.scan(ClassGraph.java:1623)
at io.github.classgraph.ClassGraph.scan(ClassGraph.java:1636)
at org.webjars.WebJarAssetLocator.scanForWebJars(WebJarAssetLocator.java:144)
at org.webjars.WebJarAssetLocator.(WebJarAssetLocator.java:150)
at org.springframework.web.servlet.resource.WebJarsResourceResolver.(WebJarsResourceResolver.java:61)
at org.springframework.web.servlet.config.annotation.ResourceChainRegistration.getResourceResolvers(ResourceChainRegistration.java:114)
at org.springframework.web.servlet.config.annotation.ResourceHandlerRegistration.getRequestHandler(ResourceHandlerRegistration.java:215)
at org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry.getRequestHandler(ResourceHandlerRegistry.java:178)
at org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry.getHandlerMapping(ResourceHandlerRegistry.java:168)
at org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport.resourceHandlerMapping(WebMvcConfigurationSupport.java:599)
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154)
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653)
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:638)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1352)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1195)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
Do i have to worry about that?
The text was updated successfully, but these errors were encountered: