Details
-
Bug
-
Resolution: Obsolete
-
Major
-
None
-
3.1.4.Final
-
None
Description
I know that Weld currently doesn't support JPMS. However, I use it as a JPMS module and everything worked fine with JDK 11. However, in JDK12+ I started to get
Caused by: java.lang.reflect.InaccessibleObjectException: Unable to make protected final java.lang.Class java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) throws java.lang.ClassFormatError accessible: module java.base does not "opens java.lang" to module weld.servlet.shaded.
Firstly I thought that the problem was in JPMS and asked a question on StackOverflow here.
Later it became clear that the problem was with the implementation of ClassFileUtils.makeClassLoaderMethodsAccessible().
Alan Bateman who is a JPMS specialist asked to fire a bug and gave the following comment:
"The AccessibleObject.override field is a private field that is highly security sensitive. It is hidden from core reflection in recent JDK releases so I think this explains why you see a difference. That said, the maintainers of ClassUtils should not be hacking into this private field and setting it with Unsafe. It is unsupportable to be hacking into private fields like this. If the use-case is injecting a class into the same run-time package as another class then they should use Lookup.defineClass."
Attachments
Issue Links
- relates to
-
WELD-2619 Refactor ClassFileUtils to operate better on JDK 11+
-
- Pull Request Sent
-
