Thanks to visit codestin.com
Credit goes to github.com

Skip to content

HHH-19372 HHH-19369 Issues with access optimizer and inheritance #10075

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 7 commits into from
Closed

HHH-19372 HHH-19369 Issues with access optimizer and inheritance #10075

wants to merge 7 commits into from

Conversation

dreab8
Copy link
Member

@dreab8 dreab8 commented Apr 23, 2025

https://hibernate.atlassian.net/browse/HHH-19372
https://hibernate.atlassian.net/browse/HHH-19369

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license
and can be relicensed under the terms of the LGPL v2.1 license in the future at the maintainers' discretion.
For more information on licensing, please check here.

@dreab8 dreab8 force-pushed the HHH-19372 branch 3 times, most recently from bc6d831 to 1fbb926 Compare April 23, 2025 16:04
mbellade
mbellade reviewed May 7, 2025
View reviewed changes
hibernate-core/src/main/java/org/hibernate/proxy/pojo/bytebuddy/ByteBuddyProxyHelper.java
}
final URL url = codeSource.getLocation();
return url == null ? clazz.getName() : clazz.getName() + url.toString().hashCode();
return url == null ? className : className + url.toString().hashCode();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just leaving a couple of notes here for the future:

  • hashCode() does not prevent possible collisions; I agree it would be extremely rare to have the same class multiple times, and also have conflicting hash-codes for their code source, but still could happen.
  • java.security.CodeSource access could be blocked via SecurityManager
  • bytecode enhanced classes return null here, though from some early testing we don't have any CCEs in that case; it would be great to understand why that works (my hypothesis would be we're using the byte code-enhanced class from byte-buddy in both PUs)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Regarding SecurityManager, I think ORM would be trusted by the SecurityManager and if not, would need changes to ensure it is trusted.

@beikov
Copy link
Member

beikov commented May 22, 2025

Superseded by #10192

@beikov beikov closed this May 22, 2025
@scottmarlow
Copy link
Member

For reference WildFly is still seeing the same TCK failures with Hibernate ORM 6.6.17.Final which I think includes #10192

Is it expected that the changes in #10075 are included in pull/10192?

My other question is whether there are any identified problems with #10075?

@mbellade
Copy link
Member

For reference WildFly is still seeing the same TCK failures with Hibernate ORM 6.6.17.Final which I think includes #10192

Hey Scott, yeah that is expected since Christian's PR doesn't include the classloader / class source change Andrea did here.

I believe we'd prefer clarifying the topic of why the same class is loaded from different sources in wildfly first, then think of possible workarounds if really necessary on the Hibernate side.

@scottmarlow
Copy link
Member

@mbladel I think we should log the needed information. So far, I have not identified why and from where exactly the wrong classloader is used. I now have a WildFly reproducer that I want to reduce further. I also would like to instrument the org.hibernate.property.access.spi.SetterMethodImpl to show classloader information for the Object target parameter and the @Nullable Object value.

I tried adding the below code but the compiler didn't like me adding it to line 104:

				if (value != null) {
					LOG.info("xxx Thread.currentThread().getContextClassLoader() " + Thread.currentThread().getContextClassLoader());
				}
				final Class<?> expectedType = setterMethod.getParameterTypes()[0];

				LOG.info("xxx SetterMethodImpl IllegalArgumentException expectedType classloader = " +
							expectedType.getClassLoader());
				LOG.info("xxx SettMethodImpl containerClass classloader = " + containerClass.getClassLoader());

Is ^ the type of classloader information that we need?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@scottmarlow scottmarlow scottmarlow left review comments

@VladoKuruc VladoKuruc VladoKuruc left review comments

@mbellade mbellade mbellade left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@dreab8 @beikov @scottmarlow @mbellade @VladoKuruc