Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jdep issue on org.springframework.objenesis.instantiator.sun.UnsafeFactoryInstantiator [SPR-15668] #20227

Closed
spring-projects-issues opened this issue Jun 15, 2017 · 3 comments
Assignees
Labels
in: core Issues in core modules (aop, beans, core, context, expression) status: declined A suggestion or change that we don't feel we should currently apply type: enhancement A general enhancement

Comments

@spring-projects-issues
Copy link
Collaborator

spring-projects-issues commented Jun 15, 2017

rajendra rathore opened SPR-15668 and commented

Hi Team,
I ran the JDep on spring core 4.3.2 version and found that org.springframework.objenesis.instantiator.sun.UnsafeFactoryInstantiator uses sun.misc.Unsafe, and it says that it is JDK internal API (jdk.unsupported). so please let me know your plan for that class.

Thanks
Rajendra Rathore


Affects: 4.3.2

Issue Links:

@spring-projects-issues
Copy link
Collaborator Author

spring-projects-issues commented Jun 15, 2017

Juergen Hoeller commented

This is a repackaged version of Objenesis (https://github.com/easymock/objenesis/releases) which includes a sun.misc.Unsafe based instantiator but only really uses it on Android and as a fallback on unknown JVMs. For well-known JVMs such as OpenJDK or the Oracle JDK, it uses a sun.reflect.ReflectionFactory based instantiator instead which is supported on JDK 9.

FWIW, according to the most recent conversations, sun.misc.Unsafe instead is also still supported on JDK 9 for the time being. Which version of jdep are you running there?

In Spring, we are using Objenesis to create side-effect free proxy instances with CGLIB (i.e. no constructor invocation side effects for proxy instances, just for target instances), and to not enforce default constructors on proxy classes to begin with. If this fails for any reason, we fall back to an invocation of the default constructor on the proxy class, so the use of Objenesis (and therefore the use of ReflectionFactory or Unsafe) is not actually mandatory.

@spring-projects-issues
Copy link
Collaborator Author

spring-projects-issues commented Jun 16, 2017

rajendra rathore commented

I saw the latest version of objenesis and they remove that file, so just want to check which version of objenesis we are using it.

@spring-projects-issues
Copy link
Collaborator Author

spring-projects-issues commented Jun 16, 2017

Juergen Hoeller commented

We're currently repackaging Objenesis 2.5.1 and will be upgrading to Objenesis 2.6 once released (#20159), probably in time for our 5.0 GA and 4.3.10 releases.

As far as I can see, UnsafeFactoryInstantiator is still around: https://github.com/easymock/objenesis/blob/master/main/src/main/java/org/objenesis/instantiator/sun/UnsafeFactoryInstantiator.java

Note that the jdeps tool just gives indications. Conditional use of Unsafe as a fallback code path on older / third-party JDKs does not matter as long as it's not being used on OpenJDK 9 and Oracle JDK 9. In fact, even on the latter, Unsafe remains effectively supported for the time being.

@spring-projects-issues spring-projects-issues added status: declined A suggestion or change that we don't feel we should currently apply type: enhancement A general enhancement in: core Issues in core modules (aop, beans, core, context, expression) labels Jan 11, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
in: core Issues in core modules (aop, beans, core, context, expression) status: declined A suggestion or change that we don't feel we should currently apply type: enhancement A general enhancement
Projects
None yet
Development

No branches or pull requests

2 participants