Hello there!! While using Netty as an HTTP Server, we ran into a java.lang.RuntimeException when the adaptive buffer allocator attempts to load pointing to shaded JCTools classes. Specifically the error seems to be attempting to access field/constructor from Unsafe.class as seen below, which if the SecurityManager is enabled will throw a java.security.AccessControlException
|
try |
|
{ |
|
final Field field = Unsafe.class.getDeclaredField("theUnsafe"); |
|
field.setAccessible(true); |
|
instance = (Unsafe) field.get(null); |
|
} |
|
catch (Exception ignored) |
|
{ |
|
// Some platforms, notably Android, might not have a sun.misc.Unsafe implementation with a private |
|
// `theUnsafe` static instance. In this case we can try to call the default constructor, which is sufficient |
|
// for Android usage. |
|
try |
|
{ |
|
Constructor<Unsafe> c = Unsafe.class.getDeclaredConstructor(); |
|
c.setAccessible(true); |
|
instance = c.newInstance(); |
|
} |
|
catch (Exception e) |
|
{ |
|
throw new RuntimeException(e); |
|
} |
This could be addressed by verifying if the SecurityManager is enabled and if so, use AccessController.doPrivileged for the logic. I searched on the repo but couldn't find any usage of the AccessController that would imply that something like this has been reported/addressed before. I wanted to bring it up since enabling Java 2 Security doesn't allow the UnsafeAccess class to load due to the RuntimeException caused by the AccessControlException.
Hello there!! While using Netty as an HTTP Server, we ran into a
java.lang.RuntimeExceptionwhen the adaptive buffer allocator attempts to load pointing to shaded JCTools classes. Specifically the error seems to be attempting to access field/constructor fromUnsafe.classas seen below, which if the SecurityManager is enabled will throw ajava.security.AccessControlExceptionJCTools/jctools-core/src/main/java/org/jctools/util/UnsafeAccess.java
Lines 52 to 72 in a17b56f
This could be addressed by verifying if the SecurityManager is enabled and if so, use
AccessController.doPrivilegedfor the logic. I searched on the repo but couldn't find any usage of theAccessControllerthat would imply that something like this has been reported/addressed before. I wanted to bring it up since enabling Java 2 Security doesn't allow theUnsafeAccessclass to load due to the RuntimeException caused by the AccessControlException.