Skip to content

Fix overly broad classpath scanning in ReflectUtil.getClassesWithAnnotation()#13427

Open
vishesh92 wants to merge 1 commit into
apache:4.22from
shapeblue:fix-overly-broad-classpath-scanning
Open

Fix overly broad classpath scanning in ReflectUtil.getClassesWithAnnotation()#13427
vishesh92 wants to merge 1 commit into
apache:4.22from
shapeblue:fix-overly-broad-classpath-scanning

Conversation

@vishesh92

@vishesh92 vishesh92 commented Jun 16, 2026
edited
Loading

Copy link
Copy Markdown
Member

Description

Production logs show a recurring WARN at startup:
"could not get type for name org.conscrypt.AllocatedBuffer"
(org.reflections.ReflectionsException / ClassNotFoundException)

Root cause: ReflectUtil.getClassesWithAnnotation() uses ClasspathHelper.forPackage() to collect URLs to scan, but this returns all classpath entries (JARs/directories), not just those containing the target package. The Reflections library then scans every .class file in every JAR — including Netty's ConscryptAlpnSslEngine$BufferAdapter which references the optional org.conscrypt.AllocatedBuffer type. During expandSuperTypes(), Reflections tries Class.forName() on that type and fails because Conscrypt is not (and need not be) on the classpath.

The fix adds a FilterBuilder that restricts bytecode scanning to only classes whose fully-qualified names match the requested packages. This prevents Reflections from processing unrelated classes (e.g., io.netty.handler.ssl.*), eliminating the warning and reducing startup time by skipping thousands of irrelevant class files.

Types of changes

  • Breaking change (fix or feature that would cause existing functionality to change)
  • New feature (non-breaking change which adds functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • Enhancement (improves an existing feature and functionality)
  • Cleanup (Code refactoring and cleanup, that may add test cases)
  • Build/CI
  • Test (unit or integration test code)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

  • Major
  • Minor

Bug Severity

  • BLOCKER
  • Critical
  • Major
  • Minor
  • Trivial

Screenshots (if appropriate):

How Has This Been Tested?

How did you try to break this feature and the system with this change?

@vishesh92
Fix overly broad classpath scanning in ReflectUtil.getClassesWithAnno…
34649c8 
…tation()

Production logs show a recurring WARN at startup:
  "could not get type for name org.conscrypt.AllocatedBuffer"
  (org.reflections.ReflectionsException / ClassNotFoundException)

Root cause: ReflectUtil.getClassesWithAnnotation() uses
ClasspathHelper.forPackage() to collect URLs to scan, but this
returns all classpath entries (JARs/directories), not just those
containing the target package. The Reflections library then scans
every .class file in every JAR — including Netty's
ConscryptAlpnSslEngine$BufferAdapter which references the optional
org.conscrypt.AllocatedBuffer type. During expandSuperTypes(),
Reflections tries Class.forName() on that type and fails because
Conscrypt is not (and need not be) on the classpath.

The fix adds a FilterBuilder that restricts bytecode scanning to
only classes whose fully-qualified names match the requested
packages. This prevents Reflections from processing unrelated
classes (e.g., io.netty.handler.ssl.*), eliminating the warning
and reducing startup time by skipping thousands of irrelevant
class files.

Signed-off-by: Ganesh Maharaj Mahalingam <g.mahalingam@apple.com>
@vishesh92

vishesh92 commented Jun 16, 2026

Copy link
Copy Markdown
Member Author

@blueorangutan package

@blueorangutan

blueorangutan commented Jun 16, 2026

Copy link
Copy Markdown

@vishesh92 a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

@codecov

codecov Bot commented Jun 16, 2026
edited
Loading

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 0% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 17.67%. Comparing base (8e933b7) to head (34649c8).

Files with missing lines Patch % Lines
...ils/src/main/java/com/cloud/utils/ReflectUtil.java 0.00% 3 Missing ⚠️
Additional details and impacted files 
@@             Coverage Diff              @@
##               4.22   #13427      +/-   ##
============================================
- Coverage     17.67%   17.67%   -0.01%     
+ Complexity    15792    15788       -4     
============================================
  Files          5922     5922              
  Lines        533167   533170       +3     
  Branches      65210    65210              
============================================
- Hits          94246    94230      -16     
- Misses       428276   428291      +15     
- Partials      10645    10649       +4
Flag Coverage Δ
uitests 3.69% <ø> (ø)
unittests 18.74% <0.00%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@blueorangutan

blueorangutan commented Jun 16, 2026

Copy link
Copy Markdown

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 18273

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vishesh92 @blueorangutan