Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-49016

Android-lint plugin affected by JEP in 2.102

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Minor
    • Resolution: Fixed
    • Component/s: analysis-core-plugin, core
    • Labels:
    • Environment:
      Jenkins Android Lint Plugin version: 2.5
      Debian Linux Jessie
      Jenkins 2.102 (Linux Master - Linux Slave/OSX Slave)
    • Similar Issues:

      Description

      Jenkins build fails after upgrading jenkins to 2.102.

      Error from log:

      [android-lint] Collecting Android Lint files...
      ERROR: Build step failed with exception
      java.lang.SecurityException: Rejected: com.google.common.collect.AbstractMultimap
      	at hudson.remoting.ClassFilter.check(ClassFilter.java:75)
      	at hudson.remoting.MultiClassLoaderSerializer$Input.resolveClass(MultiClassLoaderSerializer.java:129)
      	at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1613)
      	at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1518)
      	at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1623)
      	at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1518)
      	at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1623)
      	at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1518)
      	at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1774)
      	at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1351)
      	at java.io.ObjectInputStream.defaultReadFields(ObjectInputStream.java:2000)
      	at java.io.ObjectInputStream.readSerialData(ObjectInputStream.java:1924)
      	at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1801)
      	at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1351)
      	at java.io.ObjectInputStream.readObject(ObjectInputStream.java:371)
      	at hudson.remoting.UserRequest.deserialize(UserRequest.java:277)
      	at hudson.remoting.UserResponse.retrieve(UserRequest.java:310)
      	at hudson.remoting.Channel.call(Channel.java:909)
      	at hudson.FilePath.act(FilePath.java:998)
      	at hudson.FilePath.act(FilePath.java:987)
      	at org.jenkinsci.plugins.android_lint.LintPublisher.perform(LintPublisher.java:126)
      	at hudson.plugins.analysis.core.HealthAwarePublisher.perform(HealthAwarePublisher.java:69)
      	at hudson.plugins.analysis.core.HealthAwareRecorder.perform(HealthAwareRecorder.java:298)
      	at hudson.tasks.BuildStepCompatibilityLayer.perform(BuildStepCompatibilityLayer.java:81)
      	at hudson.tasks.BuildStepMonitor$1.perform(BuildStepMonitor.java:20)
      	at hudson.model.AbstractBuild$AbstractBuildExecution.perform(AbstractBuild.java:744)
      	at hudson.model.AbstractBuild$AbstractBuildExecution.performAllBuildSteps(AbstractBuild.java:690)
      	at hudson.model.Build$BuildExecution.post2(Build.java:186)
      	at hudson.model.AbstractBuild$AbstractBuildExecution.post(AbstractBuild.java:635)
      	at hudson.model.Run.execute(Run.java:1752)
      	at hudson.model.FreeStyleBuild.run(FreeStyleBuild.java:43)
      	at hudson.model.ResourceController.execute(ResourceController.java:97)
      	at hudson.model.Executor.run(Executor.java:429)
      Build step 'Publish Android Lint results' marked build as failure
      

      Adding 

      -Dhudson.remoting.ClassFilter=com.google.common.collect.AbstractMultimap to the JVM args didn't fix the issue, as was suggested on https://jenkins.io/blog/2018/01/13/jep-200/

       

      From the jenkins.log:

      Jan 18, 2018 11:16:59 AM jenkins.security.ClassFilterImpl lambda$isBlacklisted$1
      
      WARNING: com.google.common.collect.AbstractMultimap in file:/var/cache/jenkins/war/WEB-INF/lib/guava-11.0.1.jar might be dangerous, so rejecting; see https://jenkins.io/redirect/class-filter/

        Attachments

          Issue Links

            Activity

            Hide
            jglick Jesse Glick added a comment -

             for Remoting we do not get info which particular field is rejected. Maybe it is something to improve

            I see no way to improve it. ObjectInputStreamEx.resolveClass is not offered any further information. We could override some other method to capture context, but I do not see any—AFAICT this is ultimately called in a loop from GetFieldImpl.readFields which does not call any protected methods. Maybe there is some more complicated trick. Or you can just reproduce the problem in a debugger and inspect private state.

            Show
            jglick Jesse Glick added a comment -  for Remoting we do not get info which particular field is rejected. Maybe it is something to improve I see no way to improve it. ObjectInputStreamEx.resolveClass is not offered any further information. We could override some other method to capture context, but I do not see any—AFAICT this is ultimately called in a loop from GetFieldImpl.readFields which does not call any protected methods. Maybe there is some more complicated trick. Or you can just reproduce the problem in a debugger and inspect private state.
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            I have created https://github.com/jenkinsci/android-lint-plugin/pull/12 . Should be superseded by the core update though

            Show
            oleg_nenashev Oleg Nenashev added a comment - I have created https://github.com/jenkinsci/android-lint-plugin/pull/12 . Should be superseded by the core update though
            Hide
            jglick Jesse Glick added a comment -

            The field in question is ParserResult.fileNameCache. That is in analysis-core and so presumably the issue would affect any Analysis plugin. I will file a workaround PR in that plugin. The core patch would also solve it, I think.

            Show
            jglick Jesse Glick added a comment - The field in question is ParserResult.fileNameCache . That is in analysis-core and so presumably the issue would affect any Analysis plugin. I will file a workaround PR in that plugin. The core patch would also solve it, I think.
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            I have an idea how to add diagnostics for Remoting. Will try it next week if time allows

            Show
            oleg_nenashev Oleg Nenashev added a comment - I have an idea how to add diagnostics for Remoting. Will try it next week if time allows
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            Fixed by JENKINS-49000 in the Jenkins core. Please update to Jenkins 2.103

            Show
            oleg_nenashev Oleg Nenashev added a comment - Fixed by JENKINS-49000 in the Jenkins core. Please update to Jenkins 2.103

              People

              • Assignee:
                jglick Jesse Glick
                Reporter:
                walterngti Walter den Besten
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: