You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, @skyesx in EasyTransaction-1.4.2 (easytrans-core module), duplicate classes with the same fully-qualified name org.objectweb.asm.ClassWriter are included in two different libraries, i.e., org.ow2.asm:asm:5.0.4 and org.ow2.asm:asm:4.2.
According to "first declaration wins" class loading strategy, only this class in org.ow2.asm:asm:4.2 can be loaded, and that in org.ow2.asm:asm:5.0.4 will be shadowed.
By further analyzing, your project expects to invoke method <org.objectweb.asm.ClassWriter: toByteArray()[B> in org.ow2.asm:asm:5.0.4. As it has been shadowed, so that this method defined in org.ow2.asm:asm:4.2 is actually forced to be referenced via the following invocation path:
Although both of these two conflicting classes contain the referenced methods (with the same signature), they have different implementations. This issue will not lead to runtime crashes, but it can introduce inconsistent semantic hehavior by changing the control flows and data flows.
Workaround solution:
An easy way to workaround the problem is reversing the declaration order of these two libraries in pom file.
Then, according to "first declaration wins" class loading strategy, class org.objectweb.asm.ClassWriter in org.ow2.asm:asm:5.0.4 can be loaded (the version that EasyTransaction expects to reference by static analysis).
This fix will not affect other libraries or class, except the above duplicate class.
As a result, these conflicting method included in org.ow2.asm:asm:jar:5.0.4 deals with different cases, which changes the control flows and data flows. So being forced to use these methods in org.ow2.asm:asm:4.2 may lead to inconsisitent semantic behaviors.
Hi, @skyesx in EasyTransaction-1.4.2 (easytrans-core module), duplicate classes with the same fully-qualified name org.objectweb.asm.ClassWriter are included in two different libraries, i.e., org.ow2.asm:asm:5.0.4 and org.ow2.asm:asm:4.2.
According to "first declaration wins" class loading strategy, only this class in org.ow2.asm:asm:4.2 can be loaded, and that in org.ow2.asm:asm:5.0.4 will be shadowed.
By further analyzing, your project expects to invoke method <org.objectweb.asm.ClassWriter: toByteArray()[B> in org.ow2.asm:asm:5.0.4. As it has been shadowed, so that this method defined in org.ow2.asm:asm:4.2 is actually forced to be referenced via the following invocation path:
Although both of these two conflicting classes contain the referenced methods (with the same signature), they have different implementations. This issue will not lead to runtime crashes, but it can introduce inconsistent semantic hehavior by changing the control flows and data flows.
Workaround solution:
An easy way to workaround the problem is reversing the declaration order of these two libraries in pom file.
Then, according to "first declaration wins" class loading strategy, class org.objectweb.asm.ClassWriter in org.ow2.asm:asm:5.0.4 can be loaded (the version that EasyTransaction expects to reference by static analysis).
This fix will not affect other libraries or class, except the above duplicate class.
Dependency tree--
[INFO] com.yiqiniu.easytrans:easytrans-core:jar:1.4.2
[INFO] +- org.springframework.boot:spring-boot:jar:1.5.19.RELEASE:compile
[INFO] | +- (org.springframework:spring-core:jar:4.3.22.RELEASE:compile - omitted for duplicate)
[INFO] | - org.springframework:spring-context:jar:4.3.22.RELEASE:compile
[INFO] | +- org.springframework:spring-aop:jar:4.3.22.RELEASE:compile
[INFO] | | +- (org.springframework:spring-beans:jar:4.3.22.RELEASE:compile - omitted for duplicate)
[INFO] | | - (org.springframework:spring-core:jar:4.3.22.RELEASE:compile - omitted for duplicate)
[INFO] | +- (org.springframework:spring-beans:jar:4.3.22.RELEASE:compile - omitted for duplicate)
[INFO] | +- (org.springframework:spring-core:jar:4.3.22.RELEASE:compile - omitted for duplicate)
[INFO] | - org.springframework:spring-expression:jar:4.3.22.RELEASE:compile
[INFO] | - (org.springframework:spring-core:jar:4.3.22.RELEASE:compile - omitted for duplicate)
[INFO] +- org.springframework.boot:spring-boot-autoconfigure:jar:1.5.19.RELEASE:compile
[INFO] | - (org.springframework.boot:spring-boot:jar:1.5.19.RELEASE:compile - omitted for duplicate)
[INFO] +- org.springframework:spring-core:jar:4.3.22.RELEASE:compile
[INFO] +- org.springframework.boot:spring-boot-configuration-processor:jar:1.5.19.RELEASE:compile
[INFO] +- org.springframework:spring-jdbc:jar:4.3.22.RELEASE:compile
[INFO] | +- org.springframework:spring-beans:jar:4.3.22.RELEASE:compile
[INFO] | | - (org.springframework:spring-core:jar:4.3.22.RELEASE:compile - omitted for duplicate)
[INFO] | +- (org.springframework:spring-core:jar:4.3.22.RELEASE:compile - omitted for duplicate)
[INFO] | - org.springframework:spring-tx:jar:4.3.22.RELEASE:compile
[INFO] | +- (org.springframework:spring-beans:jar:4.3.22.RELEASE:compile - omitted for duplicate)
[INFO] | - (org.springframework:spring-core:jar:4.3.22.RELEASE:compile - omitted for duplicate)
[INFO] +- io.seata:seata-rm-datasource:jar:0.8.1:compile
[INFO] | +- io.seata:seata-core:jar:0.8.1:compile
[INFO] | | +- io.seata:seata-common:jar:0.8.1:compile
[INFO] | | | +- (io.netty:netty-all:jar:4.1.30.Final:compile - omitted for duplicate)
[INFO] | | | +- (org.slf4j:slf4j-api:jar:1.7.25:compile - version managed from 1.6.1; omitted for duplicate)
[INFO] | | | +- ch.qos.logback:logback-classic:jar:1.1.11:compile (version managed from 1.2.0)
[INFO] | | | | +- ch.qos.logback:logback-core:jar:1.1.11:compile
[INFO] | | | | - (org.slf4j:slf4j-api:jar:1.7.25:compile - version managed from 1.7.22; omitted for duplicate)
[INFO] | | | +- commons-lang:commons-lang:jar:2.6:compile
[INFO] | | | - (com.alibaba:fastjson:jar:1.2.60:compile - omitted for duplicate)
[INFO] | | +- io.seata:seata-discovery-core:jar:0.8.1:compile
[INFO] | | | - io.seata:seata-config-core:jar:0.8.1:compile
[INFO] | | | +- (io.seata:seata-common:jar:0.8.1:compile - omitted for duplicate)
[INFO] | | | - com.typesafe:config:jar:1.2.1:compile
[INFO] | | +- com.alibaba:fastjson:jar:1.2.60:compile
[INFO] | | +- io.netty:netty-all:jar:4.1.30.Final:compile
[INFO] | | +- org.apache.commons:commons-pool2:jar:2.4.3:compile (version managed from 2.4.2)
[INFO] | | +- commons-pool:commons-pool:jar:1.6:compile
[INFO] | | +- (com.google.guava:guava:jar:18.0:compile - version managed from 20.0; omitted for duplicate)
[INFO] | | - com.google.protobuf:protobuf-java:jar:3.7.1:compile
[INFO] | +- io.seata:seata-rm:jar:0.8.1:compile
[INFO] | | +- (io.seata:seata-core:jar:0.8.1:compile - omitted for duplicate)
[INFO] | | - cglib:cglib:jar:3.1:compile
[INFO] | | - org.ow2.asm:asm:jar:4.2:compile
[INFO] | +- com.alibaba:druid:jar:1.1.12:compile
[INFO] | +- com.github.ben-manes.caffeine:caffeine:jar:2.3.5:compile (version managed from 2.7.0)
[INFO] | +- io.protostuff:protostuff-core:jar:1.5.9:compile
[INFO] | | - io.protostuff:protostuff-api:jar:1.5.9:compile
[INFO] | +- io.protostuff:protostuff-runtime:jar:1.5.9:compile
[INFO] | | +- (io.protostuff:protostuff-api:jar:1.5.9:compile - omitted for duplicate)
[INFO] | | - io.protostuff:protostuff-collectionschema:jar:1.5.9:compile
[INFO] | | - (io.protostuff:protostuff-api:jar:1.5.9:compile - omitted for duplicate)
[INFO] | +- com.fasterxml.jackson.core:jackson-databind:jar:2.8.11.3:compile (version managed from 2.9.8)
[INFO] | | +- com.fasterxml.jackson.core:jackson-annotations:jar:2.8.0:compile
[INFO] | | - com.fasterxml.jackson.core:jackson-core:jar:2.8.11:compile (version managed from 2.8.10)
[INFO] | +- com.esotericsoftware:kryo:jar:4.0.2:compile
[INFO] | | +- com.esotericsoftware:reflectasm:jar:1.11.3:compile
[INFO] | | | - (org.ow2.asm:asm:jar:5.0.4:compile - omitted for conflict with 4.2)
[INFO] | | +- com.esotericsoftware:minlog:jar:1.3.0:compile
[INFO] | | - org.objenesis:objenesis:jar:2.5.1:compile
[INFO] | - de.javakaffee:kryo-serializers:jar:0.42:compile
[INFO] | - (com.esotericsoftware:kryo:jar:4.0.0:compile - omitted for conflict with 4.0.2)
[INFO] +- commons-logging:commons-logging-api:jar:1.1:provided
[INFO] +- org.apache.curator:curator-recipes:jar:4.0.1:compile
[INFO] | - org.apache.curator:curator-framework:jar:4.0.1:compile
[INFO] | - org.apache.curator:curator-client:jar:4.0.1:compile
[INFO] | +- (com.google.guava:guava:jar:18.0:compile - version managed from 20.0; omitted for duplicate)
[INFO] | - (org.slf4j:slf4j-api:jar:1.7.25:compile - version managed from 1.7.6; omitted for duplicate)
[INFO] +- org.apache.zookeeper:zookeeper:jar:3.4.10:compile
[INFO] | +- org.slf4j:slf4j-api:jar:1.7.25:compile
[INFO] | +- log4j:log4j:jar:1.2.16:compile
[INFO] | +- jline:jline:jar:0.9.94:compile
[INFO] | | - junit:junit:jar:4.12:compile (version managed from 3.8.1)
[INFO] | | - org.hamcrest:hamcrest-core:jar:1.3:compile
[INFO] | - io.netty:netty:jar:3.10.5.Final:compile
[INFO] - com.google.guava:guava:jar:18.0:compile
Thank you very much.
Best,
Coco
The text was updated successfully, but these errors were encountered: