Re: [PR] Pass apijar to forbidden apis [lucene]

Sun, 13 Jul 2025 03:27:40 -0700 


uschindler commented on PR #14942:
URL: https://github.com/apache/lucene/pull/14942#issuecomment-3066898984

   I figured out what's wrong:
   ```
   > Task :lucene:core:forbiddenApisMain24 FAILED
   Forbidden class use: jdk.internal.vm.vector.VectorSupport$Vector 
[non-portable or internal runtime class]
     in 
org.apache.lucene.internal.vectorization.MemorySegmentPostingDecodingUtil 
(MemorySegmentPostingDecodingUtil.java, method declaration of 
'shift(jdk.incubator.vector.IntVector,int,int,int,int,int[],int,int)')
   Forbidden class use: jdk.internal.vm.vector.VectorSupport$Vector 
[non-portable or internal runtime class]
   Forbidden class use: jdk.internal.vm.vector.VectorSupport$Vector 
[non-portable or internal runtime class]
   Forbidden class use: jdk.internal.vm.vector.VectorSupport$Vector 
[non-portable or internal runtime class]
   Forbidden class use: jdk.internal.vm.vector.VectorSupport$Vector 
[non-portable or internal runtime class]
     in org.apache.lucene.internal.vectorization.PanamaVectorUtilSupport 
(PanamaVectorUtilSupport.java, method declaration of 
'fma(jdk.incubator.vector.FloatVector,jdk.incubator.vector.FloatVector,jdk.incubator.vector.FloatVector)')
   Scanned 21 class file(s) for forbidden API invocations (in 0.25s), 2 
error(s).
   ```
   
   The reason for this is because it treats the "apijar" file as part of the 
user APIs and therefor it can't detect the boundary between Java-Internal 
classes and Classpath classes. "jdk.internal is on the auto-blacklist). Because 
the superclass of Vector is somewhere behind the scenes extended from 
`jdk.internal.vm.vector.VectorSupport$Vector`.
   
   The only workaround that exists is to remove the "jdk-nonportable" 
forbiddenapis signature. This would make the java24 code not checked againt 
internal APIs. But we have to live with that.
   
   I will commit a change here and add the signatures @rmuir mentioned in the 
other issue.
   
   So we have two possibilities:
   - don't check vector API for forbidden apis at all
   - alternatively
   
   The solution for this would be to have allowlists in forbiddenapis, which is 
possible in forbiddenapis 3.9: `setSignaturesWithSeveritySuppress()` - but 
unfortunately I have to figure out of if that works with the non-portable 
bundled signatures.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org

Reply via email to