Skip to content

Lambda methods reported as missing classes #527

Open
@iloveeclipse

Description

@iloveeclipse
Member

This is a side effect of not properly supporting INVOKEDYNAMIC instruction (issue #6): the snippet below generates "The following classes needed for SpotBugs analysis on project A were missing: run" warning on every analysis in Eclipse.
This is most likely same as issue spotbugs/discuss/issues/29.

public class Client {	
	public void errorOnLambda() {
		Object o = getObject();
		if (o != null) { 
			useRunnable(() -> toString());
		}
		o.hashCode();
	}

	public Object getObject() {
		return null;
	}

	public void useRunnable(Runnable listener) {
	}
}

While we still lacks the proper INVOKEDYNAMIC support, we should at least make sure we don't raise stupid warnings.

Activity

added this to the SpotBugs 3.1.2 milestone on Jan 11, 2018
self-assigned this
on Jan 11, 2018
iloveeclipse

iloveeclipse commented on Jan 21, 2018

@iloveeclipse
MemberAuthor

Merged in 3.1 and master.

26 remaining items

slott

slott commented on Sep 1, 2022

@slott

Still happening on 5.0.10...

The following classes needed for analysis were missing:
java.rmi.Remote
java.util.Arrays$ArrayList
SpotBugs ended with exit code 3

CreeTar

CreeTar commented on Nov 29, 2022

@CreeTar

Using Java 11 still a problem, is there an celebration for this bugs 5th year anniversary? Off to 5 more years :)

delanym

delanym commented on Apr 14, 2023

@delanym

I only get this, i.e.

     [java] The following classes needed for analysis were missing:
     [java]   makeConcatWithConstants
     [java]   test
     [java]   apply
     [java]   accept
     [java]   actionPerformed
     [java]   run
     [java]   compare
     [java]   get

when I include findsecbugs

        <plugin>
          <groupId>com.github.spotbugs</groupId>
          <artifactId>spotbugs-maven-plugin</artifactId>
          <version>4.7.3.4</version>
          <configuration>
            <plugins>
              <plugin>
                <groupId>com.h3xstream.findsecbugs</groupId>
                <artifactId>findsecbugs-plugin</artifactId>
                <version>1.12.0</version>
              </plugin>
            </plugins>
          </configuration>
Apache Maven 3.9.0 (9b58d2bad23a66be161c4664ef21ce219c2c8584)
Maven home: /home/sol/.m2/wrapper/dists/apache-maven-3.9.0/86b67b91
Java version: 20-ea, vendor: Private Build, runtime: /usr/lib/jvm/java-20-openjdk-amd64
Default locale: en_ZA, platform encoding: UTF-8
OS name: "linux", version: "5.19.0-38-generic", arch: "amd64", family: "unix"
in-fke

in-fke commented on Apr 27, 2023

@in-fke

Still a Bug after more than five years.

SimSonic

SimSonic commented on Jun 16, 2023

@SimSonic

In my case list is bigger:

     [java] The following classes needed for analysis were missing:
     [java]   makeConcatWithConstants
     [java]   apply
     [java]   equals
     [java]   toString
     [java]   hashCode
     [java]   get
     [java]   accept
     [java]   test
     [java]   customize
     [java]   doInTransaction
     [java]   resolve
     [java]   applyAsInt
     [java]   getAddress
     [java]   getAsBoolean
     [java]   run
     [java]   handleError
     [java]   getTags
     [java]   call
     [java]   typeSwitch
     [java]   applyAsLong
     [java]   getSpecification
     [java]   applyAsDouble
     [java]   configure
     [java]   mapRow
     [java]   doInPreparedStatement

jdk 20
spotbugs 4.7.3.0
findsecbugs 1.12.0

Vampire

Vampire commented on Jun 26, 2023

@Vampire
Contributor

It even got worse now, because it is reported once per report.
so if you have XML and HTML report configured, you get the message printed twice. :-(

victorwss

victorwss commented on Oct 5, 2023

@victorwss
Contributor

@delanym I also only get this when using find-sec-bugs.

soloturn

soloturn commented on Nov 10, 2023

@soloturn

@JuditKnoll you happen to know what could be done here?

JuditKnoll

JuditKnoll commented on Nov 13, 2023

@JuditKnoll
Collaborator

@soloturn I'm sorry, I don't know. I haven't looked into this issue properly, but for me it looks like it may be a find-sec-bugs issue. I'm not really familiar how exactly SpotBugs and its plugins interacts with each other.
There was a workaround merged into find-sec-bugs recently (find-sec-bugs/find-sec-bugs#690), which is marked as "may solve this issue", but there was no new find-sec-bugs released since then.

victorherraiz

victorherraiz commented on Mar 20, 2024

@victorherraiz

Version 1.13.0, released almost a month ago, of find-sec-bugs does not solve the problem for me.

bdellegrazie

bdellegrazie commented on Apr 5, 2024

@bdellegrazie

Version 1.13.0 of find-sec-bugs doesn't solve this, even with the -Dfindsecbugs.taint.workaroundvisitinvokedynamic=true enabled or not, I see no difference.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

Labels

Type

No type

Projects

No projects

Relationships

None yet

    Development

    No branches or pull requests

      Participants

      @slott@Vampire@testn@KengoTODA@soloturn

      Issue actions

        Lambda methods reported as missing classes · Issue #527 · spotbugs/spotbugs