Hi!
After an upgrade Alfresco form version 5.2 to version 6.2 it became unstable: sometimes we got :
org.mybatis.spring.MyBatisSystemException: nested exception is org.mybatis.spring.MyBatisSystemException: nested exception is org.apache.ibatis.reflection.ReflectionException: Error instantiating class java.util.ArrayList with invalid types () or values
Usually during .parallel(). collection execution. There is full stack trace https://pastebin.com/0jcxFfc5 and there is the code https://pastebin.com/RyPt5d0g . Actually I even can not understand a flow of control, why MyBatis is involved ?
Please help me!
Thank you!
Solved! Go to Solution.
SOLUTION: in Alfresco version 5.2 System.getSecurityManager() == NULL (!!!) but in version 6.2. it has been set up. That is the matter of different behavior (details in https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/concurrent/ForkJoinPool.html). Why v 6.2 set up the SecurityManager and v 5.2. doesn't I still do not know.
Facing same problem +1
Cross-post in https://stackoverflow.com/questions/66357500/why-mybatissystemexception-during-parallel-execution-in...
From the lock at the error stack so far it is quite clear that an issue with Java security manager and granted code permissions is the cause of this:
ndfund-acs_1 | org.mybatis.spring.MyBatisSystemException: nested exception is org.mybatis.spring.MyBatisSystemException: nested exception is org.apache.ibatis.reflection.ReflectionException: Error instantiating class java.util.ArrayList with invalid types () or values (). Cause: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessDeclaredMembers") ndfund-acs_1 | at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ndfund-acs_1 | at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) ndfund-acs_1 | at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ndfund-acs_1 | at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490) ndfund-acs_1 | at java.base/java.util.concurrent.ForkJoinTask.getThrowableException(ForkJoinTask.java:600) ndfund-acs_1 | at java.base/java.util.concurrent.ForkJoinTask.reportException(ForkJoinTask.java:678) ndfund-acs_1 | at java.base/java.util.concurrent.ForkJoinTask.invoke(ForkJoinTask.java:737) ndfund-acs_1 | at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateParallel(ReduceOps.java:919) ndfund-acs_1 | at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:233) ndfund-acs_1 | at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578) ndfund-acs_1 | at com.ecmc.alfresco.rst.nd.reports.data.Form11NSSEverything.generateBeanData(Form11NSSEverything.java:181)
Specifically
Cause: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessDeclaredMembers")
Configuration of policy files and mode of customisation deployment need to be checked. It must be ensured that both the Alfresco web application as well as any extensions deployed into it or on some classpath extension paths are covered by the typical AllPermission grant.
I have checked permissions granted to all web applications in catalina.policy, Actually this error is not reproducible well. This exeception doesn't rise when I remove .parallel(). and use single thread stream processing .
Can this issue be relevant stackoverflow.com/a/64027627/1999752 ?
SOLUTION: in Alfresco version 5.2 System.getSecurityManager() == NULL (!!!) but in version 6.2. it has been set up. That is the matter of different behavior (details in https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/concurrent/ForkJoinPool.html). Why v 6.2 set up the SecurityManager and v 5.2. doesn't I still do not know.
My answer to your stackoverflow post explains why it might be different for you in 6.2 and how you can disable the security manager.
https://stackoverflow.com/a/66430192/14407764
Copied here:
This exception comes from the Java Security manager. If you are using the Alfresco docker images, the security manager is enabled by default. If you have done a non-docker installation, you are launching tomcat using the "-security" switch. While the security manager is recommended because it makes your installation more secure, it is not required.
If you are using Alfresco's docker images, you will need to modify the docker-compose.yml file and specify a "command" argument for the "alfresco" service. Out of the box, the "command" argument is ["catalina.sh" "run" "-security"]. You need to remove the "-security" flag. For example:
... services: alfresco: image: alfresco/alfresco-content-repository-community:6.2.0-ga command: ["catalina.sh" "run"] ...
If you have installed Alfresco manually, you simply need to change the way that you are starting it. Remove the "-security" flag.
According to:
https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/util/concurrent/ForkJoinPool.html
Using parallel execution causes threads to spawn with no security configuration. This means that for this situation, you cannot use parallel execution unless you disable the security manager. So your choices are to disable the security manager using the above steps or to use serial execution.
Sorry I can not locate
... services: alfresco: image: alfresco/alfresco-content-repository-community:6.2.0-ga command: ["catalina.sh" "run"] ...
It looks like I have completely different deployment scheme.
Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.
Related links:
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.