Fix method visibility in public-callers-finder

[mosche]

Public-callers-finder did not correctly report if methods are externally visible due to the following issues:

• checking if interfaces are exported (see findAccessibility) must be done using the exports of the interface’s module, not the exports of the current class
• super classes must be treated the same way as interfaces, currently these are ignored
• currently all public methods of a (potentially private, non-exported) class implementing a public, exported interface are considered accessible / visible regardless if part of the interface or not

This fixes visibility to be consistent with the JdkApiExtractor tool by implementing both using the same common logic in AccessibleJdkMethods.loadAccessibleMethods.

Note: this currently includes #137193, which will be merged independently.

Relates to ES-13117

[elasticsearchmachine]

Pinging @elastic/es-core-infra (Team:Core/Infra)

[mosche]

This is moved here from JdkApiExtractor to make it accessible as common tool

[mosche]

Moved here from JdkApiExtractor

[mosche]

Rather than calculating visibility (and potentially having to follow interfaces / super classes), use a predicate based on a precalculated set of accessible method descriptors leveraging the new AccessibleJdkMethods

[ldematte]

Looks good!
I know this is "just a tool", but give its complexity I do wonder if some parts deserve "unit" tests. I'm thinking in particular at AccessibleJdkMethods and some of the logic in Main, e.g. findTransitiveUsages.
As a follow-up. Wdyt?

[ldematte]

👍

[ldematte]

I do wonder though: should we instrument those as always denied? If they are publicly accessible?
(surely not part of this PR! But it just occurred to me now)

[mosche]

This is a tricky one, some of these implement public accessible interfaces. Theoretically, if leaked / returned somewhere we could invoke such code in user land. And obviously, without this filter, these would be reported.
In the end this is purely based on the assumption / hope that no JDK API leaks such instances to keep the set of reported methods more manageable and avoid general noise on internal stuff when diffing between different JDKs.

I do wonder though: should we instrument those as always denied?

But I agree, we probably want to verify that assumption. We could deny any access to such classes from "user code" or at least log warnings.

[mosche]

Previously this was done at the very end prior to writing the result, see

elasticsearch/libs/entitlement/tools/jdk-api-extractor/src/main/java/org/elasticsearch/entitlement/tools/jdkapi/JdkApiExtractor.java

Lines 112 to 116 in 80d91ce

	if (entry.getKey().clazz.startsWith("com/sun/") && entry.getKey().clazz.contains("/internal/")) {
	// skip com.sun.*.internal classes as they are not part of the supported JDK API
	// even if methods override some publicly visible API
	return false;
	}

In fact, that's the same as not visiting such classes at all.

If you prefer to not filter these I'll remove, certainly not as harmful as the exclusions in #137193.

[ldematte]

We could deny any access to such classes from "user code" or at least log warnings.

That what I was thinking too.
RE: this PR, I'm fine either way (keeping it as-is or remove the excludes)

[mosche]

I created a follow up task for this

[ldematte]

Nit: to make the code more readable, getModuleClassFromName?

[ldematte]

I do wonder if reducing to ExternalAccess is still a good choice? Or if we should just dump/propagate these 3 booleans to the CSV?

[mosche]

I was actually thinking the same, but stopped myself from making yet another change. But I think you're right, I'll have another look to see if this can be done with some decent effort.

[ldematte]

👍
Can definitely be a follow-up though

[mosche]

i'll do as a follow up, this will impact a lot of places

[ldematte]

LGTM!