JDK 14 RFR of JDK-8232234: Suppress warnings on non-serializable non-transient instance fields in java.rmi

Joe Darcy joe.darcy at oracle.com
Tue Oct 15 18:21:55 UTC 2019


PS Updated webrev omitting changes to UnicastRef

     http://cr.openjdk.java.net/~darcy/8232234.1/

Cheers,

-Joe

On 10/15/2019 10:35 AM, Joe Darcy wrote:
> Hi Roger,
>
> In rough statistics, there are well over 1,000 serializable classes in 
> the JDK. There are closer to a dozen classes that are also 
> externalizable (java.io.Externalizable extends java.io.Serializable ).
>
> As such, the new checks have had much more tuning against 
> serializable-but-not-externalizable classes compared to externalizable 
> ones.
>
> With any analysis, there is a balance between reporting false 
> positives (as in this case due to {read, write}External) with false 
> negatives (not reporting on a situation of actual concern).
>
> It would be a small matter of programming to guard the field 
> serializability checks with a " ... && notExternalizable()" clause. 
> That would eliminate the warning in cases like LiveRef, at the risk of 
> not reporting on possible logic errors or omissions.
>
> Clearly the case for these checks is less strong for externalizable 
> than serializable-but-not-externalizable ones. On balance, do you 
> think these checks should be skipped for externalizable classes?
>
> Cheers,
>
> -Joe
>
> On 10/15/2019 8:28 AM, Roger Riggs wrote:
>> Hi Joe,
>>
>> In the case of UnicastRef, I think the warning on LiveRef ref is too 
>> aggresive.
>> Since UnicastRef inherits Externalizable and has writeExternal and 
>> readExternal
>> methods there is no static indication of which fields of the class 
>> are serialized or in what form.
>> All of the logic for what and how the fields are serialized is in the 
>> code of those methods.
>>
>> What's the rationale for requiring developers to suppress warning on 
>> fields that
>> are not known to be serialized/externalized.
>>
>> Roger
>>
>>
>> On 10/15/19 1:12 AM, Joe Darcy wrote:
>>> Hello,
>>>
>>> Please review the changes for serial review now extending to the 
>>> java.rmi module:
>>>
>>>     JDK-8232234: Suppress warnings on non-serializable non-transient 
>>> instance fields in java.rmi
>>> http://cr.openjdk.java.net/~darcy/8232234.0/
>>>
>>> Patch below.
>>>
>>> For 
>>> src/java.rmi/share/classes/sun/rmi/server/ActivatableServerRef.java, 
>>> the absence of no-arg constructor prevents the Externalizable class 
>>> from being deserialized (de-externalized?), but as it hasn't seemed 
>>> to cause problems in the 16 years since the file was last modified, 
>>> I didn't think it was worthwhile to add a constructor at this point.
>>>
>>> Thanks,
>>>
>>> -Joe
>>>
>>> --- 
>>> old/src/java.rmi/share/classes/java/rmi/activation/ActivationGroup.java 
>>> 2019-10-14 21:49:08.305824614 -0700
>>> +++ 
>>> new/src/java.rmi/share/classes/java/rmi/activation/ActivationGroup.java 
>>> 2019-10-14 21:49:08.117824614 -0700
>>> @@ -1,5 +1,5 @@
>>>  /*
>>> - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All 
>>> rights reserved.
>>> + * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All 
>>> rights reserved.
>>>   * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
>>>   *
>>>   * This code is free software; you can redistribute it and/or 
>>> modify it
>>> @@ -107,6 +107,7 @@
>>>      /**
>>>       * @serial the group's monitor
>>>       */
>>> +    @SuppressWarnings("serial") // Not statically typed as 
>>> Serializable
>>>      private ActivationMonitor monitor;
>>>
>>>      /**
>>> --- 
>>> old/src/java.rmi/share/classes/java/rmi/activation/ActivationGroupID.java 
>>> 2019-10-14 21:49:08.845824614 -0700
>>> +++ 
>>> new/src/java.rmi/share/classes/java/rmi/activation/ActivationGroupID.java 
>>> 2019-10-14 21:49:08.641824614 -0700
>>> @@ -1,5 +1,5 @@
>>>  /*
>>> - * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All 
>>> rights reserved.
>>> + * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All 
>>> rights reserved.
>>>   * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
>>>   *
>>>   * This code is free software; you can redistribute it and/or 
>>> modify it
>>> @@ -49,6 +49,7 @@
>>>      /**
>>>       * @serial The group's activation system.
>>>       */
>>> +    @SuppressWarnings("serial") // Not statically typed as 
>>> Serializable
>>>      private ActivationSystem system;
>>>
>>>      /**
>>> --- 
>>> old/src/java.rmi/share/classes/java/rmi/server/UnicastRemoteObject.java 
>>> 2019-10-14 21:49:09.333824614 -0700
>>> +++ 
>>> new/src/java.rmi/share/classes/java/rmi/server/UnicastRemoteObject.java 
>>> 2019-10-14 21:49:09.133824614 -0700
>>> @@ -1,5 +1,5 @@
>>>  /*
>>> - * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All 
>>> rights reserved.
>>> + * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All 
>>> rights reserved.
>>>   * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
>>>   *
>>>   * This code is free software; you can redistribute it and/or 
>>> modify it
>>> @@ -189,12 +189,14 @@
>>>      /**
>>>       * @serial client-side socket factory (if any)
>>>       */
>>> +    @SuppressWarnings("serial") // Not statically typed as 
>>> Serializable
>>>      private RMIClientSocketFactory csf = null;
>>>
>>>      /**
>>>       * @serial server-side socket factory (if any) to use when
>>>       * exporting object
>>>       */
>>> +    @SuppressWarnings("serial") // Not statically typed as 
>>> Serializable
>>>      private RMIServerSocketFactory ssf = null;
>>>
>>>      /* indicate compatibility with JDK 1.1.x version of class */
>>> --- 
>>> old/src/java.rmi/share/classes/sun/rmi/server/ActivatableServerRef.java 
>>> 2019-10-14 21:49:09.837824614 -0700
>>> +++ 
>>> new/src/java.rmi/share/classes/sun/rmi/server/ActivatableServerRef.java 
>>> 2019-10-14 21:49:09.645824614 -0700
>>> @@ -1,5 +1,5 @@
>>>  /*
>>> - * Copyright (c) 1997, 2003, Oracle and/or its affiliates. All 
>>> rights reserved.
>>> + * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All 
>>> rights reserved.
>>>   * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
>>>   *
>>>   * This code is free software; you can redistribute it and/or 
>>> modify it
>>> @@ -38,6 +38,7 @@
>>>   *
>>>   * @author Ann Wollrath
>>>   */
>>> + at SuppressWarnings("serial") // Externalizable class w/o no-arg c'tor
>>>  public class ActivatableServerRef extends UnicastServerRef2 {
>>>
>>>      private static final long serialVersionUID = 2002967993223003793L;
>>> --- old/src/java.rmi/share/classes/sun/rmi/server/Activation.java 
>>> 2019-10-14 21:49:10.413824614 -0700
>>> +++ new/src/java.rmi/share/classes/sun/rmi/server/Activation.java 
>>> 2019-10-14 21:49:10.173824614 -0700
>>> @@ -1,5 +1,5 @@
>>>  /*
>>> - * Copyright (c) 1997, 2014, Oracle and/or its affiliates. All 
>>> rights reserved.
>>> + * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All 
>>> rights reserved.
>>>   * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
>>>   *
>>>   * This code is free software; you can redistribute it and/or 
>>> modify it
>>> @@ -145,9 +145,11 @@
>>>      private static boolean debugExec;
>>>
>>>      /** maps activation id to its respective group id */
>>> +    @SuppressWarnings("serial") // Conditionally serializable
>>>      private Map<ActivationID,ActivationGroupID> idTable =
>>>          new ConcurrentHashMap<>();
>>>      /** maps group id to its GroupEntry groups */
>>> +    @SuppressWarnings("serial") // Conditionally serializable
>>>      private Map<ActivationGroupID,GroupEntry> groupTable =
>>>          new ConcurrentHashMap<>();
>>>
>>> @@ -297,6 +299,7 @@
>>>
>>>          private static final String NAME = 
>>> ActivationSystem.class.getName();
>>>          private static final long serialVersionUID = 
>>> 4877330021609408794L;
>>> +        @SuppressWarnings("serial") // Not statically typed as 
>>> Serializable
>>>          private ActivationSystem systemStub = null;
>>>
>>>          SystemRegistryImpl(int port,
>>> @@ -498,6 +501,7 @@
>>>       * with RegistryImpl.checkAccess().
>>>       * The kind of access is retained for an exception if one is 
>>> thrown.
>>>       */
>>> +    @SuppressWarnings("serial") // Externalizable class w/o no-arg 
>>> c'tor
>>>      static class SameHostOnlyServerRef extends UnicastServerRef {
>>>          private static final long serialVersionUID = 1234L;
>>>          private String accessKind;      // an exception message
>>> @@ -873,7 +877,9 @@
>>>          ActivationGroupDesc desc = null;
>>>          ActivationGroupID groupID = null;
>>>          long incarnation = 0;
>>> +        @SuppressWarnings("serial") // Conditionally serializable
>>>          Map<ActivationID,ObjectEntry> objects = new HashMap<>();
>>> +        @SuppressWarnings("serial") // Conditionally serializable
>>>          Set<ActivationID> restartSet = new HashSet<>();
>>>
>>>          transient ActivationInstantiator group = null;
>>> --- 
>>> old/src/java.rmi/share/classes/sun/rmi/server/ActivationGroupImpl.java 
>>> 2019-10-14 21:49:11.057824614 -0700
>>> +++ 
>>> new/src/java.rmi/share/classes/sun/rmi/server/ActivationGroupImpl.java 
>>> 2019-10-14 21:49:10.841824614 -0700
>>> @@ -1,5 +1,5 @@
>>>  /*
>>> - * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All 
>>> rights reserved.
>>> + * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All 
>>> rights reserved.
>>>   * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
>>>   *
>>>   * This code is free software; you can redistribute it and/or 
>>> modify it
>>> @@ -69,6 +69,7 @@
>>>          new Hashtable<>();
>>>      private boolean groupInactive = false;
>>>      private final ActivationGroupID groupID;
>>> +    @SuppressWarnings("serial")  // Conditionally serializable
>>>      private final List<ActivationID> lockedIDs = new ArrayList<>();
>>>
>>>      /**
>>> --- old/src/java.rmi/share/classes/sun/rmi/server/UnicastRef.java 
>>> 2019-10-14 21:49:11.701824614 -0700
>>> +++ new/src/java.rmi/share/classes/sun/rmi/server/UnicastRef.java 
>>> 2019-10-14 21:49:11.445824614 -0700
>>> @@ -1,5 +1,5 @@
>>>  /*
>>> - * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All 
>>> rights reserved.
>>> + * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All 
>>> rights reserved.
>>>   * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
>>>   *
>>>   * This code is free software; you can redistribute it and/or 
>>> modify it
>>> @@ -67,6 +67,7 @@
>>> Boolean.getBoolean("sun.rmi.client.logCalls")));
>>>      private static final long serialVersionUID = 8258372400816541186L;
>>>
>>> +    @SuppressWarnings("serial") // Not statically typed as 
>>> Serializable
>>>      protected LiveRef ref;
>>>
>>>      /**
>>>
>>


More information about the core-libs-dev mailing list