RFR: 8333854: IllegalAccessError with proxies after JDK-8332457 [v2]

[Chen Liang]

On Mon, 10 Jun 2024 04:08:41 GMT, Chen Liang <liach at openjdk.org> wrote:

>> Please review this patch that fixes a critical issue that breaks some Proxy usages.
>> 
>> CONSTANT_Class and CONSTANT_MethodType must fail resolution for inaccessible package-private types per JVMS 5.4.3.1 and 5.4.3.5, yet such types can appear in method descriptors in the same class. The proposed way to bypass is to store the MethodType as its descriptor string in the bootstrap method arguments, and use MethodType.fromMethodDescriptorString to restore the arguments, which does not have this restriction and does not eagerly load the parameter classes. This case isn't covered by existing tests, so a new test has been added.
>
> Chen Liang has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Obtain classloader in security manager friendly code path

The condy bootstrap is not trusted by SecurityManager, therefore it cannot use the `null` ClassLoader to parse method descriptors. https://github.com/openjdk/jdk/blob/7b43a8cd7c663facbe490f889838d7ead0eba0f9/src/java.base/share/classes/java/lang/invoke/MethodType.java#L1193
Meanwhile, condy bootstrap cannot take MethodType or Class, as those constants cannot resolve a package private type appearing in method descriptors.

Thus, my approach is to obtain a valid non-null ClassLoader in `<clinit>`, which is called from `Proxy` so there's no SecurityManager problems. Then I use that ClassLoader to perform actual resolution lazily in the condy. The call to `getPlatformClassLoader` emulates the same call in `MethodType.fromMethodDescriptorString`, which resolves classes in the bootstrap loader.

-------------

PR Comment: https://git.openjdk.org/jdk/pull/19615#issuecomment-2158217420