RFR: 8338596: Clarify handling of restricted and caller-sensitive methods
David Holmes
dholmes at openjdk.org
Thu Sep 19 03:02:34 UTC 2024
On Wed, 18 Sep 2024 15:47:01 GMT, Maurizio Cimadamore <mcimadamore at openjdk.org> wrote:
> This PR moves the section on restricted methods from the the javadoc of `java.lang.foreign` package into a standalone static [javadoc page](https://cr.openjdk.org/~mcimadamore/jdk/restricted_javadoc_section/docs/api/java.base/java/lang/foreign/doc-files/RestrictedMethods.html).
>
> This is because, after [JEP 472](https://openjdk.org/jeps/472), we now have restricted methods *outside* the foreign package, namely `System::loadLibrary`, `Runtime::loadLibrary` (and related methods). And, even before, we also had a restricted method in `ModuleLayer.Controller`.
>
> The new static page contains some guidance of what happens when a restricted method is called when there's no Java frame on the stack (this can happen e.g. when upcalling into a restricted method from a native thread not known to the JVM) - that is, the call is treated as originating from an unnamed module.
>
> The static page is linked from the restricted method banner in a restricted method javadoc. Here's an [example](https://cr.openjdk.org/~mcimadamore/jdk/restricted_javadoc_section/docs/api/java.base/java/lang/foreign/Linker.html#downcallHandle(java.lang.foreign.MemorySegment,java.lang.foreign.FunctionDescriptor,java.lang.foreign.Linker.Option...)).
As I wrote in the CSR request for the JEP:
> I think each method that is restricted and/or caller-sensitive should specify what happens when called when there is no caller context. We should use `AccessibleObject::canAccess` as an exemplar here:
>
> https://docs.oracle.com/en/java/javase/22/docs/api/java.base/java/lang/reflect/AccessibleObject.html#canAccess(java.lang.Object)
>
> I have no doubt other caller-sensitive methods have failed to do this to date, but that should be fixed.
>
This has to be mentioned in e.g. the javadoc for `System.loadLibrary`.
-------------
Changes requested by dholmes (Reviewer).
PR Review: https://git.openjdk.org/jdk/pull/21067#pullrequestreview-2314283214
More information about the core-libs-dev
mailing list