RFR: 8338596: Clarify handling of restricted and caller-sensitive methods
David Holmes
dholmes at openjdk.org
Thu Sep 19 03:02:35 UTC 2024
On Wed, 18 Sep 2024 18:03:47 GMT, Jorn Vernee <jvernee at openjdk.org> wrote:
>> This PR moves the section on restricted methods from the the javadoc of `java.lang.foreign` package into a standalone static [javadoc page](https://cr.openjdk.org/~mcimadamore/jdk/restricted_javadoc_section/docs/api/java.base/java/lang/foreign/doc-files/RestrictedMethods.html).
>>
>> This is because, after [JEP 472](https://openjdk.org/jeps/472), we now have restricted methods *outside* the foreign package, namely `System::loadLibrary`, `Runtime::loadLibrary` (and related methods). And, even before, we also had a restricted method in `ModuleLayer.Controller`.
>>
>> The new static page contains some guidance of what happens when a restricted method is called when there's no Java frame on the stack (this can happen e.g. when upcalling into a restricted method from a native thread not known to the JVM) - that is, the call is treated as originating from an unnamed module.
>>
>> The static page is linked from the restricted method banner in a restricted method javadoc. Here's an [example](https://cr.openjdk.org/~mcimadamore/jdk/restricted_javadoc_section/docs/api/java.base/java/lang/foreign/Linker.html#downcallHandle(java.lang.foreign.MemorySegment,java.lang.foreign.FunctionDescriptor,java.lang.foreign.Linker.Option...)).
>
> src/java.base/share/classes/java/lang/foreign/doc-files/RestrictedMethods.html line 34:
>
>> 32:
>> 33: Some methods in the Java SE API are considered <em>restricted</em>. Restricted methods
>> 34: are typically used to bind native foreign data and/or functions to first-class
>
> I feel like a short general description is warranted here as well. Maybe something like: 'Restricted methods are APIs that can, when used incorrectly, violate the integrity of the Java Virtual Machine, but are conditionally made available to users, as they provide essential functionality'
I agree, the current text is still very FFM centric.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21067#discussion_r1766078214
More information about the core-libs-dev
mailing list