RFR: 8338596: Clarify handling of restricted and caller-sensitive methods [v3]
Alan Bateman
alanb at openjdk.org
Mon Sep 23 08:25:38 UTC 2024
On Thu, 19 Sep 2024 21:25:21 GMT, Maurizio Cimadamore <mcimadamore at openjdk.org> wrote:
>> This PR moves the section on restricted methods from the the javadoc of `java.lang.foreign` package into a standalone static [javadoc page](https://cr.openjdk.org/~mcimadamore/jdk/restricted_javadoc_section/docs/api/java.base/java/lang/foreign/doc-files/RestrictedMethods.html).
>>
>> This is because, after [JEP 472](https://openjdk.org/jeps/472), we now have restricted methods *outside* the foreign package, namely `System::loadLibrary`, `Runtime::loadLibrary` (and related methods). And, even before, we also had a restricted method in `ModuleLayer.Controller`.
>>
>> The new static page contains some guidance of what happens when a restricted method is called when there's no Java frame on the stack (this can happen e.g. when upcalling into a restricted method from a native thread not known to the JVM) - that is, the call is treated as originating from an unnamed module.
>>
>> The static page is linked from the restricted method banner in a restricted method javadoc. Here's an [example](https://cr.openjdk.org/~mcimadamore/jdk/restricted_javadoc_section/docs/api/java.base/java/lang/foreign/Linker.html#downcallHandle(java.lang.foreign.MemorySegment,java.lang.foreign.FunctionDescriptor,java.lang.foreign.Linker.Option...)).
>
> Maurizio Cimadamore has updated the pull request incrementally with one additional commit since the last revision:
>
> Update src/java.base/share/classes/java/lang/doc-files/RestrictedMethods.html
>
> Co-authored-by: Jorn Vernee <JornVernee at users.noreply.github.com>
src/java.base/share/classes/java/lang/doc-files/RestrictedMethods.html line 43:
> 41: <p>When a restricted method is invoked by <a href="../../../../specs/jni/index.html">JNI code</a>,
> 42: or from an <a href="../Linker.html#upcallStub(java.lang.invoke.MethodHandle,java.lang.foreign.FunctionDescriptor,java.lang.foreign.Arena,java.lang.foreign.Linker.Option...)">upcall stub</a>
> 43: and a Java caller can not be determined, it is as if the restricted method call occurred in an <em>unnamed module</em>.</p>
Is there any scenario where there are Java frames on the stack but calling through a native frame and back to Java with an upcall leads to the "can not be determined". I can't think of any so wonder if this can be changed to say "no caller class on the stack" as is done in the several CS methods.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21067#discussion_r1770962274
More information about the core-libs-dev
mailing list