RFR: 8333796: Add missing serialization functionality to sun.reflect.ReflectionFactory [v5]

Roger Riggs rriggs at openjdk.org
Tue Sep 24 20:41:40 UTC 2024 

On Tue, 24 Sep 2024 19:40:23 GMT, David M. Lloyd <duke at openjdk.org> wrote:

>> Issue [JDK-8164908](https://bugs.openjdk.org/browse/JDK-8164908) added support for functionality required to continue to support IIOP and custom serializers in light of additional module-based restrictions on reflection. It was expected that these libraries would use `sun.misc.Unsafe` in order to access fields of serializable classes. However, with JEP 471, the methods necessary to do this are being removed.
>> 
>> To allow these libraries to continue to function, it is proposed to add two methods to `sun.reflect.ReflectionFactory` which will allow serialization libraries to acquire a method handle to generated `readObject`/`writeObject` methods which set or get the fields of the serializable class using the serialization `GetField`/`PutField` mechanism. These generated methods should be used by serialization libraries to serialize and deserialize classes which do not have a `readObject`/`writeObject` method or which use `ObjectInputStream.defaultReadObject`/`ObjectOutputStream.defaultWriteObject` to supplement default serialization.
>> 
>> It is also proposed to add methods which allow for the reading of serialization-specific private static final fields from classes which have them.
>> 
>> With the addition of these methods, serialization libraries no longer need to rely on `Unsafe` for serialization/deserialization activities.
>> cc: @AlanBateman
>
> David M. Lloyd has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Test fixes and finish renaming

The updated comments help explain better what's being implemented.

src/java.base/share/classes/java/io/ObjectStreamReflection.java line 75:

> 73:      * @param ois the object stream (must not be {@code null})
> 74:      * @throws IOException if the call to {@link ObjectInputStream#readFields} or one of its field accessors throws this exception type
> 75:      * @throws ClassNotFoundException if the call to {@link ObjectInputStream#readFields} or one of its field accessors throws this exception type

Please wrap lines longer than 100-120 chars.

src/java.base/share/classes/java/io/ObjectStreamReflection.java line 171:

> 169:             }
> 170:             return streamClass;
> 171:         }

Possibly move common setup into the helper function:

Suggestion:

        public MethodHandle defaultReadObject(Class<?> clazz) {
            return handleForClass(DRO_HANDLE, clazz, ObjectInputStream.class);
        }

        public MethodHandle defaultWriteObject(Class<?> clazz) {
            return handleForClass(DWO_HANDLE, clazz, ObjectOutputStream.class);
        }

        private static MethodHandle handleForClass(MethodHandle handle, final Class<?> clazz, Class<?> ioClass) {
            ObjectStreamClass streamClass = ObjectStreamClass.lookup(clazz);
            if (streamClass != null) {
                try {
                    streamClass.checkDefaultSerialize();
                    return handle.bindTo(streamClass)
                            .asType(MethodType.methodType(void.class, clazz, ioClass));
                } catch (InvalidClassException e) {
                    // ignore and return null
                }
            }
            return null;
        }

-------------

PR Review: https://git.openjdk.org/jdk/pull/19702#pullrequestreview-2322681630
PR Review Comment: https://git.openjdk.org/jdk/pull/19702#discussion_r1774053044
PR Review Comment: https://git.openjdk.org/jdk/pull/19702#discussion_r1774061651

More information about the core-libs-dev mailing list