RFR: 8351565: Implement JEP 502: Stable Values (Preview) [v6]
Per Minborg
pminborg at openjdk.org
Thu Mar 20 01:35:53 UTC 2025
On Thu, 13 Mar 2025 15:44:37 GMT, Maurizio Cimadamore <mcimadamore at openjdk.org> wrote:
>> Per Minborg has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 246 commits:
>>
>> - Merge branch 'master' into implement-jep502
>> - Clean up exception messages and fix comments
>> - Rename field
>> - Rename method and fix comment
>> - Rework reenterant logic
>> - Use acquire semantics for reading rather than volatile semantics
>> - Add missing null check
>> - Simplify handling of sentinel, wrap, and unwrap
>> - Fix JavaDoc issues
>> - Fix members in StableEnumFunction
>> - ... and 236 more: https://git.openjdk.org/jdk/compare/4e51a8c9...d6e1573f
>
> src/java.base/share/classes/java/lang/StableValue.java line 339:
>
>> 337: * which would introduce security vulnerabilities.
>> 338: * <p>
>> 339: * As objects can be set via stable values but never removed, this can be a source
>
> It feels like this could probably be expanded upon -- also covering stable functions (and morphed into a new section)
I do not understand the comment. Each factory has a note on `Serializable` and now there is no general comment about security issues as per comments made earlier. Can you elaborate, please?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23972#discussion_r2004612892
More information about the core-libs-dev
mailing list