RFR: 8354323: Safeguard SwitchBootstraps.typeSwitch when used outside the compiler [v3]
Aggelos Biboudis
abimpoudis at openjdk.org
Tue May 13 09:56:31 UTC 2025
> While the compiler does not allow invalid queries to flow into `SwitchBootstraps:typeSwitch`, a library user could do that and `typeSwitch` does not prevent such usage pattern errors resulting in erroneous evaluation.
>
> For example this is not valid Java (and protected) by javac:
>
>
> byte b = 1;
> switch (b) {
> case String s -> System.out.println("How did we get here? byte is " + s.getClass());
> }
>
>
> but this is a valid call (and not protected):
>
>
> CallSite shortSwitch = SwitchBootstraps.typeSwitch(
> MethodHandles.lookup(),
> "",
> MethodType.methodType(int.class, short.class, int.class), // models (short, int) -> int
> String.class);
>
>
> The `SwitchBootstraps.typeSwitch` returns wrong result since the code was reasoning erroneously that this pair was unconditionally exact.
>
> This PR proposes to add the safety check in unconditional exactness which will return false in erroneous pairs and then the actual check will be delegated to `instanceof`. For the case of erroneous pairs with primitive `boolean`s there is a check in the beginning of the type switch skeleton.
Aggelos Biboudis has updated the pull request incrementally with one additional commit since the last revision:
Simplify unconditional exactness in both Types and SwitchBootstraps
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/25090/files
- new: https://git.openjdk.org/jdk/pull/25090/files/7b030bee..a7c4e398
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=25090&range=02
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=25090&range=01-02
Stats: 15 lines in 2 files changed: 0 ins; 5 del; 10 mod
Patch: https://git.openjdk.org/jdk/pull/25090.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/25090/head:pull/25090
PR: https://git.openjdk.org/jdk/pull/25090
More information about the core-libs-dev
mailing list