RFR: 8368199: Add @AOTSafeClassInitializer to jdk.internal.access.SharedSecrets [v2]

[Ioi Lam]

On Tue, 28 Oct 2025 04:03:00 GMT, Ioi Lam <iklam at openjdk.org> wrote:

>> The `ObjectInputStreamReadString` interface should just be merged into `ObjectInputStreamAccess`:
>> 
>> SharedSecrets.setJavaObjectInputStreamAccess(new ObjectInputStreamAccess() {
>> 	public void checkArray(ObjectInputStream ois, Class<?> arrayType, int arrayLength) throws ObjectStreamException {
>> 		ois.checkArray(arrayType, arrayLength);
>> 	}
>> 
>> 	public String readString(ObjectInputStream ois) throws IOException {
>> 		return ois.readString();
>> 	}
>> });
>
>> The ObjectInputStreamReadString interface should just be merged into ObjectInputStreamAccess.
> 
> I agree. This seems better than using two separate Access interfaces with two separate lambdas. Maybe this should be done in a separate RFE?

> Is there a particular subset of the SharedSecrets accessors that we want to allow to be set during the assembly phase?

@DanHeidinga , I updated the code to disallow any AOT-initialized accessors that are not stateless. See `CDSHeapVerifier::SharedSecretsAccessorFinder::do_field()`. This check should cover all existing use of Lambdas in setting the accessors, as well as future changes in the core lib that might add other types of states in the accessors.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/27880#discussion_r2467814022