RFC (round 1), JEP draft: Low-level Object layout introspection methods

[Brian Goetz]

On 8/17/2020 11:57 AM, Andrew Dinn wrote:
>
> I completely agree with this view. I fear Brian's critique has
> apportioned blame to the wrong target. The problem here is not the
> exposure of raw addresses (also offsets, etc) that Aleksey's spec
> enables, it is the existence of a Java API that allows them to be used
> as raw addresses (etc). Take away that API (which is a task that is very
> much in hand) and it is hard to see why there is a problem with the
> exposure.

I think you have misapportioned my apportioning of blame.   It is not 
either-or; *BOTH* APIs are blameworthy.  We happen to already have the 
latter (and this sucks, and we're in the middle of a decade-long, 
expensive process of getting rid of it), but that doesn't mean "if we 
didn't have Unsafe, this would be perfectly fine."

But, if you want to re-propose this API after Unsafe and equivalent JNI 
holes have been categorically plugged, we can reevaluate this idea on 
its own without the reflected blame from other APIs, by all means.  I 
think the answer would still be "it was a bad idea when Unsafe did it, 
and it's still a bad idea", but by all means, let's run that 
experiment.  (See you in a decade!)