[jmm-dev] Another way to punt OOTA
Doug Lea
dl at cs.oswego.edu
Fri Oct 31 15:05:03 UTC 2014
On 10/30/2014 11:55 AM, Brian Goetz wrote:
> But, while on the topic of security, we do have an interest in strengthening
> various integrity constraints. Specifically, the non-finality of final fields
> is a persistent irritant, and we would like to get to an initialization model
> that meets the extended use cases (e.g., dependency injection, deserialization
> of objects with final fields) while strengthening the promises of "final means
> final." (See John Rose's blog entry on larval objects for a hint about the
> direction we've got in mind.)
I still think the only path here is for the JMM per se to get
out of the final fields business, and just promise the equivalent
of a store fence on constructor exit. Then various annotations,
trusted class-loading mechanisms, etc can help establish
restrictions on writes and/or visibility.
-Doug
More information about the jmm-dev
mailing list