[foreign-memaccess+abi] RFR: 8265751: MemoryAddress should have a scope accessor [v5]

Maurizio Cimadamore mcimadamore at openjdk.java.net
Fri Apr 23 18:03:10 UTC 2021 

On Fri, 23 Apr 2021 17:58:06 GMT, Maurizio Cimadamore <mcimadamore at openjdk.org> wrote:

>> Following the recent API changes, I think `MemoryAddress` has been left in an inconsistent state. On the one hand, we clearly want `MemoryAddress` to have a link to a `ResourceScope`; we clearly state so in the javadoc for:
>> 
>> * `CLinker::upcallStub`
>> * `MemorySegment::address`
>> 
>> (and we don't say, but we probably should in `VaList::address`).
>> 
>> This link is crucial, as it prevents scope closure, if an address is passed to a native function and the scope is implicit.
>> 
>> However, this dependency is, currently, ad-hoc, and not cleanly stated in the API.
>> 
>> This patch rectifies that; now all memory address have a scope (which can be the "global scope" for addresses obtained from native, or from `long` values).
>> 
>> There are not many changes in terms of implementation, but by putting the association between addresses and scopes front and center we can make the javadoc clearer.
>> 
>> Also, this allows us to move the scope check from `MemorySegment::address` (that has always been a bit odd) to `MemoryAddress::toRawLongAddress` - that is, closer to where the address value is actually used.
>> 
>> This allows us to, effectively, make calls to downcall method handles *safer*, since now a scope check will take place before the raw long value is extracted.
>> 
>> Note that this doesn't negatively affect performance: the check was occurring even before, albeit at a different level (closer to the user code). I've run all the downcall benchmarks we have and found no regressions.
>> 
>> I've added a test which makes sure that passing "closed" segments/addresses to native function is no longer possible.
>
> Maurizio Cimadamore has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains seven commits:
> 
>  - Merge branch 'foreign-memaccess+abi' into scoped_memory_address
>  - * tweak javadoc as per review comments
>    * add @throws ISE for MemoryAddress::asSegment
>    * add scoped operation test for MemoryAddress::asSegment
>  - Javadoc of MemoryAddress::equals is still segment-centric
>  - Merge branch 'foreign-memaccess+abi' into scoped_memory_address
>  - Fix javadoc/impl of MemoryAddress::segmentOffset
>  - Add API changes
>    Fix various javadoc issues in MemorySegment
>  - Initial push
>    * move scope check inside toRawLongValue

For the records, the latest iteration also fixes some test failures which crept in because some of the previous changes have not been merged against latest code.

-------------

PR: https://git.openjdk.java.net/panama-foreign/pull/513

More information about the panama-dev mailing list