Pinning of on-heap MemorySegment
Maurizio Cimadamore
maurizio.cimadamore at oracle.com
Mon Aug 28 14:44:14 UTC 2023
On 28/08/2023 15:37, Gavin Ray wrote:
> Where this feels like it could potentially be an issue is when
> consumers interact with a library/API that utilizes something like
> pinning under the hood.
> Even if the user is aware of this, it seems like one thing that may
> make sense is to make the ability to indefinitely pin segments gated
> by a flag.
>
> That way the user has to knowingly opt-in to the potential of things
> going awry?
Note that this is exactly what happens with FFM API's restricted
methods. Some methods in the API are marked this way - e.g.
MemorySegment::reinterpret, or Linker::downcallHandle.
This means that these methods are part of the Java SE API, but, if you
call them you will get a warning.
To get rid of the warning, you have to explicitly opt-in the calling
module into native access (which is done using the
--enable-native-access command line flag).
In the future we plan to apply similar restrictions on JNI as well [1]
and also, at some point, to turn warnings into errors.
All this to say that, *if* MemorySegment::pin is a restricted method,
then I think the opt-in you talk about would already be in place.
[1] - https://mail.openjdk.org/pipermail/jdk-dev/2023-August/008061.html
More information about the panama-dev
mailing list