RFR: 8307575: Migrate the serialization constructor accessors to Method Handles
Chen Liang
liach at openjdk.org
Sat May 6 17:03:13 UTC 2023
Apparently method handle linking doesn't impose extra checks on constructor invocation, so the special logic for the serialization constructor to call superclass constructor in MagicAccessorImpl can be removed altogether with old core reflection implementation.
Serialization and sun.reflect.ReflectionFactory tests pass. May be worth to think about the long-term treatment of ReflectionFactory.newConstructorForSerialization, as creating partial object is inherently unsafe, and behavior of `newConstructorForSerialization(ArrayList.class, String.class.getDeclaredConstructor(String.class))` etc. (which is accepted for now) may have unpredictable side effects.
#1830 has a similar patch; this one doesn't touch proxies and updates to the new post-JEP 416 reflection implementation.
-------------
Commit messages:
- 8307575: Migrate the serialization constructor accessors to Method Handles
Changes: https://git.openjdk.org/jdk/pull/13853/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=13853&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8307575
Stats: 126 lines in 8 files changed: 53 ins; 40 del; 33 mod
Patch: https://git.openjdk.org/jdk/pull/13853.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/13853/head:pull/13853
PR: https://git.openjdk.org/jdk/pull/13853
More information about the security-dev
mailing list