[nestmates] JDK-8235602: Re-examine if a hidden class should trust final non static fields
Mandy Chung
mandy.chung at oracle.com
Mon Jan 27 21:08:28 UTC 2020
Deserialization is the primary use case for core reflection to allow
writing to final fields after object construction. Serializable hidden
classes are required to use its own custom serialization mechanism.
With the properties of hidden classes, "non-discoverable" and
"non-modifiable", I propose to make hidden classes final fields
not-writeable via reflection and enables frameworks and language
implementors to benefit from the final fields optimization with the use
of hidden classes. Core platform classes like lambdas will not have to
pay for the price just because a few libraries (e.g. mocking) might want
to write to final fields.
java.lang.reflect.Field::set and Lookup::unreflectSetter already
disallow the write-access to static final fields regardless of the
accessible flag. This proposes to disallow write-access to final
non-static fields declared in a hidden class.
There is no change to AccessibleObject::setAccessible that can be used
to suppress language access control check. Most frameworks use
setAccessible to break encapsulation and access a member and they should
not be impacted.
I see that this spec change sets a precedence for JDK-8233873 [1] "final
field values should be trusted constants", the general fix.
Webrev:
http://cr.openjdk.java.net/~mchung/valhalla/webrevs/8235602/webrev.01/
This patch also puts a stop in using sun.misc.Unsafe to find field
offsets of hidden class. jdk.internal.misc.Unsafe::objectFieldOffset is
used by reflection machinery that I will follow up next.
Mandy
[1] https://bugs.openjdk.java.net/browse/JDK-8233873
More information about the valhalla-dev
mailing list