On Wed, 6 Sep 2023 22:05:47 GMT, Chen Liang <li...@openjdk.org> wrote:
>> This reimplements
>> `sun.reflect.ReflectionFactory::newConstructorForSerialization` with method
>> handles.
>>
>> This API currently generates the bytecode which fails the verification
>> because `new C; invokespecial A()` where the given class `C` and invoke a
>> no-arg constructor of `C`'s first non-`Serializable` superclass `A` is not a
>> valid operation per the VM specification. VM special cases the classes
>> generated for reflection to skip verification for the constructors generated
>> for serialization and externalization. This change will allow such VM hack
>> to be removed.
>>
>> A `jdk.reflect.useOldSerializableConstructor` system property can be set to
>> use the old implementation in case if customers run into any compatibility
>> issue. I expect this change has very low compatibility risk. This system
>> property is undocumented and will be removed in a future release.
>
> src/java.base/share/classes/jdk/internal/reflect/MethodHandleAccessorFactory.java
> line 127:
>
>> 125: static ConstructorAccessorImpl
>> newSerializableConstructorAccessor(Class<?> decl, Constructor<?> ctor) {
>> 126: if (!constructorInSuperclass(decl, ctor)) {
>> 127: throw new UnsupportedOperationException(ctor + " not a
>> superclass of " + decl.getName());
>
> Notice in JShell 20, you could do this:
>
> jshell> import sun.reflect.ReflectionFactory;
> jshell> var rf = ReflectionFactory.getReflectionFactory()
> jshell> var c = rf.newConstructorForSerialization(String.class,
> Boolean.class.getConstructor(boolean.class))
> jshell> String d = (String) c.newInstance(false)
> jshell> d.length()
>
> which ends up in an NPE for `d.value` is null. This UOE is technically a new
> behavior that should be mentioned in the CSR.
good catch. will update the CSR.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/15600#discussion_r1317900597
