On Tue, 24 Sep 2024 19:40:23 GMT, David M. Lloyd <d...@openjdk.org> wrote:
>> Issue [JDK-8164908](https://bugs.openjdk.org/browse/JDK-8164908) added >> support for functionality required to continue to support IIOP and custom >> serializers in light of additional module-based restrictions on reflection. >> It was expected that these libraries would use `sun.misc.Unsafe` in order to >> access fields of serializable classes. However, with JEP 471, the methods >> necessary to do this are being removed. >> >> To allow these libraries to continue to function, it is proposed to add two >> methods to `sun.reflect.ReflectionFactory` which will allow serialization >> libraries to acquire a method handle to generated `readObject`/`writeObject` >> methods which set or get the fields of the serializable class using the >> serialization `GetField`/`PutField` mechanism. These generated methods >> should be used by serialization libraries to serialize and deserialize >> classes which do not have a `readObject`/`writeObject` method or which use >> `ObjectInputStream.defaultReadObject`/`ObjectOutputStream.defaultWriteObject` >> to supplement default serialization. >> >> It is also proposed to add methods which allow for the reading of >> serialization-specific private static final fields from classes which have >> them. >> >> With the addition of these methods, serialization libraries no longer need >> to rely on `Unsafe` for serialization/deserialization activities. >> cc: @AlanBateman > > David M. Lloyd has updated the pull request incrementally with one additional > commit since the last revision: > > Test fixes and finish renaming The updated comments help explain better what's being implemented. src/java.base/share/classes/java/io/ObjectStreamReflection.java line 75: > 73: * @param ois the object stream (must not be {@code null}) > 74: * @throws IOException if the call to {@link > ObjectInputStream#readFields} or one of its field accessors throws this > exception type > 75: * @throws ClassNotFoundException if the call to {@link > ObjectInputStream#readFields} or one of its field accessors throws this > exception type Please wrap lines longer than 100-120 chars. src/java.base/share/classes/java/io/ObjectStreamReflection.java line 171: > 169: } > 170: return streamClass; > 171: } Possibly move common setup into the helper function: Suggestion: public MethodHandle defaultReadObject(Class<?> clazz) { return handleForClass(DRO_HANDLE, clazz, ObjectInputStream.class); } public MethodHandle defaultWriteObject(Class<?> clazz) { return handleForClass(DWO_HANDLE, clazz, ObjectOutputStream.class); } private static MethodHandle handleForClass(MethodHandle handle, final Class<?> clazz, Class<?> ioClass) { ObjectStreamClass streamClass = ObjectStreamClass.lookup(clazz); if (streamClass != null) { try { streamClass.checkDefaultSerialize(); return handle.bindTo(streamClass) .asType(MethodType.methodType(void.class, clazz, ioClass)); } catch (InvalidClassException e) { // ignore and return null } } return null; } ------------- PR Review: https://git.openjdk.org/jdk/pull/19702#pullrequestreview-2322681630 PR Review Comment: https://git.openjdk.org/jdk/pull/19702#discussion_r1774053044 PR Review Comment: https://git.openjdk.org/jdk/pull/19702#discussion_r1774061651
