On Tue, 28 Oct 2025 04:03:00 GMT, Ioi Lam <[email protected]> wrote: >> The `ObjectInputStreamReadString` interface should just be merged into >> `ObjectInputStreamAccess`: >> >> SharedSecrets.setJavaObjectInputStreamAccess(new ObjectInputStreamAccess() { >> public void checkArray(ObjectInputStream ois, Class<?> arrayType, int >> arrayLength) throws ObjectStreamException { >> ois.checkArray(arrayType, arrayLength); >> } >> >> public String readString(ObjectInputStream ois) throws IOException { >> return ois.readString(); >> } >> }); > >> The ObjectInputStreamReadString interface should just be merged into >> ObjectInputStreamAccess. > > I agree. This seems better than using two separate Access interfaces with two > separate lambdas. Maybe this should be done in a separate RFE?
> Is there a particular subset of the SharedSecrets accessors that we want to > allow to be set during the assembly phase? @DanHeidinga , I updated the code to disallow any AOT-initialized accessors that are not stateless. See `CDSHeapVerifier::SharedSecretsAccessorFinder::do_field()`. This check should cover all existing use of Lambdas in setting the accessors, as well as future changes in the core lib that might add other types of states in the accessors. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/27880#discussion_r2467814022
