Hi Martijn, > Am 09.08.2016 um 00:15 schrieb Martijn Verburg <martijnverb...@gmail.com>: > Love the overall idea. A few thoughts (feel free to ignore as I'm by no > means an expert in the VM).
thank you. As this JEP spans the VM and the libraries, with a definitely client-facing part in MethodHandles.Lookup, user questions are important. :-) > * Is there a risk that Gargantuan can expand to infinite size? There is, as much as there is a risk that infinitely many classes are loaded dynamically (e.g., via Unsafe.defineAnonymousClass()). Collecting IMs (and the constants they introduce) is not out of the question, though. Once the method handle representing an IM can be collected, the IM itself can be, too; and its constants can unless they are shared. > * I'm really nervous about the security implications of being able to load an > arbitrary byte[] that can be executed as a method. I'm hoping that the use of > the internal Unsafe + Jigsaw's module boundaries makes this secure. Lots of > really, really smart people have looked at the security implications of this, > right? :-) Does Unsafe.defineAnonymousClass() worry you? It allows just this: loading some byte[] that can be executed as a method - albeit with the added complexity of it being wrapped in a complete class file. The choice of MethodHandles.Lookup as the place for loadCode() is deliberate. A Lookup instance defines a context for visibility and access to other elements, and the instructions in the byte[] array will be subject to the scrutiny imposed by the Lookup instance at hand. People smarter than me will say more about the security implications. This is a JEP draft. There is no implementation yet, not even a prototype, and there is a lot to be learned along the way. > * Gargantuan - Appreciate it's a placeholder but I can't say I like the name, > it doesn't tell me what it does on the tin. It's a literary reference that's supposed to imply "large" [1] - could've used "Gulliver" but he's one of us. ;-) Best, Michael [1] https://en.wikipedia.org/wiki/Gargantua_and_Pantagruel -- <http://www.oracle.com/> Dr. Michael Haupt | Principal Member of Technical Staff Phone: +49 331 200 7277 | Fax: +49 331 200 7561 Oracle Java Platform Group | LangTools Team | Nashorn Oracle Deutschland B.V. & Co. KG | Schiffbauergasse 14 | 14467 Potsdam, Germany ORACLE Deutschland B.V. & Co. KG | Hauptverwaltung: Riesstraße 25, D-80992 München Registergericht: Amtsgericht München, HRA 95603 Komplementärin: ORACLE Deutschland Verwaltung B.V. | Hertogswetering 163/167, 3543 AS Utrecht, Niederlande Handelsregister der Handelskammer Midden-Nederland, Nr. 30143697 Geschäftsführer: Alexander van der Ven, Jan Schultheiss, Val Maher <http://www.oracle.com/commitment> Oracle is committed to developing practices and products that help protect the environment
_______________________________________________ mlvm-dev mailing list mlvm-dev@openjdk.java.net http://mail.openjdk.java.net/mailman/listinfo/mlvm-dev
