Re: [9] RFR 8074840: Resolve disabled warnings for libjli and libjli_static

[Kumar Srinivasan]

Hi Mikael,

Thank you so much for making these changes!.  Looks generally good.

ergo_i586.c: why ? MacOSX ?

cmdtoargs.c: URK!. :-[

Thanks
Kumar

On 3/20/2015 11:02 AM, Mikael Vidstedt wrote:


Please review the following change which fixes a number of native 
compilation warnings in files related to libjli.


Bug: https://bugs.openjdk.java.net/browse/JDK-8074840
Webrev: 
http://cr.openjdk.java.net/~mikael/webrevs/8074840/webrev.01/webrev/


I built the code across all the OracleJDK platforms and there were no 
warnings on any of the platforms (in the files related to this 
change). I'm taking suggestions on specific tests to run.


Some specifics:

Unfortunately there is no intrinsic for cpuid in Solaris Studio, so I 
had to keep the inline asm code and the corresponding flag to disable 
the related warning (E_ASM_DISABLES_OPTIMIZATION). The alternative 
would be to move it out into a dedicated assembly file, but that seems 
like more trouble than it's worth given that the warning is harmless.


I'm not entirely happy with the unsigned cast in parse_manifest.c:196, 
but unfortunately the windows prototype for read() takes an unsigned 
as its last argument, where All(tm) other platforms take a size_t. In 
this specific case 'len' will never be be more than END_MAXLEN = 
0x + ENDHDR = 0x + 22 = 0x10015, meaning it will comfortably 
fit in an unsigned on the platforms we support. But if somebody has 
suggestions I'm all ears, doing the #ifdef dance is of course also an 
option.


Note that the warnings were temporarily disabled as part of 
JDK-8074096 [1] until such time they could be fixed the proper way. 
Also note that this change supersedes the earlier change [2] Dmitry 
had out for review. The bug [3] corresponding to that webrev will be 
closed as a duplicate of this bug (JDK-8074839).


Cheers,
Mikael

[1] https://bugs.openjdk.java.net/browse/JDK-8074096
[2] http://cr.openjdk.java.net/~dsamersoff/JDK-8073175/webrev.01/
[3] https://bugs.openjdk.java.net/browse/JDK-8073175

Re: RFR 8073056: Repeating annotations throws java.security.AccessControlException with a SecurityManager

[Peter Levart]

On 03/28/2015 11:24 AM, Joel Borggrén-Franck wrote:

Hi,


On 27 Feb 2015, at 11:06, Peter Levart peter.lev...@gmail.com wrote:
On 02/27/2015 10:27 AM, Joel Borggrén-Franck wrote:

On 26 feb 2015, at 22:35, Peter Levart peter.lev...@gmail.com
  wrote:
On 02/26/2015 10:27 PM, Peter Levart wrote:


The m.setAccessible(true) for the methods is needed to access methods of 
non-public annotations, right? This call could be moved to AnnotationType 
constructor as there it will be performed only once per Method object.


...which will have the added benefit in that it will guarantee that only one 
MethodAccessor object per Method will ever be constructed instead of two…



I don’t see this. setAccessible sets override in AccessibleObject, I don’t see 
a new MethodAccessor being generated here.

My fault! I was mistakenly thinking of Field objects in the context of 
setAccessible(boolean). If you use a Field object in two modes it will create 
and retain two different FieldAccessors (because they are different 
implementations in case field is final).


But I agree with you, and setting it as accessible in the AnnotationType 
constructor should arguably be more secure since then we know it isn’t shared 
since we just got our copy fresh from getDeclaredMethods().

That's a good point from maintainability perspective, yes, if someone some time decides 
to optimize the AnnotationType. I think it would be nice if AnnotationType 
documents that members() method returns Method objects that are pre-conditioned with 
setAccessible(true) and that users should not change this flag.


I don’t want to do this in AnnotationType without a bigger overhaul that may be 
slightly incompatible and therefor should be 9 only. I do want to backport this 
fix to 8 however, so here is an alternative solution that should be safe and 
correct at the cost of extra allocation in the path for custom implementations 
of annotations (that should be rare).

New webrev:

http://cr.openjdk.java.net/~jfranck/8073056/webrev.02/

cheers
/Joel


Hi Joel,

If you really must add new methods to Method, ReflectAccess, 
LangReflectAccess and ReflectionFactory then you could expose a method 
called invokeUnchecked that would skip access checks, so you don't 
have to copy the Method object just to get a one-time access to the 
possibly inaccessible method. But this is good as it is, since the code 
path is normally not used - it's there only for consistency's sake, right?



Regards, Peter

Re: RFR 8073056: Repeating annotations throws java.security.AccessControlException with a SecurityManager

[Joel Borggrén-Franck]

 On 28 Mar 2015, at 13:42, Peter Levart peter.lev...@gmail.com wrote:
 On 03/28/2015 11:24 AM, Joel Borggrén-Franck wrote:
 Hi,
 
 
 On 27 Feb 2015, at 11:06, Peter Levart peter.lev...@gmail.com
  wrote:
 On 02/27/2015 10:27 AM, Joel Borggrén-Franck wrote:
 
 On 26 feb 2015, at 22:35, Peter Levart peter.lev...@gmail.com
 
  wrote:
 On 02/26/2015 10:27 PM, Peter Levart wrote:
 
 
 The m.setAccessible(true) for the methods is needed to access methods of 
 non-public annotations, right? This call could be moved to 
 AnnotationType constructor as there it will be performed only once per 
 Method object.
 
 
 ...which will have the added benefit in that it will guarantee that only 
 one MethodAccessor object per Method will ever be constructed instead of 
 two…
 
 
 
 I don’t see this. setAccessible sets override in AccessibleObject, I don’t 
 see a new MethodAccessor being generated here.
 
 My fault! I was mistakenly thinking of Field objects in the context of 
 setAccessible(boolean). If you use a Field object in two modes it will 
 create and retain two different FieldAccessors (because they are different 
 implementations in case field is final).
 
 
 But I agree with you, and setting it as accessible in the AnnotationType 
 constructor should arguably be more secure since then we know it isn’t 
 shared since we just got our copy fresh from getDeclaredMethods().
 
 That's a good point from maintainability perspective, yes, if someone some 
 time decides to optimize the AnnotationType. I think it would be nice if 
 AnnotationType documents that members() method returns Method objects that 
 are pre-conditioned with setAccessible(true) and that users should not 
 change this flag.
 
 
 I don’t want to do this in AnnotationType without a bigger overhaul that may 
 be slightly incompatible and therefor should be 9 only. I do want to 
 backport this fix to 8 however, so here is an alternative solution that 
 should be safe and correct at the cost of extra allocation in the path for 
 custom implementations of annotations (that should be rare).
 
 New webrev:
 
 
 http://cr.openjdk.java.net/~jfranck/8073056/webrev.02/
 
 
 cheers
 /Joel
 
 
 Hi Joel,
 
 If you really must add new methods to Method, ReflectAccess, 
 LangReflectAccess and ReflectionFactory then you could expose a method called 
 invokeUnchecked that would skip access checks, so you don't have to copy 
 the Method object just to get a one-time access to the possibly inaccessible 
 method.

IMO this would require quite a lot of investment validating all the possible 
ways it may be a security concern. I don’t think this is worth it given the 
very limited use, tough I find the idea interesting.

 But this is good as it is, since the code path is normally not used - it's 
 there only for consistency's sake, right?
 

Yes, that is my belief. I don’t know of any AnnotatedElements needing this 
except in testing, of course that isn’t to say there are none.

cheers
/Joel

Low hanging fruit in JBS for the Adoption Group Hackdays to tackle?

[Martijn Verburg]

Hi all,

We had a short discussion in Adoption Group about having its members
triaging issues in JBS to identify low-hanging fruit for new OpenJDK
developers to tackle.

Dalibor sensibly suggested that each project/group was far more familiar
with which issues would be appropriate and that we should simply list those
recommended issues in the Adoption Wiki.

So I'm starting by asking core-libs as I believe it covers the part of
OpenJDK that is most accessible to new OpenJDK developers (please correct
me if I'm wrong!).

FYI - Currently London runs a hackday 1/month and several other user groups
host more ad-hoc events.  We're looking to expand this programme globally,
but would like to firstly have a list of concrete JBS issue for people to
tackle.

Q:  Do some members of this group have some low hanging fruit issues they'd
like to nominate?

Cheers,
Martijn

Re: RFR 8073056: Repeating annotations throws java.security.AccessControlException with a SecurityManager

[Joel Borggrén-Franck]

Hi,

 On 27 Feb 2015, at 11:06, Peter Levart peter.lev...@gmail.com wrote:
 On 02/27/2015 10:27 AM, Joel Borggrén-Franck wrote:
 On 26 feb 2015, at 22:35, Peter Levart peter.lev...@gmail.com
  wrote:
 On 02/26/2015 10:27 PM, Peter Levart wrote:
 
 The m.setAccessible(true) for the methods is needed to access methods of 
 non-public annotations, right? This call could be moved to AnnotationType 
 constructor as there it will be performed only once per Method object.
 
 ...which will have the added benefit in that it will guarantee that only 
 one MethodAccessor object per Method will ever be constructed instead of 
 two…
 
 
 I don’t see this. setAccessible sets override in AccessibleObject, I don’t 
 see a new MethodAccessor being generated here.
 
 My fault! I was mistakenly thinking of Field objects in the context of 
 setAccessible(boolean). If you use a Field object in two modes it will create 
 and retain two different FieldAccessors (because they are different 
 implementations in case field is final).
 
 But I agree with you, and setting it as accessible in the AnnotationType 
 constructor should arguably be more secure since then we know it isn’t 
 shared since we just got our copy fresh from getDeclaredMethods().
 
 That's a good point from maintainability perspective, yes, if someone some 
 time decides to optimize the AnnotationType. I think it would be nice if 
 AnnotationType documents that members() method returns Method objects that 
 are pre-conditioned with setAccessible(true) and that users should not change 
 this flag.
 

I don’t want to do this in AnnotationType without a bigger overhaul that may be 
slightly incompatible and therefor should be 9 only. I do want to backport this 
fix to 8 however, so here is an alternative solution that should be safe and 
correct at the cost of extra allocation in the path for custom implementations 
of annotations (that should be rare).

New webrev:

http://cr.openjdk.java.net/~jfranck/8073056/webrev.02/

cheers
/Joel

Re: RFR: 8071571: Move substring of same string to slow path

[Remi Forax]

On 03/27/2015 10:59 PM, Martin Buchholz wrote:

[...]


OTOH, if you touch code that uses the denigrated

char foo[]

please change it to

char[] foo

This is yet another of those global changes to the entire jdk sources that
nobody ever gets around to.


on the same subject, the Java grammar allows this code to compile
  class A {
   int foo() [] {
 return null;
   }
  }

cheers,
Rémi




On Fri, Mar 27, 2015 at 2:51 PM, Lev Priima lev.pri...@oracle.com wrote:


  Updated and put some more final in other(not @Deprecated) methods:
http://cr.openjdk.java.net/~lpriima/8071571/2/

Lev

On 03/27/2015 11:50 PM, Martin Buchholz wrote:



On Fri, Mar 27, 2015 at 1:49 PM, Lev Priima lev.pri...@oracle.com wrote:


  Martin,

You mean it should be like this:
 char[] val = value;/* avoid getfield opcode */
 int end = val.length;
?



  Yes.

(although I personally like to write it like this:

  final char[] value = this.value;
  int end = value.length;

Re: RFR: 8071571: Move substring of same string to slow path

[Remi Forax]

On 03/27/2015 11:01 PM, Martin Buchholz wrote:

On Fri, Mar 27, 2015 at 2:57 PM, Roger Riggs roger.ri...@oracle.com wrote:


Hi,

@Martin: does the final have some functional reason to be present?
I see it just bulks up the source, reducing readability.  If it is useful
to improve performance then fine.


If you use the idiom
final Type foo = this.foo;
and leave out the final,
there is a risk of a maintainer assigning to foo and introducing a bug.
Maybe I should stop, since no one seems to understand it?


I really dislike this style,
If you put final on foo you should also put final
on len and on all parameters because following your idea a maintainer 
may introduce a bug.
At that point, you have clutter the whole code with final everywhere for 
a bug that happens rarely.


This kind of bugs (modifying a field that was loaded in a local 
variable) should be catch by a lint tool (or/and IDEs)

and not by asking every developers to add final (randomly).

And final on a local variable has no impact on performance because it 
doesn't appear in the generated bytecode.


Historical note: final was introduce with jdk 1.1 to make explicit that 
the semantics of capturing a local variable in an anonymous class was by 
copying the local variable value and not by capturing the variable 
itself like in Lisp (Ruby, JavaScript, etc.). Since Java 8, you don't 
need to declare local variables 'final' anymore because the compiler 
enforces that captured variables are effectively final.


The other problem of final is that while final on a local variables is 
futile, it's a very important concept on fields, and a awful lot of Java 
devs doesn't make the difference between a field and a local variable 
(both are variables right ?).
And every time a discussion about final on local variable sprung, I'm 
quite sure that we (and i) just add more confusion :(


regards,
Rémi