8275338: Add JFR events for notable serialization situations #17129
+781
−0
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -52,86 +52,77 @@ final class SerializationMisdeclarationChecker { | ||
| private static final Class<?>[] WRITE_REPLACE_PARAM_TYPES = {}; | ||
| private static final Class<?>[] READ_RESOLVE_PARAM_TYPES = {}; | ||
|
|
||
| @SuppressWarnings("removal") | ||
| static void checkMisdeclarations(Class<?> cl) { | ||
| AccessController.doPrivileged((PrivilegedAction<Object>) () -> { | ||
| privilegedCheckSerialVersionUID(cl); | ||
| privilegedCheckSerialPersistentFields(cl); | ||
|
|
||
| privilegedCheckPrivateMethod(cl, WRITE_OBJECT_NAME, | ||
| WRITE_OBJECT_PARAM_TYPES, Void.TYPE); | ||
| privilegedCheckPrivateMethod(cl, READ_OBJECT_NAME, | ||
| READ_OBJECT_PARAM_TYPES, Void.TYPE); | ||
| privilegedCheckPrivateMethod(cl, READ_OBJECT_NO_DATA_NAME, | ||
| READ_OBJECT_NO_DATA_PARAM_TYPES, Void.TYPE); | ||
|
|
||
| privilegedCheckAccessibleMethod(cl, WRITE_REPLACE_NAME, | ||
| WRITE_REPLACE_PARAM_TYPES, Object.class); | ||
| privilegedCheckAccessibleMethod(cl, READ_RESOLVE_NAME, | ||
| READ_RESOLVE_PARAM_TYPES, Object.class); | ||
|
|
||
| return null; | ||
| }); | ||
| } | ||
|
|
||
| private static void privilegedCheckSerialVersionUID(Class<?> cl) { | ||
| Field f = declaredField(cl, SUID_NAME); | ||
| if (f == null) { | ||
| if (isOrdinaryClass(cl)) { | ||
| commitEvent(cl, SUID_NAME + " should be declared explicitly" + | ||
| " as a private static final long field"); | ||
| } | ||
| return; | ||
| } | ||
| if (cl.isEnum()) { | ||
| commitEvent(cl, SUID_NAME + " in an enum class is not effective"); | ||
| } | ||
| if (!isPrivate(f)) { | ||
| commitEvent(cl, SUID_NAME + " should be private"); | ||
| } | ||
| if (!isStatic(f)) { | ||
| commitEvent(cl, SUID_NAME + " must be static"); | ||
| } | ||
| if (!isFinal(f)) { | ||
| commitEvent(cl, SUID_NAME + " must be final"); | ||
| } | ||
| if (f.getType() != Long.TYPE) { | ||
| commitEvent(cl, SUID_NAME + " must be of type long"); | ||
| } | ||
| } | ||
|
|
||
| private static void privilegedCheckSerialPersistentFields(Class<?> cl) { | ||
| Field f = declaredField(cl, SERIAL_PERSISTENT_FIELDS_NAME); | ||
| if (f == null) { | ||
| return; | ||
| } | ||
| if (cl.isRecord()) { | ||
| commitEvent(cl, SERIAL_PERSISTENT_FIELDS_NAME + | ||
| " in a record class is not effective"); | ||
| } else if (cl.isEnum()) { | ||
| commitEvent(cl, SERIAL_PERSISTENT_FIELDS_NAME + | ||
| " in an enum class is not effective"); | ||
| } | ||
| if (!isPrivate(f)) { | ||
| commitEvent(cl, SERIAL_PERSISTENT_FIELDS_NAME + " must be private"); | ||
| } | ||
| if (!isStatic(f)) { | ||
| commitEvent(cl, SERIAL_PERSISTENT_FIELDS_NAME + " must be static"); | ||
| } | ||
| if (!isFinal(f)) { | ||
| commitEvent(cl, SERIAL_PERSISTENT_FIELDS_NAME + " must be final"); | ||
| } | ||
| if (f.getType() != ObjectStreamField[].class) { | ||
| commitEvent(cl, SERIAL_PERSISTENT_FIELDS_NAME + | ||
| " should be of type ObjectStreamField[]"); | ||
| } | ||
| if (!isStatic(f)) { | ||
| @@ -140,75 +131,76 @@ private void privilegedCheckSerialPersistentFields() { | ||
| f.setAccessible(true); | ||
| Object spf = objectFromStatic(f); | ||
| if (spf == null) { | ||
| commitEvent(cl, SERIAL_PERSISTENT_FIELDS_NAME + " must be non-null"); | ||
|
There was a problem hiding this comment. "must" -> "should". The serialization spec describes the behavior if the field is null. |
||
| return; | ||
| } | ||
| if (!(spf instanceof ObjectStreamField[])) { | ||
| commitEvent(cl, SERIAL_PERSISTENT_FIELDS_NAME + | ||
| " must be an instance of ObjectStreamField[]"); | ||
| } | ||
| } | ||
|
|
||
| private static void privilegedCheckPrivateMethod(Class<?> cl, | ||
| String name, Class<?>[] paramTypes, Class<?> retType) { | ||
| for (Method m : cl.getDeclaredMethods()) { | ||
| if (m.getName().equals(name)) { | ||
| privilegedCheckPrivateMethod(cl,m, paramTypes, retType); | ||
| } | ||
| } | ||
| } | ||
|
|
||
| private static void privilegedCheckPrivateMethod(Class<?> cl, | ||
| Method m, Class<?>[] paramTypes, Class<?> retType) { | ||
| if (cl.isEnum()) { | ||
| commitEvent(cl, "method " + m + " on an enum class is not effective"); | ||
| } else if (cl.isRecord()) { | ||
| commitEvent(cl, "method " + m + " on a record class is not effective"); | ||
| } | ||
| if (!isPrivate(m)) { | ||
| commitEvent(cl, "method " + m + " must be private"); | ||
| } | ||
| if (isStatic(m)) { | ||
| commitEvent(cl, "method " + m + " must be non-static"); | ||
| } | ||
|
There was a problem hiding this comment. Should there also be a check to see if this There was a problem hiding this comment. I'm not sure that a There was a problem hiding this comment. The spec is silent about methods being 'native'; it would generally be impractical to implement native methods for these purposes, but a native method can implement the behavior. There was a problem hiding this comment. @RogerRiggs The checks are agnostic about a method being There was a problem hiding this comment. Right, there's nothing to change; a method declared as native is not mis-declared. |
||
| if (m.getReturnType() != retType) { | ||
| commitEvent(cl, "method " + m + " must have return type " + retType); | ||
| } | ||
| if (!Arrays.equals(m.getParameterTypes(), paramTypes)) { | ||
| commitEvent(cl, "method " + m + " must have parameter types " + Arrays.toString(paramTypes)); | ||
| } | ||
| } | ||
|
|
||
| private static void privilegedCheckAccessibleMethod(Class<?> cl, | ||
| String name, Class<?>[] paramTypes, Class<?> retType) { | ||
| for (Class<?> superCl = cl; superCl != null; superCl = superCl.getSuperclass()) { | ||
| for (Method m : superCl.getDeclaredMethods()) { | ||
| if (m.getName().equals(name)) { | ||
| privilegedCheckAccessibleMethod(cl, superCl, m, paramTypes, retType); | ||
| } | ||
| } | ||
| } | ||
| } | ||
|
|
||
| private static void privilegedCheckAccessibleMethod(Class<?> cl, | ||
| Class<?> superCl, Method m, Class<?>[] paramTypes, Class<?> retType) { | ||
| if (superCl.isEnum()) { | ||
| commitEvent(cl, "method " + m + " on an enum class is not effective"); | ||
| } | ||
| if (isAbstract(m)) { | ||
| commitEvent(cl, "method " + m + " must be non-abstract"); | ||
| } | ||
| if (isStatic(m)) { | ||
| commitEvent(cl, "method " + m + " must be non-static"); | ||
| } | ||
| if (m.getReturnType() != retType) { | ||
| commitEvent(cl, "method " + m + " must have return type " + retType); | ||
| } | ||
| if (!Arrays.equals(m.getParameterTypes(), paramTypes)) { | ||
| commitEvent(cl, "method " + m + " must have parameter types " + Arrays.toString(paramTypes)); | ||
| } | ||
| if (isPrivate(m) && cl != superCl | ||
| || isPackageProtected(m) && !isSamePackage(cl, superCl)) { | ||
| commitEvent(cl, "method " + m + " is not accessible"); | ||
| } | ||
| } | ||
|
|
||
| @@ -217,7 +209,7 @@ private static boolean isSamePackage(Class<?> cl0, Class<?> cl1) { | ||
| && cl0.getPackageName().equals(cl1.getPackageName()); | ||
| } | ||
|
|
||
| private static boolean isOrdinaryClass(Class<?> cl) { | ||
| /* class Enum and class Record are not considered ordinary classes */ | ||
| return !(cl.isRecord() || cl.isEnum() || cl.isArray() | ||
| || Enum.class == cl || Record.class == cl | ||
| @@ -260,12 +252,8 @@ private static Object objectFromStatic(Field f) { | ||
| return null; | ||
| } | ||
|
|
||
| private static void commitEvent(Class<?> cl, String msg) { | ||
| commit(timestamp(), cl, msg); | ||
| } | ||
|
|
||
| } | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a best practice that can be included in the message? "SUID should not be declared"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, that's perhaps clearer, will do.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Typically in other places in the JDK we use
priviledgedXxxfor naming methods that are simple wrappers that callxxxfrom within adoPrivileged. The method is called privileged because it doesn't require the caller to usedoPrivileged.That is something like:
See for instance:
jdk/src/java.base/share/classes/sun/security/action/GetPropertyAction.java
Line 107 in ee98d26
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah OK, I wasn't aware of this convention.