Removes the Options around the function pointers #25
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rib
force-pushed
the
rib/pr/non-exhaustive-jni-native-interface
branch
from
4fba703
to
802ac85
Compare
rib
force-pushed
the
rib/pr/no-function-pointer-options
branch
from
13c03d9
to
5fb8742
Compare
This was referenced Jul 23, 2023
Base automatically changed from
rib/pr/non-exhaustive-jni-native-interface
to
master
August 31, 2023 19:43
None of the JNI 1.1 function pointers were optional, and neither are any of the function pointers in later versions of the spec. Having the `Option` implies that null pointer checks are required but, more notably, they also suggest that null pointer checks could be used for JNI >= 1.2 pointers, which could be a dangerous mistake since these are effectively extending beyond the table of pointers that was defined for JNI 1.1 and should be assumed to be invalid pointers that mustn't be touched. It's also notable that we sometimes have to call `GetVersion` to determine the full set of pointers that are valid. Recently the use of `Option` also raised some questions about our ability to, infallibly, handle Rust panics when we want to map a panic to a Java exception via JNI: jni-rs/jni-rs#432 (comment)
rib
force-pushed
the
rib/pr/no-function-pointer-options
branch
from
5fb8742
to
8139e9f
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
None of the JNI 1.1 function pointers were optional, and neither are any of the function pointers in later versions of the spec.
Having the
Optionimplies that null pointer checks are required but, more notably, they also suggest that null pointer checks could be used for JNI >= 1.2 pointers, which could be a dangerous mistake since these are effectively extending beyond the table of pointers that was defined for JNI 1.1 and should be assumed to be invalid pointers that mustn't be touched.It's also notable that we sometimes have to call
GetVersionto determine the full set of pointers that are valid.Recently the use of
Optionalso raised some questions about our ability to, infallibly, handle Rust panics when we want to map a panic to a Java exception via JNI:jni-rs/jni-rs#432 (comment)
--
For now I've just created this as a draft PR since I also think it could be worth considering changing
JNINativeInterface_into a union that would look something like:So then it becomes clearer that you need to access the function pointers according to the known version and in doing so you gain some safety because Rust can stop you from trying to call a JNI 1.2 method while dereferencing the
.1_1functions.The
.1_1table would also include the padding for the reservednullfunctions in the middle of the table but can rename them so it would be harder to accidentally dereference them.