final transient fields serialization

Tom Hawtin Thomas.Hawtin at Sun.COM
Thu Dec 3 10:57:28 UTC 2009

Peter Jones wrote:

> Regarding a language solution, though, I don't see how to avoid making a 
> [...]

`readObject` is a `psuedo-constructor`. Ideally it would be a real 
constructor (with choice of defaultReadObject/readFields similar to 
super), but that would require significant changes to the JLS.

Similar problems appear for JAXB, ORMs, etc. Dependency Inject also has 
problems with construction. Construction often involves way too much 
boilerplate. There are lots of issues here, most I have little 
experience with.

> So I think that the best hope is an improved reflective library 
> solution.  Thinking out loud: say, a factory method that looks up a 
> [...]

I guess something like

class MyClass implements Serializable {
     private final transient Thing thing;
     private static final FieldRead<Thing> THING_READER =
     private void readObject(...) ... {
         Thing thing = (Thing)in.readObject();

Gratuitous use of immediate caller. I just know people will attempt to 
take client supplied arguments. Best we can do is put a few static 
checks in javac and static analysis tools, and runtime checks into the 
serialisation mechanism.

      - must be called by static initialiser
          (dynamic and perhaps static check).
      - static analysis (inc. javac) can check field name, type and 
      - errors by unchecked exception
      - Dynamic check that called from readObject on this instance (can 
      - Dynamic check for no reassignment.
      - Dynamic check after readObject call for definite assignment.
      - Could also add static checks as well.

Tom Hawtin

More information about the core-libs-dev mailing list