<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<br>
<div class="moz-forward-container">The following was received on
valhalla-spec-comments.<br>
<br>
Summary: Various syntax options for no-arg constructors of "bucket
3" primitives, to enable users to pick a default value other than
zero. <br>
<br>
Analysis: The suggestion is well-intentioned, but it is built on
some significant misunderstandings of the problem we are facing.
<br>
<br>
It assumes that it is sensible to allow a non-zero default value
of a primitive to be specified by the class declaration. While it
is entirely understandable why one would want this, the problem is
not that there isn't a good syntax for it (there obviously is),
nor that running the constructor multiple times is the problem --
it is deeper than that. Numerous safety properties derive from
the fact that newly allocated objects and arrays are
bulk-initialized to zero; compromising this seems likely to lead
to exploits. <br>
<br>
<br>
<br>
<br>
-------- Forwarded Message --------
<table class="moz-email-headers-table" cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Subject:
</th>
<td>Proposal: Static/final constructors for bucket-3
primitive classes.</td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Date: </th>
<td>Fri, 3 Dec 2021 21:15:50 -0600</td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">From: </th>
<td>Clement Cherlin <a class="moz-txt-link-rfc2396E" href="mailto:clement.cherlin@gmail.com"><clement.cherlin@gmail.com></a></td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">To: </th>
<td><a class="moz-txt-link-abbreviated" href="mailto:valhalla-spec-comments@openjdk.java.net">valhalla-spec-comments@openjdk.java.net</a></td>
</tr>
</tbody>
</table>
<br>
<br>
Motivation: A concern with primitive classes (bucket 3) is that
the<br>
all-zeroes default value may be inappropriate or even invalid in
some<br>
cases. This proposal suggests a language enhancement to give
primitive<br>
class authors control over the default value of their class
without,<br>
in most cases, requiring a constructor call to create an instance.<br>
<br>
Proposed language change:<br>
Primitive classes can apply either the keyword "static" or the<br>
keyword "final", but not both, to their no-argument constructor.<br>
<br>
A "final" no-arg constructor is evaluated once, at compile time.
The<br>
constructed object is treated as a static final constant, and can
be<br>
folded as a constant, or copied verbatim whenever a default value
of<br>
that class is instantiated.<br>
<br>
A "static" no-arg constructor is evaluated once, when the class is
loaded.<br>
The<br>
constructed object is copied verbatim whenever a default value of
that<br>
class is instantiated.<br>
<br>
Justification:<br>
Presuming that non-zero default values need to exist, and we're
going<br>
to be constructing lots and lots of primitive objects and arrays
of<br>
primitive objects, it behooves us to make initialization of
default<br>
values as efficient as possible. Much of the time, there will be
no<br>
need to call a constructor / factory method, just make a copy of a<br>
pre-existing default value (perhaps lazily).<br>
<br>
Related work:<br>
For classes without sensible default values, I have another
proposal I<br>
am working on to make initializing arrays of primitive objects
possible<br>
and efficient, without resorting to the all-zeroes default.<br>
<br>
Cheers,<br>
Clement Cherlin<br>
</div>
</body>
</html>