8354221: (zipfs) Tidy initialization of jdk.nio.zipfs.ZipFileSystem

[david-beaumont]

1. Tidy ZipFileSystem initialization to make it easier to reason about the connection between multi-release JARs and the setting of the read-only flag.
2. Inlined the mutable final static field DEFAULT_PERMISSIONS, which was only used once (having a mutable static field seems like something to generally be avoided).
3. Make the defaultPermissions field non-mutable and avoid copying a Set every time it's read.

---

Progress

• Change must be properly reviewed (1 review required, with at least 1 Reviewer)
• Change must not contain extraneous whitespace
• Commit message must refer to an issue

Issue

• JDK-8354221: (zipfs) Tidy initialization of jdk.nio.zipfs.ZipFileSystem (Enhancement - P4)

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/24555/head:pull/24555
$ git checkout pull/24555

Update a local copy of the PR:
$ git checkout pull/24555
$ git pull https://git.openjdk.org/jdk.git pull/24555/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 24555

View PR using the GUI difftool:
$ git pr show -t 24555

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/24555.diff

[bridgekeeper]

👋 Welcome back david-beaumont! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

[openjdk]

❗ This change is not yet ready to be integrated.
See the Progress checklist in the description for automated requirements.

[openjdk]

@david-beaumont The following labels will be automatically applied to this pull request:

• core-libs
• nio

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing lists. If you would like to change these labels, use the /label pull request command.

[david-beaumont]

Explanatory thoughts and a couple of questions.

[david-beaumont]

Seems more sensible to start in read-only mode. There's no sign this was ever an issue, but it feels safer in general.

[david-beaumont]

Or I could just rename it to unmodifiableDefaultPosixPermissions which would let me remove 2 comments (here and where it's returned).

[liach]

I think we don't usually indicate a collection is unmodifiable in the field names - a comment suffices, and in fact, I think we promote using unmodifiable collections as the default for non-mutating data now.

[david-beaumont]

Wrap it on setting the field rather than in the helper so it's clearly done unconditionally.

[david-beaumont]

The bulk of this change is moving the (re)setting of these fields down to the end of initialization, and now doing it in the constructor itself. Even though the helper functions are not static (they could be if needed) they no longer mutate the instance.

[david-beaumont]

Inlining the default permission seems fine (used once, matches the comment 3 lines above).

[liach]

We can probably use EnumSet.allOf here - same enum set remark for the hash set usage below. The old field allows sharing the unmodified set instance, but enum set is cheap so creating should be fine.

[david-beaumont]

I should probably change the comment above a bit. Thoughts on rewording welcome.

[david-beaumont]

Or return Optional<Function<...>> perhaps. Thoughts welcome.
Comment above can probably be changed too.

[liach]

I would return a UnaryOperator<byte[]> just because the type name is shorter :)

[david-beaumont]

I'd be happy to drop the comment if I renamed the field to unmodifiableDefaultPosixPermissions.

[liach]

Hmm, PosixFileAttributes requires this returned set to be modifiable. Seems the existing implementation already violates the specification, but we might just adjust the specs to say that the returned set, if modifiable, does not affect the actual permission of the attributes.

[liach]

Hmm, PosixFileAttributes requires this returned set to be modifiable. Seems the existing implementation already violates the specification, but we might just adjust the specs to say that the returned set, if modifiable, does not affect the actual permission of the attributes.

[liach]

I would return a UnaryOperator<byte[]> just because the type name is shorter :)

[liach]

We can probably use EnumSet.allOf here - same enum set remark for the hash set usage below. The old field allows sharing the unmodified set instance, but enum set is cheap so creating should be fine.

[liach]

I think we don't usually indicate a collection is unmodifiable in the field names - a comment suffices, and in fact, I think we promote using unmodifiable collections as the default for non-mutating data now.

[liach]

This call still feels risky - this is probably a "this escape" and can cause troubles if isMultiReleaseJar uses final fields not yet initialized below.

[david-beaumont]

Thanks for pointing out the mutable permissions set thing. I guess we'll just need to make a copy to return to the user every time (or explicitly continue to violate the spec). EnumSet is super cheap, but I'll change the internal field to be an EnumSet so we don't have any risk of creating a larger data structure and then copying that every time.

As regards the "this escape" comment. How can it escape?

The code called is private and reads from the inode table with the default file mapping function (and this is still better than the existing code because it waits until everything else is set before doing the read).

[liach]

Suggested change

	return storedPermissions().orElse(defaultPermissions.clone());
	return storedPermissions().orElseGet(defaultPermissions::clone);

So we don't clone if stored permissions is present.

[david-beaumont]

doh Excellent spot, thanks!

[david-beaumont]

I pulled out the permission getting logic so I can get permissions several times.
I even think if reads a bit nicer than before tbh (less nesting and a clearer mapping in the switch statement).