'. '


From APIDesign

Jump to: navigation, search

Fifth year has passed since I joined OracleLabs and it is time to look back and summarize.


Designing for Security

This item has already appeared in last year's report, but it is important to remind it again in the light of new consequences. In summer 2019 Oracle ethical hacker team decided to attack GraalVM. They succeeded and managed to escape the Truffle framework scripting sandbox. However they were testing an older GraalVM release candidate and meanwhile I was working on secure scripting API which made it into the first customer release of GraalVM. It turned out that the attack vector was fully eliminated by my secure fixes!

Being a good architect is an InvisibleJob, but when you predict future problems, address them and then a hacking attack proves you were right, then you deserve to be called an architect!


HotSpot based PGO profiles gathering has made it into GraalVM 19.2. To conclude my previous year's work on profile guided optimizations I published my first Medium post about AOT and PGO. Then it was time to pass the system on to do some machine learning and artificial intelligence research on top of it. With a few bugfixes everything seems to be working.

Helidon MP 2.0 supports GraalVM NativeImage

Helidon is a microservices framework developed four meters away from me (my seat in Oracle Prague office). As such I felt as the natural fit for solving complex tasks that require understanding of both sides - the JavaEE landscape as well as the GraalVM internals.

Helidon MP implements the MicroProfile specification based on various other standard JavaEE subspecifications including CDI. Getting Weld (the reference CDI specification) running on top of NativeImage is particularly tricky. Not only Weld dynamically scans for various annotations, but it also dynamically emits bytecode for its helper classes during runtime. Solving this required more insight into JavaEE than available among compiler engineers - not that I had it initially, but the close co-operation with Tomáš Langer (the Helidon lead engineer) helped us move forward. Tomáš prepared various trivial CDI sample projects and I was then able to get them running on NativeImage by writing a dedicated WeldFeature. Once the initial road block was gone the Helidon team was able to move forward on their own and get their enhanced Weld running on top of NativeImage.

Helidon 2.0 was released on June 24, 2020. It's MicroProfile edition (including compatible CDI implementation) works with NativeImage.

Graal.js & Maven & IGV

Published archetypes and wizard.

Nashorn removed - using it in NetBeans more. Online BIGV Analyzer. GraalVM downhill edition, interested?

IGV as best debugger for compiler developers: Graal Compiler Visualizer: reported JIRA issues for the enhancements

Defending API design: https://issues.apache.org/jira/browse/NETBEANS-4222

Designing APIs at full speed

heap language, intern, and everything, gradle support, language neutral way to represent iterator - e.g. virtual growing array

GraalVM Insight

tooling on steroids, speed of EE vs. CE. Improving Espresso.

Personal tools