The noverify startup parameter for the JVM

Language 2023-06-11 20:58:59 views: null

When ClassLoader loads Java bytecode, the bytecode is first verified by a verifier. Validators are responsible for checking for obviously destructive operations that instructions cannot perform.

Check operations performed by the validator:

  1. Variables are initialized before use.

  2. Match between method calls and object application types.

  3. The rules for accessing private data and methods are not violated.

  4. Accesses to local variables are all on the runtime stack.

  5. The runtime stack does not overflow.

If you don't want the JVM to run this check, you can add  noverify the parameter

Issues with JDK 13+ versions

-Xverify:none Starting with JDK 13 and subsequent versions, the and parameters are deprecated  -noverify .

Otherwise, you will get the following error:

warning: Options -Xverify:none and -noverify were deprecated in JDK 13 and will likely be removed in a future release.

If you are using OpenJ9, you will get the following error.

JVMJ9VM193W Since Java 13 -Xverify:none and -noverify were deprecated for removal and may not be accepted options in the future.

The reason for the warning is: your JDK uses a version higher than 13, but you still use -noverify the running parameters.

You need to cancel the above parameter when the JVM is running.

When classes are loaded, it takes some time to verify that the classes are correct. Since classes may be loaded lazily (not on app start, but on first use), this can cause unexpected runtime delays.

In fact, classes generally don't need to be checked. The compiler will not emit any invalid bytecode or class constructs. The reason for verification is that the class may be built on a system, hosted online, and transmitted to you over the unprotected internet.

On this path, a malicious attacker could modify the bytecode and create something the compiler might never have created; something that could crash the JVM or potentially bypass security restrictions. Therefore, validate the class before using it. If this is a native application, there is usually no need to check the bytecode again.

 

Guess you like

Origin blog.csdn.net/dongjia9/article/details/130105416
Recommended
Ranking
SpringBoot-integrate redis
[Sword pointing to offer] Interview question 03: Repeated numbers in an array
Arrangement "Offer Penalty for prove safety" string
Browser prevent the automatic generation of fill and Echo have been saved account solutions
Work hard and never slacken——2022 Yinmai Information Year-End Summary
Install jdk7 on Linux system
App common dependency management tools
EduCoder-Web程序设计基础-html5— 给表单组件添加说明-第1关:label标签相关概念
Machine learning - clustering - density clustering algorithm notes
Ant's large model is exposed, AI+ finance enters the "big model" era
Daily
More
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)

Code World

© 2018 codetd.com