字节码如何在 JVM 中得到验证?
字节码如何在 JVM 中得到验证?
How does bytecode get verified in the JVM?
推荐答案
Oracle 自己有一个关于其工作原理的小片段页面 这里.
Oracle themselves have a little snippet page on how it works here.
基本上,JRE 不信任 JDK.那是因为它不知道哪个 JDK 编译器创建了类文件.在验证之前,它将类文件视为敌对文件.
Basically, the JRE doesn't trust the JDK. That's because it has no knowledge of which JDK compiler created the class file. It treats the class file as hostile until verified.
在此基础上,字节码验证是防止 Sun 所谓的恶意编译器"的必要步骤.Sun 自己的 Java 编译器确保 Java 源代码不违反安全规则,但是,当应用程序导入代码片段时,它实际上并不知道代码片段是否遵循 Java 语言的安全规则.换句话说,代码可能不是由值得信赖的 Java 编译器生成的.
Expanding on that, the bytecode verification is a necessary step to protect from what Sun call a "hostile compiler". Sun's own Java compiler ensures that Java source code doesn't violate the safety rules but, when an application imports a code fragment, it doesn't actually know if the code fragment follows Java language rules for safety. In other words, the code may not have been produced by a trustworthy Java compiler.
在这种情况下,您机器上的 Java 运行时系统必须假定该片段是错误的,并对其进行字节码验证.
In that case, the Java run time system on your machine has to assume the fragment is bad and subjects it to bytecode verification.
Java 虚拟机在通过此验证过程之前甚至都看到字节码.在加载字节码时执行此操作还有一个优点,即无需在每次执行代码时都执行大量运行时检查.因为它已被验证为正确,所以它一旦开始运行,就可以比其他方式运行得更快.
The Java virtual machine does not even see the bytecode until it's been through this verification process. Doing this as the bytecode is loaded also has the advantage that a whole lot of run time checks don't need to be performed every time the code is executed. Because it's been verified as correct, it can, once it starts running, run faster than would otherwise be possible.
链接图的再现如下:
<<<=== Unsafe / Safe ===>>>
+---------------+ +-------------------+
| Java source | +--> | Class loader | --+
+---------------+ | | Bytecode verifier | |
| | +-------------------+ |
V | / |
+---------------+ | V
| Java compiler | Network / +-------------------+
+---------------+ | | JVM/JIT |
| | / +-------------------+
V | |
+---------------+ | / V
| Java bytecode | --+ +-------------------+
+---------------+ / | Operating system |
+-------------------+
/ |
V
/ +-------------------+
| Hardware |
/ +-------------------+
<<<=== Unsafe / Safe ===>>>
相关文章