JPMS Access Checks, Verification and the Security Manager

Alex Buckley alex.buckley at
Tue May 23 20:01:45 UTC 2017

On 5/23/2017 7:44 AM, Volker Simonis wrote:
> So maybe I rephrase my question a little more generally:
> Is it required for the verifier to do security and/or access checks
> during the verification phase or could/should these checks be
> postponed to runtime? The issue with verification errors due to
> missing classes from Remi's previous answer is probably a corner case
> of this question.

Verification must perform class loading in order to check subtyping, but 
verification does not check access to the loaded classes. To be precise, 
verification in JVMS 4.10.1 does not appeal to class resolution (JVMS nor to access control (JVMS 5.4.4). Nor does verification in 
JVMS 4.10.1 know what the package.access file is.

What you are seeing when the Security Manager is enabled is that class 
loading fails (due to a package.access check in Hotspot) and so 
verification fails. The verifier is not performing the package.access 
check per se.


More information about the jigsaw-dev mailing list