JPMS Access Checks, Verification and the Security Manager

Volker Simonis volker.simonis at
Wed May 24 07:13:40 UTC 2017

On Tue, May 23, 2017 at 10:01 PM, Alex Buckley <alex.buckley at> wrote:
> On 5/23/2017 7:44 AM, Volker Simonis wrote:
>> So maybe I rephrase my question a little more generally:
>> Is it required for the verifier to do security and/or access checks
>> during the verification phase or could/should these checks be
>> postponed to runtime? The issue with verification errors due to
>> missing classes from Remi's previous answer is probably a corner case
>> of this question.
> Verification must perform class loading in order to check subtyping, but
> verification does not check access to the loaded classes. To be precise,
> verification in JVMS 4.10.1 does not appeal to class resolution (JVMS
> nor to access control (JVMS 5.4.4). Nor does verification in JVMS
> 4.10.1 know what the package.access file is.
> What you are seeing when the Security Manager is enabled is that class
> loading fails (due to a package.access check in Hotspot) and so verification
> fails. The verifier is not performing the package.access check per se.

OK, so from what you say I understand that the verification errors I
see with the Security Manager enabled are an implementation detail of
HotSpot (because verification uses the same class loading mechanism
like the runtime) which is not required but still acceptable under the
JVMS. Is that correct?


> Alex

More information about the jigsaw-dev mailing list