Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Why should Java's value-based classes not be serialized?

Since Version 8 Java has the concept of value-based classes. This is in preparation of a future version which will most likely allow the definition of value types. Both definitions/descriptions mention serialization (bold face added by me):

About the existing value-based classes:

A program may produce unpredictable results if it attempts to distinguish two references to equal values of a value-based class, whether directly via reference equality or indirectly via an appeal to synchronization, identity hashing, serialization, or any other identity-sensitive mechanism.

About future value types:

The default identity-based hash code for object, available via System.identityHashCode, also does not apply to value types. Internal operations like serialization which make identity-based distinctions of objects would either not apply to values (as they do not apply to primitives) or else they would use the value-based distinction supplied by the value type’s hashCode method.

Because future JVM implementations might not use object headers and reference pointers for value-based classes, some of the limitations are clear. (E.g. not locking on an identity which the JVM must not uphold. A reference on which is locked could be removed and replaced by another later, which makes releasing the lock pointless and will cause deadlocks).

But I don't get how serialization plays into this. Why is it considered an "identity-sensitive mechanism"? Why does it "make identity-based distinctions of objects"?

like image 856
Nicolai Parlog Avatar asked Oct 19 '14 14:10

Nicolai Parlog


People also ask

Why is serialization not good?

It is not future-proof for small changes If you mark your classes as [Serializable] , then all the private data not marked as [NonSerialized] will get dumped. You have no control over the format of this data. If you change the name of a private variable, then your code will break.

What are the disadvantages of serialization?

Since serialization does not offer any transaction control mechanisms per se, it is not suitable for use within applications needing concurrent access without making use of additional APIs.

What do you do if an object should not or does not need to be serialized?

In case the class refers to non-serializable objects and these objects should not be serialized, then, you can declare these objects as transient. Once a field of a class is declared as transient, then, it is ignored by the serializable runtime.

Why does serialization adversely affect the performance?

The main problem with Java Serialization is performance and efficiency. Java serialization is much slower than using in memory stores and tends to significantly expand the size of the object. Java Serialization also creates a lot of garbage.


2 Answers

Serialization uses System.identityHashCode (via IdentityHashMap) to ensure that the topology of the object graph resulting from deserialization is topologically equivalent to that of the input graph.

like image 78
Brian Goetz Avatar answered Dec 01 '22 00:12

Brian Goetz


Think what happens when the object graph being serialized has a cycle. The serialization algorithm would enter an endless loop in such a case—unless it has a specific mechanism to detect and resolve cycles. We all know that Java's serialization allows cyclic object graphs, therefore the mechanism is there.

Now consider the definition of a cycle: the graph contains an object which is reachable from itself. That definition refers to object's identity, which means that the mechanism must consider object identity to track cycles. On the implementation level this is achieved by maintaining an IdentityHashMap of all seen instances, and that class relies on Object.identityHashCode().

The sentence you quote explains how this issue will be resolved in a future version of Java: value types will be given special treatment such that the cycle detection will rely on their own equals and hashCode methods instead of == and identityHashCode.

like image 28
Marko Topolnik Avatar answered Nov 30 '22 22:11

Marko Topolnik