在 Java 中取消引用 `null` 时是否可能产生未定义的行为? [英] Is it possible to produce undefined behavior when dereferencing `null` in Java?

问题描述

我刚刚了解到在 C 和 C++ 中取消引用 null 有时会产生 未定义的结果.这对我来说非常有趣，就像所有奇怪的编程行为一样(我曾经有人告诉我，他们在合法的生产环境中调试了损坏的 RAM - 程序没有按编写的方式运行").因为我主要是一名 Java 开发人员，所以我想知道这种语言是否也可能发生这种情况?

I just learned that dereferencing null in C and C++ can sometimes produce undefined results. This is very intriguing to me, like all bizarre programming behaviors (I once had someone tell me that they debugged "corrupt RAM - program does not run as written" in a legitimate production environment). Because I'm primarily a Java developer, I was wondering if it's possible for this to happen in that language as well?

JLS 并未具体说明如何实现 null 引用 (3.10.7, 4.1、15.8.1)，所以我不太确定.但我认为通过使用 不安全 API.不幸的是，我对 JVM 的内部工作没有足够的了解，无法知道这是否可行.

The JLS is not specific on how the null reference is implemented (3.10.7, 4.1, 15.8.1), so I'm not quite sure. But I was thinking that it might be possible by directly manipulating the memory address with the Unsafe API. Unfortunately I don't have enough knowledge of the inner workings of the JVM to know whether this would be possible or not.

如果有可能，那么恶意程序也有可能这样做，这会引发一个有趣的安全问题.

If it is possible, then it would be possible for a malicious program to do so as well, which would open up an interesting security concern.

那么:Java 在取消引用 null 时是否可能有未定义的行为，而不是简单地抛出一个 NullPointerException?

So: is it possible for Java to have undefined behavior when dereferencing null, rather than simply throwing a NullPointerException?

推荐答案

在纯 Java 中，您不能从 null 获得未定义的行为(除非 JVM 中存在严重错误！).JLS 指定任何显式或隐式取消引用 null 的尝试都将导致 NullPointerException.没有允许任何与处理 null 相关的未定义行为的回旋余地.

You cannot get undefined behaviour from a nullin pure Java (unless there is a serious bug in the JVM!). The JLS specifies that any attempt to explicitly or implicitly dereference a null will result in a NullPointerException. There is no wriggle room that allows for any undefined behaviour that is related to the handling of null.

但是，如果您的应用程序包含 ... 或使用 ... native 方法，则这些方法之一可能会错误处理 null导致未定义行为的方式.您还可以使用 Unsafe 类获得未定义的行为.但是这两种情况都意味着您没有使用纯 Java.(当您脱离纯 Java时，JLS的保证不再适用！)

However, if your application includes ... or makes use of ... native methods, it is possible for one of those methods to mishandle a null in a way that results in undefined behaviour. You can also get undefined behaviour using the Unsafe class. But both of these scenarios mean you are not using pure Java. (When you step outside of pure Java, the guarantees of the JLS no longer necessarily apply!)

(可能发生不可预测的事情的一个领域是多线程.但即便如此，可能行为的集合是定义的.例如，如果你没有充分同步状态共享，你可能会在字段中看到陈旧的值.但您不会看到完全随机的值......或导致分段违规的错误地址.)

(The one area where unpredictable things can happen is in multi-threading. But even then, the set of possible behaviours is defined. For instance, if you don't synchronize state sharing adequately you may see stale values in fields. But you won't see totally random values ... or bad addresses that result in segmentation violations.)

如果可能，那么恶意程序也有可能这样做，这会引发一个有趣的安全问题.

If it is possible, then it would be possible for a malicious program to do so as well, which would open up an interesting security concern.

恶意程序几乎可以做任何事情.但是处理这个问题的正确方法是在沙箱中执行您不信任的代码(即可能是恶意代码).典型的沙箱会禁止调用 Unsafe 或加载本机库......以及恶意程序可以利用的许多其他东西.

A malicious program can do almost anything. But the correct way to deal with this is to execute code that you don't trust (i.e. possibly malicious code) in a sandbox. A typical sandbox would forbid calling Unsafe or loading a native library ... and lots of other things that a malicious program could exploit.

这篇关于在 Java 中取消引用 `null` 时是否可能产生未定义的行为?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！