Deprecate the -Xverify:none option and its old alias -noverify. Running with these options enables execution of Java programs that violate the Java Virtual Machine Specification.
Providing users with documented options for disabling byte code verification can lead to multiple problems including running code that violates the JVM Spec, leaving their applications open to malicious code, and making it harder for them to find issues in their code.
Deprecate the -Xverify:none and -noverify options as the first step towards encouraging users to always run with the verifier enabled.
Users will now get the following message when running: 'java -Xverify:none -version':
Java HotSpot(TM) 64-Bit Server VM warning: Options -Xverify:none and -noverify were deprecated in version 13.0 and will likely be removed in a future release. ...
The user's program will run as intended because, even after deprecation, -Xverify:none will continue to disable verification. The only change is the warning message.
Deprecate the -Xverify:none and -noverify options in JDK-13 and issue the above warning message when the options are used.
- csr of
JDK-8214719 Deprecate -Xverify:none option
- relates to
JDK-8222732 -XX:BytecodeVerificationRemote and -XX:BytecodeVerificationLocal should be diagnostic options