What is a serialVersionUID and why should I use it?
Eclipse issues warnings when a
serialVersionUID is missing.
The serializable class Foo does not declare a static final serialVersionUID field of type long
serialVersionUID and why is it important? Please show an example where missing
serialVersionUID will cause a problem.
The docs for
java.io.Serializable are probably about as good an explanation as you'll get:
The serialization runtime associates with each serializable class a version number, called a
serialVersionUID, which is used during deserialization to verify that the sender and receiver of a serialized object have loaded classes for that object that are compatible with respect to serialization. If the receiver has loaded a class for the object that has a different
serialVersionUIDthan that of the corresponding sender's class, then deserialization will result in an
InvalidClassException. A serializable class can declare its own
serialVersionUIDexplicitly by declaring a field named
serialVersionUIDthat must be static, final, and of type
ANY-ACCESS-MODIFIER static final long serialVersionUID = 42L;
If a serializable class does not explicitly declare a
serialVersionUID, then the serialization runtime will calculate a default
serialVersionUIDvalue for that class based on various aspects of the class, as described in the Java(TM) Object Serialization Specification. However, it is strongly recommended that all serializable classes explicitly declare
serialVersionUIDvalues, since the default
serialVersionUIDcomputation is highly sensitive to class details that may vary depending on compiler implementations, and can thus result in unexpected
InvalidClassExceptionsduring deserialization. Therefore, to guarantee a consistent
serialVersionUIDvalue across different java compiler implementations, a serializable class must declare an explicit
serialVersionUIDvalue. It is also strongly advised that explicit
serialVersionUIDdeclarations use the private modifier where possible, since such declarations apply only to the immediately declaring class
serialVersionUIDfields are not useful as inherited members.
Read more... Read less...
If you're serializing just because you have to serialize for the implementation's sake (who cares if you serialize for an
HTTPSession, for instance...if it's stored or not, you probably don't care about
de-serializing a form object), then you can ignore this.
If you're actually using serialization, it only matters if you plan on storing and retrieving objects using serialization directly. The
serialVersionUID represents your class version, and you should increment it if the current version of your class is not backwards compatible with its previous version.
Most of the time, you will probably not use serialization directly. If this is the case, generate a default
SerialVersionUID by clicking the quick fix option and don't worry about it.
I can't pass up this opportunity to plug Josh Bloch's book Effective Java (2nd Edition). Chapter 11 is an indispensible resource on Java serialization.
Per Josh, the automatically-generated UID is generated based on a class name, implemented interfaces, and all public and protected members. Changing any of these in any way will change the
serialVersionUID. So you don't need to mess with them only if you are certain that no more than one version of the class will ever be serialized (either across processes or retrieved from storage at a later time).
If you ignore them for now, and find later that you need to change the class in some way but maintain compatibility w/ old version of the class, you can use the JDK tool serialver to generate the
serialVersionUID on the old class, and explicitly set that on the new class. (Depending on your changes you may need to also implement custom serialization by adding
readObject methods - see
Serializable javadoc or aforementioned chapter 11.)
You can tell Eclipse to ignore these serialVersionUID warnings:
Window > Preferences > Java > Compiler > Errors / Warnings > Potential Programming Problems
In case you didn't know, there are a lot of other warnings you can enable in this section (or even have some reported as errors), many are very useful:
- Potential Programming Problems: Possible accidental boolean assignment
- Potential Programming Problems: Null pointer access
- Unnecessary code: Local variable is never read
- Unnecessary code: Redundant null check
- Unnecessary code: Unnecessary cast or 'instanceof'
and many more.
serialVersionUID facilitates versioning of serialized data. Its value is stored with the data when serializing. When de-serializing, the same version is checked to see how the serialized data matches the current code.
If you want to version your data, you normally start with a
serialVersionUID of 0, and bump it with every structural change to your class which alters the serialized data (adding or removing non-transient fields).
The built-in de-serialization mechanism (
in.defaultReadObject()) will refuse to de-serialize from old versions of the data. But if you want to you can define your own readObject()-function which can read back old data. This custom code can then check the
serialVersionUID in order to know which version the data is in and decide how to de-serialize it. This versioning technique is useful if you store serialized data which survives several versions of your code.
But storing serialized data for such a long time span is not very common. It is far more common to use the serialization mechanism to temporarily write data to for instance a cache or send it over the network to another program with the same version of the relevant parts of the codebase.
In this case you are not interested in maintaining backwards compatibility. You are only concerned with making sure that the code bases which are communicating indeed have the same versions of relevant classes. In order to facilitate such a check, you must maintain the
serialVersionUID just like before and not forget to update it when making changes to your classes.
If you do forget to update the field, you might end up with two different versions of a class with different structure but with the same
serialVersionUID. If this happens, the default mechanism (
in.defaultReadObject()) will not detect any difference, and try to de-serialize incompatible data. Now you might end up with a cryptic runtime error or silent failure (null fields). These types of errors might be hard to find.
So to help this usecase, the Java platform offers you a choice of not setting the
serialVersionUID manually. Instead, a hash of the class structure will be generated at compile-time and used as id. This mechanism will make sure that you never have different class structures with the same id, and so you will not get these hard-to-trace runtime serialization failures mentioned above.
But there is a backside to the auto-generated id strategy. Namely that the generated ids for the same class might differ between compilers (as mentioned by Jon Skeet above). So if you communicate serialized data between code compiled with different compilers, it is recommended to maintain the ids manually anyway.
And if you are backwards-compatible with your data like in the first use case mentioned, you also probably want to maintain the id yourself. This in order to get readable ids and have greater control over when and how they change.
What is a serialVersionUID and why should I use it?
SerialVersionUID is a unique identifier for each class,
JVM uses it to compare the versions of the class ensuring that the same class was used during Serialization is loaded during Deserialization.
Specifying one gives more control, though JVM does generate one if you don't specify. The value generated can differ between different compilers. Furthermore, sometimes you just want for some reason to forbid deserialization of old serialized objects [
backward incompatibility], and in this case you just have to change the serialVersionUID.
The javadocs for
the default serialVersionUID computation is highly sensitive to class details that may vary depending on compiler implementations, and can thus result in unexpected
InvalidClassExceptions during deserialization.
Therefore, you must declare serialVersionUID because it give us more control.
This article has some good points on the topic.