1

[enter image description here][1]

[1]: https://i.stack.imgur.com/Bk99T.pngstrong text

In addition, does it matter whether the variables being part of the serialization process are instance variables or variables in conductors in methods or object variables?

Murat
  • 13
  • 2
  • Static members are [not serialized](https://stackoverflow.com/questions/6429462/java-static-serialization-rules). But otherwise: if you serialize an object, then all of its non-static fields are serialized as well, and if they refer to objects then that applies recursively. And everything has to be `Serializable` otherwise you will get an exception when you try to serialize the object. – Jesper Jul 08 '22 at 21:47
  • 1
    Also, please [post code as text, not as an image](https://meta.stackoverflow.com/questions/285551/why-should-i-not-upload-images-of-code-data-errors-when-asking-a-question). – Jesper Jul 08 '22 at 21:49
  • Also, `transient` fields are ignored during serialization. At least by default. See https://docs.oracle.com/en/java/javase/18/docs/specs/serialization/serial-arch.html#defining-serializable-fields-for-a-class – Slaw Jul 08 '22 at 21:58
  • And here's the full spec: https://docs.oracle.com/en/java/javase/18/docs/specs/serialization/index.html – Slaw Jul 08 '22 at 22:02

1 Answers1

1

Serialization with the marker interface you mentioned is a tough topic in Java. All member fields of an object will get serialized, except the ones marked with the keyword transient. Other variables like local variables or parameters to constructors or methods are not serialized.

It is easy to corrupt a Java program by deserializing malicious or corrupted data. You can customize, what will be serialized by implementing the methods private void readObject(ObjectInputStream s) and private void writeObject(ObjectOutputStream s)

As you can see, those private (!) methods are not members of the interface Serializable, so it's compiler magic that calls them for serialization. If you do not implement them, there is a default implementation.

Don't forget to specify the variable

private static final long serialVersionUID = 1L; and give it a new value for each update of your member fields - this will prevent that you deserialize data from another version of your class where the data does not suite the implementation.

In general: If you really have to use serialization, I would recommend that you read more articles on it, e.g. https://ahdak.github.io/blog/effective-java-part-11/ - it summarizes from the book "Effective Java" by Josh Bloch.

Also the Java Object Serialization Specification could be interesting for you.

cyberbrain
  • 3,433
  • 1
  • 12
  • 22