在一次采访中,有人问我为什么String是不可变的
我是这样回答的:
当我们在java中创建一个字符串,如string s1="hello";然后一个 对象将在字符串池(hello)中创建,s1将 指着你好。现在如果我们再次执行String s2="hello";然后 不会创建另一个对象,但s2将指向hello 因为JVM将首先检查相同的对象是否在 是否为字符串池。如果不存在,则只创建一个新的,否则不存在。
现在如果假设java允许字符串可变,那么如果我们将s1改为hello world,那么s2值也将是hello world,所以java字符串是不可变的。
谁能告诉我我的答案是对的还是错的?
当前回答
你说得对。java中的字符串使用字符串池字面量的概念。创建字符串时,如果该字符串已经存在于池中,则将返回现有字符串的引用,而不是创建一个新对象并返回其引用。如果字符串不是不可变的,用一个引用更改字符串将导致其他引用得到错误的值。
我还要补充一点,因为String是不可变的,所以对于多线程来说是安全的,单个String实例可以在不同的线程之间共享。这避免了线程安全同步的使用,字符串是隐式线程安全的。
其他回答
恕我直言,这是最重要的原因:
字符串在Java中是不可变的,因为字符串对象缓存在 字符串池。由于缓存的字符串字面值在多个字符串之间共享 客户那里总有风险,一个客户的行动就会影响到 都是另一个客户。
参考:为什么字符串是不可变或最终在Java
由于以下方面的设计、效率和安全性,Java开发人员决定字符串是不可变的。
Design Strings are created in a special memory area in java heap known as "String Intern pool". While you creating new String (Not in the case of using String() constructor or any other String functions which internally use the String() constructor for creating a new String object; String() constructor always create new string constant in the pool unless we call the method intern()) variable it searches the pool to check whether is it already exist. If it is exist, then return reference of the existing String object. If the String is not immutable, changing the String with one reference will lead to the wrong value for the other references.
根据DZone上的这篇文章:
Security String is widely used as parameter for many java classes, e.g. network connection, opening files, etc. Were String not immutable, a connection or file would be changed and lead to serious security threat. Mutable strings could cause security problem in Reflection too, as the parameters are strings. Efficiency The hashcode of string is frequently used in Java. For example, in a HashMap. Being immutable guarantees that hashcode will always the same, so that it can be cached without worrying the changes.That means, there is no need to calculate hashcode every time it is used.
在Java中使字符串不可变的最重要的原因是安全考虑。下一个是缓存。
我相信这里给出的其他原因,比如效率、并发性、设计和字符串池,都源于字符串不可变的事实。如。可以创建字符串池,因为字符串是不可变的,而不是相反。
点击这里查看高斯林的采访记录
From a strategic point of view, they tend to more often be trouble free. And there are usually things you can do with immutables that you can't do with mutable things, such as cache the result. If you pass a string to a file open method, or if you pass a string to a constructor for a label in a user interface, in some APIs (like in lots of the Windows APIs) you pass in an array of characters. The receiver of that object really has to copy it, because they don't know anything about the storage lifetime of it. And they don't know what's happening to the object, whether it is being changed under their feet. You end up getting almost forced to replicate the object because you don't know whether or not you get to own it. And one of the nice things about immutable objects is that the answer is, "Yeah, of course you do." Because the question of ownership, who has the right to change it, doesn't exist. One of the things that forced Strings to be immutable was security. You have a file open method. You pass a String to it. And then it's doing all kind of authentication checks before it gets around to doing the OS call. If you manage to do something that effectively mutated the String, after the security check and before the OS call, then boom, you're in. But Strings are immutable, so that kind of attack doesn't work. That precise example is what really demanded that Strings be immutable
从安全的角度来看,我们可以使用这个实际的例子:
DBCursor makeConnection(String IP,String PORT,String USER,String PASS,String TABLE) {
// if strings were mutable IP,PORT,USER,PASS can be changed by validate function
Boolean validated = validate(IP,PORT,USER,PASS);
// here we are not sure if IP, PORT, USER, PASS changed or not ??
if (validated) {
DBConnection conn = doConnection(IP,PORT,USER,PASS);
}
// rest of the code goes here ....
}
字符串是不可变的有几个原因,这里是一个总结:
Security: parameters are typically represented as String in network connections, database connection urls, usernames/passwords etc. If it were mutable, these parameters could be easily changed. Synchronization and concurrency: making String immutable automatically makes them thread safe thereby solving the synchronization issues. Caching: when compiler optimizes your String objects, it sees that if two objects have same value (a="test", and b="test") and thus you need only one string object (for both a and b, these two will point to the same object). Class loading: String is used as arguments for class loading. If mutable, it could result in wrong class being loaded (because mutable objects change their state).
也就是说,String的不可变性只是意味着你不能使用它的公共API改变它。实际上,您可以使用反射绕过常规API。在这里看到答案。
在你的例子中,如果String是可变的,那么考虑下面的例子:
String a="stack";
System.out.println(a);//prints stack
a.setValue("overflow");
System.out.println(a);//if mutable it would print overflow
