The verification algorithm is one of the most distinctive features of the Java virtual machine. Its purpose is to ensure that class files that are loaded into the machine follow certain rules. These rules guarantee that programs cannot gain access to fields and methods they are not allowed to access and that they can't otherwise trick the JVM into doing unsafe things.
The verification algorithm is applied to every class as it is loaded into the system, before instances are created or static properties used. This allows the JVM implementation to assume that the class has certain safety properties, which permit the implementation to make optimizations based on that assumption.
The verification algorithm makes it possible to safely download Java applets from the Internet. In a web browser, a class called the SecurityManager ensures that some JVM capabilities are available only to authorized programs, and the verification algorithm makes sure that the programs don't do anything that would enable them to circumvent the SecurityManager. We discuss the SecurityManager in more detail in chapter 15.
If you're writing in Java, a well-behaved Java compiler will generate only JVM classes that follow the rules. As a JVM programmer, you have the ability to bypass the restrictions of the Java language, which lets you write programs that are potentially dangerous. The verification algorithm ensures that even though you haven't had to pass your programs through a Java compiler, your programs still follow the rules.
The description of the verification algorithm in this chapter is not complete, but it does cover many of the most important points. For a complete list of the rules, read The Java Virtual Machine Specification. As you read this chapter, think to yourself of possible ways a program could try to do something unsafe, then prove to yourself using the requirements that the program can't pass the verification algorithm.