Invoking overridable methods from the readObject()
method can cause the overriding method to read the state of the subclass before it is fixed. This is because the base class is deserialized first, followed by the subclass. Also see the related guidelines CON09-J. Do not invoke overridable or alien methods that rely on invariants protected by the same lock object and MET07-J. Do not invoke overridable methods on the clone under construction.
...