verifier.cpp revision 9248:6ab7e19c9220
1285242Sachim/* 2285242Sachim * Copyright (c) 1998, 2015, Oracle and/or its affiliates. All rights reserved. 3285242Sachim * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4285242Sachim * 5285242Sachim * This code is free software; you can redistribute it and/or modify it 6285242Sachim * under the terms of the GNU General Public License version 2 only, as 7285242Sachim * published by the Free Software Foundation. 8285242Sachim * 9285242Sachim * This code is distributed in the hope that it will be useful, but WITHOUT 10285242Sachim * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11285242Sachim * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12285242Sachim * version 2 for more details (a copy is included in the LICENSE file that 13285242Sachim * accompanied this code). 14285242Sachim * 15285242Sachim * You should have received a copy of the GNU General Public License version 16285242Sachim * 2 along with this work; if not, write to the Free Software Foundation, 17285242Sachim * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18285242Sachim * 19285242Sachim * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20285242Sachim * or visit www.oracle.com if you need additional information or have any 21285242Sachim * questions. 22285242Sachim * 23285242Sachim */ 24285242Sachim 25285242Sachim#include "precompiled.hpp" 26285242Sachim#include "classfile/classFileStream.hpp" 27285242Sachim#include "classfile/javaClasses.hpp" 28285242Sachim#include "classfile/stackMapTable.hpp" 29285242Sachim#include "classfile/stackMapFrame.hpp" 30285242Sachim#include "classfile/stackMapTableFormat.hpp" 31285242Sachim#include "classfile/systemDictionary.hpp" 32285242Sachim#include "classfile/verifier.hpp" 33285242Sachim#include "classfile/vmSymbols.hpp" 34285242Sachim#include "interpreter/bytecodes.hpp" 35285242Sachim#include "interpreter/bytecodeStream.hpp" 36285242Sachim#include "memory/oopFactory.hpp" 37285242Sachim#include "memory/resourceArea.hpp" 38285242Sachim#include "oops/instanceKlass.hpp" 39285242Sachim#include "oops/oop.inline.hpp" 40285242Sachim#include "oops/typeArrayOop.hpp" 41285242Sachim#include "prims/jvm.h" 42285242Sachim#include "runtime/fieldDescriptor.hpp" 43285242Sachim#include "runtime/handles.inline.hpp" 44285242Sachim#include "runtime/interfaceSupport.hpp" 45285242Sachim#include "runtime/javaCalls.hpp" 46285242Sachim#include "runtime/orderAccess.inline.hpp" 47285242Sachim#include "runtime/os.hpp" 48285242Sachim#include "runtime/thread.hpp" 49285242Sachim#include "services/threadService.hpp" 50285242Sachim#include "utilities/bytes.hpp" 51285242Sachim 52285242Sachim#define NOFAILOVER_MAJOR_VERSION 51 53285242Sachim#define NONZERO_PADDING_BYTES_IN_SWITCH_MAJOR_VERSION 51 54285242Sachim#define STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION 52 55285242Sachim 56285242Sachim// Access to external entry for VerifyClassCodes - old byte code verifier 57285242Sachim 58285242Sachimextern "C" { 59285242Sachim typedef jboolean (*verify_byte_codes_fn_t)(JNIEnv *, jclass, char *, jint); 60285242Sachim typedef jboolean (*verify_byte_codes_fn_new_t)(JNIEnv *, jclass, char *, jint, jint); 61285242Sachim} 62285242Sachim 63285242Sachimstatic void* volatile _verify_byte_codes_fn = NULL; 64285242Sachim 65285242Sachimstatic volatile jint _is_new_verify_byte_codes_fn = (jint) true; 66285242Sachim 67285242Sachimstatic void* verify_byte_codes_fn() { 68285242Sachim if (_verify_byte_codes_fn == NULL) { 69285242Sachim void *lib_handle = os::native_java_library(); 70285242Sachim void *func = os::dll_lookup(lib_handle, "VerifyClassCodesForMajorVersion"); 71285242Sachim OrderAccess::release_store_ptr(&_verify_byte_codes_fn, func); 72285242Sachim if (func == NULL) { 73285242Sachim OrderAccess::release_store(&_is_new_verify_byte_codes_fn, false); 74285242Sachim func = os::dll_lookup(lib_handle, "VerifyClassCodes"); 75285242Sachim OrderAccess::release_store_ptr(&_verify_byte_codes_fn, func); 76285242Sachim } 77285242Sachim } 78285242Sachim return (void*)_verify_byte_codes_fn; 79285242Sachim} 80285242Sachim 81285242Sachim 82285242Sachim// Methods in Verifier 83285242Sachim 84285242Sachimbool Verifier::should_verify_for(oop class_loader, bool should_verify_class) { 85285242Sachim return (class_loader == NULL || !should_verify_class) ? 86285242Sachim BytecodeVerificationLocal : BytecodeVerificationRemote; 87285242Sachim} 88285242Sachim 89285242Sachimbool Verifier::relax_verify_for(oop loader) { 90285242Sachim bool trusted = java_lang_ClassLoader::is_trusted_loader(loader); 91285242Sachim bool need_verify = 92285242Sachim // verifyAll 93285242Sachim (BytecodeVerificationLocal && BytecodeVerificationRemote) || 94285242Sachim // verifyRemote 95285242Sachim (!BytecodeVerificationLocal && BytecodeVerificationRemote && !trusted); 96285242Sachim return !need_verify; 97285242Sachim} 98285242Sachim 99285242Sachimvoid Verifier::trace_class_resolution(Klass* resolve_class, InstanceKlass* verify_class) { 100285242Sachim assert(verify_class != NULL, "Unexpected null verify_class"); 101285242Sachim ResourceMark rm; 102285242Sachim Symbol* s = verify_class->source_file_name(); 103285242Sachim const char* source_file = (s != NULL ? s->as_C_string() : NULL); 104285242Sachim const char* verify = verify_class->external_name(); 105285242Sachim const char* resolve = resolve_class->external_name(); 106285242Sachim // print in a single call to reduce interleaving between threads 107285242Sachim if (source_file != NULL) { 108285242Sachim tty->print("RESOLVE %s %s %s (verification)\n", verify, resolve, source_file); 109285242Sachim } else { 110285242Sachim tty->print("RESOLVE %s %s (verification)\n", verify, resolve); 111285242Sachim } 112285242Sachim} 113285242Sachim 114285242Sachimbool Verifier::verify(instanceKlassHandle klass, Verifier::Mode mode, bool should_verify_class, TRAPS) { 115285242Sachim HandleMark hm; 116285242Sachim ResourceMark rm(THREAD); 117285242Sachim 118285242Sachim // Eagerly allocate the identity hash code for a klass. This is a fallout 119285242Sachim // from 6320749 and 8059924: hash code generator is not supposed to be called 120285242Sachim // during the safepoint, but it allows to sneak the hashcode in during 121285242Sachim // verification. Without this eager hashcode generation, we may end up 122285242Sachim // installing the hashcode during some other operation, which may be at 123285242Sachim // safepoint -- blowing up the checks. It was previously done as the side 124285242Sachim // effect (sic!) for external_name(), but instead of doing that, we opt to 125285242Sachim // explicitly push the hashcode in here. This is signify the following block 126285242Sachim // is IMPORTANT: 127285242Sachim if (klass->java_mirror() != NULL) { 128285242Sachim klass->java_mirror()->identity_hash(); 129285242Sachim } 130285242Sachim 131285242Sachim if (!is_eligible_for_verification(klass, should_verify_class)) { 132285242Sachim return true; 133285242Sachim } 134285242Sachim 135285242Sachim // Timer includes any side effects of class verification (resolution, 136285242Sachim // etc), but not recursive calls to Verifier::verify(). 137285242Sachim JavaThread* jt = (JavaThread*)THREAD; 138285242Sachim PerfClassTraceTime timer(ClassLoader::perf_class_verify_time(), 139285242Sachim ClassLoader::perf_class_verify_selftime(), 140285242Sachim ClassLoader::perf_classes_verified(), 141285242Sachim jt->get_thread_stat()->perf_recursion_counts_addr(), 142285242Sachim jt->get_thread_stat()->perf_timers_addr(), 143285242Sachim PerfClassTraceTime::CLASS_VERIFY); 144285242Sachim 145285242Sachim // If the class should be verified, first see if we can use the split 146285242Sachim // verifier. If not, or if verification fails and FailOverToOldVerifier 147285242Sachim // is set, then call the inference verifier. 148285242Sachim 149285242Sachim Symbol* exception_name = NULL; 150285242Sachim const size_t message_buffer_len = klass->name()->utf8_length() + 1024; 151285242Sachim char* message_buffer = NEW_RESOURCE_ARRAY(char, message_buffer_len); 152285242Sachim char* exception_message = message_buffer; 153285242Sachim 154285242Sachim const char* klassName = klass->external_name(); 155285242Sachim bool can_failover = FailOverToOldVerifier && 156285242Sachim klass->major_version() < NOFAILOVER_MAJOR_VERSION; 157285242Sachim 158285242Sachim if (TraceClassInitialization) { 159285242Sachim tty->print_cr("Start class verification for: %s", klassName); 160285242Sachim } 161285242Sachim if (klass->major_version() >= STACKMAP_ATTRIBUTE_MAJOR_VERSION) { 162285242Sachim ClassVerifier split_verifier(klass, THREAD); 163285242Sachim split_verifier.verify_class(THREAD); 164285242Sachim exception_name = split_verifier.result(); 165285242Sachim if (can_failover && !HAS_PENDING_EXCEPTION && 166285242Sachim (exception_name == vmSymbols::java_lang_VerifyError() || 167285242Sachim exception_name == vmSymbols::java_lang_ClassFormatError())) { 168285242Sachim if (TraceClassInitialization || VerboseVerification) { 169285242Sachim tty->print_cr( 170285242Sachim "Fail over class verification to old verifier for: %s", klassName); 171285242Sachim } 172285242Sachim exception_name = inference_verify( 173285242Sachim klass, message_buffer, message_buffer_len, THREAD); 174285242Sachim } 175285242Sachim if (exception_name != NULL) { 176285242Sachim exception_message = split_verifier.exception_message(); 177285242Sachim } 178285242Sachim } else { 179285242Sachim exception_name = inference_verify( 180285242Sachim klass, message_buffer, message_buffer_len, THREAD); 181285242Sachim } 182285242Sachim 183285242Sachim if (TraceClassInitialization || VerboseVerification) { 184285242Sachim if (HAS_PENDING_EXCEPTION) { 185285242Sachim tty->print("Verification for %s has", klassName); 186285242Sachim tty->print_cr(" exception pending %s ", 187285242Sachim InstanceKlass::cast(PENDING_EXCEPTION->klass())->external_name()); 188285242Sachim } else if (exception_name != NULL) { 189285242Sachim tty->print_cr("Verification for %s failed", klassName); 190285242Sachim } 191285242Sachim tty->print_cr("End class verification for: %s", klassName); 192285242Sachim } 193285242Sachim 194285242Sachim if (HAS_PENDING_EXCEPTION) { 195285242Sachim return false; // use the existing exception 196285242Sachim } else if (exception_name == NULL) { 197285242Sachim return true; // verifcation succeeded 198285242Sachim } else { // VerifyError or ClassFormatError to be created and thrown 199285242Sachim ResourceMark rm(THREAD); 200285242Sachim instanceKlassHandle kls = 201285242Sachim SystemDictionary::resolve_or_fail(exception_name, true, CHECK_false); 202285242Sachim if (TraceClassResolution) { 203285242Sachim Verifier::trace_class_resolution(kls(), klass()); 204285242Sachim } 205285242Sachim 206285242Sachim while (!kls.is_null()) { 207285242Sachim if (kls == klass) { 208285242Sachim // If the class being verified is the exception we're creating 209285242Sachim // or one of it's superclasses, we're in trouble and are going 210285242Sachim // to infinitely recurse when we try to initialize the exception. 211285242Sachim // So bail out here by throwing the preallocated VM error. 212285242Sachim THROW_OOP_(Universe::virtual_machine_error_instance(), false); 213285242Sachim } 214285242Sachim kls = kls->super(); 215285242Sachim } 216285242Sachim message_buffer[message_buffer_len - 1] = '\0'; // just to be sure 217285242Sachim THROW_MSG_(exception_name, exception_message, false); 218285242Sachim } 219285242Sachim} 220285242Sachim 221285242Sachimbool Verifier::is_eligible_for_verification(instanceKlassHandle klass, bool should_verify_class) { 222285242Sachim Symbol* name = klass->name(); 223285242Sachim Klass* refl_magic_klass = SystemDictionary::reflect_MagicAccessorImpl_klass(); 224285242Sachim 225285242Sachim bool is_reflect = refl_magic_klass != NULL && klass->is_subtype_of(refl_magic_klass); 226285242Sachim 227285242Sachim return (should_verify_for(klass->class_loader(), should_verify_class) && 228285242Sachim // return if the class is a bootstrapping class 229285242Sachim // or defineClass specified not to verify by default (flags override passed arg) 230285242Sachim // We need to skip the following four for bootstraping 231285242Sachim name != vmSymbols::java_lang_Object() && 232285242Sachim name != vmSymbols::java_lang_Class() && 233285242Sachim name != vmSymbols::java_lang_String() && 234285242Sachim name != vmSymbols::java_lang_Throwable() && 235285242Sachim 236285242Sachim // Can not verify the bytecodes for shared classes because they have 237285242Sachim // already been rewritten to contain constant pool cache indices, 238285242Sachim // which the verifier can't understand. 239285242Sachim // Shared classes shouldn't have stackmaps either. 240285242Sachim !klass()->is_shared() && 241285242Sachim 242285242Sachim // As of the fix for 4486457 we disable verification for all of the 243285242Sachim // dynamically-generated bytecodes associated with the 1.4 244285242Sachim // reflection implementation, not just those associated with 245285242Sachim // sun/reflect/SerializationConstructorAccessor. 246285242Sachim // NOTE: this is called too early in the bootstrapping process to be 247285242Sachim // guarded by Universe::is_gte_jdk14x_version(). 248285242Sachim // Also for lambda generated code, gte jdk8 249285242Sachim (!is_reflect)); 250285242Sachim} 251285242Sachim 252285242SachimSymbol* Verifier::inference_verify( 253285242Sachim instanceKlassHandle klass, char* message, size_t message_len, TRAPS) { 254285242Sachim JavaThread* thread = (JavaThread*)THREAD; 255285242Sachim JNIEnv *env = thread->jni_environment(); 256285242Sachim 257285242Sachim void* verify_func = verify_byte_codes_fn(); 258285242Sachim 259285242Sachim if (verify_func == NULL) { 260285242Sachim jio_snprintf(message, message_len, "Could not link verifier"); 261285242Sachim return vmSymbols::java_lang_VerifyError(); 262285242Sachim } 263285242Sachim 264285242Sachim ResourceMark rm(THREAD); 265285242Sachim if (VerboseVerification) { 266285242Sachim tty->print_cr("Verifying class %s with old format", klass->external_name()); 267285242Sachim } 268285242Sachim 269285242Sachim jclass cls = (jclass) JNIHandles::make_local(env, klass->java_mirror()); 270285242Sachim jint result; 271285242Sachim 272285242Sachim { 273285242Sachim HandleMark hm(thread); 274285242Sachim ThreadToNativeFromVM ttn(thread); 275285242Sachim // ThreadToNativeFromVM takes care of changing thread_state, so safepoint 276285242Sachim // code knows that we have left the VM 277285242Sachim 278285242Sachim if (_is_new_verify_byte_codes_fn) { 279285242Sachim verify_byte_codes_fn_new_t func = 280285242Sachim CAST_TO_FN_PTR(verify_byte_codes_fn_new_t, verify_func); 281285242Sachim result = (*func)(env, cls, message, (int)message_len, 282285242Sachim klass->major_version()); 283285242Sachim } else { 284285242Sachim verify_byte_codes_fn_t func = 285285242Sachim CAST_TO_FN_PTR(verify_byte_codes_fn_t, verify_func); 286285242Sachim result = (*func)(env, cls, message, (int)message_len); 287285242Sachim } 288285242Sachim } 289285242Sachim 290285242Sachim JNIHandles::destroy_local(cls); 291285242Sachim 292285242Sachim // These numbers are chosen so that VerifyClassCodes interface doesn't need 293285242Sachim // to be changed (still return jboolean (unsigned char)), and result is 294285242Sachim // 1 when verification is passed. 295285242Sachim if (result == 0) { 296285242Sachim return vmSymbols::java_lang_VerifyError(); 297285242Sachim } else if (result == 1) { 298285242Sachim return NULL; // verified. 299285242Sachim } else if (result == 2) { 300285242Sachim THROW_MSG_(vmSymbols::java_lang_OutOfMemoryError(), message, NULL); 301285242Sachim } else if (result == 3) { 302285242Sachim return vmSymbols::java_lang_ClassFormatError(); 303285242Sachim } else { 304285242Sachim ShouldNotReachHere(); 305285242Sachim return NULL; 306285242Sachim } 307285242Sachim} 308285242Sachim 309285242SachimTypeOrigin TypeOrigin::null() { 310285242Sachim return TypeOrigin(); 311285242Sachim} 312285242SachimTypeOrigin TypeOrigin::local(u2 index, StackMapFrame* frame) { 313285242Sachim assert(frame != NULL, "Must have a frame"); 314285242Sachim return TypeOrigin(CF_LOCALS, index, StackMapFrame::copy(frame), 315285242Sachim frame->local_at(index)); 316285242Sachim} 317285242SachimTypeOrigin TypeOrigin::stack(u2 index, StackMapFrame* frame) { 318285242Sachim assert(frame != NULL, "Must have a frame"); 319285242Sachim return TypeOrigin(CF_STACK, index, StackMapFrame::copy(frame), 320285242Sachim frame->stack_at(index)); 321285242Sachim} 322285242SachimTypeOrigin TypeOrigin::sm_local(u2 index, StackMapFrame* frame) { 323285242Sachim assert(frame != NULL, "Must have a frame"); 324285242Sachim return TypeOrigin(SM_LOCALS, index, StackMapFrame::copy(frame), 325285242Sachim frame->local_at(index)); 326285242Sachim} 327285242SachimTypeOrigin TypeOrigin::sm_stack(u2 index, StackMapFrame* frame) { 328285242Sachim assert(frame != NULL, "Must have a frame"); 329285242Sachim return TypeOrigin(SM_STACK, index, StackMapFrame::copy(frame), 330285242Sachim frame->stack_at(index)); 331285242Sachim} 332285242SachimTypeOrigin TypeOrigin::bad_index(u2 index) { 333285242Sachim return TypeOrigin(BAD_INDEX, index, NULL, VerificationType::bogus_type()); 334285242Sachim} 335285242SachimTypeOrigin TypeOrigin::cp(u2 index, VerificationType vt) { 336285242Sachim return TypeOrigin(CONST_POOL, index, NULL, vt); 337285242Sachim} 338285242SachimTypeOrigin TypeOrigin::signature(VerificationType vt) { 339285242Sachim return TypeOrigin(SIG, 0, NULL, vt); 340285242Sachim} 341285242SachimTypeOrigin TypeOrigin::implicit(VerificationType t) { 342285242Sachim return TypeOrigin(IMPLICIT, 0, NULL, t); 343285242Sachim} 344285242SachimTypeOrigin TypeOrigin::frame(StackMapFrame* frame) { 345285242Sachim return TypeOrigin(FRAME_ONLY, 0, StackMapFrame::copy(frame), 346285242Sachim VerificationType::bogus_type()); 347285242Sachim} 348285242Sachim 349285242Sachimvoid TypeOrigin::reset_frame() { 350285242Sachim if (_frame != NULL) { 351285242Sachim _frame->restore(); 352285242Sachim } 353285242Sachim} 354285242Sachim 355285242Sachimvoid TypeOrigin::details(outputStream* ss) const { 356285242Sachim _type.print_on(ss); 357285242Sachim switch (_origin) { 358285242Sachim case CF_LOCALS: 359285242Sachim ss->print(" (current frame, locals[%d])", _index); 360285242Sachim break; 361285242Sachim case CF_STACK: 362285242Sachim ss->print(" (current frame, stack[%d])", _index); 363285242Sachim break; 364285242Sachim case SM_LOCALS: 365285242Sachim ss->print(" (stack map, locals[%d])", _index); 366285242Sachim break; 367285242Sachim case SM_STACK: 368285242Sachim ss->print(" (stack map, stack[%d])", _index); 369285242Sachim break; 370285242Sachim case CONST_POOL: 371285242Sachim ss->print(" (constant pool %d)", _index); 372285242Sachim break; 373285242Sachim case SIG: 374285242Sachim ss->print(" (from method signature)"); 375285242Sachim break; 376285242Sachim case IMPLICIT: 377285242Sachim case FRAME_ONLY: 378285242Sachim case NONE: 379285242Sachim default: 380285242Sachim ; 381285242Sachim } 382285242Sachim} 383285242Sachim 384285242Sachim#ifdef ASSERT 385285242Sachimvoid TypeOrigin::print_on(outputStream* str) const { 386285242Sachim str->print("{%d,%d,%p:", _origin, _index, _frame); 387285242Sachim if (_frame != NULL) { 388285242Sachim _frame->print_on(str); 389285242Sachim } else { 390285242Sachim str->print("null"); 391285242Sachim } 392285242Sachim str->print(","); 393285242Sachim _type.print_on(str); 394285242Sachim str->print("}"); 395285242Sachim} 396285242Sachim#endif 397285242Sachim 398285242Sachimvoid ErrorContext::details(outputStream* ss, const Method* method) const { 399285242Sachim if (is_valid()) { 400285242Sachim ss->cr(); 401285242Sachim ss->print_cr("Exception Details:"); 402285242Sachim location_details(ss, method); 403285242Sachim reason_details(ss); 404285242Sachim frame_details(ss); 405285242Sachim bytecode_details(ss, method); 406285242Sachim handler_details(ss, method); 407285242Sachim stackmap_details(ss, method); 408285242Sachim } 409285242Sachim} 410285242Sachim 411285242Sachimvoid ErrorContext::reason_details(outputStream* ss) const { 412285242Sachim streamIndentor si(ss); 413285242Sachim ss->indent().print_cr("Reason:"); 414285242Sachim streamIndentor si2(ss); 415285242Sachim ss->indent().print("%s", ""); 416285242Sachim switch (_fault) { 417285242Sachim case INVALID_BYTECODE: 418285242Sachim ss->print("Error exists in the bytecode"); 419285242Sachim break; 420285242Sachim case WRONG_TYPE: 421285242Sachim if (_expected.is_valid()) { 422285242Sachim ss->print("Type "); 423285242Sachim _type.details(ss); 424285242Sachim ss->print(" is not assignable to "); 425285242Sachim _expected.details(ss); 426285242Sachim } else { 427285242Sachim ss->print("Invalid type: "); 428285242Sachim _type.details(ss); 429285242Sachim } 430285242Sachim break; 431285242Sachim case FLAGS_MISMATCH: 432285242Sachim if (_expected.is_valid()) { 433285242Sachim ss->print("Current frame's flags are not assignable " 434285242Sachim "to stack map frame's."); 435285242Sachim } else { 436285242Sachim ss->print("Current frame's flags are invalid in this context."); 437285242Sachim } 438285242Sachim break; 439285242Sachim case BAD_CP_INDEX: 440285242Sachim ss->print("Constant pool index %d is invalid", _type.index()); 441285242Sachim break; 442285242Sachim case BAD_LOCAL_INDEX: 443285242Sachim ss->print("Local index %d is invalid", _type.index()); 444285242Sachim break; 445285242Sachim case LOCALS_SIZE_MISMATCH: 446285242Sachim ss->print("Current frame's local size doesn't match stackmap."); 447285242Sachim break; 448285242Sachim case STACK_SIZE_MISMATCH: 449285242Sachim ss->print("Current frame's stack size doesn't match stackmap."); 450285242Sachim break; 451285242Sachim case STACK_OVERFLOW: 452285242Sachim ss->print("Exceeded max stack size."); 453285242Sachim break; 454285242Sachim case STACK_UNDERFLOW: 455285242Sachim ss->print("Attempt to pop empty stack."); 456285242Sachim break; 457285242Sachim case MISSING_STACKMAP: 458285242Sachim ss->print("Expected stackmap frame at this location."); 459285242Sachim break; 460285242Sachim case BAD_STACKMAP: 461285242Sachim ss->print("Invalid stackmap specification."); 462285242Sachim break; 463285242Sachim case UNKNOWN: 464285242Sachim default: 465285242Sachim ShouldNotReachHere(); 466285242Sachim ss->print_cr("Unknown"); 467285242Sachim } 468285242Sachim ss->cr(); 469285242Sachim} 470285242Sachim 471285242Sachimvoid ErrorContext::location_details(outputStream* ss, const Method* method) const { 472285242Sachim if (_bci != -1 && method != NULL) { 473285242Sachim streamIndentor si(ss); 474285242Sachim const char* bytecode_name = "<invalid>"; 475285242Sachim if (method->validate_bci(_bci) != -1) { 476285242Sachim Bytecodes::Code code = Bytecodes::code_or_bp_at(method->bcp_from(_bci)); 477285242Sachim if (Bytecodes::is_defined(code)) { 478285242Sachim bytecode_name = Bytecodes::name(code); 479285242Sachim } else { 480285242Sachim bytecode_name = "<illegal>"; 481285242Sachim } 482285242Sachim } 483285242Sachim InstanceKlass* ik = method->method_holder(); 484285242Sachim ss->indent().print_cr("Location:"); 485285242Sachim streamIndentor si2(ss); 486285242Sachim ss->indent().print_cr("%s.%s%s @%d: %s", 487285242Sachim ik->name()->as_C_string(), method->name()->as_C_string(), 488285242Sachim method->signature()->as_C_string(), _bci, bytecode_name); 489285242Sachim } 490285242Sachim} 491285242Sachim 492285242Sachimvoid ErrorContext::frame_details(outputStream* ss) const { 493285242Sachim streamIndentor si(ss); 494285242Sachim if (_type.is_valid() && _type.frame() != NULL) { 495285242Sachim ss->indent().print_cr("Current Frame:"); 496285242Sachim streamIndentor si2(ss); 497285242Sachim _type.frame()->print_on(ss); 498285242Sachim } 499285242Sachim if (_expected.is_valid() && _expected.frame() != NULL) { 500285242Sachim ss->indent().print_cr("Stackmap Frame:"); 501285242Sachim streamIndentor si2(ss); 502285242Sachim _expected.frame()->print_on(ss); 503285242Sachim } 504285242Sachim} 505285242Sachim 506285242Sachimvoid ErrorContext::bytecode_details(outputStream* ss, const Method* method) const { 507285242Sachim if (method != NULL) { 508285242Sachim streamIndentor si(ss); 509285242Sachim ss->indent().print_cr("Bytecode:"); 510285242Sachim streamIndentor si2(ss); 511285242Sachim ss->print_data(method->code_base(), method->code_size(), false); 512285242Sachim } 513285242Sachim} 514285242Sachim 515285242Sachimvoid ErrorContext::handler_details(outputStream* ss, const Method* method) const { 516285242Sachim if (method != NULL) { 517285242Sachim streamIndentor si(ss); 518285242Sachim ExceptionTable table(method); 519285242Sachim if (table.length() > 0) { 520285242Sachim ss->indent().print_cr("Exception Handler Table:"); 521285242Sachim streamIndentor si2(ss); 522285242Sachim for (int i = 0; i < table.length(); ++i) { 523285242Sachim ss->indent().print_cr("bci [%d, %d] => handler: %d", table.start_pc(i), 524285242Sachim table.end_pc(i), table.handler_pc(i)); 525285242Sachim } 526285242Sachim } 527285242Sachim } 528285242Sachim} 529285242Sachim 530285242Sachimvoid ErrorContext::stackmap_details(outputStream* ss, const Method* method) const { 531285242Sachim if (method != NULL && method->has_stackmap_table()) { 532285242Sachim streamIndentor si(ss); 533285242Sachim ss->indent().print_cr("Stackmap Table:"); 534285242Sachim Array<u1>* data = method->stackmap_data(); 535285242Sachim stack_map_table* sm_table = 536285242Sachim stack_map_table::at((address)data->adr_at(0)); 537285242Sachim stack_map_frame* sm_frame = sm_table->entries(); 538285242Sachim streamIndentor si2(ss); 539285242Sachim int current_offset = -1; 540285242Sachim for (u2 i = 0; i < sm_table->number_of_entries(); ++i) { 541285242Sachim ss->indent(); 542285242Sachim sm_frame->print_on(ss, current_offset); 543285242Sachim ss->cr(); 544285242Sachim current_offset += sm_frame->offset_delta(); 545285242Sachim sm_frame = sm_frame->next(); 546285242Sachim } 547285242Sachim } 548285242Sachim} 549285242Sachim 550285242Sachim// Methods in ClassVerifier 551285242Sachim 552285242SachimClassVerifier::ClassVerifier( 553285242Sachim instanceKlassHandle klass, TRAPS) 554285242Sachim : _thread(THREAD), _exception_type(NULL), _message(NULL), _klass(klass) { 555285242Sachim _this_type = VerificationType::reference_type(klass->name()); 556285242Sachim // Create list to hold symbols in reference area. 557285242Sachim _symbols = new GrowableArray<Symbol*>(100, 0, NULL); 558285242Sachim} 559285242Sachim 560285242SachimClassVerifier::~ClassVerifier() { 561285242Sachim // Decrement the reference count for any symbols created. 562285242Sachim for (int i = 0; i < _symbols->length(); i++) { 563285242Sachim Symbol* s = _symbols->at(i); 564285242Sachim s->decrement_refcount(); 565285242Sachim } 566285242Sachim} 567285242Sachim 568285242SachimVerificationType ClassVerifier::object_type() const { 569285242Sachim return VerificationType::reference_type(vmSymbols::java_lang_Object()); 570285242Sachim} 571285242Sachim 572285242SachimTypeOrigin ClassVerifier::ref_ctx(const char* sig, TRAPS) { 573285242Sachim VerificationType vt = VerificationType::reference_type( 574285242Sachim create_temporary_symbol(sig, (int)strlen(sig), THREAD)); 575285242Sachim return TypeOrigin::implicit(vt); 576285242Sachim} 577285242Sachim 578285242Sachimvoid ClassVerifier::verify_class(TRAPS) { 579285242Sachim if (VerboseVerification) { 580285242Sachim tty->print_cr("Verifying class %s with new format", 581285242Sachim _klass->external_name()); 582285242Sachim } 583285242Sachim 584285242Sachim Array<Method*>* methods = _klass->methods(); 585285242Sachim int num_methods = methods->length(); 586285242Sachim 587285242Sachim for (int index = 0; index < num_methods; index++) { 588285242Sachim // Check for recursive re-verification before each method. 589285242Sachim if (was_recursively_verified()) return; 590285242Sachim 591285242Sachim Method* m = methods->at(index); 592285242Sachim if (m->is_native() || m->is_abstract() || m->is_overpass()) { 593285242Sachim // If m is native or abstract, skip it. It is checked in class file 594285242Sachim // parser that methods do not override a final method. Overpass methods 595285242Sachim // are trusted since the VM generates them. 596285242Sachim continue; 597285242Sachim } 598285242Sachim verify_method(methodHandle(THREAD, m), CHECK_VERIFY(this)); 599285242Sachim } 600285242Sachim 601285242Sachim if (VerboseVerification || TraceClassInitialization) { 602285242Sachim if (was_recursively_verified()) 603285242Sachim tty->print_cr("Recursive verification detected for: %s", 604285242Sachim _klass->external_name()); 605285242Sachim } 606285242Sachim} 607285242Sachim 608285242Sachimvoid ClassVerifier::verify_method(const methodHandle& m, TRAPS) { 609285242Sachim HandleMark hm(THREAD); 610285242Sachim _method = m; // initialize _method 611285242Sachim if (VerboseVerification) { 612285242Sachim tty->print_cr("Verifying method %s", m->name_and_sig_as_C_string()); 613285242Sachim } 614285242Sachim 615285242Sachim// For clang, the only good constant format string is a literal constant format string. 616285242Sachim#define bad_type_msg "Bad type on operand stack in %s" 617285242Sachim 618285242Sachim int32_t max_stack = m->verifier_max_stack(); 619285242Sachim int32_t max_locals = m->max_locals(); 620285242Sachim constantPoolHandle cp(THREAD, m->constants()); 621285242Sachim 622285242Sachim if (!SignatureVerifier::is_valid_method_signature(m->signature())) { 623285242Sachim class_format_error("Invalid method signature"); 624285242Sachim return; 625285242Sachim } 626285242Sachim 627285242Sachim // Initial stack map frame: offset is 0, stack is initially empty. 628285242Sachim StackMapFrame current_frame(max_locals, max_stack, this); 629285242Sachim // Set initial locals 630285242Sachim VerificationType return_type = current_frame.set_locals_from_arg( 631285242Sachim m, current_type(), CHECK_VERIFY(this)); 632285242Sachim 633285242Sachim int32_t stackmap_index = 0; // index to the stackmap array 634285242Sachim 635285242Sachim u4 code_length = m->code_size(); 636285242Sachim 637285242Sachim // Scan the bytecode and map each instruction's start offset to a number. 638285242Sachim char* code_data = generate_code_data(m, code_length, CHECK_VERIFY(this)); 639285242Sachim 640285242Sachim int ex_min = code_length; 641285242Sachim int ex_max = -1; 642285242Sachim // Look through each item on the exception table. Each of the fields must refer 643285242Sachim // to a legal instruction. 644285242Sachim verify_exception_handler_table( 645285242Sachim code_length, code_data, ex_min, ex_max, CHECK_VERIFY(this)); 646285242Sachim 647285242Sachim // Look through each entry on the local variable table and make sure 648285242Sachim // its range of code array offsets is valid. (4169817) 649285242Sachim if (m->has_localvariable_table()) { 650285242Sachim verify_local_variable_table(code_length, code_data, CHECK_VERIFY(this)); 651285242Sachim } 652285242Sachim 653285242Sachim Array<u1>* stackmap_data = m->stackmap_data(); 654285242Sachim StackMapStream stream(stackmap_data); 655285242Sachim StackMapReader reader(this, &stream, code_data, code_length, THREAD); 656285242Sachim StackMapTable stackmap_table(&reader, ¤t_frame, max_locals, max_stack, 657285242Sachim code_data, code_length, CHECK_VERIFY(this)); 658285242Sachim 659285242Sachim if (VerboseVerification) { 660285242Sachim stackmap_table.print_on(tty); 661285242Sachim } 662285242Sachim 663285242Sachim RawBytecodeStream bcs(m); 664285242Sachim 665285242Sachim // Scan the byte code linearly from the start to the end 666285242Sachim bool no_control_flow = false; // Set to true when there is no direct control 667285242Sachim // flow from current instruction to the next 668285242Sachim // instruction in sequence 669285242Sachim 670285242Sachim Bytecodes::Code opcode; 671285242Sachim while (!bcs.is_last_bytecode()) { 672285242Sachim // Check for recursive re-verification before each bytecode. 673285242Sachim if (was_recursively_verified()) return; 674285242Sachim 675285242Sachim opcode = bcs.raw_next(); 676285242Sachim u2 bci = bcs.bci(); 677285242Sachim 678285242Sachim // Set current frame's offset to bci 679285242Sachim current_frame.set_offset(bci); 680285242Sachim current_frame.set_mark(); 681285242Sachim 682285242Sachim // Make sure every offset in stackmap table point to the beginning to 683285242Sachim // an instruction. Match current_frame to stackmap_table entry with 684285242Sachim // the same offset if exists. 685285242Sachim stackmap_index = verify_stackmap_table( 686285242Sachim stackmap_index, bci, ¤t_frame, &stackmap_table, 687285242Sachim no_control_flow, CHECK_VERIFY(this)); 688285242Sachim 689285242Sachim 690285242Sachim bool this_uninit = false; // Set to true when invokespecial <init> initialized 'this' 691285242Sachim bool verified_exc_handlers = false; 692285242Sachim 693285242Sachim // Merge with the next instruction 694285242Sachim { 695285242Sachim u2 index; 696285242Sachim int target; 697285242Sachim VerificationType type, type2; 698285242Sachim VerificationType atype; 699285242Sachim 700285242Sachim#ifndef PRODUCT 701285242Sachim if (VerboseVerification) { 702285242Sachim current_frame.print_on(tty); 703285242Sachim tty->print_cr("offset = %d, opcode = %s", bci, Bytecodes::name(opcode)); 704285242Sachim } 705285242Sachim#endif 706285242Sachim 707285242Sachim // Make sure wide instruction is in correct format 708285242Sachim if (bcs.is_wide()) { 709285242Sachim if (opcode != Bytecodes::_iinc && opcode != Bytecodes::_iload && 710285242Sachim opcode != Bytecodes::_aload && opcode != Bytecodes::_lload && 711285242Sachim opcode != Bytecodes::_istore && opcode != Bytecodes::_astore && 712285242Sachim opcode != Bytecodes::_lstore && opcode != Bytecodes::_fload && 713285242Sachim opcode != Bytecodes::_dload && opcode != Bytecodes::_fstore && 714285242Sachim opcode != Bytecodes::_dstore) { 715285242Sachim /* Unreachable? RawBytecodeStream's raw_next() returns 'illegal' 716285242Sachim * if we encounter a wide instruction that modifies an invalid 717285242Sachim * opcode (not one of the ones listed above) */ 718285242Sachim verify_error(ErrorContext::bad_code(bci), "Bad wide instruction"); 719285242Sachim return; 720285242Sachim } 721285242Sachim } 722285242Sachim 723285242Sachim // Look for possible jump target in exception handlers and see if it 724285242Sachim // matches current_frame. Do this check here for astore*, dstore*, 725285242Sachim // fstore*, istore*, and lstore* opcodes because they can change the type 726285242Sachim // state by adding a local. JVM Spec says that the incoming type state 727285242Sachim // should be used for this check. So, do the check here before a possible 728285242Sachim // local is added to the type state. 729285242Sachim if (Bytecodes::is_store_into_local(opcode) && bci >= ex_min && bci < ex_max) { 730285242Sachim verify_exception_handler_targets( 731285242Sachim bci, this_uninit, ¤t_frame, &stackmap_table, CHECK_VERIFY(this)); 732285242Sachim verified_exc_handlers = true; 733285242Sachim } 734285242Sachim 735285242Sachim switch (opcode) { 736285242Sachim case Bytecodes::_nop : 737285242Sachim no_control_flow = false; break; 738285242Sachim case Bytecodes::_aconst_null : 739285242Sachim current_frame.push_stack( 740285242Sachim VerificationType::null_type(), CHECK_VERIFY(this)); 741285242Sachim no_control_flow = false; break; 742285242Sachim case Bytecodes::_iconst_m1 : 743285242Sachim case Bytecodes::_iconst_0 : 744285242Sachim case Bytecodes::_iconst_1 : 745285242Sachim case Bytecodes::_iconst_2 : 746285242Sachim case Bytecodes::_iconst_3 : 747285242Sachim case Bytecodes::_iconst_4 : 748285242Sachim case Bytecodes::_iconst_5 : 749285242Sachim current_frame.push_stack( 750285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 751285242Sachim no_control_flow = false; break; 752285242Sachim case Bytecodes::_lconst_0 : 753285242Sachim case Bytecodes::_lconst_1 : 754285242Sachim current_frame.push_stack_2( 755285242Sachim VerificationType::long_type(), 756285242Sachim VerificationType::long2_type(), CHECK_VERIFY(this)); 757285242Sachim no_control_flow = false; break; 758285242Sachim case Bytecodes::_fconst_0 : 759285242Sachim case Bytecodes::_fconst_1 : 760285242Sachim case Bytecodes::_fconst_2 : 761285242Sachim current_frame.push_stack( 762285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 763285242Sachim no_control_flow = false; break; 764285242Sachim case Bytecodes::_dconst_0 : 765285242Sachim case Bytecodes::_dconst_1 : 766285242Sachim current_frame.push_stack_2( 767285242Sachim VerificationType::double_type(), 768285242Sachim VerificationType::double2_type(), CHECK_VERIFY(this)); 769285242Sachim no_control_flow = false; break; 770285242Sachim case Bytecodes::_sipush : 771285242Sachim case Bytecodes::_bipush : 772285242Sachim current_frame.push_stack( 773285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 774285242Sachim no_control_flow = false; break; 775285242Sachim case Bytecodes::_ldc : 776285242Sachim verify_ldc( 777285242Sachim opcode, bcs.get_index_u1(), ¤t_frame, 778285242Sachim cp, bci, CHECK_VERIFY(this)); 779285242Sachim no_control_flow = false; break; 780285242Sachim case Bytecodes::_ldc_w : 781285242Sachim case Bytecodes::_ldc2_w : 782285242Sachim verify_ldc( 783285242Sachim opcode, bcs.get_index_u2(), ¤t_frame, 784285242Sachim cp, bci, CHECK_VERIFY(this)); 785285242Sachim no_control_flow = false; break; 786285242Sachim case Bytecodes::_iload : 787285242Sachim verify_iload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this)); 788285242Sachim no_control_flow = false; break; 789285242Sachim case Bytecodes::_iload_0 : 790285242Sachim case Bytecodes::_iload_1 : 791285242Sachim case Bytecodes::_iload_2 : 792285242Sachim case Bytecodes::_iload_3 : 793285242Sachim index = opcode - Bytecodes::_iload_0; 794285242Sachim verify_iload(index, ¤t_frame, CHECK_VERIFY(this)); 795285242Sachim no_control_flow = false; break; 796285242Sachim case Bytecodes::_lload : 797285242Sachim verify_lload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this)); 798285242Sachim no_control_flow = false; break; 799285242Sachim case Bytecodes::_lload_0 : 800285242Sachim case Bytecodes::_lload_1 : 801285242Sachim case Bytecodes::_lload_2 : 802285242Sachim case Bytecodes::_lload_3 : 803285242Sachim index = opcode - Bytecodes::_lload_0; 804285242Sachim verify_lload(index, ¤t_frame, CHECK_VERIFY(this)); 805285242Sachim no_control_flow = false; break; 806285242Sachim case Bytecodes::_fload : 807285242Sachim verify_fload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this)); 808285242Sachim no_control_flow = false; break; 809285242Sachim case Bytecodes::_fload_0 : 810285242Sachim case Bytecodes::_fload_1 : 811285242Sachim case Bytecodes::_fload_2 : 812285242Sachim case Bytecodes::_fload_3 : 813285242Sachim index = opcode - Bytecodes::_fload_0; 814285242Sachim verify_fload(index, ¤t_frame, CHECK_VERIFY(this)); 815285242Sachim no_control_flow = false; break; 816285242Sachim case Bytecodes::_dload : 817285242Sachim verify_dload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this)); 818285242Sachim no_control_flow = false; break; 819285242Sachim case Bytecodes::_dload_0 : 820285242Sachim case Bytecodes::_dload_1 : 821285242Sachim case Bytecodes::_dload_2 : 822285242Sachim case Bytecodes::_dload_3 : 823285242Sachim index = opcode - Bytecodes::_dload_0; 824285242Sachim verify_dload(index, ¤t_frame, CHECK_VERIFY(this)); 825285242Sachim no_control_flow = false; break; 826285242Sachim case Bytecodes::_aload : 827285242Sachim verify_aload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this)); 828285242Sachim no_control_flow = false; break; 829285242Sachim case Bytecodes::_aload_0 : 830285242Sachim case Bytecodes::_aload_1 : 831285242Sachim case Bytecodes::_aload_2 : 832285242Sachim case Bytecodes::_aload_3 : 833285242Sachim index = opcode - Bytecodes::_aload_0; 834285242Sachim verify_aload(index, ¤t_frame, CHECK_VERIFY(this)); 835285242Sachim no_control_flow = false; break; 836285242Sachim case Bytecodes::_iaload : 837285242Sachim type = current_frame.pop_stack( 838285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 839285242Sachim atype = current_frame.pop_stack( 840285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 841285242Sachim if (!atype.is_int_array()) { 842285242Sachim verify_error(ErrorContext::bad_type(bci, 843285242Sachim current_frame.stack_top_ctx(), ref_ctx("[I", THREAD)), 844285242Sachim bad_type_msg, "iaload"); 845285242Sachim return; 846285242Sachim } 847285242Sachim current_frame.push_stack( 848285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 849285242Sachim no_control_flow = false; break; 850285242Sachim case Bytecodes::_baload : 851285242Sachim type = current_frame.pop_stack( 852285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 853285242Sachim atype = current_frame.pop_stack( 854285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 855285242Sachim if (!atype.is_bool_array() && !atype.is_byte_array()) { 856285242Sachim verify_error( 857285242Sachim ErrorContext::bad_type(bci, current_frame.stack_top_ctx()), 858285242Sachim bad_type_msg, "baload"); 859285242Sachim return; 860285242Sachim } 861285242Sachim current_frame.push_stack( 862285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 863285242Sachim no_control_flow = false; break; 864285242Sachim case Bytecodes::_caload : 865285242Sachim type = current_frame.pop_stack( 866285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 867285242Sachim atype = current_frame.pop_stack( 868285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 869285242Sachim if (!atype.is_char_array()) { 870285242Sachim verify_error(ErrorContext::bad_type(bci, 871285242Sachim current_frame.stack_top_ctx(), ref_ctx("[C", THREAD)), 872285242Sachim bad_type_msg, "caload"); 873285242Sachim return; 874285242Sachim } 875285242Sachim current_frame.push_stack( 876285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 877285242Sachim no_control_flow = false; break; 878285242Sachim case Bytecodes::_saload : 879285242Sachim type = current_frame.pop_stack( 880285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 881285242Sachim atype = current_frame.pop_stack( 882285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 883285242Sachim if (!atype.is_short_array()) { 884285242Sachim verify_error(ErrorContext::bad_type(bci, 885285242Sachim current_frame.stack_top_ctx(), ref_ctx("[S", THREAD)), 886285242Sachim bad_type_msg, "saload"); 887285242Sachim return; 888285242Sachim } 889285242Sachim current_frame.push_stack( 890285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 891285242Sachim no_control_flow = false; break; 892285242Sachim case Bytecodes::_laload : 893285242Sachim type = current_frame.pop_stack( 894285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 895285242Sachim atype = current_frame.pop_stack( 896285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 897285242Sachim if (!atype.is_long_array()) { 898285242Sachim verify_error(ErrorContext::bad_type(bci, 899285242Sachim current_frame.stack_top_ctx(), ref_ctx("[J", THREAD)), 900285242Sachim bad_type_msg, "laload"); 901285242Sachim return; 902285242Sachim } 903285242Sachim current_frame.push_stack_2( 904285242Sachim VerificationType::long_type(), 905285242Sachim VerificationType::long2_type(), CHECK_VERIFY(this)); 906285242Sachim no_control_flow = false; break; 907285242Sachim case Bytecodes::_faload : 908285242Sachim type = current_frame.pop_stack( 909285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 910285242Sachim atype = current_frame.pop_stack( 911285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 912285242Sachim if (!atype.is_float_array()) { 913285242Sachim verify_error(ErrorContext::bad_type(bci, 914285242Sachim current_frame.stack_top_ctx(), ref_ctx("[F", THREAD)), 915285242Sachim bad_type_msg, "faload"); 916285242Sachim return; 917285242Sachim } 918285242Sachim current_frame.push_stack( 919285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 920285242Sachim no_control_flow = false; break; 921285242Sachim case Bytecodes::_daload : 922285242Sachim type = current_frame.pop_stack( 923285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 924285242Sachim atype = current_frame.pop_stack( 925285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 926285242Sachim if (!atype.is_double_array()) { 927285242Sachim verify_error(ErrorContext::bad_type(bci, 928285242Sachim current_frame.stack_top_ctx(), ref_ctx("[D", THREAD)), 929285242Sachim bad_type_msg, "daload"); 930285242Sachim return; 931285242Sachim } 932285242Sachim current_frame.push_stack_2( 933285242Sachim VerificationType::double_type(), 934285242Sachim VerificationType::double2_type(), CHECK_VERIFY(this)); 935285242Sachim no_control_flow = false; break; 936285242Sachim case Bytecodes::_aaload : { 937285242Sachim type = current_frame.pop_stack( 938285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 939285242Sachim atype = current_frame.pop_stack( 940285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 941285242Sachim if (!atype.is_reference_array()) { 942285242Sachim verify_error(ErrorContext::bad_type(bci, 943285242Sachim current_frame.stack_top_ctx(), 944285242Sachim TypeOrigin::implicit(VerificationType::reference_check())), 945285242Sachim bad_type_msg, "aaload"); 946285242Sachim return; 947285242Sachim } 948285242Sachim if (atype.is_null()) { 949285242Sachim current_frame.push_stack( 950285242Sachim VerificationType::null_type(), CHECK_VERIFY(this)); 951285242Sachim } else { 952285242Sachim VerificationType component = 953285242Sachim atype.get_component(this, CHECK_VERIFY(this)); 954285242Sachim current_frame.push_stack(component, CHECK_VERIFY(this)); 955285242Sachim } 956285242Sachim no_control_flow = false; break; 957285242Sachim } 958285242Sachim case Bytecodes::_istore : 959285242Sachim verify_istore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this)); 960285242Sachim no_control_flow = false; break; 961285242Sachim case Bytecodes::_istore_0 : 962285242Sachim case Bytecodes::_istore_1 : 963285242Sachim case Bytecodes::_istore_2 : 964285242Sachim case Bytecodes::_istore_3 : 965285242Sachim index = opcode - Bytecodes::_istore_0; 966285242Sachim verify_istore(index, ¤t_frame, CHECK_VERIFY(this)); 967285242Sachim no_control_flow = false; break; 968285242Sachim case Bytecodes::_lstore : 969285242Sachim verify_lstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this)); 970285242Sachim no_control_flow = false; break; 971285242Sachim case Bytecodes::_lstore_0 : 972285242Sachim case Bytecodes::_lstore_1 : 973285242Sachim case Bytecodes::_lstore_2 : 974285242Sachim case Bytecodes::_lstore_3 : 975285242Sachim index = opcode - Bytecodes::_lstore_0; 976285242Sachim verify_lstore(index, ¤t_frame, CHECK_VERIFY(this)); 977285242Sachim no_control_flow = false; break; 978285242Sachim case Bytecodes::_fstore : 979285242Sachim verify_fstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this)); 980285242Sachim no_control_flow = false; break; 981285242Sachim case Bytecodes::_fstore_0 : 982285242Sachim case Bytecodes::_fstore_1 : 983285242Sachim case Bytecodes::_fstore_2 : 984285242Sachim case Bytecodes::_fstore_3 : 985285242Sachim index = opcode - Bytecodes::_fstore_0; 986285242Sachim verify_fstore(index, ¤t_frame, CHECK_VERIFY(this)); 987285242Sachim no_control_flow = false; break; 988285242Sachim case Bytecodes::_dstore : 989285242Sachim verify_dstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this)); 990285242Sachim no_control_flow = false; break; 991285242Sachim case Bytecodes::_dstore_0 : 992285242Sachim case Bytecodes::_dstore_1 : 993285242Sachim case Bytecodes::_dstore_2 : 994285242Sachim case Bytecodes::_dstore_3 : 995285242Sachim index = opcode - Bytecodes::_dstore_0; 996285242Sachim verify_dstore(index, ¤t_frame, CHECK_VERIFY(this)); 997285242Sachim no_control_flow = false; break; 998285242Sachim case Bytecodes::_astore : 999285242Sachim verify_astore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this)); 1000285242Sachim no_control_flow = false; break; 1001285242Sachim case Bytecodes::_astore_0 : 1002285242Sachim case Bytecodes::_astore_1 : 1003285242Sachim case Bytecodes::_astore_2 : 1004285242Sachim case Bytecodes::_astore_3 : 1005285242Sachim index = opcode - Bytecodes::_astore_0; 1006285242Sachim verify_astore(index, ¤t_frame, CHECK_VERIFY(this)); 1007285242Sachim no_control_flow = false; break; 1008285242Sachim case Bytecodes::_iastore : 1009285242Sachim type = current_frame.pop_stack( 1010285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1011285242Sachim type2 = current_frame.pop_stack( 1012285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1013285242Sachim atype = current_frame.pop_stack( 1014285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 1015285242Sachim if (!atype.is_int_array()) { 1016285242Sachim verify_error(ErrorContext::bad_type(bci, 1017285242Sachim current_frame.stack_top_ctx(), ref_ctx("[I", THREAD)), 1018285242Sachim bad_type_msg, "iastore"); 1019285242Sachim return; 1020285242Sachim } 1021285242Sachim no_control_flow = false; break; 1022285242Sachim case Bytecodes::_bastore : 1023285242Sachim type = current_frame.pop_stack( 1024285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1025285242Sachim type2 = current_frame.pop_stack( 1026285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1027285242Sachim atype = current_frame.pop_stack( 1028285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 1029285242Sachim if (!atype.is_bool_array() && !atype.is_byte_array()) { 1030285242Sachim verify_error( 1031285242Sachim ErrorContext::bad_type(bci, current_frame.stack_top_ctx()), 1032285242Sachim bad_type_msg, "bastore"); 1033285242Sachim return; 1034285242Sachim } 1035285242Sachim no_control_flow = false; break; 1036285242Sachim case Bytecodes::_castore : 1037285242Sachim current_frame.pop_stack( 1038285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1039285242Sachim current_frame.pop_stack( 1040285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1041285242Sachim atype = current_frame.pop_stack( 1042285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 1043285242Sachim if (!atype.is_char_array()) { 1044285242Sachim verify_error(ErrorContext::bad_type(bci, 1045285242Sachim current_frame.stack_top_ctx(), ref_ctx("[C", THREAD)), 1046285242Sachim bad_type_msg, "castore"); 1047285242Sachim return; 1048285242Sachim } 1049285242Sachim no_control_flow = false; break; 1050285242Sachim case Bytecodes::_sastore : 1051285242Sachim current_frame.pop_stack( 1052285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1053285242Sachim current_frame.pop_stack( 1054285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1055285242Sachim atype = current_frame.pop_stack( 1056285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 1057285242Sachim if (!atype.is_short_array()) { 1058285242Sachim verify_error(ErrorContext::bad_type(bci, 1059285242Sachim current_frame.stack_top_ctx(), ref_ctx("[S", THREAD)), 1060285242Sachim bad_type_msg, "sastore"); 1061285242Sachim return; 1062285242Sachim } 1063285242Sachim no_control_flow = false; break; 1064285242Sachim case Bytecodes::_lastore : 1065285242Sachim current_frame.pop_stack_2( 1066285242Sachim VerificationType::long2_type(), 1067285242Sachim VerificationType::long_type(), CHECK_VERIFY(this)); 1068285242Sachim current_frame.pop_stack( 1069285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1070285242Sachim atype = current_frame.pop_stack( 1071285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 1072285242Sachim if (!atype.is_long_array()) { 1073285242Sachim verify_error(ErrorContext::bad_type(bci, 1074285242Sachim current_frame.stack_top_ctx(), ref_ctx("[J", THREAD)), 1075285242Sachim bad_type_msg, "lastore"); 1076285242Sachim return; 1077285242Sachim } 1078285242Sachim no_control_flow = false; break; 1079285242Sachim case Bytecodes::_fastore : 1080285242Sachim current_frame.pop_stack( 1081285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 1082285242Sachim current_frame.pop_stack 1083285242Sachim (VerificationType::integer_type(), CHECK_VERIFY(this)); 1084285242Sachim atype = current_frame.pop_stack( 1085285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 1086285242Sachim if (!atype.is_float_array()) { 1087285242Sachim verify_error(ErrorContext::bad_type(bci, 1088285242Sachim current_frame.stack_top_ctx(), ref_ctx("[F", THREAD)), 1089285242Sachim bad_type_msg, "fastore"); 1090285242Sachim return; 1091285242Sachim } 1092285242Sachim no_control_flow = false; break; 1093285242Sachim case Bytecodes::_dastore : 1094285242Sachim current_frame.pop_stack_2( 1095285242Sachim VerificationType::double2_type(), 1096285242Sachim VerificationType::double_type(), CHECK_VERIFY(this)); 1097285242Sachim current_frame.pop_stack( 1098285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1099285242Sachim atype = current_frame.pop_stack( 1100285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 1101285242Sachim if (!atype.is_double_array()) { 1102285242Sachim verify_error(ErrorContext::bad_type(bci, 1103285242Sachim current_frame.stack_top_ctx(), ref_ctx("[D", THREAD)), 1104285242Sachim bad_type_msg, "dastore"); 1105285242Sachim return; 1106285242Sachim } 1107285242Sachim no_control_flow = false; break; 1108285242Sachim case Bytecodes::_aastore : 1109285242Sachim type = current_frame.pop_stack(object_type(), CHECK_VERIFY(this)); 1110285242Sachim type2 = current_frame.pop_stack( 1111285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1112285242Sachim atype = current_frame.pop_stack( 1113285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 1114285242Sachim // more type-checking is done at runtime 1115285242Sachim if (!atype.is_reference_array()) { 1116285242Sachim verify_error(ErrorContext::bad_type(bci, 1117285242Sachim current_frame.stack_top_ctx(), 1118285242Sachim TypeOrigin::implicit(VerificationType::reference_check())), 1119285242Sachim bad_type_msg, "aastore"); 1120285242Sachim return; 1121285242Sachim } 1122285242Sachim // 4938384: relaxed constraint in JVMS 3nd edition. 1123285242Sachim no_control_flow = false; break; 1124285242Sachim case Bytecodes::_pop : 1125285242Sachim current_frame.pop_stack( 1126285242Sachim VerificationType::category1_check(), CHECK_VERIFY(this)); 1127285242Sachim no_control_flow = false; break; 1128285242Sachim case Bytecodes::_pop2 : 1129285242Sachim type = current_frame.pop_stack(CHECK_VERIFY(this)); 1130285242Sachim if (type.is_category1()) { 1131285242Sachim current_frame.pop_stack( 1132285242Sachim VerificationType::category1_check(), CHECK_VERIFY(this)); 1133285242Sachim } else if (type.is_category2_2nd()) { 1134285242Sachim current_frame.pop_stack( 1135285242Sachim VerificationType::category2_check(), CHECK_VERIFY(this)); 1136285242Sachim } else { 1137285242Sachim /* Unreachable? Would need a category2_1st on TOS 1138285242Sachim * which does not appear possible. */ 1139285242Sachim verify_error( 1140285242Sachim ErrorContext::bad_type(bci, current_frame.stack_top_ctx()), 1141285242Sachim bad_type_msg, "pop2"); 1142285242Sachim return; 1143285242Sachim } 1144285242Sachim no_control_flow = false; break; 1145285242Sachim case Bytecodes::_dup : 1146285242Sachim type = current_frame.pop_stack( 1147285242Sachim VerificationType::category1_check(), CHECK_VERIFY(this)); 1148285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1149285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1150285242Sachim no_control_flow = false; break; 1151285242Sachim case Bytecodes::_dup_x1 : 1152285242Sachim type = current_frame.pop_stack( 1153285242Sachim VerificationType::category1_check(), CHECK_VERIFY(this)); 1154285242Sachim type2 = current_frame.pop_stack( 1155285242Sachim VerificationType::category1_check(), CHECK_VERIFY(this)); 1156285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1157285242Sachim current_frame.push_stack(type2, CHECK_VERIFY(this)); 1158285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1159285242Sachim no_control_flow = false; break; 1160285242Sachim case Bytecodes::_dup_x2 : 1161285242Sachim { 1162285242Sachim VerificationType type3; 1163285242Sachim type = current_frame.pop_stack( 1164285242Sachim VerificationType::category1_check(), CHECK_VERIFY(this)); 1165285242Sachim type2 = current_frame.pop_stack(CHECK_VERIFY(this)); 1166285242Sachim if (type2.is_category1()) { 1167285242Sachim type3 = current_frame.pop_stack( 1168285242Sachim VerificationType::category1_check(), CHECK_VERIFY(this)); 1169285242Sachim } else if (type2.is_category2_2nd()) { 1170285242Sachim type3 = current_frame.pop_stack( 1171285242Sachim VerificationType::category2_check(), CHECK_VERIFY(this)); 1172285242Sachim } else { 1173285242Sachim /* Unreachable? Would need a category2_1st at stack depth 2 with 1174285242Sachim * a category1 on TOS which does not appear possible. */ 1175285242Sachim verify_error(ErrorContext::bad_type( 1176285242Sachim bci, current_frame.stack_top_ctx()), bad_type_msg, "dup_x2"); 1177285242Sachim return; 1178285242Sachim } 1179285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1180285242Sachim current_frame.push_stack(type3, CHECK_VERIFY(this)); 1181285242Sachim current_frame.push_stack(type2, CHECK_VERIFY(this)); 1182285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1183285242Sachim no_control_flow = false; break; 1184285242Sachim } 1185285242Sachim case Bytecodes::_dup2 : 1186285242Sachim type = current_frame.pop_stack(CHECK_VERIFY(this)); 1187285242Sachim if (type.is_category1()) { 1188285242Sachim type2 = current_frame.pop_stack( 1189285242Sachim VerificationType::category1_check(), CHECK_VERIFY(this)); 1190285242Sachim } else if (type.is_category2_2nd()) { 1191285242Sachim type2 = current_frame.pop_stack( 1192285242Sachim VerificationType::category2_check(), CHECK_VERIFY(this)); 1193285242Sachim } else { 1194285242Sachim /* Unreachable? Would need a category2_1st on TOS which does not 1195285242Sachim * appear possible. */ 1196285242Sachim verify_error( 1197285242Sachim ErrorContext::bad_type(bci, current_frame.stack_top_ctx()), 1198285242Sachim bad_type_msg, "dup2"); 1199285242Sachim return; 1200285242Sachim } 1201285242Sachim current_frame.push_stack(type2, CHECK_VERIFY(this)); 1202285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1203285242Sachim current_frame.push_stack(type2, CHECK_VERIFY(this)); 1204285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1205285242Sachim no_control_flow = false; break; 1206285242Sachim case Bytecodes::_dup2_x1 : 1207285242Sachim { 1208285242Sachim VerificationType type3; 1209285242Sachim type = current_frame.pop_stack(CHECK_VERIFY(this)); 1210285242Sachim if (type.is_category1()) { 1211285242Sachim type2 = current_frame.pop_stack( 1212285242Sachim VerificationType::category1_check(), CHECK_VERIFY(this)); 1213285242Sachim } else if (type.is_category2_2nd()) { 1214285242Sachim type2 = current_frame.pop_stack( 1215285242Sachim VerificationType::category2_check(), CHECK_VERIFY(this)); 1216285242Sachim } else { 1217285242Sachim /* Unreachable? Would need a category2_1st on TOS which does 1218285242Sachim * not appear possible. */ 1219285242Sachim verify_error( 1220285242Sachim ErrorContext::bad_type(bci, current_frame.stack_top_ctx()), 1221285242Sachim bad_type_msg, "dup2_x1"); 1222285242Sachim return; 1223285242Sachim } 1224285242Sachim type3 = current_frame.pop_stack( 1225285242Sachim VerificationType::category1_check(), CHECK_VERIFY(this)); 1226285242Sachim current_frame.push_stack(type2, CHECK_VERIFY(this)); 1227285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1228285242Sachim current_frame.push_stack(type3, CHECK_VERIFY(this)); 1229285242Sachim current_frame.push_stack(type2, CHECK_VERIFY(this)); 1230285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1231285242Sachim no_control_flow = false; break; 1232285242Sachim } 1233285242Sachim case Bytecodes::_dup2_x2 : 1234285242Sachim { 1235285242Sachim VerificationType type3, type4; 1236285242Sachim type = current_frame.pop_stack(CHECK_VERIFY(this)); 1237285242Sachim if (type.is_category1()) { 1238285242Sachim type2 = current_frame.pop_stack( 1239285242Sachim VerificationType::category1_check(), CHECK_VERIFY(this)); 1240285242Sachim } else if (type.is_category2_2nd()) { 1241285242Sachim type2 = current_frame.pop_stack( 1242285242Sachim VerificationType::category2_check(), CHECK_VERIFY(this)); 1243285242Sachim } else { 1244285242Sachim /* Unreachable? Would need a category2_1st on TOS which does 1245285242Sachim * not appear possible. */ 1246285242Sachim verify_error( 1247285242Sachim ErrorContext::bad_type(bci, current_frame.stack_top_ctx()), 1248285242Sachim bad_type_msg, "dup2_x2"); 1249285242Sachim return; 1250285242Sachim } 1251285242Sachim type3 = current_frame.pop_stack(CHECK_VERIFY(this)); 1252285242Sachim if (type3.is_category1()) { 1253285242Sachim type4 = current_frame.pop_stack( 1254285242Sachim VerificationType::category1_check(), CHECK_VERIFY(this)); 1255285242Sachim } else if (type3.is_category2_2nd()) { 1256285242Sachim type4 = current_frame.pop_stack( 1257285242Sachim VerificationType::category2_check(), CHECK_VERIFY(this)); 1258285242Sachim } else { 1259285242Sachim /* Unreachable? Would need a category2_1st on TOS after popping 1260285242Sachim * a long/double or two category 1's, which does not 1261285242Sachim * appear possible. */ 1262285242Sachim verify_error( 1263285242Sachim ErrorContext::bad_type(bci, current_frame.stack_top_ctx()), 1264285242Sachim bad_type_msg, "dup2_x2"); 1265285242Sachim return; 1266285242Sachim } 1267285242Sachim current_frame.push_stack(type2, CHECK_VERIFY(this)); 1268285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1269285242Sachim current_frame.push_stack(type4, CHECK_VERIFY(this)); 1270285242Sachim current_frame.push_stack(type3, CHECK_VERIFY(this)); 1271285242Sachim current_frame.push_stack(type2, CHECK_VERIFY(this)); 1272285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1273285242Sachim no_control_flow = false; break; 1274285242Sachim } 1275285242Sachim case Bytecodes::_swap : 1276285242Sachim type = current_frame.pop_stack( 1277285242Sachim VerificationType::category1_check(), CHECK_VERIFY(this)); 1278285242Sachim type2 = current_frame.pop_stack( 1279285242Sachim VerificationType::category1_check(), CHECK_VERIFY(this)); 1280285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1281285242Sachim current_frame.push_stack(type2, CHECK_VERIFY(this)); 1282285242Sachim no_control_flow = false; break; 1283285242Sachim case Bytecodes::_iadd : 1284285242Sachim case Bytecodes::_isub : 1285285242Sachim case Bytecodes::_imul : 1286285242Sachim case Bytecodes::_idiv : 1287285242Sachim case Bytecodes::_irem : 1288285242Sachim case Bytecodes::_ishl : 1289285242Sachim case Bytecodes::_ishr : 1290285242Sachim case Bytecodes::_iushr : 1291285242Sachim case Bytecodes::_ior : 1292285242Sachim case Bytecodes::_ixor : 1293285242Sachim case Bytecodes::_iand : 1294285242Sachim current_frame.pop_stack( 1295285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1296285242Sachim // fall through 1297285242Sachim case Bytecodes::_ineg : 1298285242Sachim current_frame.pop_stack( 1299285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1300285242Sachim current_frame.push_stack( 1301285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1302285242Sachim no_control_flow = false; break; 1303285242Sachim case Bytecodes::_ladd : 1304285242Sachim case Bytecodes::_lsub : 1305285242Sachim case Bytecodes::_lmul : 1306285242Sachim case Bytecodes::_ldiv : 1307285242Sachim case Bytecodes::_lrem : 1308285242Sachim case Bytecodes::_land : 1309285242Sachim case Bytecodes::_lor : 1310285242Sachim case Bytecodes::_lxor : 1311285242Sachim current_frame.pop_stack_2( 1312285242Sachim VerificationType::long2_type(), 1313285242Sachim VerificationType::long_type(), CHECK_VERIFY(this)); 1314285242Sachim // fall through 1315285242Sachim case Bytecodes::_lneg : 1316285242Sachim current_frame.pop_stack_2( 1317285242Sachim VerificationType::long2_type(), 1318285242Sachim VerificationType::long_type(), CHECK_VERIFY(this)); 1319285242Sachim current_frame.push_stack_2( 1320285242Sachim VerificationType::long_type(), 1321285242Sachim VerificationType::long2_type(), CHECK_VERIFY(this)); 1322285242Sachim no_control_flow = false; break; 1323285242Sachim case Bytecodes::_lshl : 1324285242Sachim case Bytecodes::_lshr : 1325285242Sachim case Bytecodes::_lushr : 1326285242Sachim current_frame.pop_stack( 1327285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1328285242Sachim current_frame.pop_stack_2( 1329285242Sachim VerificationType::long2_type(), 1330285242Sachim VerificationType::long_type(), CHECK_VERIFY(this)); 1331285242Sachim current_frame.push_stack_2( 1332285242Sachim VerificationType::long_type(), 1333285242Sachim VerificationType::long2_type(), CHECK_VERIFY(this)); 1334285242Sachim no_control_flow = false; break; 1335285242Sachim case Bytecodes::_fadd : 1336285242Sachim case Bytecodes::_fsub : 1337285242Sachim case Bytecodes::_fmul : 1338285242Sachim case Bytecodes::_fdiv : 1339285242Sachim case Bytecodes::_frem : 1340285242Sachim current_frame.pop_stack( 1341285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 1342285242Sachim // fall through 1343285242Sachim case Bytecodes::_fneg : 1344285242Sachim current_frame.pop_stack( 1345285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 1346285242Sachim current_frame.push_stack( 1347285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 1348285242Sachim no_control_flow = false; break; 1349285242Sachim case Bytecodes::_dadd : 1350285242Sachim case Bytecodes::_dsub : 1351285242Sachim case Bytecodes::_dmul : 1352285242Sachim case Bytecodes::_ddiv : 1353285242Sachim case Bytecodes::_drem : 1354285242Sachim current_frame.pop_stack_2( 1355285242Sachim VerificationType::double2_type(), 1356285242Sachim VerificationType::double_type(), CHECK_VERIFY(this)); 1357285242Sachim // fall through 1358285242Sachim case Bytecodes::_dneg : 1359285242Sachim current_frame.pop_stack_2( 1360285242Sachim VerificationType::double2_type(), 1361285242Sachim VerificationType::double_type(), CHECK_VERIFY(this)); 1362285242Sachim current_frame.push_stack_2( 1363285242Sachim VerificationType::double_type(), 1364285242Sachim VerificationType::double2_type(), CHECK_VERIFY(this)); 1365285242Sachim no_control_flow = false; break; 1366285242Sachim case Bytecodes::_iinc : 1367285242Sachim verify_iinc(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this)); 1368285242Sachim no_control_flow = false; break; 1369285242Sachim case Bytecodes::_i2l : 1370285242Sachim type = current_frame.pop_stack( 1371285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1372285242Sachim current_frame.push_stack_2( 1373285242Sachim VerificationType::long_type(), 1374285242Sachim VerificationType::long2_type(), CHECK_VERIFY(this)); 1375285242Sachim no_control_flow = false; break; 1376285242Sachim case Bytecodes::_l2i : 1377285242Sachim current_frame.pop_stack_2( 1378285242Sachim VerificationType::long2_type(), 1379285242Sachim VerificationType::long_type(), CHECK_VERIFY(this)); 1380285242Sachim current_frame.push_stack( 1381285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1382285242Sachim no_control_flow = false; break; 1383285242Sachim case Bytecodes::_i2f : 1384285242Sachim current_frame.pop_stack( 1385285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1386285242Sachim current_frame.push_stack( 1387285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 1388285242Sachim no_control_flow = false; break; 1389285242Sachim case Bytecodes::_i2d : 1390285242Sachim current_frame.pop_stack( 1391285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1392285242Sachim current_frame.push_stack_2( 1393285242Sachim VerificationType::double_type(), 1394285242Sachim VerificationType::double2_type(), CHECK_VERIFY(this)); 1395285242Sachim no_control_flow = false; break; 1396285242Sachim case Bytecodes::_l2f : 1397285242Sachim current_frame.pop_stack_2( 1398285242Sachim VerificationType::long2_type(), 1399285242Sachim VerificationType::long_type(), CHECK_VERIFY(this)); 1400285242Sachim current_frame.push_stack( 1401285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 1402285242Sachim no_control_flow = false; break; 1403285242Sachim case Bytecodes::_l2d : 1404285242Sachim current_frame.pop_stack_2( 1405285242Sachim VerificationType::long2_type(), 1406285242Sachim VerificationType::long_type(), CHECK_VERIFY(this)); 1407285242Sachim current_frame.push_stack_2( 1408285242Sachim VerificationType::double_type(), 1409285242Sachim VerificationType::double2_type(), CHECK_VERIFY(this)); 1410285242Sachim no_control_flow = false; break; 1411285242Sachim case Bytecodes::_f2i : 1412285242Sachim current_frame.pop_stack( 1413285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 1414285242Sachim current_frame.push_stack( 1415285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1416285242Sachim no_control_flow = false; break; 1417285242Sachim case Bytecodes::_f2l : 1418285242Sachim current_frame.pop_stack( 1419285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 1420285242Sachim current_frame.push_stack_2( 1421285242Sachim VerificationType::long_type(), 1422285242Sachim VerificationType::long2_type(), CHECK_VERIFY(this)); 1423285242Sachim no_control_flow = false; break; 1424285242Sachim case Bytecodes::_f2d : 1425285242Sachim current_frame.pop_stack( 1426285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 1427285242Sachim current_frame.push_stack_2( 1428285242Sachim VerificationType::double_type(), 1429285242Sachim VerificationType::double2_type(), CHECK_VERIFY(this)); 1430285242Sachim no_control_flow = false; break; 1431285242Sachim case Bytecodes::_d2i : 1432285242Sachim current_frame.pop_stack_2( 1433285242Sachim VerificationType::double2_type(), 1434285242Sachim VerificationType::double_type(), CHECK_VERIFY(this)); 1435285242Sachim current_frame.push_stack( 1436285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1437285242Sachim no_control_flow = false; break; 1438285242Sachim case Bytecodes::_d2l : 1439285242Sachim current_frame.pop_stack_2( 1440285242Sachim VerificationType::double2_type(), 1441285242Sachim VerificationType::double_type(), CHECK_VERIFY(this)); 1442285242Sachim current_frame.push_stack_2( 1443285242Sachim VerificationType::long_type(), 1444285242Sachim VerificationType::long2_type(), CHECK_VERIFY(this)); 1445285242Sachim no_control_flow = false; break; 1446285242Sachim case Bytecodes::_d2f : 1447285242Sachim current_frame.pop_stack_2( 1448285242Sachim VerificationType::double2_type(), 1449285242Sachim VerificationType::double_type(), CHECK_VERIFY(this)); 1450285242Sachim current_frame.push_stack( 1451285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 1452285242Sachim no_control_flow = false; break; 1453285242Sachim case Bytecodes::_i2b : 1454285242Sachim case Bytecodes::_i2c : 1455285242Sachim case Bytecodes::_i2s : 1456285242Sachim current_frame.pop_stack( 1457285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1458285242Sachim current_frame.push_stack( 1459285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1460285242Sachim no_control_flow = false; break; 1461285242Sachim case Bytecodes::_lcmp : 1462285242Sachim current_frame.pop_stack_2( 1463285242Sachim VerificationType::long2_type(), 1464285242Sachim VerificationType::long_type(), CHECK_VERIFY(this)); 1465285242Sachim current_frame.pop_stack_2( 1466285242Sachim VerificationType::long2_type(), 1467285242Sachim VerificationType::long_type(), CHECK_VERIFY(this)); 1468285242Sachim current_frame.push_stack( 1469285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1470285242Sachim no_control_flow = false; break; 1471285242Sachim case Bytecodes::_fcmpl : 1472285242Sachim case Bytecodes::_fcmpg : 1473285242Sachim current_frame.pop_stack( 1474285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 1475285242Sachim current_frame.pop_stack( 1476285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 1477285242Sachim current_frame.push_stack( 1478285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1479285242Sachim no_control_flow = false; break; 1480285242Sachim case Bytecodes::_dcmpl : 1481285242Sachim case Bytecodes::_dcmpg : 1482285242Sachim current_frame.pop_stack_2( 1483285242Sachim VerificationType::double2_type(), 1484285242Sachim VerificationType::double_type(), CHECK_VERIFY(this)); 1485285242Sachim current_frame.pop_stack_2( 1486285242Sachim VerificationType::double2_type(), 1487285242Sachim VerificationType::double_type(), CHECK_VERIFY(this)); 1488285242Sachim current_frame.push_stack( 1489285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1490285242Sachim no_control_flow = false; break; 1491285242Sachim case Bytecodes::_if_icmpeq: 1492285242Sachim case Bytecodes::_if_icmpne: 1493285242Sachim case Bytecodes::_if_icmplt: 1494285242Sachim case Bytecodes::_if_icmpge: 1495285242Sachim case Bytecodes::_if_icmpgt: 1496285242Sachim case Bytecodes::_if_icmple: 1497285242Sachim current_frame.pop_stack( 1498285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1499285242Sachim // fall through 1500285242Sachim case Bytecodes::_ifeq: 1501285242Sachim case Bytecodes::_ifne: 1502285242Sachim case Bytecodes::_iflt: 1503285242Sachim case Bytecodes::_ifge: 1504285242Sachim case Bytecodes::_ifgt: 1505285242Sachim case Bytecodes::_ifle: 1506285242Sachim current_frame.pop_stack( 1507285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1508285242Sachim target = bcs.dest(); 1509285242Sachim stackmap_table.check_jump_target( 1510285242Sachim ¤t_frame, target, CHECK_VERIFY(this)); 1511285242Sachim no_control_flow = false; break; 1512285242Sachim case Bytecodes::_if_acmpeq : 1513285242Sachim case Bytecodes::_if_acmpne : 1514285242Sachim current_frame.pop_stack( 1515285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 1516285242Sachim // fall through 1517285242Sachim case Bytecodes::_ifnull : 1518285242Sachim case Bytecodes::_ifnonnull : 1519285242Sachim current_frame.pop_stack( 1520285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 1521285242Sachim target = bcs.dest(); 1522285242Sachim stackmap_table.check_jump_target 1523285242Sachim (¤t_frame, target, CHECK_VERIFY(this)); 1524285242Sachim no_control_flow = false; break; 1525285242Sachim case Bytecodes::_goto : 1526285242Sachim target = bcs.dest(); 1527285242Sachim stackmap_table.check_jump_target( 1528285242Sachim ¤t_frame, target, CHECK_VERIFY(this)); 1529285242Sachim no_control_flow = true; break; 1530285242Sachim case Bytecodes::_goto_w : 1531285242Sachim target = bcs.dest_w(); 1532285242Sachim stackmap_table.check_jump_target( 1533285242Sachim ¤t_frame, target, CHECK_VERIFY(this)); 1534285242Sachim no_control_flow = true; break; 1535285242Sachim case Bytecodes::_tableswitch : 1536285242Sachim case Bytecodes::_lookupswitch : 1537285242Sachim verify_switch( 1538285242Sachim &bcs, code_length, code_data, ¤t_frame, 1539285242Sachim &stackmap_table, CHECK_VERIFY(this)); 1540285242Sachim no_control_flow = true; break; 1541285242Sachim case Bytecodes::_ireturn : 1542285242Sachim type = current_frame.pop_stack( 1543285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1544285242Sachim verify_return_value(return_type, type, bci, 1545285242Sachim ¤t_frame, CHECK_VERIFY(this)); 1546285242Sachim no_control_flow = true; break; 1547285242Sachim case Bytecodes::_lreturn : 1548285242Sachim type2 = current_frame.pop_stack( 1549285242Sachim VerificationType::long2_type(), CHECK_VERIFY(this)); 1550285242Sachim type = current_frame.pop_stack( 1551285242Sachim VerificationType::long_type(), CHECK_VERIFY(this)); 1552285242Sachim verify_return_value(return_type, type, bci, 1553285242Sachim ¤t_frame, CHECK_VERIFY(this)); 1554285242Sachim no_control_flow = true; break; 1555285242Sachim case Bytecodes::_freturn : 1556285242Sachim type = current_frame.pop_stack( 1557285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 1558285242Sachim verify_return_value(return_type, type, bci, 1559285242Sachim ¤t_frame, CHECK_VERIFY(this)); 1560285242Sachim no_control_flow = true; break; 1561285242Sachim case Bytecodes::_dreturn : 1562285242Sachim type2 = current_frame.pop_stack( 1563285242Sachim VerificationType::double2_type(), CHECK_VERIFY(this)); 1564285242Sachim type = current_frame.pop_stack( 1565285242Sachim VerificationType::double_type(), CHECK_VERIFY(this)); 1566285242Sachim verify_return_value(return_type, type, bci, 1567285242Sachim ¤t_frame, CHECK_VERIFY(this)); 1568285242Sachim no_control_flow = true; break; 1569285242Sachim case Bytecodes::_areturn : 1570285242Sachim type = current_frame.pop_stack( 1571285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 1572285242Sachim verify_return_value(return_type, type, bci, 1573285242Sachim ¤t_frame, CHECK_VERIFY(this)); 1574285242Sachim no_control_flow = true; break; 1575285242Sachim case Bytecodes::_return : 1576285242Sachim if (return_type != VerificationType::bogus_type()) { 1577285242Sachim verify_error(ErrorContext::bad_code(bci), 1578285242Sachim "Method expects a return value"); 1579285242Sachim return; 1580285242Sachim } 1581285242Sachim // Make sure "this" has been initialized if current method is an 1582285242Sachim // <init>. 1583285242Sachim if (_method->name() == vmSymbols::object_initializer_name() && 1584285242Sachim current_frame.flag_this_uninit()) { 1585285242Sachim verify_error(ErrorContext::bad_code(bci), 1586285242Sachim "Constructor must call super() or this() " 1587285242Sachim "before return"); 1588285242Sachim return; 1589285242Sachim } 1590285242Sachim no_control_flow = true; break; 1591285242Sachim case Bytecodes::_getstatic : 1592285242Sachim case Bytecodes::_putstatic : 1593285242Sachim // pass TRUE, operand can be an array type for getstatic/putstatic. 1594285242Sachim verify_field_instructions( 1595285242Sachim &bcs, ¤t_frame, cp, true, CHECK_VERIFY(this)); 1596285242Sachim no_control_flow = false; break; 1597285242Sachim case Bytecodes::_getfield : 1598285242Sachim case Bytecodes::_putfield : 1599285242Sachim // pass FALSE, operand can't be an array type for getfield/putfield. 1600285242Sachim verify_field_instructions( 1601285242Sachim &bcs, ¤t_frame, cp, false, CHECK_VERIFY(this)); 1602285242Sachim no_control_flow = false; break; 1603285242Sachim case Bytecodes::_invokevirtual : 1604285242Sachim case Bytecodes::_invokespecial : 1605285242Sachim case Bytecodes::_invokestatic : 1606285242Sachim verify_invoke_instructions( 1607285242Sachim &bcs, code_length, ¤t_frame, (bci >= ex_min && bci < ex_max), 1608285242Sachim &this_uninit, return_type, cp, &stackmap_table, CHECK_VERIFY(this)); 1609285242Sachim no_control_flow = false; break; 1610285242Sachim case Bytecodes::_invokeinterface : 1611285242Sachim case Bytecodes::_invokedynamic : 1612285242Sachim verify_invoke_instructions( 1613285242Sachim &bcs, code_length, ¤t_frame, (bci >= ex_min && bci < ex_max), 1614285242Sachim &this_uninit, return_type, cp, &stackmap_table, CHECK_VERIFY(this)); 1615285242Sachim no_control_flow = false; break; 1616285242Sachim case Bytecodes::_new : 1617285242Sachim { 1618285242Sachim index = bcs.get_index_u2(); 1619285242Sachim verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this)); 1620285242Sachim VerificationType new_class_type = 1621285242Sachim cp_index_to_type(index, cp, CHECK_VERIFY(this)); 1622285242Sachim if (!new_class_type.is_object()) { 1623285242Sachim verify_error(ErrorContext::bad_type(bci, 1624285242Sachim TypeOrigin::cp(index, new_class_type)), 1625285242Sachim "Illegal new instruction"); 1626285242Sachim return; 1627285242Sachim } 1628285242Sachim type = VerificationType::uninitialized_type(bci); 1629285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1630285242Sachim no_control_flow = false; break; 1631285242Sachim } 1632285242Sachim case Bytecodes::_newarray : 1633285242Sachim type = get_newarray_type(bcs.get_index(), bci, CHECK_VERIFY(this)); 1634285242Sachim current_frame.pop_stack( 1635285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1636285242Sachim current_frame.push_stack(type, CHECK_VERIFY(this)); 1637285242Sachim no_control_flow = false; break; 1638285242Sachim case Bytecodes::_anewarray : 1639285242Sachim verify_anewarray( 1640285242Sachim bci, bcs.get_index_u2(), cp, ¤t_frame, CHECK_VERIFY(this)); 1641285242Sachim no_control_flow = false; break; 1642285242Sachim case Bytecodes::_arraylength : 1643285242Sachim type = current_frame.pop_stack( 1644285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 1645285242Sachim if (!(type.is_null() || type.is_array())) { 1646285242Sachim verify_error(ErrorContext::bad_type( 1647285242Sachim bci, current_frame.stack_top_ctx()), 1648285242Sachim bad_type_msg, "arraylength"); 1649285242Sachim } 1650285242Sachim current_frame.push_stack( 1651285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1652285242Sachim no_control_flow = false; break; 1653285242Sachim case Bytecodes::_checkcast : 1654285242Sachim { 1655285242Sachim index = bcs.get_index_u2(); 1656285242Sachim verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this)); 1657285242Sachim current_frame.pop_stack(object_type(), CHECK_VERIFY(this)); 1658285242Sachim VerificationType klass_type = cp_index_to_type( 1659285242Sachim index, cp, CHECK_VERIFY(this)); 1660285242Sachim current_frame.push_stack(klass_type, CHECK_VERIFY(this)); 1661285242Sachim no_control_flow = false; break; 1662285242Sachim } 1663285242Sachim case Bytecodes::_instanceof : { 1664285242Sachim index = bcs.get_index_u2(); 1665285242Sachim verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this)); 1666285242Sachim current_frame.pop_stack(object_type(), CHECK_VERIFY(this)); 1667285242Sachim current_frame.push_stack( 1668285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1669285242Sachim no_control_flow = false; break; 1670285242Sachim } 1671285242Sachim case Bytecodes::_monitorenter : 1672285242Sachim case Bytecodes::_monitorexit : 1673285242Sachim current_frame.pop_stack( 1674285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 1675285242Sachim no_control_flow = false; break; 1676285242Sachim case Bytecodes::_multianewarray : 1677285242Sachim { 1678285242Sachim index = bcs.get_index_u2(); 1679285242Sachim u2 dim = *(bcs.bcp()+3); 1680285242Sachim verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this)); 1681285242Sachim VerificationType new_array_type = 1682285242Sachim cp_index_to_type(index, cp, CHECK_VERIFY(this)); 1683285242Sachim if (!new_array_type.is_array()) { 1684285242Sachim verify_error(ErrorContext::bad_type(bci, 1685285242Sachim TypeOrigin::cp(index, new_array_type)), 1686285242Sachim "Illegal constant pool index in multianewarray instruction"); 1687285242Sachim return; 1688285242Sachim } 1689285242Sachim if (dim < 1 || new_array_type.dimensions() < dim) { 1690285242Sachim verify_error(ErrorContext::bad_code(bci), 1691285242Sachim "Illegal dimension in multianewarray instruction: %d", dim); 1692285242Sachim return; 1693285242Sachim } 1694285242Sachim for (int i = 0; i < dim; i++) { 1695285242Sachim current_frame.pop_stack( 1696285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 1697285242Sachim } 1698285242Sachim current_frame.push_stack(new_array_type, CHECK_VERIFY(this)); 1699285242Sachim no_control_flow = false; break; 1700285242Sachim } 1701285242Sachim case Bytecodes::_athrow : 1702285242Sachim type = VerificationType::reference_type( 1703285242Sachim vmSymbols::java_lang_Throwable()); 1704285242Sachim current_frame.pop_stack(type, CHECK_VERIFY(this)); 1705285242Sachim no_control_flow = true; break; 1706285242Sachim default: 1707285242Sachim // We only need to check the valid bytecodes in class file. 1708285242Sachim // And jsr and ret are not in the new class file format in JDK1.5. 1709285242Sachim verify_error(ErrorContext::bad_code(bci), 1710285242Sachim "Bad instruction: %02x", opcode); 1711285242Sachim no_control_flow = false; 1712285242Sachim return; 1713285242Sachim } // end switch 1714285242Sachim } // end Merge with the next instruction 1715285242Sachim 1716285242Sachim // Look for possible jump target in exception handlers and see if it matches 1717285242Sachim // current_frame. Don't do this check if it has already been done (for 1718285242Sachim // ([a,d,f,i,l]store* opcodes). This check cannot be done earlier because 1719285242Sachim // opcodes, such as invokespecial, may set the this_uninit flag. 1720285242Sachim assert(!(verified_exc_handlers && this_uninit), 1721285242Sachim "Exception handler targets got verified before this_uninit got set"); 1722285242Sachim if (!verified_exc_handlers && bci >= ex_min && bci < ex_max) { 1723285242Sachim verify_exception_handler_targets( 1724285242Sachim bci, this_uninit, ¤t_frame, &stackmap_table, CHECK_VERIFY(this)); 1725285242Sachim } 1726285242Sachim } // end while 1727285242Sachim 1728285242Sachim // Make sure that control flow does not fall through end of the method 1729285242Sachim if (!no_control_flow) { 1730285242Sachim verify_error(ErrorContext::bad_code(code_length), 1731285242Sachim "Control flow falls through code end"); 1732285242Sachim return; 1733285242Sachim } 1734285242Sachim} 1735285242Sachim 1736285242Sachim#undef bad_type_message 1737285242Sachim 1738285242Sachimchar* ClassVerifier::generate_code_data(methodHandle m, u4 code_length, TRAPS) { 1739285242Sachim char* code_data = NEW_RESOURCE_ARRAY(char, code_length); 1740285242Sachim memset(code_data, 0, sizeof(char) * code_length); 1741285242Sachim RawBytecodeStream bcs(m); 1742285242Sachim 1743285242Sachim while (!bcs.is_last_bytecode()) { 1744285242Sachim if (bcs.raw_next() != Bytecodes::_illegal) { 1745285242Sachim int bci = bcs.bci(); 1746285242Sachim if (bcs.raw_code() == Bytecodes::_new) { 1747285242Sachim code_data[bci] = NEW_OFFSET; 1748285242Sachim } else { 1749285242Sachim code_data[bci] = BYTECODE_OFFSET; 1750285242Sachim } 1751285242Sachim } else { 1752285242Sachim verify_error(ErrorContext::bad_code(bcs.bci()), "Bad instruction"); 1753285242Sachim return NULL; 1754285242Sachim } 1755285242Sachim } 1756285242Sachim 1757285242Sachim return code_data; 1758285242Sachim} 1759285242Sachim 1760285242Sachimvoid ClassVerifier::verify_exception_handler_table(u4 code_length, char* code_data, int& min, int& max, TRAPS) { 1761285242Sachim ExceptionTable exhandlers(_method()); 1762285242Sachim int exlength = exhandlers.length(); 1763285242Sachim constantPoolHandle cp (THREAD, _method->constants()); 1764285242Sachim 1765285242Sachim for(int i = 0; i < exlength; i++) { 1766285242Sachim u2 start_pc = exhandlers.start_pc(i); 1767285242Sachim u2 end_pc = exhandlers.end_pc(i); 1768285242Sachim u2 handler_pc = exhandlers.handler_pc(i); 1769285242Sachim if (start_pc >= code_length || code_data[start_pc] == 0) { 1770285242Sachim class_format_error("Illegal exception table start_pc %d", start_pc); 1771285242Sachim return; 1772285242Sachim } 1773285242Sachim if (end_pc != code_length) { // special case: end_pc == code_length 1774285242Sachim if (end_pc > code_length || code_data[end_pc] == 0) { 1775285242Sachim class_format_error("Illegal exception table end_pc %d", end_pc); 1776285242Sachim return; 1777285242Sachim } 1778285242Sachim } 1779285242Sachim if (handler_pc >= code_length || code_data[handler_pc] == 0) { 1780285242Sachim class_format_error("Illegal exception table handler_pc %d", handler_pc); 1781285242Sachim return; 1782285242Sachim } 1783285242Sachim int catch_type_index = exhandlers.catch_type_index(i); 1784285242Sachim if (catch_type_index != 0) { 1785285242Sachim VerificationType catch_type = cp_index_to_type( 1786285242Sachim catch_type_index, cp, CHECK_VERIFY(this)); 1787285242Sachim VerificationType throwable = 1788285242Sachim VerificationType::reference_type(vmSymbols::java_lang_Throwable()); 1789285242Sachim bool is_subclass = throwable.is_assignable_from( 1790285242Sachim catch_type, this, false, CHECK_VERIFY(this)); 1791285242Sachim if (!is_subclass) { 1792285242Sachim // 4286534: should throw VerifyError according to recent spec change 1793285242Sachim verify_error(ErrorContext::bad_type(handler_pc, 1794285242Sachim TypeOrigin::cp(catch_type_index, catch_type), 1795285242Sachim TypeOrigin::implicit(throwable)), 1796285242Sachim "Catch type is not a subclass " 1797285242Sachim "of Throwable in exception handler %d", handler_pc); 1798285242Sachim return; 1799285242Sachim } 1800285242Sachim } 1801285242Sachim if (start_pc < min) min = start_pc; 1802285242Sachim if (end_pc > max) max = end_pc; 1803285242Sachim } 1804285242Sachim} 1805285242Sachim 1806285242Sachimvoid ClassVerifier::verify_local_variable_table(u4 code_length, char* code_data, TRAPS) { 1807285242Sachim int localvariable_table_length = _method()->localvariable_table_length(); 1808285242Sachim if (localvariable_table_length > 0) { 1809285242Sachim LocalVariableTableElement* table = _method()->localvariable_table_start(); 1810285242Sachim for (int i = 0; i < localvariable_table_length; i++) { 1811285242Sachim u2 start_bci = table[i].start_bci; 1812285242Sachim u2 length = table[i].length; 1813285242Sachim 1814285242Sachim if (start_bci >= code_length || code_data[start_bci] == 0) { 1815285242Sachim class_format_error( 1816285242Sachim "Illegal local variable table start_pc %d", start_bci); 1817285242Sachim return; 1818285242Sachim } 1819285242Sachim u4 end_bci = (u4)(start_bci + length); 1820285242Sachim if (end_bci != code_length) { 1821285242Sachim if (end_bci >= code_length || code_data[end_bci] == 0) { 1822285242Sachim class_format_error( "Illegal local variable table length %d", length); 1823285242Sachim return; 1824285242Sachim } 1825285242Sachim } 1826285242Sachim } 1827285242Sachim } 1828285242Sachim} 1829285242Sachim 1830285242Sachimu2 ClassVerifier::verify_stackmap_table(u2 stackmap_index, u2 bci, 1831285242Sachim StackMapFrame* current_frame, 1832285242Sachim StackMapTable* stackmap_table, 1833285242Sachim bool no_control_flow, TRAPS) { 1834285242Sachim if (stackmap_index < stackmap_table->get_frame_count()) { 1835285242Sachim u2 this_offset = stackmap_table->get_offset(stackmap_index); 1836285242Sachim if (no_control_flow && this_offset > bci) { 1837285242Sachim verify_error(ErrorContext::missing_stackmap(bci), 1838285242Sachim "Expecting a stack map frame"); 1839285242Sachim return 0; 1840285242Sachim } 1841285242Sachim if (this_offset == bci) { 1842285242Sachim ErrorContext ctx; 1843285242Sachim // See if current stack map can be assigned to the frame in table. 1844285242Sachim // current_frame is the stackmap frame got from the last instruction. 1845285242Sachim // If matched, current_frame will be updated by this method. 1846285242Sachim bool matches = stackmap_table->match_stackmap( 1847285242Sachim current_frame, this_offset, stackmap_index, 1848285242Sachim !no_control_flow, true, false, &ctx, CHECK_VERIFY_(this, 0)); 1849285242Sachim if (!matches) { 1850285242Sachim // report type error 1851285242Sachim verify_error(ctx, "Instruction type does not match stack map"); 1852285242Sachim return 0; 1853285242Sachim } 1854285242Sachim stackmap_index++; 1855285242Sachim } else if (this_offset < bci) { 1856285242Sachim // current_offset should have met this_offset. 1857285242Sachim class_format_error("Bad stack map offset %d", this_offset); 1858285242Sachim return 0; 1859285242Sachim } 1860285242Sachim } else if (no_control_flow) { 1861285242Sachim verify_error(ErrorContext::bad_code(bci), "Expecting a stack map frame"); 1862285242Sachim return 0; 1863285242Sachim } 1864285242Sachim return stackmap_index; 1865285242Sachim} 1866285242Sachim 1867285242Sachimvoid ClassVerifier::verify_exception_handler_targets(u2 bci, bool this_uninit, StackMapFrame* current_frame, 1868285242Sachim StackMapTable* stackmap_table, TRAPS) { 1869285242Sachim constantPoolHandle cp (THREAD, _method->constants()); 1870285242Sachim ExceptionTable exhandlers(_method()); 1871285242Sachim int exlength = exhandlers.length(); 1872285242Sachim for(int i = 0; i < exlength; i++) { 1873285242Sachim u2 start_pc = exhandlers.start_pc(i); 1874285242Sachim u2 end_pc = exhandlers.end_pc(i); 1875285242Sachim u2 handler_pc = exhandlers.handler_pc(i); 1876285242Sachim int catch_type_index = exhandlers.catch_type_index(i); 1877285242Sachim if(bci >= start_pc && bci < end_pc) { 1878285242Sachim u1 flags = current_frame->flags(); 1879285242Sachim if (this_uninit) { flags |= FLAG_THIS_UNINIT; } 1880285242Sachim StackMapFrame* new_frame = current_frame->frame_in_exception_handler(flags); 1881285242Sachim if (catch_type_index != 0) { 1882285242Sachim // We know that this index refers to a subclass of Throwable 1883285242Sachim VerificationType catch_type = cp_index_to_type( 1884285242Sachim catch_type_index, cp, CHECK_VERIFY(this)); 1885285242Sachim new_frame->push_stack(catch_type, CHECK_VERIFY(this)); 1886285242Sachim } else { 1887285242Sachim VerificationType throwable = 1888285242Sachim VerificationType::reference_type(vmSymbols::java_lang_Throwable()); 1889285242Sachim new_frame->push_stack(throwable, CHECK_VERIFY(this)); 1890285242Sachim } 1891285242Sachim ErrorContext ctx; 1892285242Sachim bool matches = stackmap_table->match_stackmap( 1893285242Sachim new_frame, handler_pc, true, false, true, &ctx, CHECK_VERIFY(this)); 1894285242Sachim if (!matches) { 1895285242Sachim verify_error(ctx, "Stack map does not match the one at " 1896285242Sachim "exception handler %d", handler_pc); 1897285242Sachim return; 1898285242Sachim } 1899285242Sachim } 1900285242Sachim } 1901285242Sachim} 1902285242Sachim 1903285242Sachimvoid ClassVerifier::verify_cp_index( 1904285242Sachim u2 bci, const constantPoolHandle& cp, int index, TRAPS) { 1905285242Sachim int nconstants = cp->length(); 1906285242Sachim if ((index <= 0) || (index >= nconstants)) { 1907285242Sachim verify_error(ErrorContext::bad_cp_index(bci, index), 1908285242Sachim "Illegal constant pool index %d in class %s", 1909285242Sachim index, cp->pool_holder()->external_name()); 1910285242Sachim return; 1911285242Sachim } 1912285242Sachim} 1913285242Sachim 1914285242Sachimvoid ClassVerifier::verify_cp_type( 1915285242Sachim u2 bci, int index, const constantPoolHandle& cp, unsigned int types, TRAPS) { 1916285242Sachim 1917285242Sachim // In some situations, bytecode rewriting may occur while we're verifying. 1918285242Sachim // In this case, a constant pool cache exists and some indices refer to that 1919285242Sachim // instead. Be sure we don't pick up such indices by accident. 1920285242Sachim // We must check was_recursively_verified() before we get here. 1921285242Sachim guarantee(cp->cache() == NULL, "not rewritten yet"); 1922285242Sachim 1923285242Sachim verify_cp_index(bci, cp, index, CHECK_VERIFY(this)); 1924285242Sachim unsigned int tag = cp->tag_at(index).value(); 1925285242Sachim if ((types & (1 << tag)) == 0) { 1926285242Sachim verify_error(ErrorContext::bad_cp_index(bci, index), 1927285242Sachim "Illegal type at constant pool entry %d in class %s", 1928285242Sachim index, cp->pool_holder()->external_name()); 1929285242Sachim return; 1930285242Sachim } 1931285242Sachim} 1932285242Sachim 1933285242Sachimvoid ClassVerifier::verify_cp_class_type( 1934285242Sachim u2 bci, int index, const constantPoolHandle& cp, TRAPS) { 1935285242Sachim verify_cp_index(bci, cp, index, CHECK_VERIFY(this)); 1936285242Sachim constantTag tag = cp->tag_at(index); 1937285242Sachim if (!tag.is_klass() && !tag.is_unresolved_klass()) { 1938285242Sachim verify_error(ErrorContext::bad_cp_index(bci, index), 1939285242Sachim "Illegal type at constant pool entry %d in class %s", 1940285242Sachim index, cp->pool_holder()->external_name()); 1941285242Sachim return; 1942285242Sachim } 1943285242Sachim} 1944285242Sachim 1945285242Sachimvoid ClassVerifier::verify_error(ErrorContext ctx, const char* msg, ...) { 1946285242Sachim stringStream ss; 1947285242Sachim 1948285242Sachim ctx.reset_frames(); 1949285242Sachim _exception_type = vmSymbols::java_lang_VerifyError(); 1950285242Sachim _error_context = ctx; 1951285242Sachim va_list va; 1952285242Sachim va_start(va, msg); 1953285242Sachim ss.vprint(msg, va); 1954285242Sachim va_end(va); 1955285242Sachim _message = ss.as_string(); 1956285242Sachim#ifdef ASSERT 1957285242Sachim ResourceMark rm; 1958285242Sachim const char* exception_name = _exception_type->as_C_string(); 1959285242Sachim Exceptions::debug_check_abort(exception_name, NULL); 1960285242Sachim#endif // ndef ASSERT 1961285242Sachim} 1962285242Sachim 1963285242Sachimvoid ClassVerifier::class_format_error(const char* msg, ...) { 1964285242Sachim stringStream ss; 1965285242Sachim _exception_type = vmSymbols::java_lang_ClassFormatError(); 1966285242Sachim va_list va; 1967285242Sachim va_start(va, msg); 1968285242Sachim ss.vprint(msg, va); 1969285242Sachim va_end(va); 1970285242Sachim if (!_method.is_null()) { 1971285242Sachim ss.print(" in method %s", _method->name_and_sig_as_C_string()); 1972285242Sachim } 1973285242Sachim _message = ss.as_string(); 1974285242Sachim} 1975285242Sachim 1976285242SachimKlass* ClassVerifier::load_class(Symbol* name, TRAPS) { 1977285242Sachim // Get current loader and protection domain first. 1978285242Sachim oop loader = current_class()->class_loader(); 1979285242Sachim oop protection_domain = current_class()->protection_domain(); 1980285242Sachim 1981285242Sachim Klass* kls = SystemDictionary::resolve_or_fail( 1982285242Sachim name, Handle(THREAD, loader), Handle(THREAD, protection_domain), 1983285242Sachim true, THREAD); 1984285242Sachim 1985285242Sachim if (TraceClassResolution) { 1986285242Sachim instanceKlassHandle cur_class = current_class(); 1987285242Sachim Verifier::trace_class_resolution(kls, cur_class()); 1988285242Sachim } 1989285242Sachim return kls; 1990285242Sachim} 1991285242Sachim 1992285242Sachimbool ClassVerifier::is_protected_access(instanceKlassHandle this_class, 1993285242Sachim Klass* target_class, 1994285242Sachim Symbol* field_name, 1995285242Sachim Symbol* field_sig, 1996285242Sachim bool is_method) { 1997285242Sachim No_Safepoint_Verifier nosafepoint; 1998285242Sachim 1999285242Sachim // If target class isn't a super class of this class, we don't worry about this case 2000285242Sachim if (!this_class->is_subclass_of(target_class)) { 2001285242Sachim return false; 2002285242Sachim } 2003285242Sachim // Check if the specified method or field is protected 2004285242Sachim InstanceKlass* target_instance = InstanceKlass::cast(target_class); 2005285242Sachim fieldDescriptor fd; 2006285242Sachim if (is_method) { 2007285242Sachim Method* m = target_instance->uncached_lookup_method(field_name, field_sig, Klass::find_overpass); 2008285242Sachim if (m != NULL && m->is_protected()) { 2009285242Sachim if (!this_class->is_same_class_package(m->method_holder())) { 2010285242Sachim return true; 2011285242Sachim } 2012285242Sachim } 2013285242Sachim } else { 2014285242Sachim Klass* member_klass = target_instance->find_field(field_name, field_sig, &fd); 2015285242Sachim if (member_klass != NULL && fd.is_protected()) { 2016285242Sachim if (!this_class->is_same_class_package(member_klass)) { 2017285242Sachim return true; 2018285242Sachim } 2019285242Sachim } 2020285242Sachim } 2021285242Sachim return false; 2022285242Sachim} 2023285242Sachim 2024285242Sachimvoid ClassVerifier::verify_ldc( 2025285242Sachim int opcode, u2 index, StackMapFrame* current_frame, 2026285242Sachim const constantPoolHandle& cp, u2 bci, TRAPS) { 2027285242Sachim verify_cp_index(bci, cp, index, CHECK_VERIFY(this)); 2028285242Sachim constantTag tag = cp->tag_at(index); 2029285242Sachim unsigned int types; 2030285242Sachim if (opcode == Bytecodes::_ldc || opcode == Bytecodes::_ldc_w) { 2031285242Sachim if (!tag.is_unresolved_klass()) { 2032285242Sachim types = (1 << JVM_CONSTANT_Integer) | (1 << JVM_CONSTANT_Float) 2033285242Sachim | (1 << JVM_CONSTANT_String) | (1 << JVM_CONSTANT_Class) 2034285242Sachim | (1 << JVM_CONSTANT_MethodHandle) | (1 << JVM_CONSTANT_MethodType); 2035285242Sachim // Note: The class file parser already verified the legality of 2036285242Sachim // MethodHandle and MethodType constants. 2037285242Sachim verify_cp_type(bci, index, cp, types, CHECK_VERIFY(this)); 2038285242Sachim } 2039285242Sachim } else { 2040285242Sachim assert(opcode == Bytecodes::_ldc2_w, "must be ldc2_w"); 2041285242Sachim types = (1 << JVM_CONSTANT_Double) | (1 << JVM_CONSTANT_Long); 2042285242Sachim verify_cp_type(bci, index, cp, types, CHECK_VERIFY(this)); 2043285242Sachim } 2044285242Sachim if (tag.is_string() && cp->is_pseudo_string_at(index)) { 2045285242Sachim current_frame->push_stack(object_type(), CHECK_VERIFY(this)); 2046285242Sachim } else if (tag.is_string()) { 2047285242Sachim current_frame->push_stack( 2048285242Sachim VerificationType::reference_type( 2049285242Sachim vmSymbols::java_lang_String()), CHECK_VERIFY(this)); 2050285242Sachim } else if (tag.is_klass() || tag.is_unresolved_klass()) { 2051285242Sachim current_frame->push_stack( 2052285242Sachim VerificationType::reference_type( 2053285242Sachim vmSymbols::java_lang_Class()), CHECK_VERIFY(this)); 2054285242Sachim } else if (tag.is_int()) { 2055285242Sachim current_frame->push_stack( 2056285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 2057285242Sachim } else if (tag.is_float()) { 2058285242Sachim current_frame->push_stack( 2059285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 2060285242Sachim } else if (tag.is_double()) { 2061285242Sachim current_frame->push_stack_2( 2062285242Sachim VerificationType::double_type(), 2063285242Sachim VerificationType::double2_type(), CHECK_VERIFY(this)); 2064285242Sachim } else if (tag.is_long()) { 2065285242Sachim current_frame->push_stack_2( 2066285242Sachim VerificationType::long_type(), 2067285242Sachim VerificationType::long2_type(), CHECK_VERIFY(this)); 2068285242Sachim } else if (tag.is_method_handle()) { 2069285242Sachim current_frame->push_stack( 2070285242Sachim VerificationType::reference_type( 2071285242Sachim vmSymbols::java_lang_invoke_MethodHandle()), CHECK_VERIFY(this)); 2072285242Sachim } else if (tag.is_method_type()) { 2073285242Sachim current_frame->push_stack( 2074285242Sachim VerificationType::reference_type( 2075285242Sachim vmSymbols::java_lang_invoke_MethodType()), CHECK_VERIFY(this)); 2076285242Sachim } else { 2077285242Sachim /* Unreachable? verify_cp_type has already validated the cp type. */ 2078285242Sachim verify_error( 2079285242Sachim ErrorContext::bad_cp_index(bci, index), "Invalid index in ldc"); 2080285242Sachim return; 2081285242Sachim } 2082285242Sachim} 2083285242Sachim 2084285242Sachimvoid ClassVerifier::verify_switch( 2085285242Sachim RawBytecodeStream* bcs, u4 code_length, char* code_data, 2086285242Sachim StackMapFrame* current_frame, StackMapTable* stackmap_table, TRAPS) { 2087285242Sachim int bci = bcs->bci(); 2088285242Sachim address bcp = bcs->bcp(); 2089285242Sachim address aligned_bcp = (address) round_to((intptr_t)(bcp + 1), jintSize); 2090285242Sachim 2091285242Sachim if (_klass->major_version() < NONZERO_PADDING_BYTES_IN_SWITCH_MAJOR_VERSION) { 2092285242Sachim // 4639449 & 4647081: padding bytes must be 0 2093285242Sachim u2 padding_offset = 1; 2094285242Sachim while ((bcp + padding_offset) < aligned_bcp) { 2095285242Sachim if(*(bcp + padding_offset) != 0) { 2096285242Sachim verify_error(ErrorContext::bad_code(bci), 2097285242Sachim "Nonzero padding byte in lookupswitch or tableswitch"); 2098285242Sachim return; 2099285242Sachim } 2100285242Sachim padding_offset++; 2101285242Sachim } 2102285242Sachim } 2103285242Sachim 2104285242Sachim int default_offset = (int) Bytes::get_Java_u4(aligned_bcp); 2105285242Sachim int keys, delta; 2106285242Sachim current_frame->pop_stack( 2107285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 2108285242Sachim if (bcs->raw_code() == Bytecodes::_tableswitch) { 2109285242Sachim jint low = (jint)Bytes::get_Java_u4(aligned_bcp + jintSize); 2110285242Sachim jint high = (jint)Bytes::get_Java_u4(aligned_bcp + 2*jintSize); 2111285242Sachim if (low > high) { 2112285242Sachim verify_error(ErrorContext::bad_code(bci), 2113285242Sachim "low must be less than or equal to high in tableswitch"); 2114285242Sachim return; 2115285242Sachim } 2116285242Sachim keys = high - low + 1; 2117285242Sachim if (keys < 0) { 2118285242Sachim verify_error(ErrorContext::bad_code(bci), "too many keys in tableswitch"); 2119285242Sachim return; 2120285242Sachim } 2121285242Sachim delta = 1; 2122285242Sachim } else { 2123285242Sachim keys = (int)Bytes::get_Java_u4(aligned_bcp + jintSize); 2124285242Sachim if (keys < 0) { 2125285242Sachim verify_error(ErrorContext::bad_code(bci), 2126285242Sachim "number of keys in lookupswitch less than 0"); 2127285242Sachim return; 2128285242Sachim } 2129285242Sachim delta = 2; 2130285242Sachim // Make sure that the lookupswitch items are sorted 2131285242Sachim for (int i = 0; i < (keys - 1); i++) { 2132285242Sachim jint this_key = Bytes::get_Java_u4(aligned_bcp + (2+2*i)*jintSize); 2133285242Sachim jint next_key = Bytes::get_Java_u4(aligned_bcp + (2+2*i+2)*jintSize); 2134285242Sachim if (this_key >= next_key) { 2135285242Sachim verify_error(ErrorContext::bad_code(bci), 2136285242Sachim "Bad lookupswitch instruction"); 2137285242Sachim return; 2138285242Sachim } 2139285242Sachim } 2140285242Sachim } 2141285242Sachim int target = bci + default_offset; 2142285242Sachim stackmap_table->check_jump_target(current_frame, target, CHECK_VERIFY(this)); 2143285242Sachim for (int i = 0; i < keys; i++) { 2144285242Sachim // Because check_jump_target() may safepoint, the bytecode could have 2145285242Sachim // moved, which means 'aligned_bcp' is no good and needs to be recalculated. 2146285242Sachim aligned_bcp = (address)round_to((intptr_t)(bcs->bcp() + 1), jintSize); 2147285242Sachim target = bci + (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize); 2148285242Sachim stackmap_table->check_jump_target( 2149285242Sachim current_frame, target, CHECK_VERIFY(this)); 2150285242Sachim } 2151285242Sachim NOT_PRODUCT(aligned_bcp = NULL); // no longer valid at this point 2152285242Sachim} 2153285242Sachim 2154285242Sachimbool ClassVerifier::name_in_supers( 2155285242Sachim Symbol* ref_name, instanceKlassHandle current) { 2156285242Sachim Klass* super = current->super(); 2157285242Sachim while (super != NULL) { 2158285242Sachim if (super->name() == ref_name) { 2159285242Sachim return true; 2160285242Sachim } 2161285242Sachim super = super->super(); 2162285242Sachim } 2163285242Sachim return false; 2164285242Sachim} 2165285242Sachim 2166285242Sachimvoid ClassVerifier::verify_field_instructions(RawBytecodeStream* bcs, 2167285242Sachim StackMapFrame* current_frame, 2168285242Sachim const constantPoolHandle& cp, 2169285242Sachim bool allow_arrays, 2170285242Sachim TRAPS) { 2171285242Sachim u2 index = bcs->get_index_u2(); 2172285242Sachim verify_cp_type(bcs->bci(), index, cp, 2173285242Sachim 1 << JVM_CONSTANT_Fieldref, CHECK_VERIFY(this)); 2174285242Sachim 2175285242Sachim // Get field name and signature 2176285242Sachim Symbol* field_name = cp->name_ref_at(index); 2177285242Sachim Symbol* field_sig = cp->signature_ref_at(index); 2178285242Sachim 2179285242Sachim if (!SignatureVerifier::is_valid_type_signature(field_sig)) { 2180285242Sachim class_format_error( 2181285242Sachim "Invalid signature for field in class %s referenced " 2182285242Sachim "from constant pool index %d", _klass->external_name(), index); 2183285242Sachim return; 2184285242Sachim } 2185285242Sachim 2186285242Sachim // Get referenced class type 2187285242Sachim VerificationType ref_class_type = cp_ref_index_to_type( 2188285242Sachim index, cp, CHECK_VERIFY(this)); 2189285242Sachim if (!ref_class_type.is_object() && 2190285242Sachim (!allow_arrays || !ref_class_type.is_array())) { 2191285242Sachim verify_error(ErrorContext::bad_type(bcs->bci(), 2192285242Sachim TypeOrigin::cp(index, ref_class_type)), 2193285242Sachim "Expecting reference to class in class %s at constant pool index %d", 2194285242Sachim _klass->external_name(), index); 2195285242Sachim return; 2196285242Sachim } 2197285242Sachim VerificationType target_class_type = ref_class_type; 2198285242Sachim 2199285242Sachim assert(sizeof(VerificationType) == sizeof(uintptr_t), 2200285242Sachim "buffer type must match VerificationType size"); 2201285242Sachim uintptr_t field_type_buffer[2]; 2202285242Sachim VerificationType* field_type = (VerificationType*)field_type_buffer; 2203285242Sachim // If we make a VerificationType[2] array directly, the compiler calls 2204285242Sachim // to the c-runtime library to do the allocation instead of just 2205285242Sachim // stack allocating it. Plus it would run constructors. This shows up 2206285242Sachim // in performance profiles. 2207285242Sachim 2208285242Sachim SignatureStream sig_stream(field_sig, false); 2209285242Sachim VerificationType stack_object_type; 2210285242Sachim int n = change_sig_to_verificationType( 2211285242Sachim &sig_stream, field_type, CHECK_VERIFY(this)); 2212285242Sachim u2 bci = bcs->bci(); 2213285242Sachim bool is_assignable; 2214285242Sachim switch (bcs->raw_code()) { 2215285242Sachim case Bytecodes::_getstatic: { 2216285242Sachim for (int i = 0; i < n; i++) { 2217285242Sachim current_frame->push_stack(field_type[i], CHECK_VERIFY(this)); 2218285242Sachim } 2219285242Sachim break; 2220285242Sachim } 2221285242Sachim case Bytecodes::_putstatic: { 2222285242Sachim for (int i = n - 1; i >= 0; i--) { 2223285242Sachim current_frame->pop_stack(field_type[i], CHECK_VERIFY(this)); 2224285242Sachim } 2225285242Sachim break; 2226285242Sachim } 2227285242Sachim case Bytecodes::_getfield: { 2228285242Sachim stack_object_type = current_frame->pop_stack( 2229285242Sachim target_class_type, CHECK_VERIFY(this)); 2230285242Sachim for (int i = 0; i < n; i++) { 2231285242Sachim current_frame->push_stack(field_type[i], CHECK_VERIFY(this)); 2232285242Sachim } 2233285242Sachim goto check_protected; 2234285242Sachim } 2235285242Sachim case Bytecodes::_putfield: { 2236285242Sachim for (int i = n - 1; i >= 0; i--) { 2237285242Sachim current_frame->pop_stack(field_type[i], CHECK_VERIFY(this)); 2238285242Sachim } 2239285242Sachim stack_object_type = current_frame->pop_stack(CHECK_VERIFY(this)); 2240285242Sachim 2241285242Sachim // The JVMS 2nd edition allows field initialization before the superclass 2242285242Sachim // initializer, if the field is defined within the current class. 2243285242Sachim fieldDescriptor fd; 2244285242Sachim if (stack_object_type == VerificationType::uninitialized_this_type() && 2245285242Sachim target_class_type.equals(current_type()) && 2246285242Sachim _klass->find_local_field(field_name, field_sig, &fd)) { 2247285242Sachim stack_object_type = current_type(); 2248285242Sachim } 2249285242Sachim is_assignable = target_class_type.is_assignable_from( 2250285242Sachim stack_object_type, this, false, CHECK_VERIFY(this)); 2251285242Sachim if (!is_assignable) { 2252285242Sachim verify_error(ErrorContext::bad_type(bci, 2253285242Sachim current_frame->stack_top_ctx(), 2254285242Sachim TypeOrigin::cp(index, target_class_type)), 2255285242Sachim "Bad type on operand stack in putfield"); 2256285242Sachim return; 2257285242Sachim } 2258285242Sachim } 2259285242Sachim check_protected: { 2260285242Sachim if (_this_type == stack_object_type) 2261285242Sachim break; // stack_object_type must be assignable to _current_class_type 2262285242Sachim Symbol* ref_class_name = 2263285242Sachim cp->klass_name_at(cp->klass_ref_index_at(index)); 2264285242Sachim if (!name_in_supers(ref_class_name, current_class())) 2265285242Sachim // stack_object_type must be assignable to _current_class_type since: 2266285242Sachim // 1. stack_object_type must be assignable to ref_class. 2267285242Sachim // 2. ref_class must be _current_class or a subclass of it. It can't 2268285242Sachim // be a superclass of it. See revised JVMS 5.4.4. 2269285242Sachim break; 2270285242Sachim 2271285242Sachim Klass* ref_class_oop = load_class(ref_class_name, CHECK); 2272285242Sachim if (is_protected_access(current_class(), ref_class_oop, field_name, 2273285242Sachim field_sig, false)) { 2274285242Sachim // It's protected access, check if stack object is assignable to 2275285242Sachim // current class. 2276285242Sachim is_assignable = current_type().is_assignable_from( 2277285242Sachim stack_object_type, this, true, CHECK_VERIFY(this)); 2278285242Sachim if (!is_assignable) { 2279285242Sachim verify_error(ErrorContext::bad_type(bci, 2280285242Sachim current_frame->stack_top_ctx(), 2281285242Sachim TypeOrigin::implicit(current_type())), 2282285242Sachim "Bad access to protected data in getfield"); 2283285242Sachim return; 2284285242Sachim } 2285285242Sachim } 2286285242Sachim break; 2287285242Sachim } 2288285242Sachim default: ShouldNotReachHere(); 2289285242Sachim } 2290285242Sachim} 2291285242Sachim 2292285242Sachim// Look at the method's handlers. If the bci is in the handler's try block 2293285242Sachim// then check if the handler_pc is already on the stack. If not, push it 2294285242Sachim// unless the handler has already been scanned. 2295285242Sachimvoid ClassVerifier::push_handlers(ExceptionTable* exhandlers, 2296285242Sachim GrowableArray<u4>* handler_list, 2297285242Sachim GrowableArray<u4>* handler_stack, 2298285242Sachim u4 bci) { 2299285242Sachim int exlength = exhandlers->length(); 2300285242Sachim for(int x = 0; x < exlength; x++) { 2301285242Sachim if (bci >= exhandlers->start_pc(x) && bci < exhandlers->end_pc(x)) { 2302285242Sachim u4 exhandler_pc = exhandlers->handler_pc(x); 2303285242Sachim if (!handler_list->contains(exhandler_pc)) { 2304285242Sachim handler_stack->append_if_missing(exhandler_pc); 2305285242Sachim handler_list->append(exhandler_pc); 2306285242Sachim } 2307285242Sachim } 2308285242Sachim } 2309285242Sachim} 2310285242Sachim 2311285242Sachim// Return TRUE if all code paths starting with start_bc_offset end in 2312285242Sachim// bytecode athrow or loop. 2313285242Sachimbool ClassVerifier::ends_in_athrow(u4 start_bc_offset) { 2314285242Sachim ResourceMark rm; 2315285242Sachim // Create bytecode stream. 2316285242Sachim RawBytecodeStream bcs(method()); 2317285242Sachim u4 code_length = method()->code_size(); 2318285242Sachim bcs.set_start(start_bc_offset); 2319285242Sachim u4 target; 2320285242Sachim // Create stack for storing bytecode start offsets for if* and *switch. 2321285242Sachim GrowableArray<u4>* bci_stack = new GrowableArray<u4>(30); 2322285242Sachim // Create stack for handlers for try blocks containing this handler. 2323285242Sachim GrowableArray<u4>* handler_stack = new GrowableArray<u4>(30); 2324285242Sachim // Create list of handlers that have been pushed onto the handler_stack 2325285242Sachim // so that handlers embedded inside of their own TRY blocks only get 2326285242Sachim // scanned once. 2327285242Sachim GrowableArray<u4>* handler_list = new GrowableArray<u4>(30); 2328285242Sachim // Create list of visited branch opcodes (goto* and if*). 2329285242Sachim GrowableArray<u4>* visited_branches = new GrowableArray<u4>(30); 2330285242Sachim ExceptionTable exhandlers(_method()); 2331285242Sachim 2332285242Sachim while (true) { 2333285242Sachim if (bcs.is_last_bytecode()) { 2334285242Sachim // if no more starting offsets to parse or if at the end of the 2335285242Sachim // method then return false. 2336285242Sachim if ((bci_stack->is_empty()) || ((u4)bcs.end_bci() == code_length)) 2337285242Sachim return false; 2338285242Sachim // Pop a bytecode starting offset and scan from there. 2339285242Sachim bcs.set_start(bci_stack->pop()); 2340285242Sachim } 2341285242Sachim Bytecodes::Code opcode = bcs.raw_next(); 2342285242Sachim u4 bci = bcs.bci(); 2343285242Sachim 2344285242Sachim // If the bytecode is in a TRY block, push its handlers so they 2345285242Sachim // will get parsed. 2346285242Sachim push_handlers(&exhandlers, handler_list, handler_stack, bci); 2347285242Sachim 2348285242Sachim switch (opcode) { 2349285242Sachim case Bytecodes::_if_icmpeq: 2350285242Sachim case Bytecodes::_if_icmpne: 2351285242Sachim case Bytecodes::_if_icmplt: 2352285242Sachim case Bytecodes::_if_icmpge: 2353285242Sachim case Bytecodes::_if_icmpgt: 2354285242Sachim case Bytecodes::_if_icmple: 2355285242Sachim case Bytecodes::_ifeq: 2356285242Sachim case Bytecodes::_ifne: 2357285242Sachim case Bytecodes::_iflt: 2358285242Sachim case Bytecodes::_ifge: 2359285242Sachim case Bytecodes::_ifgt: 2360285242Sachim case Bytecodes::_ifle: 2361285242Sachim case Bytecodes::_if_acmpeq: 2362285242Sachim case Bytecodes::_if_acmpne: 2363285242Sachim case Bytecodes::_ifnull: 2364285242Sachim case Bytecodes::_ifnonnull: 2365285242Sachim target = bcs.dest(); 2366285242Sachim if (visited_branches->contains(bci)) { 2367285242Sachim if (bci_stack->is_empty()) return true; 2368285242Sachim // Pop a bytecode starting offset and scan from there. 2369285242Sachim bcs.set_start(bci_stack->pop()); 2370285242Sachim } else { 2371285242Sachim if (target > bci) { // forward branch 2372285242Sachim if (target >= code_length) return false; 2373285242Sachim // Push the branch target onto the stack. 2374285242Sachim bci_stack->push(target); 2375285242Sachim // then, scan bytecodes starting with next. 2376285242Sachim bcs.set_start(bcs.next_bci()); 2377285242Sachim } else { // backward branch 2378285242Sachim // Push bytecode offset following backward branch onto the stack. 2379285242Sachim bci_stack->push(bcs.next_bci()); 2380285242Sachim // Check bytecodes starting with branch target. 2381285242Sachim bcs.set_start(target); 2382285242Sachim } 2383285242Sachim // Record target so we don't branch here again. 2384285242Sachim visited_branches->append(bci); 2385285242Sachim } 2386285242Sachim break; 2387285242Sachim 2388285242Sachim case Bytecodes::_goto: 2389285242Sachim case Bytecodes::_goto_w: 2390285242Sachim target = (opcode == Bytecodes::_goto ? bcs.dest() : bcs.dest_w()); 2391285242Sachim if (visited_branches->contains(bci)) { 2392285242Sachim if (bci_stack->is_empty()) return true; 2393285242Sachim // Been here before, pop new starting offset from stack. 2394285242Sachim bcs.set_start(bci_stack->pop()); 2395285242Sachim } else { 2396285242Sachim if (target >= code_length) return false; 2397285242Sachim // Continue scanning from the target onward. 2398285242Sachim bcs.set_start(target); 2399285242Sachim // Record target so we don't branch here again. 2400285242Sachim visited_branches->append(bci); 2401285242Sachim } 2402285242Sachim break; 2403285242Sachim 2404285242Sachim // Check that all switch alternatives end in 'athrow' bytecodes. Since it 2405285242Sachim // is difficult to determine where each switch alternative ends, parse 2406285242Sachim // each switch alternative until either hit a 'return', 'athrow', or reach 2407285242Sachim // the end of the method's bytecodes. This is gross but should be okay 2408285242Sachim // because: 2409285242Sachim // 1. tableswitch and lookupswitch byte codes in handlers for ctor explicit 2410285242Sachim // constructor invocations should be rare. 2411285242Sachim // 2. if each switch alternative ends in an athrow then the parsing should be 2412285242Sachim // short. If there is no athrow then it is bogus code, anyway. 2413285242Sachim case Bytecodes::_lookupswitch: 2414285242Sachim case Bytecodes::_tableswitch: 2415285242Sachim { 2416285242Sachim address aligned_bcp = (address) round_to((intptr_t)(bcs.bcp() + 1), jintSize); 2417285242Sachim u4 default_offset = Bytes::get_Java_u4(aligned_bcp) + bci; 2418285242Sachim int keys, delta; 2419285242Sachim if (opcode == Bytecodes::_tableswitch) { 2420285242Sachim jint low = (jint)Bytes::get_Java_u4(aligned_bcp + jintSize); 2421285242Sachim jint high = (jint)Bytes::get_Java_u4(aligned_bcp + 2*jintSize); 2422285242Sachim // This is invalid, but let the regular bytecode verifier 2423285242Sachim // report this because the user will get a better error message. 2424285242Sachim if (low > high) return true; 2425285242Sachim keys = high - low + 1; 2426285242Sachim delta = 1; 2427285242Sachim } else { 2428285242Sachim keys = (int)Bytes::get_Java_u4(aligned_bcp + jintSize); 2429285242Sachim delta = 2; 2430285242Sachim } 2431285242Sachim // Invalid, let the regular bytecode verifier deal with it. 2432285242Sachim if (keys < 0) return true; 2433285242Sachim 2434285242Sachim // Push the offset of the next bytecode onto the stack. 2435285242Sachim bci_stack->push(bcs.next_bci()); 2436285242Sachim 2437285242Sachim // Push the switch alternatives onto the stack. 2438285242Sachim for (int i = 0; i < keys; i++) { 2439285242Sachim u4 target = bci + (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize); 2440285242Sachim if (target > code_length) return false; 2441285242Sachim bci_stack->push(target); 2442285242Sachim } 2443285242Sachim 2444285242Sachim // Start bytecode parsing for the switch at the default alternative. 2445285242Sachim if (default_offset > code_length) return false; 2446285242Sachim bcs.set_start(default_offset); 2447285242Sachim break; 2448285242Sachim } 2449285242Sachim 2450285242Sachim case Bytecodes::_return: 2451285242Sachim return false; 2452285242Sachim 2453285242Sachim case Bytecodes::_athrow: 2454285242Sachim { 2455285242Sachim if (bci_stack->is_empty()) { 2456285242Sachim if (handler_stack->is_empty()) { 2457285242Sachim return true; 2458285242Sachim } else { 2459285242Sachim // Parse the catch handlers for try blocks containing athrow. 2460285242Sachim bcs.set_start(handler_stack->pop()); 2461285242Sachim } 2462285242Sachim } else { 2463285242Sachim // Pop a bytecode offset and starting scanning from there. 2464285242Sachim bcs.set_start(bci_stack->pop()); 2465285242Sachim } 2466285242Sachim } 2467285242Sachim break; 2468285242Sachim 2469285242Sachim default: 2470285242Sachim ; 2471285242Sachim } // end switch 2472285242Sachim } // end while loop 2473285242Sachim 2474285242Sachim return false; 2475285242Sachim} 2476285242Sachim 2477285242Sachimvoid ClassVerifier::verify_invoke_init( 2478285242Sachim RawBytecodeStream* bcs, u2 ref_class_index, VerificationType ref_class_type, 2479285242Sachim StackMapFrame* current_frame, u4 code_length, bool in_try_block, 2480285242Sachim bool *this_uninit, const constantPoolHandle& cp, StackMapTable* stackmap_table, 2481285242Sachim TRAPS) { 2482285242Sachim u2 bci = bcs->bci(); 2483285242Sachim VerificationType type = current_frame->pop_stack( 2484285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 2485285242Sachim if (type == VerificationType::uninitialized_this_type()) { 2486285242Sachim // The method must be an <init> method of this class or its superclass 2487285242Sachim Klass* superk = current_class()->super(); 2488285242Sachim if (ref_class_type.name() != current_class()->name() && 2489285242Sachim ref_class_type.name() != superk->name()) { 2490285242Sachim verify_error(ErrorContext::bad_type(bci, 2491285242Sachim TypeOrigin::implicit(ref_class_type), 2492285242Sachim TypeOrigin::implicit(current_type())), 2493285242Sachim "Bad <init> method call"); 2494285242Sachim return; 2495285242Sachim } 2496285242Sachim 2497285242Sachim // If this invokespecial call is done from inside of a TRY block then make 2498285242Sachim // sure that all catch clause paths end in a throw. Otherwise, this can 2499285242Sachim // result in returning an incomplete object. 2500285242Sachim if (in_try_block) { 2501285242Sachim ExceptionTable exhandlers(_method()); 2502285242Sachim int exlength = exhandlers.length(); 2503285242Sachim for(int i = 0; i < exlength; i++) { 2504285242Sachim u2 start_pc = exhandlers.start_pc(i); 2505285242Sachim u2 end_pc = exhandlers.end_pc(i); 2506285242Sachim 2507285242Sachim if (bci >= start_pc && bci < end_pc) { 2508285242Sachim if (!ends_in_athrow(exhandlers.handler_pc(i))) { 2509285242Sachim verify_error(ErrorContext::bad_code(bci), 2510285242Sachim "Bad <init> method call from after the start of a try block"); 2511285242Sachim return; 2512285242Sachim } else if (VerboseVerification) { 2513285242Sachim ResourceMark rm; 2514285242Sachim tty->print_cr( 2515285242Sachim "Survived call to ends_in_athrow(): %s", 2516285242Sachim current_class()->name()->as_C_string()); 2517285242Sachim } 2518285242Sachim } 2519285242Sachim } 2520285242Sachim 2521285242Sachim // Check the exception handler target stackmaps with the locals from the 2522285242Sachim // incoming stackmap (before initialize_object() changes them to outgoing 2523285242Sachim // state). 2524285242Sachim verify_exception_handler_targets(bci, true, current_frame, 2525285242Sachim stackmap_table, CHECK_VERIFY(this)); 2526285242Sachim } // in_try_block 2527285242Sachim 2528285242Sachim current_frame->initialize_object(type, current_type()); 2529285242Sachim *this_uninit = true; 2530285242Sachim } else if (type.is_uninitialized()) { 2531285242Sachim u2 new_offset = type.bci(); 2532285242Sachim address new_bcp = bcs->bcp() - bci + new_offset; 2533285242Sachim if (new_offset > (code_length - 3) || (*new_bcp) != Bytecodes::_new) { 2534285242Sachim /* Unreachable? Stack map parsing ensures valid type and new 2535285242Sachim * instructions have a valid BCI. */ 2536285242Sachim verify_error(ErrorContext::bad_code(new_offset), 2537285242Sachim "Expecting new instruction"); 2538285242Sachim return; 2539285242Sachim } 2540285242Sachim u2 new_class_index = Bytes::get_Java_u2(new_bcp + 1); 2541285242Sachim verify_cp_class_type(bci, new_class_index, cp, CHECK_VERIFY(this)); 2542285242Sachim 2543285242Sachim // The method must be an <init> method of the indicated class 2544285242Sachim VerificationType new_class_type = cp_index_to_type( 2545285242Sachim new_class_index, cp, CHECK_VERIFY(this)); 2546285242Sachim if (!new_class_type.equals(ref_class_type)) { 2547285242Sachim verify_error(ErrorContext::bad_type(bci, 2548285242Sachim TypeOrigin::cp(new_class_index, new_class_type), 2549285242Sachim TypeOrigin::cp(ref_class_index, ref_class_type)), 2550285242Sachim "Call to wrong <init> method"); 2551285242Sachim return; 2552285242Sachim } 2553285242Sachim // According to the VM spec, if the referent class is a superclass of the 2554285242Sachim // current class, and is in a different runtime package, and the method is 2555285242Sachim // protected, then the objectref must be the current class or a subclass 2556285242Sachim // of the current class. 2557285242Sachim VerificationType objectref_type = new_class_type; 2558285242Sachim if (name_in_supers(ref_class_type.name(), current_class())) { 2559285242Sachim Klass* ref_klass = load_class(ref_class_type.name(), CHECK); 2560285242Sachim Method* m = InstanceKlass::cast(ref_klass)->uncached_lookup_method( 2561285242Sachim vmSymbols::object_initializer_name(), 2562285242Sachim cp->signature_ref_at(bcs->get_index_u2()), 2563285242Sachim Klass::find_overpass); 2564285242Sachim // Do nothing if method is not found. Let resolution detect the error. 2565285242Sachim if (m != NULL) { 2566285242Sachim instanceKlassHandle mh(THREAD, m->method_holder()); 2567285242Sachim if (m->is_protected() && !mh->is_same_class_package(_klass())) { 2568285242Sachim bool assignable = current_type().is_assignable_from( 2569285242Sachim objectref_type, this, true, CHECK_VERIFY(this)); 2570285242Sachim if (!assignable) { 2571285242Sachim verify_error(ErrorContext::bad_type(bci, 2572285242Sachim TypeOrigin::cp(new_class_index, objectref_type), 2573285242Sachim TypeOrigin::implicit(current_type())), 2574285242Sachim "Bad access to protected <init> method"); 2575285242Sachim return; 2576285242Sachim } 2577285242Sachim } 2578285242Sachim } 2579285242Sachim } 2580285242Sachim // Check the exception handler target stackmaps with the locals from the 2581285242Sachim // incoming stackmap (before initialize_object() changes them to outgoing 2582285242Sachim // state). 2583285242Sachim if (in_try_block) { 2584285242Sachim verify_exception_handler_targets(bci, *this_uninit, current_frame, 2585285242Sachim stackmap_table, CHECK_VERIFY(this)); 2586285242Sachim } 2587285242Sachim current_frame->initialize_object(type, new_class_type); 2588285242Sachim } else { 2589285242Sachim verify_error(ErrorContext::bad_type(bci, current_frame->stack_top_ctx()), 2590285242Sachim "Bad operand type when invoking <init>"); 2591285242Sachim return; 2592285242Sachim } 2593285242Sachim} 2594285242Sachim 2595285242Sachimbool ClassVerifier::is_same_or_direct_interface( 2596285242Sachim instanceKlassHandle klass, 2597285242Sachim VerificationType klass_type, 2598285242Sachim VerificationType ref_class_type) { 2599285242Sachim if (ref_class_type.equals(klass_type)) return true; 2600285242Sachim Array<Klass*>* local_interfaces = klass->local_interfaces(); 2601285242Sachim if (local_interfaces != NULL) { 2602285242Sachim for (int x = 0; x < local_interfaces->length(); x++) { 2603285242Sachim Klass* k = local_interfaces->at(x); 2604285242Sachim assert (k != NULL && k->is_interface(), "invalid interface"); 2605285242Sachim if (ref_class_type.equals(VerificationType::reference_type(k->name()))) { 2606285242Sachim return true; 2607285242Sachim } 2608285242Sachim } 2609285242Sachim } 2610285242Sachim return false; 2611285242Sachim} 2612285242Sachim 2613285242Sachimvoid ClassVerifier::verify_invoke_instructions( 2614285242Sachim RawBytecodeStream* bcs, u4 code_length, StackMapFrame* current_frame, 2615285242Sachim bool in_try_block, bool *this_uninit, VerificationType return_type, 2616285242Sachim const constantPoolHandle& cp, StackMapTable* stackmap_table, TRAPS) { 2617285242Sachim // Make sure the constant pool item is the right type 2618285242Sachim u2 index = bcs->get_index_u2(); 2619285242Sachim Bytecodes::Code opcode = bcs->raw_code(); 2620285242Sachim unsigned int types; 2621285242Sachim switch (opcode) { 2622285242Sachim case Bytecodes::_invokeinterface: 2623285242Sachim types = 1 << JVM_CONSTANT_InterfaceMethodref; 2624285242Sachim break; 2625285242Sachim case Bytecodes::_invokedynamic: 2626285242Sachim types = 1 << JVM_CONSTANT_InvokeDynamic; 2627285242Sachim break; 2628285242Sachim case Bytecodes::_invokespecial: 2629285242Sachim case Bytecodes::_invokestatic: 2630285242Sachim types = (_klass->major_version() < STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION) ? 2631285242Sachim (1 << JVM_CONSTANT_Methodref) : 2632285242Sachim ((1 << JVM_CONSTANT_InterfaceMethodref) | (1 << JVM_CONSTANT_Methodref)); 2633285242Sachim break; 2634285242Sachim default: 2635285242Sachim types = 1 << JVM_CONSTANT_Methodref; 2636285242Sachim } 2637285242Sachim verify_cp_type(bcs->bci(), index, cp, types, CHECK_VERIFY(this)); 2638285242Sachim 2639285242Sachim // Get method name and signature 2640285242Sachim Symbol* method_name = cp->name_ref_at(index); 2641285242Sachim Symbol* method_sig = cp->signature_ref_at(index); 2642285242Sachim 2643285242Sachim if (!SignatureVerifier::is_valid_method_signature(method_sig)) { 2644285242Sachim class_format_error( 2645285242Sachim "Invalid method signature in class %s referenced " 2646285242Sachim "from constant pool index %d", _klass->external_name(), index); 2647285242Sachim return; 2648285242Sachim } 2649285242Sachim 2650285242Sachim // Get referenced class type 2651285242Sachim VerificationType ref_class_type; 2652285242Sachim if (opcode == Bytecodes::_invokedynamic) { 2653285242Sachim if (_klass->major_version() < Verifier::INVOKEDYNAMIC_MAJOR_VERSION) { 2654285242Sachim class_format_error( 2655285242Sachim "invokedynamic instructions not supported by this class file version (%d), class %s", 2656285242Sachim _klass->major_version(), _klass->external_name()); 2657285242Sachim return; 2658285242Sachim } 2659285242Sachim } else { 2660285242Sachim ref_class_type = cp_ref_index_to_type(index, cp, CHECK_VERIFY(this)); 2661285242Sachim } 2662285242Sachim 2663285242Sachim // For a small signature length, we just allocate 128 bytes instead 2664285242Sachim // of parsing the signature once to find its size. 2665285242Sachim // -3 is for '(', ')' and return descriptor; multiply by 2 is for 2666285242Sachim // longs/doubles to be consertive. 2667285242Sachim assert(sizeof(VerificationType) == sizeof(uintptr_t), 2668285242Sachim "buffer type must match VerificationType size"); 2669285242Sachim uintptr_t on_stack_sig_types_buffer[128]; 2670285242Sachim // If we make a VerificationType[128] array directly, the compiler calls 2671285242Sachim // to the c-runtime library to do the allocation instead of just 2672285242Sachim // stack allocating it. Plus it would run constructors. This shows up 2673285242Sachim // in performance profiles. 2674285242Sachim 2675285242Sachim VerificationType* sig_types; 2676285242Sachim int size = (method_sig->utf8_length() - 3) * 2; 2677285242Sachim if (size > 128) { 2678285242Sachim // Long and double occupies two slots here. 2679285242Sachim ArgumentSizeComputer size_it(method_sig); 2680285242Sachim size = size_it.size(); 2681285242Sachim sig_types = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, VerificationType, size); 2682285242Sachim } else{ 2683285242Sachim sig_types = (VerificationType*)on_stack_sig_types_buffer; 2684285242Sachim } 2685285242Sachim SignatureStream sig_stream(method_sig); 2686285242Sachim int sig_i = 0; 2687285242Sachim while (!sig_stream.at_return_type()) { 2688285242Sachim sig_i += change_sig_to_verificationType( 2689285242Sachim &sig_stream, &sig_types[sig_i], CHECK_VERIFY(this)); 2690285242Sachim sig_stream.next(); 2691285242Sachim } 2692285242Sachim int nargs = sig_i; 2693285242Sachim 2694285242Sachim#ifdef ASSERT 2695285242Sachim { 2696285242Sachim ArgumentSizeComputer size_it(method_sig); 2697285242Sachim assert(nargs == size_it.size(), "Argument sizes do not match"); 2698285242Sachim assert(nargs <= (method_sig->utf8_length() - 3) * 2, "estimate of max size isn't conservative enough"); 2699285242Sachim } 2700285242Sachim#endif 2701285242Sachim 2702285242Sachim // Check instruction operands 2703285242Sachim u2 bci = bcs->bci(); 2704285242Sachim if (opcode == Bytecodes::_invokeinterface) { 2705285242Sachim address bcp = bcs->bcp(); 2706285242Sachim // 4905268: count operand in invokeinterface should be nargs+1, not nargs. 2707285242Sachim // JSR202 spec: The count operand of an invokeinterface instruction is valid if it is 2708285242Sachim // the difference between the size of the operand stack before and after the instruction 2709285242Sachim // executes. 2710285242Sachim if (*(bcp+3) != (nargs+1)) { 2711285242Sachim verify_error(ErrorContext::bad_code(bci), 2712285242Sachim "Inconsistent args count operand in invokeinterface"); 2713285242Sachim return; 2714285242Sachim } 2715285242Sachim if (*(bcp+4) != 0) { 2716285242Sachim verify_error(ErrorContext::bad_code(bci), 2717285242Sachim "Fourth operand byte of invokeinterface must be zero"); 2718285242Sachim return; 2719285242Sachim } 2720285242Sachim } 2721285242Sachim 2722285242Sachim if (opcode == Bytecodes::_invokedynamic) { 2723285242Sachim address bcp = bcs->bcp(); 2724285242Sachim if (*(bcp+3) != 0 || *(bcp+4) != 0) { 2725285242Sachim verify_error(ErrorContext::bad_code(bci), 2726285242Sachim "Third and fourth operand bytes of invokedynamic must be zero"); 2727285242Sachim return; 2728285242Sachim } 2729285242Sachim } 2730285242Sachim 2731285242Sachim if (method_name->byte_at(0) == '<') { 2732285242Sachim // Make sure <init> can only be invoked by invokespecial 2733285242Sachim if (opcode != Bytecodes::_invokespecial || 2734285242Sachim method_name != vmSymbols::object_initializer_name()) { 2735285242Sachim verify_error(ErrorContext::bad_code(bci), 2736285242Sachim "Illegal call to internal method"); 2737285242Sachim return; 2738285242Sachim } 2739285242Sachim } else if (opcode == Bytecodes::_invokespecial 2740285242Sachim && !is_same_or_direct_interface(current_class(), current_type(), ref_class_type) 2741285242Sachim && !ref_class_type.equals(VerificationType::reference_type( 2742285242Sachim current_class()->super()->name()))) { 2743285242Sachim bool subtype = false; 2744285242Sachim bool have_imr_indirect = cp->tag_at(index).value() == JVM_CONSTANT_InterfaceMethodref; 2745285242Sachim if (!current_class()->is_anonymous()) { 2746285242Sachim subtype = ref_class_type.is_assignable_from( 2747285242Sachim current_type(), this, false, CHECK_VERIFY(this)); 2748285242Sachim } else { 2749285242Sachim VerificationType host_klass_type = 2750285242Sachim VerificationType::reference_type(current_class()->host_klass()->name()); 2751285242Sachim subtype = ref_class_type.is_assignable_from(host_klass_type, this, false, CHECK_VERIFY(this)); 2752285242Sachim 2753285242Sachim // If invokespecial of IMR, need to recheck for same or 2754285242Sachim // direct interface relative to the host class 2755285242Sachim have_imr_indirect = (have_imr_indirect && 2756285242Sachim !is_same_or_direct_interface( 2757285242Sachim InstanceKlass::cast(current_class()->host_klass()), 2758285242Sachim host_klass_type, ref_class_type)); 2759285242Sachim } 2760285242Sachim if (!subtype) { 2761285242Sachim verify_error(ErrorContext::bad_code(bci), 2762285242Sachim "Bad invokespecial instruction: " 2763285242Sachim "current class isn't assignable to reference class."); 2764285242Sachim return; 2765285242Sachim } else if (have_imr_indirect) { 2766285242Sachim verify_error(ErrorContext::bad_code(bci), 2767285242Sachim "Bad invokespecial instruction: " 2768285242Sachim "interface method reference is in an indirect superinterface."); 2769285242Sachim return; 2770285242Sachim } 2771285242Sachim 2772285242Sachim } 2773285242Sachim // Match method descriptor with operand stack 2774285242Sachim for (int i = nargs - 1; i >= 0; i--) { // Run backwards 2775285242Sachim current_frame->pop_stack(sig_types[i], CHECK_VERIFY(this)); 2776285242Sachim } 2777285242Sachim // Check objectref on operand stack 2778285242Sachim if (opcode != Bytecodes::_invokestatic && 2779285242Sachim opcode != Bytecodes::_invokedynamic) { 2780285242Sachim if (method_name == vmSymbols::object_initializer_name()) { // <init> method 2781285242Sachim verify_invoke_init(bcs, index, ref_class_type, current_frame, 2782285242Sachim code_length, in_try_block, this_uninit, cp, stackmap_table, 2783285242Sachim CHECK_VERIFY(this)); 2784285242Sachim } else { // other methods 2785285242Sachim // Ensures that target class is assignable to method class. 2786285242Sachim if (opcode == Bytecodes::_invokespecial) { 2787285242Sachim if (!current_class()->is_anonymous()) { 2788285242Sachim current_frame->pop_stack(current_type(), CHECK_VERIFY(this)); 2789285242Sachim } else { 2790285242Sachim // anonymous class invokespecial calls: check if the 2791285242Sachim // objectref is a subtype of the host_klass of the current class 2792285242Sachim // to allow an anonymous class to reference methods in the host_klass 2793285242Sachim VerificationType top = current_frame->pop_stack(CHECK_VERIFY(this)); 2794285242Sachim VerificationType hosttype = 2795285242Sachim VerificationType::reference_type(current_class()->host_klass()->name()); 2796285242Sachim bool subtype = hosttype.is_assignable_from(top, this, false, CHECK_VERIFY(this)); 2797285242Sachim if (!subtype) { 2798285242Sachim verify_error( ErrorContext::bad_type(current_frame->offset(), 2799285242Sachim current_frame->stack_top_ctx(), 2800285242Sachim TypeOrigin::implicit(top)), 2801285242Sachim "Bad type on operand stack"); 2802285242Sachim return; 2803285242Sachim } 2804285242Sachim } 2805285242Sachim } else if (opcode == Bytecodes::_invokevirtual) { 2806285242Sachim VerificationType stack_object_type = 2807285242Sachim current_frame->pop_stack(ref_class_type, CHECK_VERIFY(this)); 2808285242Sachim if (current_type() != stack_object_type) { 2809285242Sachim assert(cp->cache() == NULL, "not rewritten yet"); 2810285242Sachim Symbol* ref_class_name = 2811285242Sachim cp->klass_name_at(cp->klass_ref_index_at(index)); 2812285242Sachim // See the comments in verify_field_instructions() for 2813285242Sachim // the rationale behind this. 2814285242Sachim if (name_in_supers(ref_class_name, current_class())) { 2815285242Sachim Klass* ref_class = load_class(ref_class_name, CHECK); 2816285242Sachim if (is_protected_access( 2817285242Sachim _klass, ref_class, method_name, method_sig, true)) { 2818285242Sachim // It's protected access, check if stack object is 2819285242Sachim // assignable to current class. 2820285242Sachim bool is_assignable = current_type().is_assignable_from( 2821285242Sachim stack_object_type, this, true, CHECK_VERIFY(this)); 2822285242Sachim if (!is_assignable) { 2823285242Sachim if (ref_class_type.name() == vmSymbols::java_lang_Object() 2824285242Sachim && stack_object_type.is_array() 2825285242Sachim && method_name == vmSymbols::clone_name()) { 2826285242Sachim // Special case: arrays pretend to implement public Object 2827285242Sachim // clone(). 2828285242Sachim } else { 2829285242Sachim verify_error(ErrorContext::bad_type(bci, 2830285242Sachim current_frame->stack_top_ctx(), 2831285242Sachim TypeOrigin::implicit(current_type())), 2832285242Sachim "Bad access to protected data in invokevirtual"); 2833285242Sachim return; 2834285242Sachim } 2835285242Sachim } 2836285242Sachim } 2837285242Sachim } 2838285242Sachim } 2839285242Sachim } else { 2840285242Sachim assert(opcode == Bytecodes::_invokeinterface, "Unexpected opcode encountered"); 2841285242Sachim current_frame->pop_stack(ref_class_type, CHECK_VERIFY(this)); 2842285242Sachim } 2843285242Sachim } 2844285242Sachim } 2845285242Sachim // Push the result type. 2846285242Sachim if (sig_stream.type() != T_VOID) { 2847285242Sachim if (method_name == vmSymbols::object_initializer_name()) { 2848285242Sachim // <init> method must have a void return type 2849285242Sachim /* Unreachable? Class file parser verifies that <init> methods have 2850285242Sachim * void return */ 2851285242Sachim verify_error(ErrorContext::bad_code(bci), 2852285242Sachim "Return type must be void in <init> method"); 2853285242Sachim return; 2854285242Sachim } 2855285242Sachim VerificationType return_type[2]; 2856285242Sachim int n = change_sig_to_verificationType( 2857285242Sachim &sig_stream, return_type, CHECK_VERIFY(this)); 2858285242Sachim for (int i = 0; i < n; i++) { 2859285242Sachim current_frame->push_stack(return_type[i], CHECK_VERIFY(this)); // push types backwards 2860285242Sachim } 2861285242Sachim } 2862285242Sachim} 2863285242Sachim 2864285242SachimVerificationType ClassVerifier::get_newarray_type( 2865285242Sachim u2 index, u2 bci, TRAPS) { 2866285242Sachim const char* from_bt[] = { 2867285242Sachim NULL, NULL, NULL, NULL, "[Z", "[C", "[F", "[D", "[B", "[S", "[I", "[J", 2868285242Sachim }; 2869285242Sachim if (index < T_BOOLEAN || index > T_LONG) { 2870285242Sachim verify_error(ErrorContext::bad_code(bci), "Illegal newarray instruction"); 2871285242Sachim return VerificationType::bogus_type(); 2872285242Sachim } 2873285242Sachim 2874285242Sachim // from_bt[index] contains the array signature which has a length of 2 2875285242Sachim Symbol* sig = create_temporary_symbol( 2876285242Sachim from_bt[index], 2, CHECK_(VerificationType::bogus_type())); 2877285242Sachim return VerificationType::reference_type(sig); 2878285242Sachim} 2879285242Sachim 2880285242Sachimvoid ClassVerifier::verify_anewarray( 2881285242Sachim u2 bci, u2 index, const constantPoolHandle& cp, 2882285242Sachim StackMapFrame* current_frame, TRAPS) { 2883285242Sachim verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this)); 2884285242Sachim current_frame->pop_stack( 2885285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 2886285242Sachim 2887285242Sachim VerificationType component_type = 2888285242Sachim cp_index_to_type(index, cp, CHECK_VERIFY(this)); 2889285242Sachim int length; 2890285242Sachim char* arr_sig_str; 2891285242Sachim if (component_type.is_array()) { // it's an array 2892285242Sachim const char* component_name = component_type.name()->as_utf8(); 2893285242Sachim // add one dimension to component 2894285242Sachim length = (int)strlen(component_name) + 1; 2895285242Sachim arr_sig_str = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, char, length); 2896285242Sachim arr_sig_str[0] = '['; 2897285242Sachim strncpy(&arr_sig_str[1], component_name, length - 1); 2898285242Sachim } else { // it's an object or interface 2899285242Sachim const char* component_name = component_type.name()->as_utf8(); 2900285242Sachim // add one dimension to component with 'L' prepended and ';' postpended. 2901285242Sachim length = (int)strlen(component_name) + 3; 2902285242Sachim arr_sig_str = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, char, length); 2903285242Sachim arr_sig_str[0] = '['; 2904285242Sachim arr_sig_str[1] = 'L'; 2905285242Sachim strncpy(&arr_sig_str[2], component_name, length - 2); 2906285242Sachim arr_sig_str[length - 1] = ';'; 2907285242Sachim } 2908285242Sachim Symbol* arr_sig = create_temporary_symbol( 2909285242Sachim arr_sig_str, length, CHECK_VERIFY(this)); 2910285242Sachim VerificationType new_array_type = VerificationType::reference_type(arr_sig); 2911285242Sachim current_frame->push_stack(new_array_type, CHECK_VERIFY(this)); 2912285242Sachim} 2913285242Sachim 2914285242Sachimvoid ClassVerifier::verify_iload(u2 index, StackMapFrame* current_frame, TRAPS) { 2915285242Sachim current_frame->get_local( 2916285242Sachim index, VerificationType::integer_type(), CHECK_VERIFY(this)); 2917285242Sachim current_frame->push_stack( 2918285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 2919285242Sachim} 2920285242Sachim 2921285242Sachimvoid ClassVerifier::verify_lload(u2 index, StackMapFrame* current_frame, TRAPS) { 2922285242Sachim current_frame->get_local_2( 2923285242Sachim index, VerificationType::long_type(), 2924285242Sachim VerificationType::long2_type(), CHECK_VERIFY(this)); 2925285242Sachim current_frame->push_stack_2( 2926285242Sachim VerificationType::long_type(), 2927285242Sachim VerificationType::long2_type(), CHECK_VERIFY(this)); 2928285242Sachim} 2929285242Sachim 2930285242Sachimvoid ClassVerifier::verify_fload(u2 index, StackMapFrame* current_frame, TRAPS) { 2931285242Sachim current_frame->get_local( 2932285242Sachim index, VerificationType::float_type(), CHECK_VERIFY(this)); 2933285242Sachim current_frame->push_stack( 2934285242Sachim VerificationType::float_type(), CHECK_VERIFY(this)); 2935285242Sachim} 2936285242Sachim 2937285242Sachimvoid ClassVerifier::verify_dload(u2 index, StackMapFrame* current_frame, TRAPS) { 2938285242Sachim current_frame->get_local_2( 2939285242Sachim index, VerificationType::double_type(), 2940285242Sachim VerificationType::double2_type(), CHECK_VERIFY(this)); 2941285242Sachim current_frame->push_stack_2( 2942285242Sachim VerificationType::double_type(), 2943285242Sachim VerificationType::double2_type(), CHECK_VERIFY(this)); 2944285242Sachim} 2945285242Sachim 2946285242Sachimvoid ClassVerifier::verify_aload(u2 index, StackMapFrame* current_frame, TRAPS) { 2947285242Sachim VerificationType type = current_frame->get_local( 2948285242Sachim index, VerificationType::reference_check(), CHECK_VERIFY(this)); 2949285242Sachim current_frame->push_stack(type, CHECK_VERIFY(this)); 2950285242Sachim} 2951285242Sachim 2952285242Sachimvoid ClassVerifier::verify_istore(u2 index, StackMapFrame* current_frame, TRAPS) { 2953285242Sachim current_frame->pop_stack( 2954285242Sachim VerificationType::integer_type(), CHECK_VERIFY(this)); 2955285242Sachim current_frame->set_local( 2956285242Sachim index, VerificationType::integer_type(), CHECK_VERIFY(this)); 2957285242Sachim} 2958285242Sachim 2959285242Sachimvoid ClassVerifier::verify_lstore(u2 index, StackMapFrame* current_frame, TRAPS) { 2960285242Sachim current_frame->pop_stack_2( 2961285242Sachim VerificationType::long2_type(), 2962285242Sachim VerificationType::long_type(), CHECK_VERIFY(this)); 2963285242Sachim current_frame->set_local_2( 2964285242Sachim index, VerificationType::long_type(), 2965285242Sachim VerificationType::long2_type(), CHECK_VERIFY(this)); 2966285242Sachim} 2967285242Sachim 2968285242Sachimvoid ClassVerifier::verify_fstore(u2 index, StackMapFrame* current_frame, TRAPS) { 2969285242Sachim current_frame->pop_stack(VerificationType::float_type(), CHECK_VERIFY(this)); 2970285242Sachim current_frame->set_local( 2971285242Sachim index, VerificationType::float_type(), CHECK_VERIFY(this)); 2972285242Sachim} 2973285242Sachim 2974285242Sachimvoid ClassVerifier::verify_dstore(u2 index, StackMapFrame* current_frame, TRAPS) { 2975285242Sachim current_frame->pop_stack_2( 2976285242Sachim VerificationType::double2_type(), 2977285242Sachim VerificationType::double_type(), CHECK_VERIFY(this)); 2978285242Sachim current_frame->set_local_2( 2979285242Sachim index, VerificationType::double_type(), 2980285242Sachim VerificationType::double2_type(), CHECK_VERIFY(this)); 2981285242Sachim} 2982285242Sachim 2983285242Sachimvoid ClassVerifier::verify_astore(u2 index, StackMapFrame* current_frame, TRAPS) { 2984285242Sachim VerificationType type = current_frame->pop_stack( 2985285242Sachim VerificationType::reference_check(), CHECK_VERIFY(this)); 2986285242Sachim current_frame->set_local(index, type, CHECK_VERIFY(this)); 2987285242Sachim} 2988285242Sachim 2989285242Sachimvoid ClassVerifier::verify_iinc(u2 index, StackMapFrame* current_frame, TRAPS) { 2990285242Sachim VerificationType type = current_frame->get_local( 2991285242Sachim index, VerificationType::integer_type(), CHECK_VERIFY(this)); 2992285242Sachim current_frame->set_local(index, type, CHECK_VERIFY(this)); 2993285242Sachim} 2994285242Sachim 2995285242Sachimvoid ClassVerifier::verify_return_value( 2996285242Sachim VerificationType return_type, VerificationType type, u2 bci, 2997285242Sachim StackMapFrame* current_frame, TRAPS) { 2998285242Sachim if (return_type == VerificationType::bogus_type()) { 2999285242Sachim verify_error(ErrorContext::bad_type(bci, 3000285242Sachim current_frame->stack_top_ctx(), TypeOrigin::signature(return_type)), 3001285242Sachim "Method expects a return value"); 3002285242Sachim return; 3003285242Sachim } 3004285242Sachim bool match = return_type.is_assignable_from(type, this, false, CHECK_VERIFY(this)); 3005285242Sachim if (!match) { 3006285242Sachim verify_error(ErrorContext::bad_type(bci, 3007285242Sachim current_frame->stack_top_ctx(), TypeOrigin::signature(return_type)), 3008285242Sachim "Bad return type"); 3009285242Sachim return; 3010285242Sachim } 3011285242Sachim} 3012285242Sachim 3013285242Sachim// The verifier creates symbols which are substrings of Symbols. 3014285242Sachim// These are stored in the verifier until the end of verification so that 3015285242Sachim// they can be reference counted. 3016285242SachimSymbol* ClassVerifier::create_temporary_symbol(const Symbol *s, int begin, 3017285242Sachim int end, TRAPS) { 3018285242Sachim Symbol* sym = SymbolTable::new_symbol(s, begin, end, CHECK_NULL); 3019285242Sachim _symbols->push(sym); 3020285242Sachim return sym; 3021285242Sachim} 3022285242Sachim 3023285242SachimSymbol* ClassVerifier::create_temporary_symbol(const char *s, int length, TRAPS) { 3024285242Sachim Symbol* sym = SymbolTable::new_symbol(s, length, CHECK_NULL); 3025285242Sachim _symbols->push(sym); 3026285242Sachim return sym; 3027285242Sachim} 3028285242Sachim