1 /*
2 * Copyright (c) 2003, 2025, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 *
23 */
24
25 #include "classfile/stackMapTable.hpp"
26 #include "classfile/verifier.hpp"
27 #include "memory/resourceArea.hpp"
28 #include "oops/constantPool.hpp"
29 #include "oops/oop.inline.hpp"
30 #include "runtime/handles.inline.hpp"
31
32 StackMapTable::StackMapTable(StackMapReader* reader, TRAPS) {
33 _code_length = reader->code_length();
34 _frame_count = reader->get_frame_count();
35 if (_frame_count > 0) {
36 _frame_array = new GrowableArray<StackMapFrame*>(_frame_count);
37 while (!reader->at_end()) {
38 StackMapFrame* frame = reader->next(CHECK_VERIFY(reader->prev_frame()->verifier()));
39 if (frame != nullptr) {
40 _frame_array->push(frame);
41 }
42 }
43 reader->check_end(CHECK);
44 // Correct frame count based on how many actual frames are generated
45 _frame_count = _frame_array->length();
46 }
47 }
48
49 void StackMapReader::check_offset(StackMapFrame* frame) {
50 int offset = frame->offset();
51 if (offset >= _code_length || _code_data[offset] == 0) {
52 _verifier->verify_error(ErrorContext::bad_stackmap(0, frame),
53 "StackMapTable error: bad offset");
54 }
55 }
56
57 void StackMapReader::check_size(TRAPS) {
58 if (_frame_count < _parsed_frame_count) {
59 StackMapStream::stackmap_format_error("wrong attribute size", THREAD);
60 }
61 }
62
63 void StackMapReader::check_end(TRAPS) {
64 assert(_stream->at_end(), "must be");
65 if (_frame_count != _parsed_frame_count) {
66 StackMapStream::stackmap_format_error("wrong attribute size", THREAD);
67 }
68 }
69
70 // This method is only called by method in StackMapTable.
71 int StackMapTable::get_index_from_offset(int32_t offset) const {
72 int i = 0;
73 for (; i < _frame_count; i++) {
74 if (_frame_array->at(i)->offset() == offset) {
75 return i;
76 }
77 }
78 return i; // frame with offset doesn't exist in the array
79 }
80
81 bool StackMapTable::match_stackmap(
82 StackMapFrame* frame, int32_t target,
83 bool match, bool update, ErrorContext* ctx, TRAPS) const {
84 int index = get_index_from_offset(target);
85 return match_stackmap(frame, target, index, match, update, ctx, THREAD);
86 }
87
88 // Match and/or update current_frame to the frame in stackmap table with
89 // specified offset and frame index. Return true if the two frames match.
90 //
91 // The values of match and update are: _match__update
92 //
93 // checking a branch target: true false
94 // checking an exception handler: true false
95 // linear bytecode verification following an
96 // unconditional branch: false true
97 // linear bytecode verification not following an
98 // unconditional branch: true true
99 bool StackMapTable::match_stackmap(
100 StackMapFrame* frame, int32_t target, int32_t frame_index,
101 bool match, bool update, ErrorContext* ctx, TRAPS) const {
102 if (frame_index < 0 || frame_index >= _frame_count) {
103 *ctx = ErrorContext::missing_stackmap(frame->offset());
104 frame->verifier()->verify_error(
105 *ctx, "Expecting a stackmap frame at branch target %d", target);
106 return false;
107 }
108
109 StackMapFrame* stackmap_frame = _frame_array->at(frame_index);
110 bool result = true;
111 if (match) {
112 // Has direct control flow from last instruction, need to match the two
113 // frames.
114 result = frame->is_assignable_to(stackmap_frame,
115 ctx, CHECK_VERIFY_(frame->verifier(), result));
116 }
117 if (update) {
118 // Use the frame in stackmap table as current frame
119 int lsize = stackmap_frame->locals_size();
120 int ssize = stackmap_frame->stack_size();
121 if (frame->locals_size() > lsize || frame->stack_size() > ssize) {
122 // Make sure unused type array items are all _bogus_type.
123 frame->reset();
124 }
125 frame->set_locals_size(lsize);
126 frame->copy_locals(stackmap_frame);
127 frame->set_stack_size(ssize);
128 frame->copy_stack(stackmap_frame);
129 frame->set_flags(stackmap_frame->flags());
130 }
131 return result;
132 }
133
134 void StackMapTable::check_jump_target(
135 StackMapFrame* frame, int bci, int offset, TRAPS) const {
136 ErrorContext ctx;
137 // Jump targets must be within the method and the method size is limited. See JVMS 4.11
138 int min_offset = -1 * max_method_code_size;
139 if (offset < min_offset || offset > max_method_code_size) {
140 frame->verifier()->verify_error(ErrorContext::bad_stackmap(bci, frame),
141 "Illegal target of jump or branch (bci %d + offset %d)", bci, offset);
142 return;
143 }
144 int target = bci + offset;
145 bool match = match_stackmap(
146 frame, target, true, false, &ctx, CHECK_VERIFY(frame->verifier()));
147 if (!match || (target < 0 || target >= _code_length)) {
148 frame->verifier()->verify_error(ctx,
149 "Inconsistent stackmap frames at branch target %d", target);
150 }
151 }
152
153 void StackMapTable::print_on(outputStream* str) const {
154 str->print_cr("StackMapTable: frame_count = %d", _frame_count);
155 str->print_cr("table = {");
156 {
157 StreamIndentor si(str, 2);
158 for (int32_t i = 0; i < _frame_count; ++i) {
159 _frame_array->at(i)->print_on(str);
160 }
161 }
162 str->print_cr(" }");
163 }
164
165 StackMapReader::StackMapReader(ClassVerifier* v, StackMapStream* stream,
166 char* code_data, int32_t code_len,
167 StackMapFrame* init_frame,
168 u2 max_locals, u2 max_stack, TRAPS) :
169 _verifier(v), _stream(stream), _code_data(code_data),
170 _code_length(code_len), _parsed_frame_count(0),
171 _prev_frame(init_frame), _max_locals(max_locals),
172 _max_stack(max_stack), _first(true) {
173 methodHandle m = v->method();
174 if (m->has_stackmap_table()) {
175 _cp = constantPoolHandle(THREAD, m->constants());
176 _frame_count = _stream->get_u2(CHECK);
177 } else {
178 // There's no stackmap table present. Frame count and size are 0.
179 _frame_count = 0;
180 }
181 }
182
183 int32_t StackMapReader::chop(
184 VerificationType* locals, int32_t length, int32_t chops) {
185 if (locals == nullptr) return -1;
186 int32_t pos = length - 1;
187 for (int32_t i=0; i<chops; i++) {
188 if (locals[pos].is_category2_2nd()) {
189 pos -= 2;
190 } else {
191 pos --;
192 }
193 if (pos<0 && i<(chops-1)) return -1;
194 }
195 return pos+1;
196 }
197
198 #define CHECK_NT CHECK_(VerificationType::bogus_type())
199
200 VerificationType StackMapReader::parse_verification_type(u1* flags, TRAPS) {
201 u1 tag = _stream->get_u1(CHECK_NT);
202 if (tag < (u1)ITEM_UninitializedThis) {
203 return VerificationType::from_tag(tag);
204 }
205 if (tag == ITEM_Object) {
206 u2 class_index = _stream->get_u2(CHECK_NT);
207 int nconstants = _cp->length();
208 if ((class_index <= 0 || class_index >= nconstants) ||
209 (!_cp->tag_at(class_index).is_klass() &&
210 !_cp->tag_at(class_index).is_unresolved_klass())) {
211 _stream->stackmap_format_error("bad class index", THREAD);
212 return VerificationType::bogus_type();
213 }
214 return VerificationType::reference_type(_cp->klass_name_at(class_index));
215 }
216 if (tag == ITEM_UninitializedThis) {
217 if (flags != nullptr) {
218 *flags |= FLAG_THIS_UNINIT;
219 }
220 return VerificationType::uninitialized_this_type();
221 }
222 if (tag == ITEM_Uninitialized) {
223 u2 offset = _stream->get_u2(CHECK_NT);
224 if (offset >= _code_length ||
225 _code_data[offset] != ClassVerifier::NEW_OFFSET) {
226 _verifier->class_format_error(
227 "StackMapTable format error: bad offset for Uninitialized");
228 return VerificationType::bogus_type();
229 }
230 return VerificationType::uninitialized_type(offset);
231 }
232 _stream->stackmap_format_error("bad verification type", THREAD);
233 return VerificationType::bogus_type();
234 }
235
236 StackMapFrame* StackMapReader::next(TRAPS) {
237 _parsed_frame_count++;
238 check_size(CHECK_NULL);
239 StackMapFrame* frame = next_helper(CHECK_VERIFY_(_verifier, nullptr));
240 if (frame != nullptr) {
241 check_offset(frame);
242 if (frame->verifier()->has_error()) {
243 return nullptr;
244 }
245 _prev_frame = frame;
246 }
247 return frame;
248 }
249
250 StackMapFrame* StackMapReader::next_helper(TRAPS) {
251 StackMapFrame* frame;
252 int offset;
253 VerificationType* locals = nullptr;
254 u1 frame_type = _stream->get_u1(CHECK_NULL);
255 if (frame_type <= SAME_FRAME_END) {
256 // same_frame
257 if (_first) {
258 offset = frame_type;
259 // Can't share the locals array since that is updated by the verifier.
260 if (_prev_frame->locals_size() > 0) {
261 locals = NEW_RESOURCE_ARRAY_IN_THREAD(
262 THREAD, VerificationType, _prev_frame->locals_size());
263 }
264 } else {
265 offset = _prev_frame->offset() + frame_type + 1;
266 locals = _prev_frame->locals();
267 }
268 frame = new StackMapFrame(
269 offset, _prev_frame->flags(), _prev_frame->locals_size(), 0,
270 _max_locals, _max_stack, locals, nullptr, _verifier);
271 if (_first && locals != nullptr) {
272 frame->copy_locals(_prev_frame);
273 }
274 _first = false;
275 return frame;
276 }
277 if (frame_type <= SAME_LOCALS_1_STACK_ITEM_FRAME_END) {
278 // same_locals_1_stack_item_frame
279 if (_first) {
280 offset = frame_type - SAME_LOCALS_1_STACK_ITEM_FRAME_START;
281 // Can't share the locals array since that is updated by the verifier.
282 if (_prev_frame->locals_size() > 0) {
283 locals = NEW_RESOURCE_ARRAY_IN_THREAD(
284 THREAD, VerificationType, _prev_frame->locals_size());
285 }
286 } else {
287 offset = _prev_frame->offset() + frame_type - (SAME_LOCALS_1_STACK_ITEM_FRAME_START - 1);
288 locals = _prev_frame->locals();
289 }
290 VerificationType* stack = NEW_RESOURCE_ARRAY_IN_THREAD(
291 THREAD, VerificationType, 2);
292 u2 stack_size = 1;
293 stack[0] = parse_verification_type(nullptr, CHECK_VERIFY_(_verifier, nullptr));
294 if (stack[0].is_category2()) {
295 stack[1] = stack[0].to_category2_2nd();
296 stack_size = 2;
297 }
298 check_verification_type_array_size(
299 stack_size, _max_stack, CHECK_VERIFY_(_verifier, nullptr));
300 frame = new StackMapFrame(
301 offset, _prev_frame->flags(), _prev_frame->locals_size(), stack_size,
302 _max_locals, _max_stack, locals, stack, _verifier);
303 if (_first && locals != nullptr) {
304 frame->copy_locals(_prev_frame);
305 }
306 _first = false;
307 return frame;
308 }
309
310 u2 offset_delta = _stream->get_u2(CHECK_NULL);
311
312 if (frame_type < SAME_LOCALS_1_STACK_ITEM_EXTENDED) {
313 // reserved frame types
314 _stream->stackmap_format_error(
315 "reserved frame type", CHECK_VERIFY_(_verifier, nullptr));
316 }
317
318 if (frame_type == SAME_LOCALS_1_STACK_ITEM_EXTENDED) {
319 // same_locals_1_stack_item_frame_extended
320 if (_first) {
321 offset = offset_delta;
322 // Can't share the locals array since that is updated by the verifier.
323 if (_prev_frame->locals_size() > 0) {
324 locals = NEW_RESOURCE_ARRAY_IN_THREAD(
325 THREAD, VerificationType, _prev_frame->locals_size());
326 }
327 } else {
328 offset = _prev_frame->offset() + offset_delta + 1;
329 locals = _prev_frame->locals();
330 }
331 VerificationType* stack = NEW_RESOURCE_ARRAY_IN_THREAD(
332 THREAD, VerificationType, 2);
333 u2 stack_size = 1;
334 stack[0] = parse_verification_type(nullptr, CHECK_VERIFY_(_verifier, nullptr));
335 if (stack[0].is_category2()) {
336 stack[1] = stack[0].to_category2_2nd();
337 stack_size = 2;
338 }
339 check_verification_type_array_size(
340 stack_size, _max_stack, CHECK_VERIFY_(_verifier, nullptr));
341 frame = new StackMapFrame(
342 offset, _prev_frame->flags(), _prev_frame->locals_size(), stack_size,
343 _max_locals, _max_stack, locals, stack, _verifier);
344 if (_first && locals != nullptr) {
345 frame->copy_locals(_prev_frame);
346 }
347 _first = false;
348 return frame;
349 }
350
351 if (frame_type <= SAME_FRAME_EXTENDED) {
352 // chop_frame or same_frame_extended
353 locals = _prev_frame->locals();
354 int length = _prev_frame->locals_size();
355 int chops = SAME_FRAME_EXTENDED - frame_type;
356 int new_length = length;
357 u1 flags = _prev_frame->flags();
358 assert(chops == 0 || (frame_type >= CHOP_FRAME_START && frame_type <= CHOP_FRAME_END), "should be");
359 if (chops != 0) {
360 new_length = chop(locals, length, chops);
361 check_verification_type_array_size(
362 new_length, _max_locals, CHECK_VERIFY_(_verifier, nullptr));
363 // Recompute flags since uninitializedThis could have been chopped.
364 flags = 0;
365 for (int i=0; i<new_length; i++) {
366 if (locals[i].is_uninitialized_this()) {
367 flags |= FLAG_THIS_UNINIT;
368 break;
369 }
370 }
371 }
372 if (_first) {
373 offset = offset_delta;
374 // Can't share the locals array since that is updated by the verifier.
375 if (new_length > 0) {
376 locals = NEW_RESOURCE_ARRAY_IN_THREAD(
377 THREAD, VerificationType, new_length);
378 } else {
379 locals = nullptr;
380 }
381 } else {
382 offset = _prev_frame->offset() + offset_delta + 1;
383 }
384 frame = new StackMapFrame(
385 offset, flags, new_length, 0, _max_locals, _max_stack,
386 locals, nullptr, _verifier);
387 if (_first && locals != nullptr) {
388 frame->copy_locals(_prev_frame);
389 }
390 _first = false;
391 return frame;
392 } else if (frame_type <= APPEND_FRAME_END) {
393 // append_frame
394 assert(frame_type >= APPEND_FRAME_START && frame_type <= APPEND_FRAME_END, "should be");
395 int appends = frame_type - APPEND_FRAME_START + 1;
396 int real_length = _prev_frame->locals_size();
397 int new_length = real_length + appends*2;
398 locals = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, VerificationType, new_length);
399 VerificationType* pre_locals = _prev_frame->locals();
400 for (int i = 0; i < _prev_frame->locals_size(); i++) {
401 locals[i] = pre_locals[i];
402 }
403 u1 flags = _prev_frame->flags();
404 for (int i = 0; i < appends; i++) {
405 locals[real_length] = parse_verification_type(&flags, CHECK_NULL);
406 if (locals[real_length].is_category2()) {
407 locals[real_length + 1] = locals[real_length].to_category2_2nd();
408 ++real_length;
409 }
410 ++real_length;
411 }
412 check_verification_type_array_size(
413 real_length, _max_locals, CHECK_VERIFY_(_verifier, nullptr));
414 if (_first) {
415 offset = offset_delta;
416 } else {
417 offset = _prev_frame->offset() + offset_delta + 1;
418 }
419 frame = new StackMapFrame(
420 offset, flags, real_length, 0, _max_locals,
421 _max_stack, locals, nullptr, _verifier);
422 _first = false;
423 return frame;
424 }
425 if (frame_type == FULL_FRAME) {
426 // full_frame
427 u1 flags = 0;
428 u2 locals_size = _stream->get_u2(CHECK_NULL);
429 int real_locals_size = 0;
430 if (locals_size > 0) {
431 locals = NEW_RESOURCE_ARRAY_IN_THREAD(
432 THREAD, VerificationType, locals_size*2);
433 }
434 for (int i = 0; i < locals_size; i++) {
435 locals[real_locals_size] = parse_verification_type(&flags, CHECK_NULL);
436 if (locals[real_locals_size].is_category2()) {
437 locals[real_locals_size + 1] =
438 locals[real_locals_size].to_category2_2nd();
439 ++real_locals_size;
440 }
441 ++real_locals_size;
442 }
443 check_verification_type_array_size(
444 real_locals_size, _max_locals, CHECK_VERIFY_(_verifier, nullptr));
445 u2 stack_size = _stream->get_u2(CHECK_NULL);
446 int real_stack_size = 0;
447 VerificationType* stack = nullptr;
448 if (stack_size > 0) {
449 stack = NEW_RESOURCE_ARRAY_IN_THREAD(
450 THREAD, VerificationType, stack_size*2);
451 }
452 for (int i = 0; i < stack_size; i++) {
453 stack[real_stack_size] = parse_verification_type(nullptr, CHECK_NULL);
454 if (stack[real_stack_size].is_category2()) {
455 stack[real_stack_size + 1] = stack[real_stack_size].to_category2_2nd();
456 ++real_stack_size;
457 }
458 ++real_stack_size;
459 }
460 check_verification_type_array_size(
461 real_stack_size, _max_stack, CHECK_VERIFY_(_verifier, nullptr));
462 if (_first) {
463 offset = offset_delta;
464 } else {
465 offset = _prev_frame->offset() + offset_delta + 1;
466 }
467 frame = new StackMapFrame(
468 offset, flags, real_locals_size, real_stack_size,
469 _max_locals, _max_stack, locals, stack, _verifier);
470 _first = false;
471 return frame;
472 }
473
474 _stream->stackmap_format_error(
475 "reserved frame type", CHECK_VERIFY_(_prev_frame->verifier(), nullptr));
476 return nullptr;
477 }
--- EOF ---