48 #include "oops/instanceKlass.inline.hpp"
49 #include "oops/klass.inline.hpp"
50 #include "oops/oop.inline.hpp"
51 #include "oops/typeArrayOop.hpp"
52 #include "runtime/arguments.hpp"
53 #include "runtime/fieldDescriptor.hpp"
54 #include "runtime/handles.inline.hpp"
55 #include "runtime/interfaceSupport.inline.hpp"
56 #include "runtime/javaCalls.hpp"
57 #include "runtime/javaThread.hpp"
58 #include "runtime/jniHandles.inline.hpp"
59 #include "runtime/os.hpp"
60 #include "runtime/safepointVerifiers.hpp"
61 #include "services/threadService.hpp"
62 #include "utilities/align.hpp"
63 #include "utilities/bytes.hpp"
64
65 #define NOFAILOVER_MAJOR_VERSION 51
66 #define NONZERO_PADDING_BYTES_IN_SWITCH_MAJOR_VERSION 51
67 #define STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION 52
68 #define MAX_ARRAY_DIMENSIONS 255
69
70 // Access to external entry for VerifyClassForMajorVersion - old byte code verifier
71
72 extern "C" {
73 typedef jboolean (*verify_byte_codes_fn_t)(JNIEnv *, jclass, char *, jint, jint);
74 }
75
76 static verify_byte_codes_fn_t volatile _verify_byte_codes_fn = nullptr;
77
78 static verify_byte_codes_fn_t verify_byte_codes_fn() {
79
80 if (_verify_byte_codes_fn != nullptr)
81 return _verify_byte_codes_fn;
82
83 MutexLocker locker(Verify_lock);
84
85 if (_verify_byte_codes_fn != nullptr)
86 return _verify_byte_codes_fn;
87
262 // to infinitely recurse when we try to initialize the exception.
263 // So bail out here by throwing the preallocated VM error.
264 THROW_OOP_(Universe::internal_error_instance(), false);
265 }
266 kls = kls->super();
267 }
268 if (message_buffer != nullptr) {
269 message_buffer[message_buffer_len - 1] = '\0'; // just to be sure
270 }
271 assert(exception_message != nullptr, "");
272 THROW_MSG_(exception_name, exception_message, false);
273 }
274 }
275
276 bool Verifier::is_eligible_for_verification(InstanceKlass* klass, bool should_verify_class) {
277 Symbol* name = klass->name();
278
279 return (should_verify_for(klass->class_loader(), should_verify_class) &&
280 // return if the class is a bootstrapping class
281 // or defineClass specified not to verify by default (flags override passed arg)
282 // We need to skip the following four for bootstraping
283 name != vmSymbols::java_lang_Object() &&
284 name != vmSymbols::java_lang_Class() &&
285 name != vmSymbols::java_lang_String() &&
286 name != vmSymbols::java_lang_Throwable() &&
287
288 // Can not verify the bytecodes for shared classes because they have
289 // already been rewritten to contain constant pool cache indices,
290 // which the verifier can't understand.
291 // Shared classes shouldn't have stackmaps either.
292 // However, bytecodes for shared old classes can be verified because
293 // they have not been rewritten.
294 !(klass->is_shared() && klass->is_rewritten()));
295 }
296
297 Symbol* Verifier::inference_verify(
298 InstanceKlass* klass, char* message, size_t message_len, TRAPS) {
299 JavaThread* thread = THREAD;
300
301 verify_byte_codes_fn_t verify_func = verify_byte_codes_fn();
302
476 ss->print("Local index %d is invalid", _type.index());
477 break;
478 case LOCALS_SIZE_MISMATCH:
479 ss->print("Current frame's local size doesn't match stackmap.");
480 break;
481 case STACK_SIZE_MISMATCH:
482 ss->print("Current frame's stack size doesn't match stackmap.");
483 break;
484 case STACK_OVERFLOW:
485 ss->print("Exceeded max stack size.");
486 break;
487 case STACK_UNDERFLOW:
488 ss->print("Attempt to pop empty stack.");
489 break;
490 case MISSING_STACKMAP:
491 ss->print("Expected stackmap frame at this location.");
492 break;
493 case BAD_STACKMAP:
494 ss->print("Invalid stackmap specification.");
495 break;
496 case UNKNOWN:
497 default:
498 ShouldNotReachHere();
499 ss->print_cr("Unknown");
500 }
501 ss->cr();
502 }
503
504 void ErrorContext::location_details(outputStream* ss, const Method* method) const {
505 if (_bci != -1 && method != nullptr) {
506 streamIndentor si(ss);
507 const char* bytecode_name = "<invalid>";
508 if (method->validate_bci(_bci) != -1) {
509 Bytecodes::Code code = Bytecodes::code_or_bp_at(method->bcp_from(_bci));
510 if (Bytecodes::is_defined(code)) {
511 bytecode_name = Bytecodes::name(code);
512 } else {
513 bytecode_name = "<illegal>";
514 }
515 }
596 ClassVerifier::~ClassVerifier() {
597 // Decrement the reference count for any symbols created.
598 if (_symbols != nullptr) {
599 for (int i = 0; i < _symbols->length(); i++) {
600 Symbol* s = _symbols->at(i);
601 s->decrement_refcount();
602 }
603 }
604 }
605
606 VerificationType ClassVerifier::object_type() const {
607 return VerificationType::reference_type(vmSymbols::java_lang_Object());
608 }
609
610 TypeOrigin ClassVerifier::ref_ctx(const char* sig) {
611 VerificationType vt = VerificationType::reference_type(
612 create_temporary_symbol(sig, (int)strlen(sig)));
613 return TypeOrigin::implicit(vt);
614 }
615
616
617 void ClassVerifier::verify_class(TRAPS) {
618 log_info(verification)("Verifying class %s with new format", _klass->external_name());
619
620 // Either verifying both local and remote classes or just remote classes.
621 assert(BytecodeVerificationRemote, "Should not be here");
622
623 Array<Method*>* methods = _klass->methods();
624 int num_methods = methods->length();
625
626 for (int index = 0; index < num_methods; index++) {
627 // Check for recursive re-verification before each method.
628 if (was_recursively_verified()) return;
629
630 Method* m = methods->at(index);
631 if (m->is_native() || m->is_abstract() || m->is_overpass()) {
632 // If m is native or abstract, skip it. It is checked in class file
633 // parser that methods do not override a final method. Overpass methods
634 // are trusted since the VM generates them.
635 continue;
1663 VerificationType::double2_type(), CHECK_VERIFY(this));
1664 type = current_frame.pop_stack(
1665 VerificationType::double_type(), CHECK_VERIFY(this));
1666 verify_return_value(return_type, type, bci,
1667 ¤t_frame, CHECK_VERIFY(this));
1668 no_control_flow = true; break;
1669 case Bytecodes::_areturn :
1670 type = current_frame.pop_stack(
1671 VerificationType::reference_check(), CHECK_VERIFY(this));
1672 verify_return_value(return_type, type, bci,
1673 ¤t_frame, CHECK_VERIFY(this));
1674 no_control_flow = true; break;
1675 case Bytecodes::_return :
1676 if (return_type != VerificationType::bogus_type()) {
1677 verify_error(ErrorContext::bad_code(bci),
1678 "Method expects a return value");
1679 return;
1680 }
1681 // Make sure "this" has been initialized if current method is an
1682 // <init>.
1683 if (_method->name() == vmSymbols::object_initializer_name() &&
1684 current_frame.flag_this_uninit()) {
1685 verify_error(ErrorContext::bad_code(bci),
1686 "Constructor must call super() or this() "
1687 "before return");
1688 return;
1689 }
1690 no_control_flow = true; break;
1691 case Bytecodes::_getstatic :
1692 case Bytecodes::_putstatic :
1693 // pass TRUE, operand can be an array type for getstatic/putstatic.
1694 verify_field_instructions(
1695 &bcs, ¤t_frame, cp, true, CHECK_VERIFY(this));
1696 no_control_flow = false; break;
1697 case Bytecodes::_getfield :
1698 case Bytecodes::_putfield :
1699 // pass FALSE, operand can't be an array type for getfield/putfield.
1700 verify_field_instructions(
1701 &bcs, ¤t_frame, cp, false, CHECK_VERIFY(this));
1702 no_control_flow = false; break;
1703 case Bytecodes::_invokevirtual :
1704 case Bytecodes::_invokespecial :
1705 case Bytecodes::_invokestatic :
1706 verify_invoke_instructions(
1707 &bcs, code_length, ¤t_frame, (bci >= ex_min && bci < ex_max),
1708 &this_uninit, return_type, cp, &stackmap_table, CHECK_VERIFY(this));
1709 no_control_flow = false; break;
1710 case Bytecodes::_invokeinterface :
1711 case Bytecodes::_invokedynamic :
1712 verify_invoke_instructions(
1713 &bcs, code_length, ¤t_frame, (bci >= ex_min && bci < ex_max),
1714 &this_uninit, return_type, cp, &stackmap_table, CHECK_VERIFY(this));
1715 no_control_flow = false; break;
1716 case Bytecodes::_new :
1717 {
1718 u2 index = bcs.get_index_u2();
1719 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1720 VerificationType new_class_type =
1721 cp_index_to_type(index, cp, CHECK_VERIFY(this));
1722 if (!new_class_type.is_object()) {
1723 verify_error(ErrorContext::bad_type(bci,
1724 TypeOrigin::cp(index, new_class_type)),
1725 "Illegal new instruction");
1726 return;
1727 }
1728 type = VerificationType::uninitialized_type(checked_cast<u2>(bci));
1729 current_frame.push_stack(type, CHECK_VERIFY(this));
1730 no_control_flow = false; break;
1731 }
1732 case Bytecodes::_newarray :
1733 type = get_newarray_type(bcs.get_index(), bci, CHECK_VERIFY(this));
1734 current_frame.pop_stack(
1752 no_control_flow = false; break;
1753 case Bytecodes::_checkcast :
1754 {
1755 u2 index = bcs.get_index_u2();
1756 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1757 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1758 VerificationType klass_type = cp_index_to_type(
1759 index, cp, CHECK_VERIFY(this));
1760 current_frame.push_stack(klass_type, CHECK_VERIFY(this));
1761 no_control_flow = false; break;
1762 }
1763 case Bytecodes::_instanceof : {
1764 u2 index = bcs.get_index_u2();
1765 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1766 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1767 current_frame.push_stack(
1768 VerificationType::integer_type(), CHECK_VERIFY(this));
1769 no_control_flow = false; break;
1770 }
1771 case Bytecodes::_monitorenter :
1772 case Bytecodes::_monitorexit :
1773 current_frame.pop_stack(
1774 VerificationType::reference_check(), CHECK_VERIFY(this));
1775 no_control_flow = false; break;
1776 case Bytecodes::_multianewarray :
1777 {
1778 u2 index = bcs.get_index_u2();
1779 u2 dim = *(bcs.bcp()+3);
1780 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1781 VerificationType new_array_type =
1782 cp_index_to_type(index, cp, CHECK_VERIFY(this));
1783 if (!new_array_type.is_array()) {
1784 verify_error(ErrorContext::bad_type(bci,
1785 TypeOrigin::cp(index, new_array_type)),
1786 "Illegal constant pool index in multianewarray instruction");
1787 return;
1788 }
1789 if (dim < 1 || new_array_type.dimensions() < dim) {
1790 verify_error(ErrorContext::bad_code(bci),
1791 "Illegal dimension in multianewarray instruction: %d", dim);
1792 return;
1793 }
1794 for (int i = 0; i < dim; i++) {
1795 current_frame.pop_stack(
2020 int nconstants = cp->length();
2021 if ((index <= 0) || (index >= nconstants)) {
2022 verify_error(ErrorContext::bad_cp_index(bci, index),
2023 "Illegal constant pool index %d in class %s",
2024 index, cp->pool_holder()->external_name());
2025 return;
2026 }
2027 }
2028
2029 void ClassVerifier::verify_cp_type(
2030 int bci, u2 index, const constantPoolHandle& cp, unsigned int types, TRAPS) {
2031
2032 // In some situations, bytecode rewriting may occur while we're verifying.
2033 // In this case, a constant pool cache exists and some indices refer to that
2034 // instead. Be sure we don't pick up such indices by accident.
2035 // We must check was_recursively_verified() before we get here.
2036 guarantee(cp->cache() == nullptr, "not rewritten yet");
2037
2038 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2039 unsigned int tag = cp->tag_at(index).value();
2040 if ((types & (1 << tag)) == 0) {
2041 verify_error(ErrorContext::bad_cp_index(bci, index),
2042 "Illegal type at constant pool entry %d in class %s",
2043 index, cp->pool_holder()->external_name());
2044 return;
2045 }
2046 }
2047
2048 void ClassVerifier::verify_cp_class_type(
2049 int bci, u2 index, const constantPoolHandle& cp, TRAPS) {
2050 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2051 constantTag tag = cp->tag_at(index);
2052 if (!tag.is_klass() && !tag.is_unresolved_klass()) {
2053 verify_error(ErrorContext::bad_cp_index(bci, index),
2054 "Illegal type at constant pool entry %d in class %s",
2055 index, cp->pool_holder()->external_name());
2056 return;
2057 }
2058 }
2059
2134 } else {
2135 Klass* member_klass = target_instance->find_field(field_name, field_sig, &fd);
2136 if (member_klass != nullptr && fd.is_protected()) {
2137 if (!this_class->is_same_class_package(member_klass)) {
2138 return true;
2139 }
2140 }
2141 }
2142 return false;
2143 }
2144
2145 void ClassVerifier::verify_ldc(
2146 int opcode, u2 index, StackMapFrame* current_frame,
2147 const constantPoolHandle& cp, int bci, TRAPS) {
2148 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2149 constantTag tag = cp->tag_at(index);
2150 unsigned int types = 0;
2151 if (opcode == Bytecodes::_ldc || opcode == Bytecodes::_ldc_w) {
2152 if (!tag.is_unresolved_klass()) {
2153 types = (1 << JVM_CONSTANT_Integer) | (1 << JVM_CONSTANT_Float)
2154 | (1 << JVM_CONSTANT_String) | (1 << JVM_CONSTANT_Class)
2155 | (1 << JVM_CONSTANT_MethodHandle) | (1 << JVM_CONSTANT_MethodType)
2156 | (1 << JVM_CONSTANT_Dynamic);
2157 // Note: The class file parser already verified the legality of
2158 // MethodHandle and MethodType constants.
2159 verify_cp_type(bci, index, cp, types, CHECK_VERIFY(this));
2160 }
2161 } else {
2162 assert(opcode == Bytecodes::_ldc2_w, "must be ldc2_w");
2163 types = (1 << JVM_CONSTANT_Double) | (1 << JVM_CONSTANT_Long)
2164 | (1 << JVM_CONSTANT_Dynamic);
2165 verify_cp_type(bci, index, cp, types, CHECK_VERIFY(this));
2166 }
2167 if (tag.is_string()) {
2168 current_frame->push_stack(
2169 VerificationType::reference_type(
2170 vmSymbols::java_lang_String()), CHECK_VERIFY(this));
2171 } else if (tag.is_klass() || tag.is_unresolved_klass()) {
2172 current_frame->push_stack(
2173 VerificationType::reference_type(
2174 vmSymbols::java_lang_Class()), CHECK_VERIFY(this));
2310 const constantPoolHandle& cp,
2311 bool allow_arrays,
2312 TRAPS) {
2313 u2 index = bcs->get_index_u2();
2314 verify_cp_type(bcs->bci(), index, cp,
2315 1 << JVM_CONSTANT_Fieldref, CHECK_VERIFY(this));
2316
2317 // Get field name and signature
2318 Symbol* field_name = cp->uncached_name_ref_at(index);
2319 Symbol* field_sig = cp->uncached_signature_ref_at(index);
2320 bool is_getfield = false;
2321
2322 // Field signature was checked in ClassFileParser.
2323 assert(SignatureVerifier::is_valid_type_signature(field_sig),
2324 "Invalid field signature");
2325
2326 // Get referenced class type
2327 VerificationType ref_class_type = cp_ref_index_to_type(
2328 index, cp, CHECK_VERIFY(this));
2329 if (!ref_class_type.is_object() &&
2330 (!allow_arrays || !ref_class_type.is_array())) {
2331 verify_error(ErrorContext::bad_type(bcs->bci(),
2332 TypeOrigin::cp(index, ref_class_type)),
2333 "Expecting reference to class in class %s at constant pool index %d",
2334 _klass->external_name(), index);
2335 return;
2336 }
2337 VerificationType target_class_type = ref_class_type;
2338
2339 assert(sizeof(VerificationType) == sizeof(uintptr_t),
2340 "buffer type must match VerificationType size");
2341 uintptr_t field_type_buffer[2];
2342 VerificationType* field_type = (VerificationType*)field_type_buffer;
2343 // If we make a VerificationType[2] array directly, the compiler calls
2344 // to the c-runtime library to do the allocation instead of just
2345 // stack allocating it. Plus it would run constructors. This shows up
2346 // in performance profiles.
2347
2348 SignatureStream sig_stream(field_sig, false);
2349 VerificationType stack_object_type;
2350 int n = change_sig_to_verificationType(&sig_stream, field_type);
2351 int bci = bcs->bci();
2352 bool is_assignable;
2353 switch (bcs->raw_code()) {
2354 case Bytecodes::_getstatic: {
2355 for (int i = 0; i < n; i++) {
2356 current_frame->push_stack(field_type[i], CHECK_VERIFY(this));
2358 break;
2359 }
2360 case Bytecodes::_putstatic: {
2361 for (int i = n - 1; i >= 0; i--) {
2362 current_frame->pop_stack(field_type[i], CHECK_VERIFY(this));
2363 }
2364 break;
2365 }
2366 case Bytecodes::_getfield: {
2367 is_getfield = true;
2368 stack_object_type = current_frame->pop_stack(
2369 target_class_type, CHECK_VERIFY(this));
2370 goto check_protected;
2371 }
2372 case Bytecodes::_putfield: {
2373 for (int i = n - 1; i >= 0; i--) {
2374 current_frame->pop_stack(field_type[i], CHECK_VERIFY(this));
2375 }
2376 stack_object_type = current_frame->pop_stack(CHECK_VERIFY(this));
2377
2378 // The JVMS 2nd edition allows field initialization before the superclass
2379 // initializer, if the field is defined within the current class.
2380 fieldDescriptor fd;
2381 if (stack_object_type == VerificationType::uninitialized_this_type() &&
2382 target_class_type.equals(current_type()) &&
2383 _klass->find_local_field(field_name, field_sig, &fd)) {
2384 stack_object_type = current_type();
2385 }
2386 is_assignable = target_class_type.is_assignable_from(
2387 stack_object_type, this, false, CHECK_VERIFY(this));
2388 if (!is_assignable) {
2389 verify_error(ErrorContext::bad_type(bci,
2390 current_frame->stack_top_ctx(),
2391 TypeOrigin::cp(index, target_class_type)),
2392 "Bad type on operand stack in putfield");
2393 return;
2394 }
2395 }
2396 check_protected: {
2397 if (_this_type == stack_object_type)
2398 break; // stack_object_type must be assignable to _current_class_type
2399 if (was_recursively_verified()) {
2400 if (is_getfield) {
2401 // Push field type for getfield.
2402 for (int i = 0; i < n; i++) {
2403 current_frame->push_stack(field_type[i], CHECK_VERIFY(this));
2404 }
2769 bool ClassVerifier::is_same_or_direct_interface(
2770 InstanceKlass* klass,
2771 VerificationType klass_type,
2772 VerificationType ref_class_type) {
2773 if (ref_class_type.equals(klass_type)) return true;
2774 Array<InstanceKlass*>* local_interfaces = klass->local_interfaces();
2775 if (local_interfaces != nullptr) {
2776 for (int x = 0; x < local_interfaces->length(); x++) {
2777 InstanceKlass* k = local_interfaces->at(x);
2778 assert (k != nullptr && k->is_interface(), "invalid interface");
2779 if (ref_class_type.equals(VerificationType::reference_type(k->name()))) {
2780 return true;
2781 }
2782 }
2783 }
2784 return false;
2785 }
2786
2787 void ClassVerifier::verify_invoke_instructions(
2788 RawBytecodeStream* bcs, u4 code_length, StackMapFrame* current_frame,
2789 bool in_try_block, bool *this_uninit, VerificationType return_type,
2790 const constantPoolHandle& cp, StackMapTable* stackmap_table, TRAPS) {
2791 // Make sure the constant pool item is the right type
2792 u2 index = bcs->get_index_u2();
2793 Bytecodes::Code opcode = bcs->raw_code();
2794 unsigned int types = 0;
2795 switch (opcode) {
2796 case Bytecodes::_invokeinterface:
2797 types = 1 << JVM_CONSTANT_InterfaceMethodref;
2798 break;
2799 case Bytecodes::_invokedynamic:
2800 types = 1 << JVM_CONSTANT_InvokeDynamic;
2801 break;
2802 case Bytecodes::_invokespecial:
2803 case Bytecodes::_invokestatic:
2804 types = (_klass->major_version() < STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION) ?
2805 (1 << JVM_CONSTANT_Methodref) :
2806 ((1 << JVM_CONSTANT_InterfaceMethodref) | (1 << JVM_CONSTANT_Methodref));
2807 break;
2808 default:
2809 types = 1 << JVM_CONSTANT_Methodref;
2810 }
2811 verify_cp_type(bcs->bci(), index, cp, types, CHECK_VERIFY(this));
2812
2813 // Get method name and signature
2814 Symbol* method_name = cp->uncached_name_ref_at(index);
2815 Symbol* method_sig = cp->uncached_signature_ref_at(index);
2816
2817 // Method signature was checked in ClassFileParser.
2818 assert(SignatureVerifier::is_valid_method_signature(method_sig),
2819 "Invalid method signature");
2820
2821 // Get referenced class type
2822 VerificationType ref_class_type;
2823 if (opcode == Bytecodes::_invokedynamic) {
2824 if (_klass->major_version() < Verifier::INVOKEDYNAMIC_MAJOR_VERSION) {
2825 class_format_error(
2826 "invokedynamic instructions not supported by this class file version (%d), class %s",
2827 _klass->major_version(), _klass->external_name());
2828 return;
2829 }
2830 } else {
2831 ref_class_type = cp_ref_index_to_type(index, cp, CHECK_VERIFY(this));
2832 }
2833
2834 assert(sizeof(VerificationType) == sizeof(uintptr_t),
2835 "buffer type must match VerificationType size");
2836
2837 // Get the UTF8 index for this signature.
2838 int sig_index = cp->signature_ref_index_at(cp->uncached_name_and_type_ref_index_at(index));
2839
2840 // Get the signature's verification types.
2841 sig_as_verification_types* mth_sig_verif_types;
2867 "Inconsistent args count operand in invokeinterface");
2868 return;
2869 }
2870 if (*(bcp+4) != 0) {
2871 verify_error(ErrorContext::bad_code(bci),
2872 "Fourth operand byte of invokeinterface must be zero");
2873 return;
2874 }
2875 }
2876
2877 if (opcode == Bytecodes::_invokedynamic) {
2878 address bcp = bcs->bcp();
2879 if (*(bcp+3) != 0 || *(bcp+4) != 0) {
2880 verify_error(ErrorContext::bad_code(bci),
2881 "Third and fourth operand bytes of invokedynamic must be zero");
2882 return;
2883 }
2884 }
2885
2886 if (method_name->char_at(0) == JVM_SIGNATURE_SPECIAL) {
2887 // Make sure <init> can only be invoked by invokespecial
2888 if (opcode != Bytecodes::_invokespecial ||
2889 method_name != vmSymbols::object_initializer_name()) {
2890 verify_error(ErrorContext::bad_code(bci),
2891 "Illegal call to internal method");
2892 return;
2893 }
2894 } else if (opcode == Bytecodes::_invokespecial
2895 && !is_same_or_direct_interface(current_class(), current_type(), ref_class_type)
2896 && !ref_class_type.equals(VerificationType::reference_type(
2897 current_class()->super()->name()))) {
2898 bool subtype = false;
2899 bool have_imr_indirect = cp->tag_at(index).value() == JVM_CONSTANT_InterfaceMethodref;
2900 subtype = ref_class_type.is_assignable_from(
2901 current_type(), this, false, CHECK_VERIFY(this));
2902 if (!subtype) {
2903 verify_error(ErrorContext::bad_code(bci),
2904 "Bad invokespecial instruction: "
2905 "current class isn't assignable to reference class.");
2906 return;
2907 } else if (have_imr_indirect) {
2908 verify_error(ErrorContext::bad_code(bci),
2909 "Bad invokespecial instruction: "
2910 "interface method reference is in an indirect superinterface.");
2911 return;
2912 }
2913
2914 }
2915
2916 // Get the verification types for the method's arguments.
2917 GrowableArray<VerificationType>* sig_verif_types = mth_sig_verif_types->sig_verif_types();
2962 verify_error(ErrorContext::bad_type(bci,
2963 current_frame->stack_top_ctx(),
2964 TypeOrigin::implicit(current_type())),
2965 "Bad access to protected data in invokevirtual");
2966 return;
2967 }
2968 }
2969 }
2970 }
2971 }
2972 } else {
2973 assert(opcode == Bytecodes::_invokeinterface, "Unexpected opcode encountered");
2974 current_frame->pop_stack(ref_class_type, CHECK_VERIFY(this));
2975 }
2976 }
2977 }
2978 // Push the result type.
2979 int sig_verif_types_len = sig_verif_types->length();
2980 if (sig_verif_types_len > nargs) { // There's a return type
2981 if (method_name == vmSymbols::object_initializer_name()) {
2982 // <init> method must have a void return type
2983 /* Unreachable? Class file parser verifies that methods with '<' have
2984 * void return */
2985 verify_error(ErrorContext::bad_code(bci),
2986 "Return type must be void in <init> method");
2987 return;
2988 }
2989
2990 assert(sig_verif_types_len <= nargs + 2,
2991 "Signature verification types array return type is bogus");
2992 for (int i = nargs; i < sig_verif_types_len; i++) {
2993 assert(i == nargs || sig_verif_types->at(i).is_long2() ||
2994 sig_verif_types->at(i).is_double2(), "Unexpected return verificationType");
2995 current_frame->push_stack(sig_verif_types->at(i), CHECK_VERIFY(this));
2996 }
2997 }
2998 }
2999
3000 VerificationType ClassVerifier::get_newarray_type(
3001 u2 index, int bci, TRAPS) {
3002 const char* from_bt[] = {
3003 nullptr, nullptr, nullptr, nullptr, "[Z", "[C", "[F", "[D", "[B", "[S", "[I", "[J",
3004 };
|
48 #include "oops/instanceKlass.inline.hpp"
49 #include "oops/klass.inline.hpp"
50 #include "oops/oop.inline.hpp"
51 #include "oops/typeArrayOop.hpp"
52 #include "runtime/arguments.hpp"
53 #include "runtime/fieldDescriptor.hpp"
54 #include "runtime/handles.inline.hpp"
55 #include "runtime/interfaceSupport.inline.hpp"
56 #include "runtime/javaCalls.hpp"
57 #include "runtime/javaThread.hpp"
58 #include "runtime/jniHandles.inline.hpp"
59 #include "runtime/os.hpp"
60 #include "runtime/safepointVerifiers.hpp"
61 #include "services/threadService.hpp"
62 #include "utilities/align.hpp"
63 #include "utilities/bytes.hpp"
64
65 #define NOFAILOVER_MAJOR_VERSION 51
66 #define NONZERO_PADDING_BYTES_IN_SWITCH_MAJOR_VERSION 51
67 #define STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION 52
68 #define INLINE_TYPE_MAJOR_VERSION 56
69 #define MAX_ARRAY_DIMENSIONS 255
70
71 // Access to external entry for VerifyClassForMajorVersion - old byte code verifier
72
73 extern "C" {
74 typedef jboolean (*verify_byte_codes_fn_t)(JNIEnv *, jclass, char *, jint, jint);
75 }
76
77 static verify_byte_codes_fn_t volatile _verify_byte_codes_fn = nullptr;
78
79 static verify_byte_codes_fn_t verify_byte_codes_fn() {
80
81 if (_verify_byte_codes_fn != nullptr)
82 return _verify_byte_codes_fn;
83
84 MutexLocker locker(Verify_lock);
85
86 if (_verify_byte_codes_fn != nullptr)
87 return _verify_byte_codes_fn;
88
263 // to infinitely recurse when we try to initialize the exception.
264 // So bail out here by throwing the preallocated VM error.
265 THROW_OOP_(Universe::internal_error_instance(), false);
266 }
267 kls = kls->super();
268 }
269 if (message_buffer != nullptr) {
270 message_buffer[message_buffer_len - 1] = '\0'; // just to be sure
271 }
272 assert(exception_message != nullptr, "");
273 THROW_MSG_(exception_name, exception_message, false);
274 }
275 }
276
277 bool Verifier::is_eligible_for_verification(InstanceKlass* klass, bool should_verify_class) {
278 Symbol* name = klass->name();
279
280 return (should_verify_for(klass->class_loader(), should_verify_class) &&
281 // return if the class is a bootstrapping class
282 // or defineClass specified not to verify by default (flags override passed arg)
283 // We need to skip the following four for bootstrapping
284 name != vmSymbols::java_lang_Object() &&
285 name != vmSymbols::java_lang_Class() &&
286 name != vmSymbols::java_lang_String() &&
287 name != vmSymbols::java_lang_Throwable() &&
288
289 // Can not verify the bytecodes for shared classes because they have
290 // already been rewritten to contain constant pool cache indices,
291 // which the verifier can't understand.
292 // Shared classes shouldn't have stackmaps either.
293 // However, bytecodes for shared old classes can be verified because
294 // they have not been rewritten.
295 !(klass->is_shared() && klass->is_rewritten()));
296 }
297
298 Symbol* Verifier::inference_verify(
299 InstanceKlass* klass, char* message, size_t message_len, TRAPS) {
300 JavaThread* thread = THREAD;
301
302 verify_byte_codes_fn_t verify_func = verify_byte_codes_fn();
303
477 ss->print("Local index %d is invalid", _type.index());
478 break;
479 case LOCALS_SIZE_MISMATCH:
480 ss->print("Current frame's local size doesn't match stackmap.");
481 break;
482 case STACK_SIZE_MISMATCH:
483 ss->print("Current frame's stack size doesn't match stackmap.");
484 break;
485 case STACK_OVERFLOW:
486 ss->print("Exceeded max stack size.");
487 break;
488 case STACK_UNDERFLOW:
489 ss->print("Attempt to pop empty stack.");
490 break;
491 case MISSING_STACKMAP:
492 ss->print("Expected stackmap frame at this location.");
493 break;
494 case BAD_STACKMAP:
495 ss->print("Invalid stackmap specification.");
496 break;
497 case WRONG_INLINE_TYPE:
498 ss->print("Type ");
499 _type.details(ss);
500 ss->print(" and type ");
501 _expected.details(ss);
502 ss->print(" must be identical inline types.");
503 break;
504 case UNKNOWN:
505 default:
506 ShouldNotReachHere();
507 ss->print_cr("Unknown");
508 }
509 ss->cr();
510 }
511
512 void ErrorContext::location_details(outputStream* ss, const Method* method) const {
513 if (_bci != -1 && method != nullptr) {
514 streamIndentor si(ss);
515 const char* bytecode_name = "<invalid>";
516 if (method->validate_bci(_bci) != -1) {
517 Bytecodes::Code code = Bytecodes::code_or_bp_at(method->bcp_from(_bci));
518 if (Bytecodes::is_defined(code)) {
519 bytecode_name = Bytecodes::name(code);
520 } else {
521 bytecode_name = "<illegal>";
522 }
523 }
604 ClassVerifier::~ClassVerifier() {
605 // Decrement the reference count for any symbols created.
606 if (_symbols != nullptr) {
607 for (int i = 0; i < _symbols->length(); i++) {
608 Symbol* s = _symbols->at(i);
609 s->decrement_refcount();
610 }
611 }
612 }
613
614 VerificationType ClassVerifier::object_type() const {
615 return VerificationType::reference_type(vmSymbols::java_lang_Object());
616 }
617
618 TypeOrigin ClassVerifier::ref_ctx(const char* sig) {
619 VerificationType vt = VerificationType::reference_type(
620 create_temporary_symbol(sig, (int)strlen(sig)));
621 return TypeOrigin::implicit(vt);
622 }
623
624 static bool supports_strict_fields(InstanceKlass* klass) {
625 int ver = klass->major_version();
626 return ver > Verifier::VALUE_TYPES_MAJOR_VERSION ||
627 (ver == Verifier::VALUE_TYPES_MAJOR_VERSION && klass->minor_version() == Verifier::JAVA_PREVIEW_MINOR_VERSION);
628 }
629
630 void ClassVerifier::verify_class(TRAPS) {
631 log_info(verification)("Verifying class %s with new format", _klass->external_name());
632
633 // Either verifying both local and remote classes or just remote classes.
634 assert(BytecodeVerificationRemote, "Should not be here");
635
636 Array<Method*>* methods = _klass->methods();
637 int num_methods = methods->length();
638
639 for (int index = 0; index < num_methods; index++) {
640 // Check for recursive re-verification before each method.
641 if (was_recursively_verified()) return;
642
643 Method* m = methods->at(index);
644 if (m->is_native() || m->is_abstract() || m->is_overpass()) {
645 // If m is native or abstract, skip it. It is checked in class file
646 // parser that methods do not override a final method. Overpass methods
647 // are trusted since the VM generates them.
648 continue;
1676 VerificationType::double2_type(), CHECK_VERIFY(this));
1677 type = current_frame.pop_stack(
1678 VerificationType::double_type(), CHECK_VERIFY(this));
1679 verify_return_value(return_type, type, bci,
1680 ¤t_frame, CHECK_VERIFY(this));
1681 no_control_flow = true; break;
1682 case Bytecodes::_areturn :
1683 type = current_frame.pop_stack(
1684 VerificationType::reference_check(), CHECK_VERIFY(this));
1685 verify_return_value(return_type, type, bci,
1686 ¤t_frame, CHECK_VERIFY(this));
1687 no_control_flow = true; break;
1688 case Bytecodes::_return :
1689 if (return_type != VerificationType::bogus_type()) {
1690 verify_error(ErrorContext::bad_code(bci),
1691 "Method expects a return value");
1692 return;
1693 }
1694 // Make sure "this" has been initialized if current method is an
1695 // <init>.
1696 if (_method->is_object_constructor() &&
1697 current_frame.flag_this_uninit()) {
1698 verify_error(ErrorContext::bad_code(bci),
1699 "Constructor must call super() or this() "
1700 "before return");
1701 return;
1702 }
1703 no_control_flow = true; break;
1704 case Bytecodes::_getstatic :
1705 case Bytecodes::_putstatic :
1706 // pass TRUE, operand can be an array type for getstatic/putstatic.
1707 verify_field_instructions(
1708 &bcs, ¤t_frame, cp, true, CHECK_VERIFY(this));
1709 no_control_flow = false; break;
1710 case Bytecodes::_getfield :
1711 case Bytecodes::_putfield :
1712 // pass FALSE, operand can't be an array type for getfield/putfield.
1713 verify_field_instructions(
1714 &bcs, ¤t_frame, cp, false, CHECK_VERIFY(this));
1715 no_control_flow = false; break;
1716 case Bytecodes::_invokevirtual :
1717 case Bytecodes::_invokespecial :
1718 case Bytecodes::_invokestatic :
1719 case Bytecodes::_invokeinterface :
1720 case Bytecodes::_invokedynamic :
1721 verify_invoke_instructions(
1722 &bcs, code_length, ¤t_frame, (bci >= ex_min && bci < ex_max),
1723 &this_uninit, cp, &stackmap_table, CHECK_VERIFY(this));
1724 no_control_flow = false; break;
1725 case Bytecodes::_new :
1726 {
1727 u2 index = bcs.get_index_u2();
1728 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1729 VerificationType new_class_type =
1730 cp_index_to_type(index, cp, CHECK_VERIFY(this));
1731 if (!new_class_type.is_object()) {
1732 verify_error(ErrorContext::bad_type(bci,
1733 TypeOrigin::cp(index, new_class_type)),
1734 "Illegal new instruction");
1735 return;
1736 }
1737 type = VerificationType::uninitialized_type(checked_cast<u2>(bci));
1738 current_frame.push_stack(type, CHECK_VERIFY(this));
1739 no_control_flow = false; break;
1740 }
1741 case Bytecodes::_newarray :
1742 type = get_newarray_type(bcs.get_index(), bci, CHECK_VERIFY(this));
1743 current_frame.pop_stack(
1761 no_control_flow = false; break;
1762 case Bytecodes::_checkcast :
1763 {
1764 u2 index = bcs.get_index_u2();
1765 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1766 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1767 VerificationType klass_type = cp_index_to_type(
1768 index, cp, CHECK_VERIFY(this));
1769 current_frame.push_stack(klass_type, CHECK_VERIFY(this));
1770 no_control_flow = false; break;
1771 }
1772 case Bytecodes::_instanceof : {
1773 u2 index = bcs.get_index_u2();
1774 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1775 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1776 current_frame.push_stack(
1777 VerificationType::integer_type(), CHECK_VERIFY(this));
1778 no_control_flow = false; break;
1779 }
1780 case Bytecodes::_monitorenter :
1781 case Bytecodes::_monitorexit : {
1782 VerificationType ref = current_frame.pop_stack(
1783 VerificationType::reference_check(), CHECK_VERIFY(this));
1784 no_control_flow = false; break;
1785 }
1786 case Bytecodes::_multianewarray :
1787 {
1788 u2 index = bcs.get_index_u2();
1789 u2 dim = *(bcs.bcp()+3);
1790 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1791 VerificationType new_array_type =
1792 cp_index_to_type(index, cp, CHECK_VERIFY(this));
1793 if (!new_array_type.is_array()) {
1794 verify_error(ErrorContext::bad_type(bci,
1795 TypeOrigin::cp(index, new_array_type)),
1796 "Illegal constant pool index in multianewarray instruction");
1797 return;
1798 }
1799 if (dim < 1 || new_array_type.dimensions() < dim) {
1800 verify_error(ErrorContext::bad_code(bci),
1801 "Illegal dimension in multianewarray instruction: %d", dim);
1802 return;
1803 }
1804 for (int i = 0; i < dim; i++) {
1805 current_frame.pop_stack(
2030 int nconstants = cp->length();
2031 if ((index <= 0) || (index >= nconstants)) {
2032 verify_error(ErrorContext::bad_cp_index(bci, index),
2033 "Illegal constant pool index %d in class %s",
2034 index, cp->pool_holder()->external_name());
2035 return;
2036 }
2037 }
2038
2039 void ClassVerifier::verify_cp_type(
2040 int bci, u2 index, const constantPoolHandle& cp, unsigned int types, TRAPS) {
2041
2042 // In some situations, bytecode rewriting may occur while we're verifying.
2043 // In this case, a constant pool cache exists and some indices refer to that
2044 // instead. Be sure we don't pick up such indices by accident.
2045 // We must check was_recursively_verified() before we get here.
2046 guarantee(cp->cache() == nullptr, "not rewritten yet");
2047
2048 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2049 unsigned int tag = cp->tag_at(index).value();
2050
2051 if ((types & (1 << tag)) == 0) {
2052 verify_error(ErrorContext::bad_cp_index(bci, index),
2053 "Illegal type at constant pool entry %d in class %s",
2054 index, cp->pool_holder()->external_name());
2055 return;
2056 }
2057 }
2058
2059 void ClassVerifier::verify_cp_class_type(
2060 int bci, u2 index, const constantPoolHandle& cp, TRAPS) {
2061 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2062 constantTag tag = cp->tag_at(index);
2063 if (!tag.is_klass() && !tag.is_unresolved_klass()) {
2064 verify_error(ErrorContext::bad_cp_index(bci, index),
2065 "Illegal type at constant pool entry %d in class %s",
2066 index, cp->pool_holder()->external_name());
2067 return;
2068 }
2069 }
2070
2145 } else {
2146 Klass* member_klass = target_instance->find_field(field_name, field_sig, &fd);
2147 if (member_klass != nullptr && fd.is_protected()) {
2148 if (!this_class->is_same_class_package(member_klass)) {
2149 return true;
2150 }
2151 }
2152 }
2153 return false;
2154 }
2155
2156 void ClassVerifier::verify_ldc(
2157 int opcode, u2 index, StackMapFrame* current_frame,
2158 const constantPoolHandle& cp, int bci, TRAPS) {
2159 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2160 constantTag tag = cp->tag_at(index);
2161 unsigned int types = 0;
2162 if (opcode == Bytecodes::_ldc || opcode == Bytecodes::_ldc_w) {
2163 if (!tag.is_unresolved_klass()) {
2164 types = (1 << JVM_CONSTANT_Integer) | (1 << JVM_CONSTANT_Float)
2165 | (1 << JVM_CONSTANT_String) | (1 << JVM_CONSTANT_Class)
2166 | (1 << JVM_CONSTANT_MethodHandle) | (1 << JVM_CONSTANT_MethodType)
2167 | (1 << JVM_CONSTANT_Dynamic);
2168 // Note: The class file parser already verified the legality of
2169 // MethodHandle and MethodType constants.
2170 verify_cp_type(bci, index, cp, types, CHECK_VERIFY(this));
2171 }
2172 } else {
2173 assert(opcode == Bytecodes::_ldc2_w, "must be ldc2_w");
2174 types = (1 << JVM_CONSTANT_Double) | (1 << JVM_CONSTANT_Long)
2175 | (1 << JVM_CONSTANT_Dynamic);
2176 verify_cp_type(bci, index, cp, types, CHECK_VERIFY(this));
2177 }
2178 if (tag.is_string()) {
2179 current_frame->push_stack(
2180 VerificationType::reference_type(
2181 vmSymbols::java_lang_String()), CHECK_VERIFY(this));
2182 } else if (tag.is_klass() || tag.is_unresolved_klass()) {
2183 current_frame->push_stack(
2184 VerificationType::reference_type(
2185 vmSymbols::java_lang_Class()), CHECK_VERIFY(this));
2321 const constantPoolHandle& cp,
2322 bool allow_arrays,
2323 TRAPS) {
2324 u2 index = bcs->get_index_u2();
2325 verify_cp_type(bcs->bci(), index, cp,
2326 1 << JVM_CONSTANT_Fieldref, CHECK_VERIFY(this));
2327
2328 // Get field name and signature
2329 Symbol* field_name = cp->uncached_name_ref_at(index);
2330 Symbol* field_sig = cp->uncached_signature_ref_at(index);
2331 bool is_getfield = false;
2332
2333 // Field signature was checked in ClassFileParser.
2334 assert(SignatureVerifier::is_valid_type_signature(field_sig),
2335 "Invalid field signature");
2336
2337 // Get referenced class type
2338 VerificationType ref_class_type = cp_ref_index_to_type(
2339 index, cp, CHECK_VERIFY(this));
2340 if (!ref_class_type.is_object() &&
2341 (!allow_arrays || !ref_class_type.is_array())) {
2342 verify_error(ErrorContext::bad_type(bcs->bci(),
2343 TypeOrigin::cp(index, ref_class_type)),
2344 "Expecting reference to class in class %s at constant pool index %d",
2345 _klass->external_name(), index);
2346 return;
2347 }
2348
2349 VerificationType target_class_type = ref_class_type;
2350
2351 assert(sizeof(VerificationType) == sizeof(uintptr_t),
2352 "buffer type must match VerificationType size");
2353 uintptr_t field_type_buffer[2];
2354 VerificationType* field_type = (VerificationType*)field_type_buffer;
2355 // If we make a VerificationType[2] array directly, the compiler calls
2356 // to the c-runtime library to do the allocation instead of just
2357 // stack allocating it. Plus it would run constructors. This shows up
2358 // in performance profiles.
2359
2360 SignatureStream sig_stream(field_sig, false);
2361 VerificationType stack_object_type;
2362 int n = change_sig_to_verificationType(&sig_stream, field_type);
2363 int bci = bcs->bci();
2364 bool is_assignable;
2365 switch (bcs->raw_code()) {
2366 case Bytecodes::_getstatic: {
2367 for (int i = 0; i < n; i++) {
2368 current_frame->push_stack(field_type[i], CHECK_VERIFY(this));
2370 break;
2371 }
2372 case Bytecodes::_putstatic: {
2373 for (int i = n - 1; i >= 0; i--) {
2374 current_frame->pop_stack(field_type[i], CHECK_VERIFY(this));
2375 }
2376 break;
2377 }
2378 case Bytecodes::_getfield: {
2379 is_getfield = true;
2380 stack_object_type = current_frame->pop_stack(
2381 target_class_type, CHECK_VERIFY(this));
2382 goto check_protected;
2383 }
2384 case Bytecodes::_putfield: {
2385 for (int i = n - 1; i >= 0; i--) {
2386 current_frame->pop_stack(field_type[i], CHECK_VERIFY(this));
2387 }
2388 stack_object_type = current_frame->pop_stack(CHECK_VERIFY(this));
2389
2390 // Field initialization is allowed before the superclass
2391 // initializer, if the field is defined within the current class.
2392 fieldDescriptor fd;
2393 bool is_local_field = _klass->find_local_field(field_name, field_sig, &fd) &&
2394 target_class_type.equals(current_type());
2395 if (stack_object_type == VerificationType::uninitialized_this_type()) {
2396 if (is_local_field) {
2397 // Set the type to the current type so the is_assignable check passes.
2398 stack_object_type = current_type();
2399 }
2400 } else if (supports_strict_fields(_klass)) {
2401 // `strict` fields are not writable, but only local fields produce verification errors
2402 if (is_local_field && fd.access_flags().is_strict()) {
2403 verify_error(ErrorContext::bad_code(bci),
2404 "Illegal use of putfield on a strict field");
2405 return;
2406 }
2407 }
2408 is_assignable = target_class_type.is_assignable_from(
2409 stack_object_type, this, false, CHECK_VERIFY(this));
2410 if (!is_assignable) {
2411 verify_error(ErrorContext::bad_type(bci,
2412 current_frame->stack_top_ctx(),
2413 TypeOrigin::cp(index, target_class_type)),
2414 "Bad type on operand stack in putfield");
2415 return;
2416 }
2417 }
2418 check_protected: {
2419 if (_this_type == stack_object_type)
2420 break; // stack_object_type must be assignable to _current_class_type
2421 if (was_recursively_verified()) {
2422 if (is_getfield) {
2423 // Push field type for getfield.
2424 for (int i = 0; i < n; i++) {
2425 current_frame->push_stack(field_type[i], CHECK_VERIFY(this));
2426 }
2791 bool ClassVerifier::is_same_or_direct_interface(
2792 InstanceKlass* klass,
2793 VerificationType klass_type,
2794 VerificationType ref_class_type) {
2795 if (ref_class_type.equals(klass_type)) return true;
2796 Array<InstanceKlass*>* local_interfaces = klass->local_interfaces();
2797 if (local_interfaces != nullptr) {
2798 for (int x = 0; x < local_interfaces->length(); x++) {
2799 InstanceKlass* k = local_interfaces->at(x);
2800 assert (k != nullptr && k->is_interface(), "invalid interface");
2801 if (ref_class_type.equals(VerificationType::reference_type(k->name()))) {
2802 return true;
2803 }
2804 }
2805 }
2806 return false;
2807 }
2808
2809 void ClassVerifier::verify_invoke_instructions(
2810 RawBytecodeStream* bcs, u4 code_length, StackMapFrame* current_frame,
2811 bool in_try_block, bool *this_uninit,
2812 const constantPoolHandle& cp, StackMapTable* stackmap_table, TRAPS) {
2813 // Make sure the constant pool item is the right type
2814 u2 index = bcs->get_index_u2();
2815 Bytecodes::Code opcode = bcs->raw_code();
2816 unsigned int types = 0;
2817 switch (opcode) {
2818 case Bytecodes::_invokeinterface:
2819 types = 1 << JVM_CONSTANT_InterfaceMethodref;
2820 break;
2821 case Bytecodes::_invokedynamic:
2822 types = 1 << JVM_CONSTANT_InvokeDynamic;
2823 break;
2824 case Bytecodes::_invokespecial:
2825 case Bytecodes::_invokestatic:
2826 types = (_klass->major_version() < STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION) ?
2827 (1 << JVM_CONSTANT_Methodref) :
2828 ((1 << JVM_CONSTANT_InterfaceMethodref) | (1 << JVM_CONSTANT_Methodref));
2829 break;
2830 default:
2831 types = 1 << JVM_CONSTANT_Methodref;
2832 }
2833 verify_cp_type(bcs->bci(), index, cp, types, CHECK_VERIFY(this));
2834
2835 // Get method name and signature
2836 Symbol* method_name = cp->uncached_name_ref_at(index);
2837 Symbol* method_sig = cp->uncached_signature_ref_at(index);
2838
2839 // Method signature was checked in ClassFileParser.
2840 assert(SignatureVerifier::is_valid_method_signature(method_sig),
2841 "Invalid method signature");
2842
2843 // Get referenced class
2844 VerificationType ref_class_type;
2845 if (opcode == Bytecodes::_invokedynamic) {
2846 if (_klass->major_version() < Verifier::INVOKEDYNAMIC_MAJOR_VERSION) {
2847 class_format_error(
2848 "invokedynamic instructions not supported by this class file version (%d), class %s",
2849 _klass->major_version(), _klass->external_name());
2850 return;
2851 }
2852 } else {
2853 ref_class_type = cp_ref_index_to_type(index, cp, CHECK_VERIFY(this));
2854 }
2855
2856 assert(sizeof(VerificationType) == sizeof(uintptr_t),
2857 "buffer type must match VerificationType size");
2858
2859 // Get the UTF8 index for this signature.
2860 int sig_index = cp->signature_ref_index_at(cp->uncached_name_and_type_ref_index_at(index));
2861
2862 // Get the signature's verification types.
2863 sig_as_verification_types* mth_sig_verif_types;
2889 "Inconsistent args count operand in invokeinterface");
2890 return;
2891 }
2892 if (*(bcp+4) != 0) {
2893 verify_error(ErrorContext::bad_code(bci),
2894 "Fourth operand byte of invokeinterface must be zero");
2895 return;
2896 }
2897 }
2898
2899 if (opcode == Bytecodes::_invokedynamic) {
2900 address bcp = bcs->bcp();
2901 if (*(bcp+3) != 0 || *(bcp+4) != 0) {
2902 verify_error(ErrorContext::bad_code(bci),
2903 "Third and fourth operand bytes of invokedynamic must be zero");
2904 return;
2905 }
2906 }
2907
2908 if (method_name->char_at(0) == JVM_SIGNATURE_SPECIAL) {
2909 // Make sure:
2910 // <init> can only be invoked by invokespecial.
2911 if (opcode != Bytecodes::_invokespecial ||
2912 method_name != vmSymbols::object_initializer_name()) {
2913 verify_error(ErrorContext::bad_code(bci),
2914 "Illegal call to internal method");
2915 return;
2916 }
2917 } else if (opcode == Bytecodes::_invokespecial
2918 && !is_same_or_direct_interface(current_class(), current_type(), ref_class_type)
2919 && !ref_class_type.equals(VerificationType::reference_type(
2920 current_class()->super()->name()))) { // super() can never be an inline_type.
2921 bool subtype = false;
2922 bool have_imr_indirect = cp->tag_at(index).value() == JVM_CONSTANT_InterfaceMethodref;
2923 subtype = ref_class_type.is_assignable_from(
2924 current_type(), this, false, CHECK_VERIFY(this));
2925 if (!subtype) {
2926 verify_error(ErrorContext::bad_code(bci),
2927 "Bad invokespecial instruction: "
2928 "current class isn't assignable to reference class.");
2929 return;
2930 } else if (have_imr_indirect) {
2931 verify_error(ErrorContext::bad_code(bci),
2932 "Bad invokespecial instruction: "
2933 "interface method reference is in an indirect superinterface.");
2934 return;
2935 }
2936
2937 }
2938
2939 // Get the verification types for the method's arguments.
2940 GrowableArray<VerificationType>* sig_verif_types = mth_sig_verif_types->sig_verif_types();
2985 verify_error(ErrorContext::bad_type(bci,
2986 current_frame->stack_top_ctx(),
2987 TypeOrigin::implicit(current_type())),
2988 "Bad access to protected data in invokevirtual");
2989 return;
2990 }
2991 }
2992 }
2993 }
2994 }
2995 } else {
2996 assert(opcode == Bytecodes::_invokeinterface, "Unexpected opcode encountered");
2997 current_frame->pop_stack(ref_class_type, CHECK_VERIFY(this));
2998 }
2999 }
3000 }
3001 // Push the result type.
3002 int sig_verif_types_len = sig_verif_types->length();
3003 if (sig_verif_types_len > nargs) { // There's a return type
3004 if (method_name == vmSymbols::object_initializer_name()) {
3005 // an <init> method must have a void return type
3006 verify_error(ErrorContext::bad_code(bci),
3007 "Return type must be void in <init> method");
3008 return;
3009 }
3010
3011 assert(sig_verif_types_len <= nargs + 2,
3012 "Signature verification types array return type is bogus");
3013 for (int i = nargs; i < sig_verif_types_len; i++) {
3014 assert(i == nargs || sig_verif_types->at(i).is_long2() ||
3015 sig_verif_types->at(i).is_double2(), "Unexpected return verificationType");
3016 current_frame->push_stack(sig_verif_types->at(i), CHECK_VERIFY(this));
3017 }
3018 }
3019 }
3020
3021 VerificationType ClassVerifier::get_newarray_type(
3022 u2 index, int bci, TRAPS) {
3023 const char* from_bt[] = {
3024 nullptr, nullptr, nullptr, nullptr, "[Z", "[C", "[F", "[D", "[B", "[S", "[I", "[J",
3025 };
|