46 #include "oops/instanceKlass.inline.hpp"
47 #include "oops/klass.inline.hpp"
48 #include "oops/oop.inline.hpp"
49 #include "oops/typeArrayOop.hpp"
50 #include "runtime/arguments.hpp"
51 #include "runtime/fieldDescriptor.hpp"
52 #include "runtime/handles.inline.hpp"
53 #include "runtime/interfaceSupport.inline.hpp"
54 #include "runtime/javaCalls.hpp"
55 #include "runtime/javaThread.hpp"
56 #include "runtime/jniHandles.inline.hpp"
57 #include "runtime/os.hpp"
58 #include "runtime/safepointVerifiers.hpp"
59 #include "services/threadService.hpp"
60 #include "utilities/align.hpp"
61 #include "utilities/bytes.hpp"
62
63 #define NOFAILOVER_MAJOR_VERSION 51
64 #define NONZERO_PADDING_BYTES_IN_SWITCH_MAJOR_VERSION 51
65 #define STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION 52
66 #define MAX_ARRAY_DIMENSIONS 255
67
68 // Access to external entry for VerifyClassForMajorVersion - old byte code verifier
69
70 extern "C" {
71 typedef jboolean (*verify_byte_codes_fn_t)(JNIEnv *, jclass, char *, jint, jint);
72 }
73
74 static verify_byte_codes_fn_t volatile _verify_byte_codes_fn = NULL;
75
76 static verify_byte_codes_fn_t verify_byte_codes_fn() {
77
78 if (_verify_byte_codes_fn != NULL)
79 return _verify_byte_codes_fn;
80
81 MutexLocker locker(Verify_lock);
82
83 if (_verify_byte_codes_fn != NULL)
84 return _verify_byte_codes_fn;
85
258 }
259 kls = kls->super();
260 }
261 if (message_buffer != NULL) {
262 message_buffer[message_buffer_len - 1] = '\0'; // just to be sure
263 }
264 assert(exception_message != NULL, "");
265 THROW_MSG_(exception_name, exception_message, false);
266 }
267 }
268
269 bool Verifier::is_eligible_for_verification(InstanceKlass* klass, bool should_verify_class) {
270 Symbol* name = klass->name();
271 Klass* refl_magic_klass = vmClasses::reflect_MagicAccessorImpl_klass();
272
273 bool is_reflect = refl_magic_klass != NULL && klass->is_subtype_of(refl_magic_klass);
274
275 return (should_verify_for(klass->class_loader(), should_verify_class) &&
276 // return if the class is a bootstrapping class
277 // or defineClass specified not to verify by default (flags override passed arg)
278 // We need to skip the following four for bootstraping
279 name != vmSymbols::java_lang_Object() &&
280 name != vmSymbols::java_lang_Class() &&
281 name != vmSymbols::java_lang_String() &&
282 name != vmSymbols::java_lang_Throwable() &&
283
284 // Can not verify the bytecodes for shared classes because they have
285 // already been rewritten to contain constant pool cache indices,
286 // which the verifier can't understand.
287 // Shared classes shouldn't have stackmaps either.
288 // However, bytecodes for shared old classes can be verified because
289 // they have not been rewritten.
290 !(klass->is_shared() && klass->is_rewritten()) &&
291
292 // As of the fix for 4486457 we disable verification for all of the
293 // dynamically-generated bytecodes associated with the 1.4
294 // reflection implementation, not just those associated with
295 // jdk/internal/reflect/SerializationConstructorAccessor.
296 // NOTE: this is called too early in the bootstrapping process to be
297 // guarded by Universe::is_gte_jdk14x_version().
298 // Also for lambda generated code, gte jdk8
481 ss->print("Local index %d is invalid", _type.index());
482 break;
483 case LOCALS_SIZE_MISMATCH:
484 ss->print("Current frame's local size doesn't match stackmap.");
485 break;
486 case STACK_SIZE_MISMATCH:
487 ss->print("Current frame's stack size doesn't match stackmap.");
488 break;
489 case STACK_OVERFLOW:
490 ss->print("Exceeded max stack size.");
491 break;
492 case STACK_UNDERFLOW:
493 ss->print("Attempt to pop empty stack.");
494 break;
495 case MISSING_STACKMAP:
496 ss->print("Expected stackmap frame at this location.");
497 break;
498 case BAD_STACKMAP:
499 ss->print("Invalid stackmap specification.");
500 break;
501 case UNKNOWN:
502 default:
503 ShouldNotReachHere();
504 ss->print_cr("Unknown");
505 }
506 ss->cr();
507 }
508
509 void ErrorContext::location_details(outputStream* ss, const Method* method) const {
510 if (_bci != -1 && method != NULL) {
511 streamIndentor si(ss);
512 const char* bytecode_name = "<invalid>";
513 if (method->validate_bci(_bci) != -1) {
514 Bytecodes::Code code = Bytecodes::code_or_bp_at(method->bcp_from(_bci));
515 if (Bytecodes::is_defined(code)) {
516 bytecode_name = Bytecodes::name(code);
517 } else {
518 bytecode_name = "<illegal>";
519 }
520 }
575 stack_map_frame* sm_frame = sm_table->entries();
576 streamIndentor si2(ss);
577 int current_offset = -1;
578 address end_of_sm_table = (address)sm_table + method->stackmap_data()->length();
579 for (u2 i = 0; i < sm_table->number_of_entries(); ++i) {
580 ss->indent();
581 if (!sm_frame->verify((address)sm_frame, end_of_sm_table)) {
582 sm_frame->print_truncated(ss, current_offset);
583 return;
584 }
585 sm_frame->print_on(ss, current_offset);
586 ss->cr();
587 current_offset += sm_frame->offset_delta();
588 sm_frame = sm_frame->next();
589 }
590 }
591 }
592
593 // Methods in ClassVerifier
594
595 ClassVerifier::ClassVerifier(JavaThread* current, InstanceKlass* klass)
596 : _thread(current), _previous_symbol(NULL), _symbols(NULL), _exception_type(NULL),
597 _message(NULL), _klass(klass) {
598 _this_type = VerificationType::reference_type(klass->name());
599 }
600
601 ClassVerifier::~ClassVerifier() {
602 // Decrement the reference count for any symbols created.
603 if (_symbols != NULL) {
604 for (int i = 0; i < _symbols->length(); i++) {
605 Symbol* s = _symbols->at(i);
606 s->decrement_refcount();
607 }
608 }
609 }
610
611 VerificationType ClassVerifier::object_type() const {
612 return VerificationType::reference_type(vmSymbols::java_lang_Object());
613 }
614
615 TypeOrigin ClassVerifier::ref_ctx(const char* sig) {
616 VerificationType vt = VerificationType::reference_type(
617 create_temporary_symbol(sig, (int)strlen(sig)));
618 return TypeOrigin::implicit(vt);
1018 case Bytecodes::_daload :
1019 type = current_frame.pop_stack(
1020 VerificationType::integer_type(), CHECK_VERIFY(this));
1021 atype = current_frame.pop_stack(
1022 VerificationType::reference_check(), CHECK_VERIFY(this));
1023 if (!atype.is_double_array()) {
1024 verify_error(ErrorContext::bad_type(bci,
1025 current_frame.stack_top_ctx(), ref_ctx("[D")),
1026 bad_type_msg, "daload");
1027 return;
1028 }
1029 current_frame.push_stack_2(
1030 VerificationType::double_type(),
1031 VerificationType::double2_type(), CHECK_VERIFY(this));
1032 no_control_flow = false; break;
1033 case Bytecodes::_aaload : {
1034 type = current_frame.pop_stack(
1035 VerificationType::integer_type(), CHECK_VERIFY(this));
1036 atype = current_frame.pop_stack(
1037 VerificationType::reference_check(), CHECK_VERIFY(this));
1038 if (!atype.is_reference_array()) {
1039 verify_error(ErrorContext::bad_type(bci,
1040 current_frame.stack_top_ctx(),
1041 TypeOrigin::implicit(VerificationType::reference_check())),
1042 bad_type_msg, "aaload");
1043 return;
1044 }
1045 if (atype.is_null()) {
1046 current_frame.push_stack(
1047 VerificationType::null_type(), CHECK_VERIFY(this));
1048 } else {
1049 VerificationType component = atype.get_component(this);
1050 current_frame.push_stack(component, CHECK_VERIFY(this));
1051 }
1052 no_control_flow = false; break;
1053 }
1054 case Bytecodes::_istore :
1055 verify_istore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
1056 no_control_flow = false; break;
1057 case Bytecodes::_istore_0 :
1058 case Bytecodes::_istore_1 :
1191 VerificationType::double2_type(),
1192 VerificationType::double_type(), CHECK_VERIFY(this));
1193 current_frame.pop_stack(
1194 VerificationType::integer_type(), CHECK_VERIFY(this));
1195 atype = current_frame.pop_stack(
1196 VerificationType::reference_check(), CHECK_VERIFY(this));
1197 if (!atype.is_double_array()) {
1198 verify_error(ErrorContext::bad_type(bci,
1199 current_frame.stack_top_ctx(), ref_ctx("[D")),
1200 bad_type_msg, "dastore");
1201 return;
1202 }
1203 no_control_flow = false; break;
1204 case Bytecodes::_aastore :
1205 type = current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1206 type2 = current_frame.pop_stack(
1207 VerificationType::integer_type(), CHECK_VERIFY(this));
1208 atype = current_frame.pop_stack(
1209 VerificationType::reference_check(), CHECK_VERIFY(this));
1210 // more type-checking is done at runtime
1211 if (!atype.is_reference_array()) {
1212 verify_error(ErrorContext::bad_type(bci,
1213 current_frame.stack_top_ctx(),
1214 TypeOrigin::implicit(VerificationType::reference_check())),
1215 bad_type_msg, "aastore");
1216 return;
1217 }
1218 // 4938384: relaxed constraint in JVMS 3rd edition.
1219 no_control_flow = false; break;
1220 case Bytecodes::_pop :
1221 current_frame.pop_stack(
1222 VerificationType::category1_check(), CHECK_VERIFY(this));
1223 no_control_flow = false; break;
1224 case Bytecodes::_pop2 :
1225 type = current_frame.pop_stack(CHECK_VERIFY(this));
1226 if (type.is_category1()) {
1227 current_frame.pop_stack(
1228 VerificationType::category1_check(), CHECK_VERIFY(this));
1229 } else if (type.is_category2_2nd()) {
1230 current_frame.pop_stack(
1231 VerificationType::category2_check(), CHECK_VERIFY(this));
1591 case Bytecodes::_if_icmpgt:
1592 case Bytecodes::_if_icmple:
1593 current_frame.pop_stack(
1594 VerificationType::integer_type(), CHECK_VERIFY(this));
1595 // fall through
1596 case Bytecodes::_ifeq:
1597 case Bytecodes::_ifne:
1598 case Bytecodes::_iflt:
1599 case Bytecodes::_ifge:
1600 case Bytecodes::_ifgt:
1601 case Bytecodes::_ifle:
1602 current_frame.pop_stack(
1603 VerificationType::integer_type(), CHECK_VERIFY(this));
1604 target = bcs.dest();
1605 stackmap_table.check_jump_target(
1606 ¤t_frame, target, CHECK_VERIFY(this));
1607 no_control_flow = false; break;
1608 case Bytecodes::_if_acmpeq :
1609 case Bytecodes::_if_acmpne :
1610 current_frame.pop_stack(
1611 VerificationType::reference_check(), CHECK_VERIFY(this));
1612 // fall through
1613 case Bytecodes::_ifnull :
1614 case Bytecodes::_ifnonnull :
1615 current_frame.pop_stack(
1616 VerificationType::reference_check(), CHECK_VERIFY(this));
1617 target = bcs.dest();
1618 stackmap_table.check_jump_target
1619 (¤t_frame, target, CHECK_VERIFY(this));
1620 no_control_flow = false; break;
1621 case Bytecodes::_goto :
1622 target = bcs.dest();
1623 stackmap_table.check_jump_target(
1624 ¤t_frame, target, CHECK_VERIFY(this));
1625 no_control_flow = true; break;
1626 case Bytecodes::_goto_w :
1627 target = bcs.dest_w();
1628 stackmap_table.check_jump_target(
1629 ¤t_frame, target, CHECK_VERIFY(this));
1630 no_control_flow = true; break;
1631 case Bytecodes::_tableswitch :
1632 case Bytecodes::_lookupswitch :
1633 verify_switch(
1634 &bcs, code_length, code_data, ¤t_frame,
1635 &stackmap_table, CHECK_VERIFY(this));
1636 no_control_flow = true; break;
1647 VerificationType::long_type(), CHECK_VERIFY(this));
1648 verify_return_value(return_type, type, bci,
1649 ¤t_frame, CHECK_VERIFY(this));
1650 no_control_flow = true; break;
1651 case Bytecodes::_freturn :
1652 type = current_frame.pop_stack(
1653 VerificationType::float_type(), CHECK_VERIFY(this));
1654 verify_return_value(return_type, type, bci,
1655 ¤t_frame, CHECK_VERIFY(this));
1656 no_control_flow = true; break;
1657 case Bytecodes::_dreturn :
1658 type2 = current_frame.pop_stack(
1659 VerificationType::double2_type(), CHECK_VERIFY(this));
1660 type = current_frame.pop_stack(
1661 VerificationType::double_type(), CHECK_VERIFY(this));
1662 verify_return_value(return_type, type, bci,
1663 ¤t_frame, CHECK_VERIFY(this));
1664 no_control_flow = true; break;
1665 case Bytecodes::_areturn :
1666 type = current_frame.pop_stack(
1667 VerificationType::reference_check(), CHECK_VERIFY(this));
1668 verify_return_value(return_type, type, bci,
1669 ¤t_frame, CHECK_VERIFY(this));
1670 no_control_flow = true; break;
1671 case Bytecodes::_return :
1672 if (return_type != VerificationType::bogus_type()) {
1673 verify_error(ErrorContext::bad_code(bci),
1674 "Method expects a return value");
1675 return;
1676 }
1677 // Make sure "this" has been initialized if current method is an
1678 // <init>.
1679 if (_method->name() == vmSymbols::object_initializer_name() &&
1680 current_frame.flag_this_uninit()) {
1681 verify_error(ErrorContext::bad_code(bci),
1682 "Constructor must call super() or this() "
1683 "before return");
1684 return;
1685 }
1686 no_control_flow = true; break;
1687 case Bytecodes::_getstatic :
1688 case Bytecodes::_putstatic :
1689 // pass TRUE, operand can be an array type for getstatic/putstatic.
1690 verify_field_instructions(
1691 &bcs, ¤t_frame, cp, true, CHECK_VERIFY(this));
1692 no_control_flow = false; break;
1693 case Bytecodes::_getfield :
1694 case Bytecodes::_putfield :
1695 // pass FALSE, operand can't be an array type for getfield/putfield.
1696 verify_field_instructions(
1697 &bcs, ¤t_frame, cp, false, CHECK_VERIFY(this));
1698 no_control_flow = false; break;
1699 case Bytecodes::_invokevirtual :
1700 case Bytecodes::_invokespecial :
1701 case Bytecodes::_invokestatic :
1702 verify_invoke_instructions(
1703 &bcs, code_length, ¤t_frame, (bci >= ex_min && bci < ex_max),
1704 &this_uninit, return_type, cp, &stackmap_table, CHECK_VERIFY(this));
1705 no_control_flow = false; break;
1706 case Bytecodes::_invokeinterface :
1707 case Bytecodes::_invokedynamic :
1708 verify_invoke_instructions(
1709 &bcs, code_length, ¤t_frame, (bci >= ex_min && bci < ex_max),
1710 &this_uninit, return_type, cp, &stackmap_table, CHECK_VERIFY(this));
1711 no_control_flow = false; break;
1712 case Bytecodes::_new :
1713 {
1714 index = bcs.get_index_u2();
1715 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1716 VerificationType new_class_type =
1717 cp_index_to_type(index, cp, CHECK_VERIFY(this));
1718 if (!new_class_type.is_object()) {
1719 verify_error(ErrorContext::bad_type(bci,
1720 TypeOrigin::cp(index, new_class_type)),
1721 "Illegal new instruction");
1722 return;
1723 }
1724 type = VerificationType::uninitialized_type(bci);
1725 current_frame.push_stack(type, CHECK_VERIFY(this));
1726 no_control_flow = false; break;
1727 }
1728 case Bytecodes::_newarray :
1729 type = get_newarray_type(bcs.get_index(), bci, CHECK_VERIFY(this));
1730 current_frame.pop_stack(
1731 VerificationType::integer_type(), CHECK_VERIFY(this));
1732 current_frame.push_stack(type, CHECK_VERIFY(this));
1733 no_control_flow = false; break;
1734 case Bytecodes::_anewarray :
1735 verify_anewarray(
1736 bci, bcs.get_index_u2(), cp, ¤t_frame, CHECK_VERIFY(this));
1737 no_control_flow = false; break;
1738 case Bytecodes::_arraylength :
1739 type = current_frame.pop_stack(
1740 VerificationType::reference_check(), CHECK_VERIFY(this));
1741 if (!(type.is_null() || type.is_array())) {
1742 verify_error(ErrorContext::bad_type(
1743 bci, current_frame.stack_top_ctx()),
1744 bad_type_msg, "arraylength");
1745 }
1746 current_frame.push_stack(
1747 VerificationType::integer_type(), CHECK_VERIFY(this));
1748 no_control_flow = false; break;
1749 case Bytecodes::_checkcast :
1750 {
1751 index = bcs.get_index_u2();
1752 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1753 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1754 VerificationType klass_type = cp_index_to_type(
1755 index, cp, CHECK_VERIFY(this));
1756 current_frame.push_stack(klass_type, CHECK_VERIFY(this));
1757 no_control_flow = false; break;
1758 }
1759 case Bytecodes::_instanceof : {
1760 index = bcs.get_index_u2();
1761 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1762 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1763 current_frame.push_stack(
1764 VerificationType::integer_type(), CHECK_VERIFY(this));
1765 no_control_flow = false; break;
1766 }
1767 case Bytecodes::_monitorenter :
1768 case Bytecodes::_monitorexit :
1769 current_frame.pop_stack(
1770 VerificationType::reference_check(), CHECK_VERIFY(this));
1771 no_control_flow = false; break;
1772 case Bytecodes::_multianewarray :
1773 {
1774 index = bcs.get_index_u2();
1775 u2 dim = *(bcs.bcp()+3);
1776 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1777 VerificationType new_array_type =
1778 cp_index_to_type(index, cp, CHECK_VERIFY(this));
1779 if (!new_array_type.is_array()) {
1780 verify_error(ErrorContext::bad_type(bci,
1781 TypeOrigin::cp(index, new_array_type)),
1782 "Illegal constant pool index in multianewarray instruction");
1783 return;
1784 }
1785 if (dim < 1 || new_array_type.dimensions() < dim) {
1786 verify_error(ErrorContext::bad_code(bci),
1787 "Illegal dimension in multianewarray instruction: %d", dim);
1788 return;
1789 }
1790 for (int i = 0; i < dim; i++) {
1791 current_frame.pop_stack(
2016 int nconstants = cp->length();
2017 if ((index <= 0) || (index >= nconstants)) {
2018 verify_error(ErrorContext::bad_cp_index(bci, index),
2019 "Illegal constant pool index %d in class %s",
2020 index, cp->pool_holder()->external_name());
2021 return;
2022 }
2023 }
2024
2025 void ClassVerifier::verify_cp_type(
2026 u2 bci, int index, const constantPoolHandle& cp, unsigned int types, TRAPS) {
2027
2028 // In some situations, bytecode rewriting may occur while we're verifying.
2029 // In this case, a constant pool cache exists and some indices refer to that
2030 // instead. Be sure we don't pick up such indices by accident.
2031 // We must check was_recursively_verified() before we get here.
2032 guarantee(cp->cache() == NULL, "not rewritten yet");
2033
2034 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2035 unsigned int tag = cp->tag_at(index).value();
2036 if ((types & (1 << tag)) == 0) {
2037 verify_error(ErrorContext::bad_cp_index(bci, index),
2038 "Illegal type at constant pool entry %d in class %s",
2039 index, cp->pool_holder()->external_name());
2040 return;
2041 }
2042 }
2043
2044 void ClassVerifier::verify_cp_class_type(
2045 u2 bci, int index, const constantPoolHandle& cp, TRAPS) {
2046 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2047 constantTag tag = cp->tag_at(index);
2048 if (!tag.is_klass() && !tag.is_unresolved_klass()) {
2049 verify_error(ErrorContext::bad_cp_index(bci, index),
2050 "Illegal type at constant pool entry %d in class %s",
2051 index, cp->pool_holder()->external_name());
2052 return;
2053 }
2054 }
2055
2130 } else {
2131 Klass* member_klass = target_instance->find_field(field_name, field_sig, &fd);
2132 if (member_klass != NULL && fd.is_protected()) {
2133 if (!this_class->is_same_class_package(member_klass)) {
2134 return true;
2135 }
2136 }
2137 }
2138 return false;
2139 }
2140
2141 void ClassVerifier::verify_ldc(
2142 int opcode, u2 index, StackMapFrame* current_frame,
2143 const constantPoolHandle& cp, u2 bci, TRAPS) {
2144 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2145 constantTag tag = cp->tag_at(index);
2146 unsigned int types = 0;
2147 if (opcode == Bytecodes::_ldc || opcode == Bytecodes::_ldc_w) {
2148 if (!tag.is_unresolved_klass()) {
2149 types = (1 << JVM_CONSTANT_Integer) | (1 << JVM_CONSTANT_Float)
2150 | (1 << JVM_CONSTANT_String) | (1 << JVM_CONSTANT_Class)
2151 | (1 << JVM_CONSTANT_MethodHandle) | (1 << JVM_CONSTANT_MethodType)
2152 | (1 << JVM_CONSTANT_Dynamic);
2153 // Note: The class file parser already verified the legality of
2154 // MethodHandle and MethodType constants.
2155 verify_cp_type(bci, index, cp, types, CHECK_VERIFY(this));
2156 }
2157 } else {
2158 assert(opcode == Bytecodes::_ldc2_w, "must be ldc2_w");
2159 types = (1 << JVM_CONSTANT_Double) | (1 << JVM_CONSTANT_Long)
2160 | (1 << JVM_CONSTANT_Dynamic);
2161 verify_cp_type(bci, index, cp, types, CHECK_VERIFY(this));
2162 }
2163 if (tag.is_string()) {
2164 current_frame->push_stack(
2165 VerificationType::reference_type(
2166 vmSymbols::java_lang_String()), CHECK_VERIFY(this));
2167 } else if (tag.is_klass() || tag.is_unresolved_klass()) {
2168 current_frame->push_stack(
2169 VerificationType::reference_type(
2170 vmSymbols::java_lang_Class()), CHECK_VERIFY(this));
2305 const constantPoolHandle& cp,
2306 bool allow_arrays,
2307 TRAPS) {
2308 u2 index = bcs->get_index_u2();
2309 verify_cp_type(bcs->bci(), index, cp,
2310 1 << JVM_CONSTANT_Fieldref, CHECK_VERIFY(this));
2311
2312 // Get field name and signature
2313 Symbol* field_name = cp->name_ref_at(index);
2314 Symbol* field_sig = cp->signature_ref_at(index);
2315 bool is_getfield = false;
2316
2317 // Field signature was checked in ClassFileParser.
2318 assert(SignatureVerifier::is_valid_type_signature(field_sig),
2319 "Invalid field signature");
2320
2321 // Get referenced class type
2322 VerificationType ref_class_type = cp_ref_index_to_type(
2323 index, cp, CHECK_VERIFY(this));
2324 if (!ref_class_type.is_object() &&
2325 (!allow_arrays || !ref_class_type.is_array())) {
2326 verify_error(ErrorContext::bad_type(bcs->bci(),
2327 TypeOrigin::cp(index, ref_class_type)),
2328 "Expecting reference to class in class %s at constant pool index %d",
2329 _klass->external_name(), index);
2330 return;
2331 }
2332 VerificationType target_class_type = ref_class_type;
2333
2334 assert(sizeof(VerificationType) == sizeof(uintptr_t),
2335 "buffer type must match VerificationType size");
2336 uintptr_t field_type_buffer[2];
2337 VerificationType* field_type = (VerificationType*)field_type_buffer;
2338 // If we make a VerificationType[2] array directly, the compiler calls
2339 // to the c-runtime library to do the allocation instead of just
2340 // stack allocating it. Plus it would run constructors. This shows up
2341 // in performance profiles.
2342
2343 SignatureStream sig_stream(field_sig, false);
2344 VerificationType stack_object_type;
2345 int n = change_sig_to_verificationType(&sig_stream, field_type);
2346 u2 bci = bcs->bci();
2347 bool is_assignable;
2348 switch (bcs->raw_code()) {
2349 case Bytecodes::_getstatic: {
2350 for (int i = 0; i < n; i++) {
2351 current_frame->push_stack(field_type[i], CHECK_VERIFY(this));
2352 }
2353 break;
2354 }
2355 case Bytecodes::_putstatic: {
2356 for (int i = n - 1; i >= 0; i--) {
2357 current_frame->pop_stack(field_type[i], CHECK_VERIFY(this));
2358 }
2359 break;
2360 }
2361 case Bytecodes::_getfield: {
2362 is_getfield = true;
2363 stack_object_type = current_frame->pop_stack(
2364 target_class_type, CHECK_VERIFY(this));
2365 goto check_protected;
2366 }
2367 case Bytecodes::_putfield: {
2368 for (int i = n - 1; i >= 0; i--) {
2369 current_frame->pop_stack(field_type[i], CHECK_VERIFY(this));
2370 }
2371 stack_object_type = current_frame->pop_stack(CHECK_VERIFY(this));
2372
2373 // The JVMS 2nd edition allows field initialization before the superclass
2374 // initializer, if the field is defined within the current class.
2375 fieldDescriptor fd;
2376 if (stack_object_type == VerificationType::uninitialized_this_type() &&
2377 target_class_type.equals(current_type()) &&
2378 _klass->find_local_field(field_name, field_sig, &fd)) {
2379 stack_object_type = current_type();
2380 }
2762 bool ClassVerifier::is_same_or_direct_interface(
2763 InstanceKlass* klass,
2764 VerificationType klass_type,
2765 VerificationType ref_class_type) {
2766 if (ref_class_type.equals(klass_type)) return true;
2767 Array<InstanceKlass*>* local_interfaces = klass->local_interfaces();
2768 if (local_interfaces != NULL) {
2769 for (int x = 0; x < local_interfaces->length(); x++) {
2770 InstanceKlass* k = local_interfaces->at(x);
2771 assert (k != NULL && k->is_interface(), "invalid interface");
2772 if (ref_class_type.equals(VerificationType::reference_type(k->name()))) {
2773 return true;
2774 }
2775 }
2776 }
2777 return false;
2778 }
2779
2780 void ClassVerifier::verify_invoke_instructions(
2781 RawBytecodeStream* bcs, u4 code_length, StackMapFrame* current_frame,
2782 bool in_try_block, bool *this_uninit, VerificationType return_type,
2783 const constantPoolHandle& cp, StackMapTable* stackmap_table, TRAPS) {
2784 // Make sure the constant pool item is the right type
2785 u2 index = bcs->get_index_u2();
2786 Bytecodes::Code opcode = bcs->raw_code();
2787 unsigned int types = 0;
2788 switch (opcode) {
2789 case Bytecodes::_invokeinterface:
2790 types = 1 << JVM_CONSTANT_InterfaceMethodref;
2791 break;
2792 case Bytecodes::_invokedynamic:
2793 types = 1 << JVM_CONSTANT_InvokeDynamic;
2794 break;
2795 case Bytecodes::_invokespecial:
2796 case Bytecodes::_invokestatic:
2797 types = (_klass->major_version() < STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION) ?
2798 (1 << JVM_CONSTANT_Methodref) :
2799 ((1 << JVM_CONSTANT_InterfaceMethodref) | (1 << JVM_CONSTANT_Methodref));
2800 break;
2801 default:
2802 types = 1 << JVM_CONSTANT_Methodref;
2803 }
2804 verify_cp_type(bcs->bci(), index, cp, types, CHECK_VERIFY(this));
2805
2806 // Get method name and signature
2807 Symbol* method_name = cp->name_ref_at(index);
2808 Symbol* method_sig = cp->signature_ref_at(index);
2809
2810 // Method signature was checked in ClassFileParser.
2811 assert(SignatureVerifier::is_valid_method_signature(method_sig),
2812 "Invalid method signature");
2813
2814 // Get referenced class type
2815 VerificationType ref_class_type;
2816 if (opcode == Bytecodes::_invokedynamic) {
2817 if (_klass->major_version() < Verifier::INVOKEDYNAMIC_MAJOR_VERSION) {
2818 class_format_error(
2819 "invokedynamic instructions not supported by this class file version (%d), class %s",
2820 _klass->major_version(), _klass->external_name());
2821 return;
2822 }
2823 } else {
2824 ref_class_type = cp_ref_index_to_type(index, cp, CHECK_VERIFY(this));
2825 }
2826
2827 assert(sizeof(VerificationType) == sizeof(uintptr_t),
2828 "buffer type must match VerificationType size");
2829
2830 // Get the UTF8 index for this signature.
2831 int sig_index = cp->signature_ref_index_at(cp->name_and_type_ref_index_at(index));
2832
2833 // Get the signature's verification types.
2834 sig_as_verification_types* mth_sig_verif_types;
2860 "Inconsistent args count operand in invokeinterface");
2861 return;
2862 }
2863 if (*(bcp+4) != 0) {
2864 verify_error(ErrorContext::bad_code(bci),
2865 "Fourth operand byte of invokeinterface must be zero");
2866 return;
2867 }
2868 }
2869
2870 if (opcode == Bytecodes::_invokedynamic) {
2871 address bcp = bcs->bcp();
2872 if (*(bcp+3) != 0 || *(bcp+4) != 0) {
2873 verify_error(ErrorContext::bad_code(bci),
2874 "Third and fourth operand bytes of invokedynamic must be zero");
2875 return;
2876 }
2877 }
2878
2879 if (method_name->char_at(0) == JVM_SIGNATURE_SPECIAL) {
2880 // Make sure <init> can only be invoked by invokespecial
2881 if (opcode != Bytecodes::_invokespecial ||
2882 method_name != vmSymbols::object_initializer_name()) {
2883 verify_error(ErrorContext::bad_code(bci),
2884 "Illegal call to internal method");
2885 return;
2886 }
2887 } else if (opcode == Bytecodes::_invokespecial
2888 && !is_same_or_direct_interface(current_class(), current_type(), ref_class_type)
2889 && !ref_class_type.equals(VerificationType::reference_type(
2890 current_class()->super()->name()))) {
2891 bool subtype = false;
2892 bool have_imr_indirect = cp->tag_at(index).value() == JVM_CONSTANT_InterfaceMethodref;
2893 subtype = ref_class_type.is_assignable_from(
2894 current_type(), this, false, CHECK_VERIFY(this));
2895 if (!subtype) {
2896 verify_error(ErrorContext::bad_code(bci),
2897 "Bad invokespecial instruction: "
2898 "current class isn't assignable to reference class.");
2899 return;
2900 } else if (have_imr_indirect) {
2901 verify_error(ErrorContext::bad_code(bci),
2902 "Bad invokespecial instruction: "
2903 "interface method reference is in an indirect superinterface.");
2904 return;
2905 }
2906
2907 }
2908
2909 // Get the verification types for the method's arguments.
2910 GrowableArray<VerificationType>* sig_verif_types = mth_sig_verif_types->sig_verif_types();
2955 verify_error(ErrorContext::bad_type(bci,
2956 current_frame->stack_top_ctx(),
2957 TypeOrigin::implicit(current_type())),
2958 "Bad access to protected data in invokevirtual");
2959 return;
2960 }
2961 }
2962 }
2963 }
2964 }
2965 } else {
2966 assert(opcode == Bytecodes::_invokeinterface, "Unexpected opcode encountered");
2967 current_frame->pop_stack(ref_class_type, CHECK_VERIFY(this));
2968 }
2969 }
2970 }
2971 // Push the result type.
2972 int sig_verif_types_len = sig_verif_types->length();
2973 if (sig_verif_types_len > nargs) { // There's a return type
2974 if (method_name == vmSymbols::object_initializer_name()) {
2975 // <init> method must have a void return type
2976 /* Unreachable? Class file parser verifies that methods with '<' have
2977 * void return */
2978 verify_error(ErrorContext::bad_code(bci),
2979 "Return type must be void in <init> method");
2980 return;
2981 }
2982
2983 assert(sig_verif_types_len <= nargs + 2,
2984 "Signature verification types array return type is bogus");
2985 for (int i = nargs; i < sig_verif_types_len; i++) {
2986 assert(i == nargs || sig_verif_types->at(i).is_long2() ||
2987 sig_verif_types->at(i).is_double2(), "Unexpected return verificationType");
2988 current_frame->push_stack(sig_verif_types->at(i), CHECK_VERIFY(this));
2989 }
2990 }
2991 }
2992
2993 VerificationType ClassVerifier::get_newarray_type(
2994 u2 index, u2 bci, TRAPS) {
2995 const char* from_bt[] = {
2996 NULL, NULL, NULL, NULL, "[Z", "[C", "[F", "[D", "[B", "[S", "[I", "[J",
2997 };
2998 if (index < T_BOOLEAN || index > T_LONG) {
2999 verify_error(ErrorContext::bad_code(bci), "Illegal newarray instruction");
3000 return VerificationType::bogus_type();
3001 }
3002
3003 // from_bt[index] contains the array signature which has a length of 2
3004 Symbol* sig = create_temporary_symbol(from_bt[index], 2);
3005 return VerificationType::reference_type(sig);
3006 }
3007
3008 void ClassVerifier::verify_anewarray(
3009 u2 bci, u2 index, const constantPoolHandle& cp,
3017 cp_index_to_type(index, cp, CHECK_VERIFY(this));
3018 int length;
3019 char* arr_sig_str;
3020 if (component_type.is_array()) { // it's an array
3021 const char* component_name = component_type.name()->as_utf8();
3022 // Check for more than MAX_ARRAY_DIMENSIONS
3023 length = (int)strlen(component_name);
3024 if (length > MAX_ARRAY_DIMENSIONS &&
3025 component_name[MAX_ARRAY_DIMENSIONS - 1] == JVM_SIGNATURE_ARRAY) {
3026 verify_error(ErrorContext::bad_code(bci),
3027 "Illegal anewarray instruction, array has more than 255 dimensions");
3028 }
3029 // add one dimension to component
3030 length++;
3031 arr_sig_str = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, char, length + 1);
3032 int n = os::snprintf(arr_sig_str, length + 1, "%c%s",
3033 JVM_SIGNATURE_ARRAY, component_name);
3034 assert(n == length, "Unexpected number of characters in string");
3035 } else { // it's an object or interface
3036 const char* component_name = component_type.name()->as_utf8();
3037 // add one dimension to component with 'L' prepended and ';' postpended.
3038 length = (int)strlen(component_name) + 3;
3039 arr_sig_str = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, char, length + 1);
3040 int n = os::snprintf(arr_sig_str, length + 1, "%c%c%s;",
3041 JVM_SIGNATURE_ARRAY, JVM_SIGNATURE_CLASS, component_name);
3042 assert(n == length, "Unexpected number of characters in string");
3043 }
3044 Symbol* arr_sig = create_temporary_symbol(arr_sig_str, length);
3045 VerificationType new_array_type = VerificationType::reference_type(arr_sig);
3046 current_frame->push_stack(new_array_type, CHECK_VERIFY(this));
3047 }
3048
3049 void ClassVerifier::verify_iload(u2 index, StackMapFrame* current_frame, TRAPS) {
3050 current_frame->get_local(
3051 index, VerificationType::integer_type(), CHECK_VERIFY(this));
3052 current_frame->push_stack(
3053 VerificationType::integer_type(), CHECK_VERIFY(this));
3054 }
3055
3056 void ClassVerifier::verify_lload(u2 index, StackMapFrame* current_frame, TRAPS) {
3057 current_frame->get_local_2(
3058 index, VerificationType::long_type(),
3059 VerificationType::long2_type(), CHECK_VERIFY(this));
3060 current_frame->push_stack_2(
3061 VerificationType::long_type(),
3063 }
3064
3065 void ClassVerifier::verify_fload(u2 index, StackMapFrame* current_frame, TRAPS) {
3066 current_frame->get_local(
3067 index, VerificationType::float_type(), CHECK_VERIFY(this));
3068 current_frame->push_stack(
3069 VerificationType::float_type(), CHECK_VERIFY(this));
3070 }
3071
3072 void ClassVerifier::verify_dload(u2 index, StackMapFrame* current_frame, TRAPS) {
3073 current_frame->get_local_2(
3074 index, VerificationType::double_type(),
3075 VerificationType::double2_type(), CHECK_VERIFY(this));
3076 current_frame->push_stack_2(
3077 VerificationType::double_type(),
3078 VerificationType::double2_type(), CHECK_VERIFY(this));
3079 }
3080
3081 void ClassVerifier::verify_aload(u2 index, StackMapFrame* current_frame, TRAPS) {
3082 VerificationType type = current_frame->get_local(
3083 index, VerificationType::reference_check(), CHECK_VERIFY(this));
3084 current_frame->push_stack(type, CHECK_VERIFY(this));
3085 }
3086
3087 void ClassVerifier::verify_istore(u2 index, StackMapFrame* current_frame, TRAPS) {
3088 current_frame->pop_stack(
3089 VerificationType::integer_type(), CHECK_VERIFY(this));
3090 current_frame->set_local(
3091 index, VerificationType::integer_type(), CHECK_VERIFY(this));
3092 }
3093
3094 void ClassVerifier::verify_lstore(u2 index, StackMapFrame* current_frame, TRAPS) {
3095 current_frame->pop_stack_2(
3096 VerificationType::long2_type(),
3097 VerificationType::long_type(), CHECK_VERIFY(this));
3098 current_frame->set_local_2(
3099 index, VerificationType::long_type(),
3100 VerificationType::long2_type(), CHECK_VERIFY(this));
3101 }
3102
3103 void ClassVerifier::verify_fstore(u2 index, StackMapFrame* current_frame, TRAPS) {
3104 current_frame->pop_stack(VerificationType::float_type(), CHECK_VERIFY(this));
3105 current_frame->set_local(
3106 index, VerificationType::float_type(), CHECK_VERIFY(this));
3107 }
3108
3109 void ClassVerifier::verify_dstore(u2 index, StackMapFrame* current_frame, TRAPS) {
3110 current_frame->pop_stack_2(
3111 VerificationType::double2_type(),
3112 VerificationType::double_type(), CHECK_VERIFY(this));
3113 current_frame->set_local_2(
3114 index, VerificationType::double_type(),
3115 VerificationType::double2_type(), CHECK_VERIFY(this));
3116 }
3117
3118 void ClassVerifier::verify_astore(u2 index, StackMapFrame* current_frame, TRAPS) {
3119 VerificationType type = current_frame->pop_stack(
3120 VerificationType::reference_check(), CHECK_VERIFY(this));
3121 current_frame->set_local(index, type, CHECK_VERIFY(this));
3122 }
3123
3124 void ClassVerifier::verify_iinc(u2 index, StackMapFrame* current_frame, TRAPS) {
3125 VerificationType type = current_frame->get_local(
3126 index, VerificationType::integer_type(), CHECK_VERIFY(this));
3127 current_frame->set_local(index, type, CHECK_VERIFY(this));
3128 }
3129
3130 void ClassVerifier::verify_return_value(
3131 VerificationType return_type, VerificationType type, u2 bci,
3132 StackMapFrame* current_frame, TRAPS) {
3133 if (return_type == VerificationType::bogus_type()) {
3134 verify_error(ErrorContext::bad_type(bci,
3135 current_frame->stack_top_ctx(), TypeOrigin::signature(return_type)),
3136 "Method does not expect a return value");
3137 return;
3138 }
3139 bool match = return_type.is_assignable_from(type, this, false, CHECK_VERIFY(this));
3140 if (!match) {
|
46 #include "oops/instanceKlass.inline.hpp"
47 #include "oops/klass.inline.hpp"
48 #include "oops/oop.inline.hpp"
49 #include "oops/typeArrayOop.hpp"
50 #include "runtime/arguments.hpp"
51 #include "runtime/fieldDescriptor.hpp"
52 #include "runtime/handles.inline.hpp"
53 #include "runtime/interfaceSupport.inline.hpp"
54 #include "runtime/javaCalls.hpp"
55 #include "runtime/javaThread.hpp"
56 #include "runtime/jniHandles.inline.hpp"
57 #include "runtime/os.hpp"
58 #include "runtime/safepointVerifiers.hpp"
59 #include "services/threadService.hpp"
60 #include "utilities/align.hpp"
61 #include "utilities/bytes.hpp"
62
63 #define NOFAILOVER_MAJOR_VERSION 51
64 #define NONZERO_PADDING_BYTES_IN_SWITCH_MAJOR_VERSION 51
65 #define STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION 52
66 #define INLINE_TYPE_MAJOR_VERSION 56
67 #define MAX_ARRAY_DIMENSIONS 255
68
69 // Access to external entry for VerifyClassForMajorVersion - old byte code verifier
70
71 extern "C" {
72 typedef jboolean (*verify_byte_codes_fn_t)(JNIEnv *, jclass, char *, jint, jint);
73 }
74
75 static verify_byte_codes_fn_t volatile _verify_byte_codes_fn = NULL;
76
77 static verify_byte_codes_fn_t verify_byte_codes_fn() {
78
79 if (_verify_byte_codes_fn != NULL)
80 return _verify_byte_codes_fn;
81
82 MutexLocker locker(Verify_lock);
83
84 if (_verify_byte_codes_fn != NULL)
85 return _verify_byte_codes_fn;
86
259 }
260 kls = kls->super();
261 }
262 if (message_buffer != NULL) {
263 message_buffer[message_buffer_len - 1] = '\0'; // just to be sure
264 }
265 assert(exception_message != NULL, "");
266 THROW_MSG_(exception_name, exception_message, false);
267 }
268 }
269
270 bool Verifier::is_eligible_for_verification(InstanceKlass* klass, bool should_verify_class) {
271 Symbol* name = klass->name();
272 Klass* refl_magic_klass = vmClasses::reflect_MagicAccessorImpl_klass();
273
274 bool is_reflect = refl_magic_klass != NULL && klass->is_subtype_of(refl_magic_klass);
275
276 return (should_verify_for(klass->class_loader(), should_verify_class) &&
277 // return if the class is a bootstrapping class
278 // or defineClass specified not to verify by default (flags override passed arg)
279 // We need to skip the following four for bootstrapping
280 name != vmSymbols::java_lang_Object() &&
281 name != vmSymbols::java_lang_Class() &&
282 name != vmSymbols::java_lang_String() &&
283 name != vmSymbols::java_lang_Throwable() &&
284
285 // Can not verify the bytecodes for shared classes because they have
286 // already been rewritten to contain constant pool cache indices,
287 // which the verifier can't understand.
288 // Shared classes shouldn't have stackmaps either.
289 // However, bytecodes for shared old classes can be verified because
290 // they have not been rewritten.
291 !(klass->is_shared() && klass->is_rewritten()) &&
292
293 // As of the fix for 4486457 we disable verification for all of the
294 // dynamically-generated bytecodes associated with the 1.4
295 // reflection implementation, not just those associated with
296 // jdk/internal/reflect/SerializationConstructorAccessor.
297 // NOTE: this is called too early in the bootstrapping process to be
298 // guarded by Universe::is_gte_jdk14x_version().
299 // Also for lambda generated code, gte jdk8
482 ss->print("Local index %d is invalid", _type.index());
483 break;
484 case LOCALS_SIZE_MISMATCH:
485 ss->print("Current frame's local size doesn't match stackmap.");
486 break;
487 case STACK_SIZE_MISMATCH:
488 ss->print("Current frame's stack size doesn't match stackmap.");
489 break;
490 case STACK_OVERFLOW:
491 ss->print("Exceeded max stack size.");
492 break;
493 case STACK_UNDERFLOW:
494 ss->print("Attempt to pop empty stack.");
495 break;
496 case MISSING_STACKMAP:
497 ss->print("Expected stackmap frame at this location.");
498 break;
499 case BAD_STACKMAP:
500 ss->print("Invalid stackmap specification.");
501 break;
502 case WRONG_INLINE_TYPE:
503 ss->print("Type ");
504 _type.details(ss);
505 ss->print(" and type ");
506 _expected.details(ss);
507 ss->print(" must be identical inline types.");
508 break;
509 case UNKNOWN:
510 default:
511 ShouldNotReachHere();
512 ss->print_cr("Unknown");
513 }
514 ss->cr();
515 }
516
517 void ErrorContext::location_details(outputStream* ss, const Method* method) const {
518 if (_bci != -1 && method != NULL) {
519 streamIndentor si(ss);
520 const char* bytecode_name = "<invalid>";
521 if (method->validate_bci(_bci) != -1) {
522 Bytecodes::Code code = Bytecodes::code_or_bp_at(method->bcp_from(_bci));
523 if (Bytecodes::is_defined(code)) {
524 bytecode_name = Bytecodes::name(code);
525 } else {
526 bytecode_name = "<illegal>";
527 }
528 }
583 stack_map_frame* sm_frame = sm_table->entries();
584 streamIndentor si2(ss);
585 int current_offset = -1;
586 address end_of_sm_table = (address)sm_table + method->stackmap_data()->length();
587 for (u2 i = 0; i < sm_table->number_of_entries(); ++i) {
588 ss->indent();
589 if (!sm_frame->verify((address)sm_frame, end_of_sm_table)) {
590 sm_frame->print_truncated(ss, current_offset);
591 return;
592 }
593 sm_frame->print_on(ss, current_offset);
594 ss->cr();
595 current_offset += sm_frame->offset_delta();
596 sm_frame = sm_frame->next();
597 }
598 }
599 }
600
601 // Methods in ClassVerifier
602
603 VerificationType reference_or_inline_type(InstanceKlass* klass) {
604 if (klass->is_inline_klass()) {
605 return VerificationType::inline_type(klass->name());
606 } else {
607 return VerificationType::reference_type(klass->name());
608 }
609 }
610
611 ClassVerifier::ClassVerifier(JavaThread* current, InstanceKlass* klass)
612 : _thread(current), _previous_symbol(NULL), _symbols(NULL), _exception_type(NULL),
613 _message(NULL), _klass(klass) {
614 _this_type = reference_or_inline_type(klass);
615 }
616
617 ClassVerifier::~ClassVerifier() {
618 // Decrement the reference count for any symbols created.
619 if (_symbols != NULL) {
620 for (int i = 0; i < _symbols->length(); i++) {
621 Symbol* s = _symbols->at(i);
622 s->decrement_refcount();
623 }
624 }
625 }
626
627 VerificationType ClassVerifier::object_type() const {
628 return VerificationType::reference_type(vmSymbols::java_lang_Object());
629 }
630
631 TypeOrigin ClassVerifier::ref_ctx(const char* sig) {
632 VerificationType vt = VerificationType::reference_type(
633 create_temporary_symbol(sig, (int)strlen(sig)));
634 return TypeOrigin::implicit(vt);
1034 case Bytecodes::_daload :
1035 type = current_frame.pop_stack(
1036 VerificationType::integer_type(), CHECK_VERIFY(this));
1037 atype = current_frame.pop_stack(
1038 VerificationType::reference_check(), CHECK_VERIFY(this));
1039 if (!atype.is_double_array()) {
1040 verify_error(ErrorContext::bad_type(bci,
1041 current_frame.stack_top_ctx(), ref_ctx("[D")),
1042 bad_type_msg, "daload");
1043 return;
1044 }
1045 current_frame.push_stack_2(
1046 VerificationType::double_type(),
1047 VerificationType::double2_type(), CHECK_VERIFY(this));
1048 no_control_flow = false; break;
1049 case Bytecodes::_aaload : {
1050 type = current_frame.pop_stack(
1051 VerificationType::integer_type(), CHECK_VERIFY(this));
1052 atype = current_frame.pop_stack(
1053 VerificationType::reference_check(), CHECK_VERIFY(this));
1054 if (!atype.is_nonscalar_array()) {
1055 verify_error(ErrorContext::bad_type(bci,
1056 current_frame.stack_top_ctx(),
1057 TypeOrigin::implicit(VerificationType::reference_check())),
1058 bad_type_msg, "aaload");
1059 return;
1060 }
1061 if (atype.is_null()) {
1062 current_frame.push_stack(
1063 VerificationType::null_type(), CHECK_VERIFY(this));
1064 } else {
1065 VerificationType component = atype.get_component(this);
1066 current_frame.push_stack(component, CHECK_VERIFY(this));
1067 }
1068 no_control_flow = false; break;
1069 }
1070 case Bytecodes::_istore :
1071 verify_istore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
1072 no_control_flow = false; break;
1073 case Bytecodes::_istore_0 :
1074 case Bytecodes::_istore_1 :
1207 VerificationType::double2_type(),
1208 VerificationType::double_type(), CHECK_VERIFY(this));
1209 current_frame.pop_stack(
1210 VerificationType::integer_type(), CHECK_VERIFY(this));
1211 atype = current_frame.pop_stack(
1212 VerificationType::reference_check(), CHECK_VERIFY(this));
1213 if (!atype.is_double_array()) {
1214 verify_error(ErrorContext::bad_type(bci,
1215 current_frame.stack_top_ctx(), ref_ctx("[D")),
1216 bad_type_msg, "dastore");
1217 return;
1218 }
1219 no_control_flow = false; break;
1220 case Bytecodes::_aastore :
1221 type = current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1222 type2 = current_frame.pop_stack(
1223 VerificationType::integer_type(), CHECK_VERIFY(this));
1224 atype = current_frame.pop_stack(
1225 VerificationType::reference_check(), CHECK_VERIFY(this));
1226 // more type-checking is done at runtime
1227 if (!atype.is_nonscalar_array()) {
1228 verify_error(ErrorContext::bad_type(bci,
1229 current_frame.stack_top_ctx(),
1230 TypeOrigin::implicit(VerificationType::reference_check())),
1231 bad_type_msg, "aastore");
1232 return;
1233 }
1234 // 4938384: relaxed constraint in JVMS 3rd edition.
1235 no_control_flow = false; break;
1236 case Bytecodes::_pop :
1237 current_frame.pop_stack(
1238 VerificationType::category1_check(), CHECK_VERIFY(this));
1239 no_control_flow = false; break;
1240 case Bytecodes::_pop2 :
1241 type = current_frame.pop_stack(CHECK_VERIFY(this));
1242 if (type.is_category1()) {
1243 current_frame.pop_stack(
1244 VerificationType::category1_check(), CHECK_VERIFY(this));
1245 } else if (type.is_category2_2nd()) {
1246 current_frame.pop_stack(
1247 VerificationType::category2_check(), CHECK_VERIFY(this));
1607 case Bytecodes::_if_icmpgt:
1608 case Bytecodes::_if_icmple:
1609 current_frame.pop_stack(
1610 VerificationType::integer_type(), CHECK_VERIFY(this));
1611 // fall through
1612 case Bytecodes::_ifeq:
1613 case Bytecodes::_ifne:
1614 case Bytecodes::_iflt:
1615 case Bytecodes::_ifge:
1616 case Bytecodes::_ifgt:
1617 case Bytecodes::_ifle:
1618 current_frame.pop_stack(
1619 VerificationType::integer_type(), CHECK_VERIFY(this));
1620 target = bcs.dest();
1621 stackmap_table.check_jump_target(
1622 ¤t_frame, target, CHECK_VERIFY(this));
1623 no_control_flow = false; break;
1624 case Bytecodes::_if_acmpeq :
1625 case Bytecodes::_if_acmpne :
1626 current_frame.pop_stack(
1627 VerificationType::nonscalar_check(), CHECK_VERIFY(this));
1628 // fall through
1629 case Bytecodes::_ifnull :
1630 case Bytecodes::_ifnonnull :
1631 current_frame.pop_stack(
1632 VerificationType::nonscalar_check(), CHECK_VERIFY(this));
1633 target = bcs.dest();
1634 stackmap_table.check_jump_target
1635 (¤t_frame, target, CHECK_VERIFY(this));
1636 no_control_flow = false; break;
1637 case Bytecodes::_goto :
1638 target = bcs.dest();
1639 stackmap_table.check_jump_target(
1640 ¤t_frame, target, CHECK_VERIFY(this));
1641 no_control_flow = true; break;
1642 case Bytecodes::_goto_w :
1643 target = bcs.dest_w();
1644 stackmap_table.check_jump_target(
1645 ¤t_frame, target, CHECK_VERIFY(this));
1646 no_control_flow = true; break;
1647 case Bytecodes::_tableswitch :
1648 case Bytecodes::_lookupswitch :
1649 verify_switch(
1650 &bcs, code_length, code_data, ¤t_frame,
1651 &stackmap_table, CHECK_VERIFY(this));
1652 no_control_flow = true; break;
1663 VerificationType::long_type(), CHECK_VERIFY(this));
1664 verify_return_value(return_type, type, bci,
1665 ¤t_frame, CHECK_VERIFY(this));
1666 no_control_flow = true; break;
1667 case Bytecodes::_freturn :
1668 type = current_frame.pop_stack(
1669 VerificationType::float_type(), CHECK_VERIFY(this));
1670 verify_return_value(return_type, type, bci,
1671 ¤t_frame, CHECK_VERIFY(this));
1672 no_control_flow = true; break;
1673 case Bytecodes::_dreturn :
1674 type2 = current_frame.pop_stack(
1675 VerificationType::double2_type(), CHECK_VERIFY(this));
1676 type = current_frame.pop_stack(
1677 VerificationType::double_type(), CHECK_VERIFY(this));
1678 verify_return_value(return_type, type, bci,
1679 ¤t_frame, CHECK_VERIFY(this));
1680 no_control_flow = true; break;
1681 case Bytecodes::_areturn :
1682 type = current_frame.pop_stack(
1683 VerificationType::nonscalar_check(), CHECK_VERIFY(this));
1684 verify_return_value(return_type, type, bci,
1685 ¤t_frame, CHECK_VERIFY(this));
1686 no_control_flow = true; break;
1687 case Bytecodes::_return :
1688 if (return_type != VerificationType::bogus_type()) {
1689 verify_error(ErrorContext::bad_code(bci),
1690 "Method expects a return value");
1691 return;
1692 }
1693 // Make sure "this" has been initialized if current method is an
1694 // <init>.
1695 if (_method->is_object_constructor() &&
1696 current_frame.flag_this_uninit()) {
1697 verify_error(ErrorContext::bad_code(bci),
1698 "Constructor must call super() or this() "
1699 "before return");
1700 return;
1701 }
1702 no_control_flow = true; break;
1703 case Bytecodes::_getstatic :
1704 case Bytecodes::_putstatic :
1705 // pass TRUE, operand can be an array type for getstatic/putstatic.
1706 verify_field_instructions(
1707 &bcs, ¤t_frame, cp, true, CHECK_VERIFY(this));
1708 no_control_flow = false; break;
1709 case Bytecodes::_getfield :
1710 case Bytecodes::_putfield :
1711 // pass FALSE, operand can't be an array type for getfield/putfield.
1712 verify_field_instructions(
1713 &bcs, ¤t_frame, cp, false, CHECK_VERIFY(this));
1714 no_control_flow = false; break;
1715 case Bytecodes::_withfield :
1716 if (_klass->major_version() < INLINE_TYPE_MAJOR_VERSION) {
1717 class_format_error(
1718 "withfield not supported by this class file version (%d.%d), class %s",
1719 _klass->major_version(), _klass->minor_version(), _klass->external_name());
1720 return;
1721 }
1722 // pass FALSE, operand can't be an array type for withfield.
1723 verify_field_instructions(
1724 &bcs, ¤t_frame, cp, false, CHECK_VERIFY(this));
1725 no_control_flow = false; break;
1726 case Bytecodes::_invokevirtual :
1727 case Bytecodes::_invokespecial :
1728 case Bytecodes::_invokestatic :
1729 case Bytecodes::_invokeinterface :
1730 case Bytecodes::_invokedynamic :
1731 verify_invoke_instructions(
1732 &bcs, code_length, ¤t_frame, (bci >= ex_min && bci < ex_max),
1733 &this_uninit, cp, &stackmap_table, CHECK_VERIFY(this));
1734 no_control_flow = false; break;
1735 case Bytecodes::_new :
1736 {
1737 index = bcs.get_index_u2();
1738 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1739 VerificationType new_class_type =
1740 cp_index_to_type(index, cp, CHECK_VERIFY(this));
1741 if (!new_class_type.is_object()) {
1742 verify_error(ErrorContext::bad_type(bci,
1743 TypeOrigin::cp(index, new_class_type)),
1744 "Illegal new instruction");
1745 return;
1746 }
1747 type = VerificationType::uninitialized_type(bci);
1748 current_frame.push_stack(type, CHECK_VERIFY(this));
1749 no_control_flow = false; break;
1750 }
1751 case Bytecodes::_aconst_init :
1752 {
1753 if (_klass->major_version() < INLINE_TYPE_MAJOR_VERSION) {
1754 class_format_error(
1755 "aconst_init not supported by this class file version (%d.%d), class %s",
1756 _klass->major_version(), _klass->minor_version(), _klass->external_name());
1757 return;
1758 }
1759 index = bcs.get_index_u2();
1760 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1761 VerificationType ref_type = cp_index_to_type(index, cp, CHECK_VERIFY(this));
1762 if (!ref_type.is_object()) {
1763 verify_error(ErrorContext::bad_type(bci,
1764 TypeOrigin::cp(index, ref_type)),
1765 "Illegal aconst_init instruction");
1766 return;
1767 }
1768 VerificationType inline_type =
1769 VerificationType::change_ref_to_inline_type(ref_type);
1770 current_frame.push_stack(inline_type, CHECK_VERIFY(this));
1771 no_control_flow = false; break;
1772 }
1773 case Bytecodes::_newarray :
1774 type = get_newarray_type(bcs.get_index(), bci, CHECK_VERIFY(this));
1775 current_frame.pop_stack(
1776 VerificationType::integer_type(), CHECK_VERIFY(this));
1777 current_frame.push_stack(type, CHECK_VERIFY(this));
1778 no_control_flow = false; break;
1779 case Bytecodes::_anewarray :
1780 verify_anewarray(
1781 bci, bcs.get_index_u2(), cp, ¤t_frame, CHECK_VERIFY(this));
1782 no_control_flow = false; break;
1783 case Bytecodes::_arraylength :
1784 type = current_frame.pop_stack(
1785 VerificationType::reference_check(), CHECK_VERIFY(this));
1786 if (!(type.is_null() || type.is_array())) {
1787 verify_error(ErrorContext::bad_type(
1788 bci, current_frame.stack_top_ctx()),
1789 bad_type_msg, "arraylength");
1790 }
1791 current_frame.push_stack(
1792 VerificationType::integer_type(), CHECK_VERIFY(this));
1793 no_control_flow = false; break;
1794 case Bytecodes::_checkcast :
1795 {
1796 index = bcs.get_index_u2();
1797 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1798 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1799 VerificationType klass_type = cp_index_to_type(
1800 index, cp, CHECK_VERIFY(this));
1801 current_frame.push_stack(klass_type, CHECK_VERIFY(this));
1802 no_control_flow = false; break;
1803 }
1804 case Bytecodes::_instanceof : {
1805 index = bcs.get_index_u2();
1806 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1807 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1808 current_frame.push_stack(
1809 VerificationType::integer_type(), CHECK_VERIFY(this));
1810 no_control_flow = false; break;
1811 }
1812 case Bytecodes::_monitorenter :
1813 case Bytecodes::_monitorexit : {
1814 VerificationType ref = current_frame.pop_stack(
1815 VerificationType::nonscalar_check(), CHECK_VERIFY(this));
1816 no_control_flow = false; break;
1817 }
1818 case Bytecodes::_multianewarray :
1819 {
1820 index = bcs.get_index_u2();
1821 u2 dim = *(bcs.bcp()+3);
1822 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1823 VerificationType new_array_type =
1824 cp_index_to_type(index, cp, CHECK_VERIFY(this));
1825 if (!new_array_type.is_array()) {
1826 verify_error(ErrorContext::bad_type(bci,
1827 TypeOrigin::cp(index, new_array_type)),
1828 "Illegal constant pool index in multianewarray instruction");
1829 return;
1830 }
1831 if (dim < 1 || new_array_type.dimensions() < dim) {
1832 verify_error(ErrorContext::bad_code(bci),
1833 "Illegal dimension in multianewarray instruction: %d", dim);
1834 return;
1835 }
1836 for (int i = 0; i < dim; i++) {
1837 current_frame.pop_stack(
2062 int nconstants = cp->length();
2063 if ((index <= 0) || (index >= nconstants)) {
2064 verify_error(ErrorContext::bad_cp_index(bci, index),
2065 "Illegal constant pool index %d in class %s",
2066 index, cp->pool_holder()->external_name());
2067 return;
2068 }
2069 }
2070
2071 void ClassVerifier::verify_cp_type(
2072 u2 bci, int index, const constantPoolHandle& cp, unsigned int types, TRAPS) {
2073
2074 // In some situations, bytecode rewriting may occur while we're verifying.
2075 // In this case, a constant pool cache exists and some indices refer to that
2076 // instead. Be sure we don't pick up such indices by accident.
2077 // We must check was_recursively_verified() before we get here.
2078 guarantee(cp->cache() == NULL, "not rewritten yet");
2079
2080 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2081 unsigned int tag = cp->tag_at(index).value();
2082
2083 if ((types & (1 << tag)) == 0) {
2084 verify_error(ErrorContext::bad_cp_index(bci, index),
2085 "Illegal type at constant pool entry %d in class %s",
2086 index, cp->pool_holder()->external_name());
2087 return;
2088 }
2089 }
2090
2091 void ClassVerifier::verify_cp_class_type(
2092 u2 bci, int index, const constantPoolHandle& cp, TRAPS) {
2093 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2094 constantTag tag = cp->tag_at(index);
2095 if (!tag.is_klass() && !tag.is_unresolved_klass()) {
2096 verify_error(ErrorContext::bad_cp_index(bci, index),
2097 "Illegal type at constant pool entry %d in class %s",
2098 index, cp->pool_holder()->external_name());
2099 return;
2100 }
2101 }
2102
2177 } else {
2178 Klass* member_klass = target_instance->find_field(field_name, field_sig, &fd);
2179 if (member_klass != NULL && fd.is_protected()) {
2180 if (!this_class->is_same_class_package(member_klass)) {
2181 return true;
2182 }
2183 }
2184 }
2185 return false;
2186 }
2187
2188 void ClassVerifier::verify_ldc(
2189 int opcode, u2 index, StackMapFrame* current_frame,
2190 const constantPoolHandle& cp, u2 bci, TRAPS) {
2191 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2192 constantTag tag = cp->tag_at(index);
2193 unsigned int types = 0;
2194 if (opcode == Bytecodes::_ldc || opcode == Bytecodes::_ldc_w) {
2195 if (!tag.is_unresolved_klass()) {
2196 types = (1 << JVM_CONSTANT_Integer) | (1 << JVM_CONSTANT_Float)
2197 | (1 << JVM_CONSTANT_String) | (1 << JVM_CONSTANT_Class)
2198 | (1 << JVM_CONSTANT_MethodHandle) | (1 << JVM_CONSTANT_MethodType)
2199 | (1 << JVM_CONSTANT_Dynamic);
2200 // Note: The class file parser already verified the legality of
2201 // MethodHandle and MethodType constants.
2202 verify_cp_type(bci, index, cp, types, CHECK_VERIFY(this));
2203 }
2204 } else {
2205 assert(opcode == Bytecodes::_ldc2_w, "must be ldc2_w");
2206 types = (1 << JVM_CONSTANT_Double) | (1 << JVM_CONSTANT_Long)
2207 | (1 << JVM_CONSTANT_Dynamic);
2208 verify_cp_type(bci, index, cp, types, CHECK_VERIFY(this));
2209 }
2210 if (tag.is_string()) {
2211 current_frame->push_stack(
2212 VerificationType::reference_type(
2213 vmSymbols::java_lang_String()), CHECK_VERIFY(this));
2214 } else if (tag.is_klass() || tag.is_unresolved_klass()) {
2215 current_frame->push_stack(
2216 VerificationType::reference_type(
2217 vmSymbols::java_lang_Class()), CHECK_VERIFY(this));
2352 const constantPoolHandle& cp,
2353 bool allow_arrays,
2354 TRAPS) {
2355 u2 index = bcs->get_index_u2();
2356 verify_cp_type(bcs->bci(), index, cp,
2357 1 << JVM_CONSTANT_Fieldref, CHECK_VERIFY(this));
2358
2359 // Get field name and signature
2360 Symbol* field_name = cp->name_ref_at(index);
2361 Symbol* field_sig = cp->signature_ref_at(index);
2362 bool is_getfield = false;
2363
2364 // Field signature was checked in ClassFileParser.
2365 assert(SignatureVerifier::is_valid_type_signature(field_sig),
2366 "Invalid field signature");
2367
2368 // Get referenced class type
2369 VerificationType ref_class_type = cp_ref_index_to_type(
2370 index, cp, CHECK_VERIFY(this));
2371 if (!ref_class_type.is_object() &&
2372 (!allow_arrays || !ref_class_type.is_array())) {
2373 verify_error(ErrorContext::bad_type(bcs->bci(),
2374 TypeOrigin::cp(index, ref_class_type)),
2375 "Expecting reference to class in class %s at constant pool index %d",
2376 _klass->external_name(), index);
2377 return;
2378 }
2379
2380 VerificationType target_class_type = ref_class_type;
2381
2382 assert(sizeof(VerificationType) == sizeof(uintptr_t),
2383 "buffer type must match VerificationType size");
2384 uintptr_t field_type_buffer[2];
2385 VerificationType* field_type = (VerificationType*)field_type_buffer;
2386 // If we make a VerificationType[2] array directly, the compiler calls
2387 // to the c-runtime library to do the allocation instead of just
2388 // stack allocating it. Plus it would run constructors. This shows up
2389 // in performance profiles.
2390
2391 SignatureStream sig_stream(field_sig, false);
2392 VerificationType stack_object_type;
2393 int n = change_sig_to_verificationType(&sig_stream, field_type);
2394 u2 bci = bcs->bci();
2395 bool is_assignable;
2396 switch (bcs->raw_code()) {
2397 case Bytecodes::_getstatic: {
2398 for (int i = 0; i < n; i++) {
2399 current_frame->push_stack(field_type[i], CHECK_VERIFY(this));
2400 }
2401 break;
2402 }
2403 case Bytecodes::_putstatic: {
2404 for (int i = n - 1; i >= 0; i--) {
2405 current_frame->pop_stack(field_type[i], CHECK_VERIFY(this));
2406 }
2407 break;
2408 }
2409 case Bytecodes::_withfield: {
2410 for (int i = n - 1; i >= 0; i--) {
2411 current_frame->pop_stack(field_type[i], CHECK_VERIFY(this));
2412 }
2413 // Check that the receiver is a subtype of the referenced class.
2414 current_frame->pop_stack(target_class_type, CHECK_VERIFY(this));
2415 VerificationType target_inline_type =
2416 VerificationType::change_ref_to_inline_type(target_class_type);
2417 current_frame->push_stack(target_inline_type, CHECK_VERIFY(this));
2418 break;
2419 }
2420 case Bytecodes::_getfield: {
2421 is_getfield = true;
2422 stack_object_type = current_frame->pop_stack(
2423 target_class_type, CHECK_VERIFY(this));
2424 goto check_protected;
2425 }
2426 case Bytecodes::_putfield: {
2427 for (int i = n - 1; i >= 0; i--) {
2428 current_frame->pop_stack(field_type[i], CHECK_VERIFY(this));
2429 }
2430 stack_object_type = current_frame->pop_stack(CHECK_VERIFY(this));
2431
2432 // The JVMS 2nd edition allows field initialization before the superclass
2433 // initializer, if the field is defined within the current class.
2434 fieldDescriptor fd;
2435 if (stack_object_type == VerificationType::uninitialized_this_type() &&
2436 target_class_type.equals(current_type()) &&
2437 _klass->find_local_field(field_name, field_sig, &fd)) {
2438 stack_object_type = current_type();
2439 }
2821 bool ClassVerifier::is_same_or_direct_interface(
2822 InstanceKlass* klass,
2823 VerificationType klass_type,
2824 VerificationType ref_class_type) {
2825 if (ref_class_type.equals(klass_type)) return true;
2826 Array<InstanceKlass*>* local_interfaces = klass->local_interfaces();
2827 if (local_interfaces != NULL) {
2828 for (int x = 0; x < local_interfaces->length(); x++) {
2829 InstanceKlass* k = local_interfaces->at(x);
2830 assert (k != NULL && k->is_interface(), "invalid interface");
2831 if (ref_class_type.equals(VerificationType::reference_type(k->name()))) {
2832 return true;
2833 }
2834 }
2835 }
2836 return false;
2837 }
2838
2839 void ClassVerifier::verify_invoke_instructions(
2840 RawBytecodeStream* bcs, u4 code_length, StackMapFrame* current_frame,
2841 bool in_try_block, bool *this_uninit,
2842 const constantPoolHandle& cp, StackMapTable* stackmap_table, TRAPS) {
2843 // Make sure the constant pool item is the right type
2844 u2 index = bcs->get_index_u2();
2845 Bytecodes::Code opcode = bcs->raw_code();
2846 unsigned int types = 0;
2847 switch (opcode) {
2848 case Bytecodes::_invokeinterface:
2849 types = 1 << JVM_CONSTANT_InterfaceMethodref;
2850 break;
2851 case Bytecodes::_invokedynamic:
2852 types = 1 << JVM_CONSTANT_InvokeDynamic;
2853 break;
2854 case Bytecodes::_invokespecial:
2855 case Bytecodes::_invokestatic:
2856 types = (_klass->major_version() < STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION) ?
2857 (1 << JVM_CONSTANT_Methodref) :
2858 ((1 << JVM_CONSTANT_InterfaceMethodref) | (1 << JVM_CONSTANT_Methodref));
2859 break;
2860 default:
2861 types = 1 << JVM_CONSTANT_Methodref;
2862 }
2863 verify_cp_type(bcs->bci(), index, cp, types, CHECK_VERIFY(this));
2864
2865 // Get method name and signature
2866 Symbol* method_name = cp->name_ref_at(index);
2867 Symbol* method_sig = cp->signature_ref_at(index);
2868
2869 // Method signature was checked in ClassFileParser.
2870 assert(SignatureVerifier::is_valid_method_signature(method_sig),
2871 "Invalid method signature");
2872
2873 // Get referenced class
2874 VerificationType ref_class_type;
2875 if (opcode == Bytecodes::_invokedynamic) {
2876 if (_klass->major_version() < Verifier::INVOKEDYNAMIC_MAJOR_VERSION) {
2877 class_format_error(
2878 "invokedynamic instructions not supported by this class file version (%d), class %s",
2879 _klass->major_version(), _klass->external_name());
2880 return;
2881 }
2882 } else {
2883 ref_class_type = cp_ref_index_to_type(index, cp, CHECK_VERIFY(this));
2884 }
2885
2886 assert(sizeof(VerificationType) == sizeof(uintptr_t),
2887 "buffer type must match VerificationType size");
2888
2889 // Get the UTF8 index for this signature.
2890 int sig_index = cp->signature_ref_index_at(cp->name_and_type_ref_index_at(index));
2891
2892 // Get the signature's verification types.
2893 sig_as_verification_types* mth_sig_verif_types;
2919 "Inconsistent args count operand in invokeinterface");
2920 return;
2921 }
2922 if (*(bcp+4) != 0) {
2923 verify_error(ErrorContext::bad_code(bci),
2924 "Fourth operand byte of invokeinterface must be zero");
2925 return;
2926 }
2927 }
2928
2929 if (opcode == Bytecodes::_invokedynamic) {
2930 address bcp = bcs->bcp();
2931 if (*(bcp+3) != 0 || *(bcp+4) != 0) {
2932 verify_error(ErrorContext::bad_code(bci),
2933 "Third and fourth operand bytes of invokedynamic must be zero");
2934 return;
2935 }
2936 }
2937
2938 if (method_name->char_at(0) == JVM_SIGNATURE_SPECIAL) {
2939 // Make sure:
2940 // <init> can only be invoked by invokespecial.
2941 // <vnew> can only be invoked by invokestatic.
2942 if (!((opcode == Bytecodes::_invokestatic &&
2943 method_name == vmSymbols::inline_factory_name()) ||
2944 (opcode == Bytecodes::_invokespecial &&
2945 method_name == vmSymbols::object_initializer_name()))) {
2946 verify_error(ErrorContext::bad_code(bci),
2947 "Illegal call to internal method");
2948 return;
2949 }
2950 } else if (opcode == Bytecodes::_invokespecial
2951 && !is_same_or_direct_interface(current_class(), current_type(), ref_class_type)
2952 && !ref_class_type.equals(VerificationType::reference_type(
2953 current_class()->super()->name()))) { // super() can never be an inline_type.
2954 bool subtype = false;
2955 bool have_imr_indirect = cp->tag_at(index).value() == JVM_CONSTANT_InterfaceMethodref;
2956 subtype = ref_class_type.is_assignable_from(
2957 current_type(), this, false, CHECK_VERIFY(this));
2958 if (!subtype) {
2959 verify_error(ErrorContext::bad_code(bci),
2960 "Bad invokespecial instruction: "
2961 "current class isn't assignable to reference class.");
2962 return;
2963 } else if (have_imr_indirect) {
2964 verify_error(ErrorContext::bad_code(bci),
2965 "Bad invokespecial instruction: "
2966 "interface method reference is in an indirect superinterface.");
2967 return;
2968 }
2969
2970 }
2971
2972 // Get the verification types for the method's arguments.
2973 GrowableArray<VerificationType>* sig_verif_types = mth_sig_verif_types->sig_verif_types();
3018 verify_error(ErrorContext::bad_type(bci,
3019 current_frame->stack_top_ctx(),
3020 TypeOrigin::implicit(current_type())),
3021 "Bad access to protected data in invokevirtual");
3022 return;
3023 }
3024 }
3025 }
3026 }
3027 }
3028 } else {
3029 assert(opcode == Bytecodes::_invokeinterface, "Unexpected opcode encountered");
3030 current_frame->pop_stack(ref_class_type, CHECK_VERIFY(this));
3031 }
3032 }
3033 }
3034 // Push the result type.
3035 int sig_verif_types_len = sig_verif_types->length();
3036 if (sig_verif_types_len > nargs) { // There's a return type
3037 if (method_name == vmSymbols::object_initializer_name()) {
3038 // an <init> method must have a void return type
3039 verify_error(ErrorContext::bad_code(bci),
3040 "Return type must be void in <init> method");
3041 return;
3042 }
3043
3044 assert(sig_verif_types_len <= nargs + 2,
3045 "Signature verification types array return type is bogus");
3046 for (int i = nargs; i < sig_verif_types_len; i++) {
3047 assert(i == nargs || sig_verif_types->at(i).is_long2() ||
3048 sig_verif_types->at(i).is_double2(), "Unexpected return verificationType");
3049 current_frame->push_stack(sig_verif_types->at(i), CHECK_VERIFY(this));
3050 }
3051 } else { // no return type
3052 // <vnew> method may not have a void return type
3053 if (method_name == vmSymbols::inline_factory_name()) {
3054 verify_error(ErrorContext::bad_code(bci),
3055 "Return type must be non-void in <vnew> static factory method");
3056 return;
3057 }
3058 }
3059 }
3060
3061 VerificationType ClassVerifier::get_newarray_type(
3062 u2 index, u2 bci, TRAPS) {
3063 const char* from_bt[] = {
3064 NULL, NULL, NULL, NULL, "[Z", "[C", "[F", "[D", "[B", "[S", "[I", "[J",
3065 };
3066 if (index < T_BOOLEAN || index > T_LONG) {
3067 verify_error(ErrorContext::bad_code(bci), "Illegal newarray instruction");
3068 return VerificationType::bogus_type();
3069 }
3070
3071 // from_bt[index] contains the array signature which has a length of 2
3072 Symbol* sig = create_temporary_symbol(from_bt[index], 2);
3073 return VerificationType::reference_type(sig);
3074 }
3075
3076 void ClassVerifier::verify_anewarray(
3077 u2 bci, u2 index, const constantPoolHandle& cp,
3085 cp_index_to_type(index, cp, CHECK_VERIFY(this));
3086 int length;
3087 char* arr_sig_str;
3088 if (component_type.is_array()) { // it's an array
3089 const char* component_name = component_type.name()->as_utf8();
3090 // Check for more than MAX_ARRAY_DIMENSIONS
3091 length = (int)strlen(component_name);
3092 if (length > MAX_ARRAY_DIMENSIONS &&
3093 component_name[MAX_ARRAY_DIMENSIONS - 1] == JVM_SIGNATURE_ARRAY) {
3094 verify_error(ErrorContext::bad_code(bci),
3095 "Illegal anewarray instruction, array has more than 255 dimensions");
3096 }
3097 // add one dimension to component
3098 length++;
3099 arr_sig_str = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, char, length + 1);
3100 int n = os::snprintf(arr_sig_str, length + 1, "%c%s",
3101 JVM_SIGNATURE_ARRAY, component_name);
3102 assert(n == length, "Unexpected number of characters in string");
3103 } else { // it's an object or interface
3104 const char* component_name = component_type.name()->as_utf8();
3105 char Q_or_L = component_type.is_inline_type() ? JVM_SIGNATURE_PRIMITIVE_OBJECT : JVM_SIGNATURE_CLASS;
3106 // add one dimension to component with 'L' or 'Q' prepended and ';' appended.
3107 length = (int)strlen(component_name) + 3;
3108 arr_sig_str = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, char, length + 1);
3109 int n = os::snprintf(arr_sig_str, length + 1, "%c%c%s;",
3110 JVM_SIGNATURE_ARRAY, Q_or_L, component_name);
3111 assert(n == length, "Unexpected number of characters in string");
3112 }
3113 Symbol* arr_sig = create_temporary_symbol(arr_sig_str, length);
3114 VerificationType new_array_type = VerificationType::reference_type(arr_sig);
3115 current_frame->push_stack(new_array_type, CHECK_VERIFY(this));
3116 }
3117
3118 void ClassVerifier::verify_iload(u2 index, StackMapFrame* current_frame, TRAPS) {
3119 current_frame->get_local(
3120 index, VerificationType::integer_type(), CHECK_VERIFY(this));
3121 current_frame->push_stack(
3122 VerificationType::integer_type(), CHECK_VERIFY(this));
3123 }
3124
3125 void ClassVerifier::verify_lload(u2 index, StackMapFrame* current_frame, TRAPS) {
3126 current_frame->get_local_2(
3127 index, VerificationType::long_type(),
3128 VerificationType::long2_type(), CHECK_VERIFY(this));
3129 current_frame->push_stack_2(
3130 VerificationType::long_type(),
3132 }
3133
3134 void ClassVerifier::verify_fload(u2 index, StackMapFrame* current_frame, TRAPS) {
3135 current_frame->get_local(
3136 index, VerificationType::float_type(), CHECK_VERIFY(this));
3137 current_frame->push_stack(
3138 VerificationType::float_type(), CHECK_VERIFY(this));
3139 }
3140
3141 void ClassVerifier::verify_dload(u2 index, StackMapFrame* current_frame, TRAPS) {
3142 current_frame->get_local_2(
3143 index, VerificationType::double_type(),
3144 VerificationType::double2_type(), CHECK_VERIFY(this));
3145 current_frame->push_stack_2(
3146 VerificationType::double_type(),
3147 VerificationType::double2_type(), CHECK_VERIFY(this));
3148 }
3149
3150 void ClassVerifier::verify_aload(u2 index, StackMapFrame* current_frame, TRAPS) {
3151 VerificationType type = current_frame->get_local(
3152 index, VerificationType::nonscalar_check(), CHECK_VERIFY(this));
3153 current_frame->push_stack(type, CHECK_VERIFY(this));
3154 }
3155
3156 void ClassVerifier::verify_istore(u2 index, StackMapFrame* current_frame, TRAPS) {
3157 current_frame->pop_stack(
3158 VerificationType::integer_type(), CHECK_VERIFY(this));
3159 current_frame->set_local(
3160 index, VerificationType::integer_type(), CHECK_VERIFY(this));
3161 }
3162
3163 void ClassVerifier::verify_lstore(u2 index, StackMapFrame* current_frame, TRAPS) {
3164 current_frame->pop_stack_2(
3165 VerificationType::long2_type(),
3166 VerificationType::long_type(), CHECK_VERIFY(this));
3167 current_frame->set_local_2(
3168 index, VerificationType::long_type(),
3169 VerificationType::long2_type(), CHECK_VERIFY(this));
3170 }
3171
3172 void ClassVerifier::verify_fstore(u2 index, StackMapFrame* current_frame, TRAPS) {
3173 current_frame->pop_stack(VerificationType::float_type(), CHECK_VERIFY(this));
3174 current_frame->set_local(
3175 index, VerificationType::float_type(), CHECK_VERIFY(this));
3176 }
3177
3178 void ClassVerifier::verify_dstore(u2 index, StackMapFrame* current_frame, TRAPS) {
3179 current_frame->pop_stack_2(
3180 VerificationType::double2_type(),
3181 VerificationType::double_type(), CHECK_VERIFY(this));
3182 current_frame->set_local_2(
3183 index, VerificationType::double_type(),
3184 VerificationType::double2_type(), CHECK_VERIFY(this));
3185 }
3186
3187 void ClassVerifier::verify_astore(u2 index, StackMapFrame* current_frame, TRAPS) {
3188 VerificationType type = current_frame->pop_stack(
3189 VerificationType::nonscalar_check(), CHECK_VERIFY(this));
3190 current_frame->set_local(index, type, CHECK_VERIFY(this));
3191 }
3192
3193 void ClassVerifier::verify_iinc(u2 index, StackMapFrame* current_frame, TRAPS) {
3194 VerificationType type = current_frame->get_local(
3195 index, VerificationType::integer_type(), CHECK_VERIFY(this));
3196 current_frame->set_local(index, type, CHECK_VERIFY(this));
3197 }
3198
3199 void ClassVerifier::verify_return_value(
3200 VerificationType return_type, VerificationType type, u2 bci,
3201 StackMapFrame* current_frame, TRAPS) {
3202 if (return_type == VerificationType::bogus_type()) {
3203 verify_error(ErrorContext::bad_type(bci,
3204 current_frame->stack_top_ctx(), TypeOrigin::signature(return_type)),
3205 "Method does not expect a return value");
3206 return;
3207 }
3208 bool match = return_type.is_assignable_from(type, this, false, CHECK_VERIFY(this));
3209 if (!match) {
|