1 /*
2 * Copyright (c) 1994, 2024, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 /*-
27 * Verify that the code within a method block doesn't exploit any
28 * security holes.
29 */
30 /*
31 Exported function:
32
33 jboolean
34 VerifyClassForMajorVersion(JNIEnv *env, jclass cb, char *message_buffer,
35 jint buffer_length, jint major_version)
36
37 This file now only uses the standard JNI and the following VM functions
38 exported in jvm.h:
39
40 JVM_FindClassFromClass
41 JVM_IsInterface
42 JVM_GetClassNameUTF
43 JVM_GetClassCPEntriesCount
44 JVM_GetClassCPTypes
45 JVM_GetClassFieldsCount
46 JVM_GetClassMethodsCount
47
48 JVM_GetFieldIxModifiers
49
50 JVM_GetMethodIxModifiers
51 JVM_GetMethodIxExceptionTableLength
52 JVM_GetMethodIxLocalsCount
53 JVM_GetMethodIxArgsSize
54 JVM_GetMethodIxMaxStack
55 JVM_GetMethodIxNameUTF
56 JVM_GetMethodIxSignatureUTF
57 JVM_GetMethodIxExceptionsCount
58 JVM_GetMethodIxExceptionIndexes
59 JVM_GetMethodIxByteCodeLength
60 JVM_GetMethodIxByteCode
61 JVM_GetMethodIxExceptionTableEntry
62 JVM_IsConstructorIx
63
64 JVM_GetCPClassNameUTF
65 JVM_GetCPFieldNameUTF
66 JVM_GetCPMethodNameUTF
67 JVM_GetCPFieldSignatureUTF
68 JVM_GetCPMethodSignatureUTF
69 JVM_GetCPFieldClassNameUTF
70 JVM_GetCPMethodClassNameUTF
71 JVM_GetCPFieldModifiers
72 JVM_GetCPMethodModifiers
73
74 JVM_ReleaseUTF
75 JVM_IsSameClassPackage
76
77 */
78
79 #include <string.h>
80 #include <setjmp.h>
81 #include <assert.h>
82 #include <limits.h>
83 #include <stdlib.h>
84 #include <stdint.h>
85
86 #include "jni.h"
87 #include "jni_util.h"
88 #include "jvm.h"
89 #include "classfile_constants.h"
90 #include "opcodes.in_out"
91
92 /* On AIX malloc(0) and calloc(0, ...) return a NULL pointer, which is legal,
93 * but the code here does not handles it. So we wrap the methods and return non-NULL
94 * pointers even if we allocate 0 bytes.
95 */
96 #ifdef _AIX
97 static int aix_dummy;
98 static void* aix_malloc(size_t len) {
99 if (len == 0) {
100 return &aix_dummy;
101 }
102 return malloc(len);
103 }
104
105 static void* aix_calloc(size_t n, size_t size) {
106 if (n == 0) {
107 return &aix_dummy;
108 }
109 return calloc(n, size);
110 }
111
112 static void aix_free(void* p) {
113 if (p == &aix_dummy) {
114 return;
115 }
116 free(p);
117 }
118
119 #undef malloc
120 #undef calloc
121 #undef free
122 #define malloc aix_malloc
123 #define calloc aix_calloc
124 #define free aix_free
125 #endif
126
127 #ifdef __APPLE__
128 /* use setjmp/longjmp versions that do not save/restore the signal mask */
129 #define setjmp _setjmp
130 #define longjmp _longjmp
131 #endif
132
133 #define MAX_ARRAY_DIMENSIONS 255
134 /* align byte code */
135 #ifndef ALIGN_UP
136 #define ALIGN_UP(n,align_grain) (((n) + ((align_grain) - 1)) & ~((align_grain)-1))
137 #endif /* ALIGN_UP */
138 #define UCALIGN(n) ((unsigned char *)ALIGN_UP((uintptr_t)(n),sizeof(int)))
139
140 #ifdef DEBUG
141
142 int verify_verbose = 0;
143 static struct context_type *GlobalContext;
144 #endif
145
146 enum {
147 ITEM_Bogus,
148 ITEM_Void, /* only as a function return value */
149 ITEM_Integer,
150 ITEM_Float,
151 ITEM_Double,
152 ITEM_Double_2, /* 2nd word of double in register */
153 ITEM_Long,
154 ITEM_Long_2, /* 2nd word of long in register */
155 ITEM_Array,
156 ITEM_Object, /* Extra info field gives name. */
157 ITEM_NewObject, /* Like object, but uninitialized. */
158 ITEM_InitObject, /* "this" is init method, before call
159 to super() */
160 ITEM_ReturnAddress, /* Extra info gives instr # of start pc */
161 /* The following four are only used within array types.
162 * Normally, we use ITEM_Integer, instead. */
163 ITEM_Byte,
164 ITEM_Short,
165 ITEM_Char,
166 ITEM_Boolean
167 };
168
169
170 #define UNKNOWN_STACK_SIZE -1
171 #define UNKNOWN_REGISTER_COUNT -1
172 #define UNKNOWN_RET_INSTRUCTION -1
173
174 #undef MAX
175 #undef MIN
176 #define MAX(a, b) ((a) > (b) ? (a) : (b))
177 #define MIN(a, b) ((a) < (b) ? (a) : (b))
178
179 #define BITS_PER_INT (CHAR_BIT * sizeof(int)/sizeof(char))
180 #define SET_BIT(flags, i) (flags[(i)/BITS_PER_INT] |= \
181 ((unsigned)1 << ((i) % BITS_PER_INT)))
182 #define IS_BIT_SET(flags, i) (flags[(i)/BITS_PER_INT] & \
183 ((unsigned)1 << ((i) % BITS_PER_INT)))
184
185 typedef unsigned int fullinfo_type;
186 typedef unsigned int *bitvector;
187
188 #define GET_ITEM_TYPE(thing) ((thing) & 0x1F)
189 #define GET_INDIRECTION(thing) (((thing) & 0xFFFF) >> 5)
190 #define GET_EXTRA_INFO(thing) ((thing) >> 16)
191 #define WITH_ZERO_INDIRECTION(thing) ((thing) & ~(0xFFE0))
192 #define WITH_ZERO_EXTRA_INFO(thing) ((thing) & 0xFFFF)
193
194 #define MAKE_FULLINFO(type, indirect, extra) \
195 ((type) + ((indirect) << 5) + ((extra) << 16))
196
197 #define MAKE_Object_ARRAY(indirect) \
198 (context->object_info + ((indirect) << 5))
199
200 #define NULL_FULLINFO MAKE_FULLINFO(ITEM_Object, 0, 0)
201
202 /* JVM_OPC_invokespecial calls to <init> need to be treated special */
203 #define JVM_OPC_invokeinit 0x100
204
205 /* A hash mechanism used by the verifier.
206 * Maps class names to unique 16 bit integers.
207 */
208
209 #define HASH_TABLE_SIZE 503
210
211 /* The buckets are managed as a 256 by 256 matrix. We allocate an entire
212 * row (256 buckets) at a time to minimize fragmentation. Rows are
213 * allocated on demand so that we don't waste too much space.
214 */
215
216 #define MAX_HASH_ENTRIES 65536
217 #define HASH_ROW_SIZE 256
218
219 typedef struct hash_bucket_type {
220 char *name;
221 unsigned int hash;
222 jclass class;
223 unsigned short ID;
224 unsigned short next;
225 unsigned loadable:1; /* from context->class loader */
226 } hash_bucket_type;
227
228 typedef struct {
229 hash_bucket_type **buckets;
230 unsigned short *table;
231 int entries_used;
232 } hash_table_type;
233
234 #define GET_BUCKET(class_hash, ID)\
235 (class_hash->buckets[ID / HASH_ROW_SIZE] + ID % HASH_ROW_SIZE)
236
237 /*
238 * There are currently two types of resources that we need to keep
239 * track of (in addition to the CCalloc pool).
240 */
241 enum {
242 VM_STRING_UTF, /* VM-allocated UTF strings */
243 VM_MALLOC_BLK /* malloc'ed blocks */
244 };
245
246 #define LDC_CLASS_MAJOR_VERSION 49
247
248 #define LDC_METHOD_HANDLE_MAJOR_VERSION 51
249
250 #define NONZERO_PADDING_BYTES_IN_SWITCH_MAJOR_VERSION 51
251
252 #define STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION 52
253
254 #define ALLOC_STACK_SIZE 16 /* big enough */
255
256 typedef struct alloc_stack_type {
257 void *ptr;
258 int kind;
259 struct alloc_stack_type *next;
260 } alloc_stack_type;
261
262 /* The context type encapsulates the current invocation of the byte
263 * code verifier.
264 */
265 struct context_type {
266
267 JNIEnv *env; /* current JNIEnv */
268
269 /* buffers etc. */
270 char *message;
271 jint message_buf_len;
272 jboolean err_code;
273
274 alloc_stack_type *allocated_memory; /* all memory blocks that we have not
275 had a chance to free */
276 /* Store up to ALLOC_STACK_SIZE number of handles to allocated memory
277 blocks here, to save mallocs. */
278 alloc_stack_type alloc_stack[ALLOC_STACK_SIZE];
279 int alloc_stack_top;
280
281 /* these fields are per class */
282 jclass class; /* current class */
283 jint major_version;
284 jint nconstants;
285 unsigned char *constant_types;
286 hash_table_type class_hash;
287
288 fullinfo_type object_info; /* fullinfo for java/lang/Object */
289 fullinfo_type string_info; /* fullinfo for java/lang/String */
290 fullinfo_type throwable_info; /* fullinfo for java/lang/Throwable */
291 fullinfo_type cloneable_info; /* fullinfo for java/lang/Cloneable */
292 fullinfo_type serializable_info; /* fullinfo for java/io/Serializable */
293
294 fullinfo_type currentclass_info; /* fullinfo for context->class */
295 fullinfo_type superclass_info; /* fullinfo for superclass */
296
297 /* these fields are per method */
298 int method_index; /* current method */
299 unsigned short *exceptions; /* exceptions */
300 unsigned char *code; /* current code object */
301 jint code_length;
302 int *code_data; /* offset to instruction number */
303 struct instruction_data_type *instruction_data; /* info about each */
304 struct handler_info_type *handler_info;
305 fullinfo_type *superclasses; /* null terminated superclasses */
306 int instruction_count; /* number of instructions */
307 fullinfo_type return_type; /* function return type */
308 fullinfo_type swap_table[4]; /* used for passing information */
309 int bitmask_size; /* words needed to hold bitmap of arguments */
310
311 /* these fields are per field */
312 int field_index;
313
314 /* Used by the space allocator */
315 struct CCpool *CCroot, *CCcurrent;
316 char *CCfree_ptr;
317 int CCfree_size;
318
319 /* Jump here on any error. */
320 jmp_buf jump_buffer;
321
322 #ifdef DEBUG
323 /* keep track of how many global refs are allocated. */
324 int n_globalrefs;
325 #endif
326 };
327
328 struct stack_info_type {
329 struct stack_item_type *stack;
330 int stack_size;
331 };
332
333 struct register_info_type {
334 int register_count; /* number of registers used */
335 fullinfo_type *registers;
336 int mask_count; /* number of masks in the following */
337 struct mask_type *masks;
338 };
339
340 struct mask_type {
341 int entry;
342 int *modifies;
343 };
344
345 typedef unsigned short flag_type;
346
347 struct instruction_data_type {
348 int opcode; /* may turn into "canonical" opcode */
349 unsigned changed:1; /* has it changed */
350 unsigned protected:1; /* must accessor be a subclass of "this" */
351 union {
352 int i; /* operand to the opcode */
353 int *ip;
354 fullinfo_type fi;
355 } operand, operand2;
356 fullinfo_type p;
357 struct stack_info_type stack_info;
358 struct register_info_type register_info;
359 #define FLAG_REACHED 0x01 /* instruction reached */
360 #define FLAG_NEED_CONSTRUCTOR 0x02 /* must call this.<init> or super.<init> */
361 #define FLAG_NO_RETURN 0x04 /* must throw out of method */
362 flag_type or_flags; /* true for at least one path to this inst */
363 #define FLAG_CONSTRUCTED 0x01 /* this.<init> or super.<init> called */
364 flag_type and_flags; /* true for all paths to this instruction */
365 };
366
367 struct handler_info_type {
368 int start, end, handler;
369 struct stack_info_type stack_info;
370 };
371
372 struct stack_item_type {
373 fullinfo_type item;
374 struct stack_item_type *next;
375 };
376
377 typedef struct context_type context_type;
378 typedef struct instruction_data_type instruction_data_type;
379 typedef struct stack_item_type stack_item_type;
380 typedef struct register_info_type register_info_type;
381 typedef struct stack_info_type stack_info_type;
382 typedef struct mask_type mask_type;
383
384 static void read_all_code(context_type *context, jclass cb, int num_methods,
385 int** code_lengths, unsigned char*** code);
386 static void verify_method(context_type *context, jclass cb, int index,
387 int code_length, unsigned char* code);
388 static void free_all_code(context_type* context, int num_methods,
389 unsigned char** code);
390 static void verify_field(context_type *context, jclass cb, int index);
391
392 static void verify_opcode_operands (context_type *, unsigned int inumber, int offset);
393 static void set_protected(context_type *, unsigned int inumber, int key, int);
394 static jboolean is_superclass(context_type *, fullinfo_type);
395
396 static void initialize_exception_table(context_type *);
397 static int instruction_length(unsigned char *iptr, unsigned char *end);
398 static jboolean isLegalTarget(context_type *, int offset);
399 static void verify_constant_pool_type(context_type *, int, unsigned);
400
401 static void initialize_dataflow(context_type *);
402 static void run_dataflow(context_type *context);
403 static void check_register_values(context_type *context, unsigned int inumber);
404 static void check_flags(context_type *context, unsigned int inumber);
405 static void pop_stack(context_type *, unsigned int inumber, stack_info_type *);
406 static void update_registers(context_type *, unsigned int inumber, register_info_type *);
407 static void update_flags(context_type *, unsigned int inumber,
408 flag_type *new_and_flags, flag_type *new_or_flags);
409 static void push_stack(context_type *, unsigned int inumber, stack_info_type *stack);
410
411 static void merge_into_successors(context_type *, unsigned int inumber,
412 register_info_type *register_info,
413 stack_info_type *stack_info,
414 flag_type and_flags, flag_type or_flags);
415 static void merge_into_one_successor(context_type *context,
416 unsigned int from_inumber,
417 unsigned int inumber,
418 register_info_type *register_info,
419 stack_info_type *stack_info,
420 flag_type and_flags, flag_type or_flags,
421 jboolean isException);
422 static void merge_stack(context_type *, unsigned int inumber,
423 unsigned int to_inumber, stack_info_type *);
424 static void merge_registers(context_type *, unsigned int inumber,
425 unsigned int to_inumber,
426 register_info_type *);
427 static void merge_flags(context_type *context, unsigned int from_inumber,
428 unsigned int to_inumber,
429 flag_type new_and_flags, flag_type new_or_flags);
430
431 static stack_item_type *copy_stack(context_type *, stack_item_type *);
432 static mask_type *copy_masks(context_type *, mask_type *masks, int mask_count);
433 static mask_type *add_to_masks(context_type *, mask_type *, int , int);
434
435 static fullinfo_type decrement_indirection(fullinfo_type);
436
437 static fullinfo_type merge_fullinfo_types(context_type *context,
438 fullinfo_type a,
439 fullinfo_type b,
440 jboolean assignment);
441 static jboolean isAssignableTo(context_type *,
442 fullinfo_type a,
443 fullinfo_type b);
444
445 static jclass object_fullinfo_to_classclass(context_type *, fullinfo_type);
446
447
448 #define NEW(type, count) \
449 ((type *)CCalloc(context, (count)*(sizeof(type)), JNI_FALSE))
450 #define ZNEW(type, count) \
451 ((type *)CCalloc(context, (count)*(sizeof(type)), JNI_TRUE))
452
453 static void CCinit(context_type *context);
454 static void CCreinit(context_type *context);
455 static void CCdestroy(context_type *context);
456 static void *CCalloc(context_type *context, int size, jboolean zero);
457
458 static fullinfo_type cp_index_to_class_fullinfo(context_type *, int, int);
459
460 static const char* get_result_signature(const char* signature);
461
462 static char signature_to_fieldtype(context_type *context,
463 const char **signature_p, fullinfo_type *info);
464
465 static void CCerror (context_type *, char *format, ...);
466 static void CFerror (context_type *, char *format, ...);
467 static void CCout_of_memory (context_type *);
468
469 /* Because we can longjmp any time, we need to be very careful about
470 * remembering what needs to be freed. */
471
472 static void check_and_push_malloc_block(context_type *context, void *ptr);
473 static void check_and_push_string_utf(context_type *context, const char *ptr);
474 static void pop_and_free(context_type *context);
475
476 static int signature_to_args_size(const char *method_signature);
477
478 #ifdef DEBUG
479 static void print_stack (context_type *, stack_info_type *stack_info);
480 static void print_registers(context_type *, register_info_type *register_info);
481 static void print_flags(context_type *, flag_type, flag_type);
482 static void print_formatted_fieldname(context_type *context, int index);
483 static void print_formatted_methodname(context_type *context, int index);
484 #endif
485
486 /*
487 * Declare library specific JNI_Onload entry if static build
488 */
489 DEF_STATIC_JNI_OnLoad
490
491 void initialize_class_hash(context_type *context)
492 {
493 hash_table_type *class_hash = &(context->class_hash);
494 class_hash->buckets = (hash_bucket_type **)
495 calloc(MAX_HASH_ENTRIES / HASH_ROW_SIZE, sizeof(hash_bucket_type *));
496 class_hash->table = (unsigned short *)
497 calloc(HASH_TABLE_SIZE, sizeof(unsigned short));
498 if (class_hash->buckets == 0 ||
499 class_hash->table == 0)
500 CCout_of_memory(context);
501 class_hash->entries_used = 0;
502 }
503
504 static void finalize_class_hash(context_type *context)
505 {
506 hash_table_type *class_hash = &(context->class_hash);
507 JNIEnv *env = context->env;
508 int i;
509 /* 4296677: bucket index starts from 1. */
510 for (i=1;i<=class_hash->entries_used;i++) {
511 hash_bucket_type *bucket = GET_BUCKET(class_hash, i);
512 assert(bucket != NULL);
513 free(bucket->name);
514 if (bucket->class) {
515 (*env)->DeleteGlobalRef(env, bucket->class);
516 #ifdef DEBUG
517 context->n_globalrefs--;
518 #endif
519 }
520 }
521 if (class_hash->buckets) {
522 for (i=0;i<MAX_HASH_ENTRIES / HASH_ROW_SIZE; i++) {
523 if (class_hash->buckets[i] == 0)
524 break;
525 free(class_hash->buckets[i]);
526 }
527 }
528 free(class_hash->buckets);
529 free(class_hash->table);
530 }
531
532 static hash_bucket_type *
533 new_bucket(context_type *context, unsigned short *pID)
534 {
535 hash_table_type *class_hash = &(context->class_hash);
536 int i = *pID = class_hash->entries_used + 1;
537 int row = i / HASH_ROW_SIZE;
538 if (i >= MAX_HASH_ENTRIES)
539 CCerror(context, "Exceeded verifier's limit of 65535 referred classes");
540 if (class_hash->buckets[row] == 0) {
541 class_hash->buckets[row] = (hash_bucket_type*)
542 calloc(HASH_ROW_SIZE, sizeof(hash_bucket_type));
543 if (class_hash->buckets[row] == 0)
544 CCout_of_memory(context);
545 }
546 class_hash->entries_used++; /* only increment when we are sure there
547 is no overflow. */
548 return GET_BUCKET(class_hash, i);
549 }
550
551 static unsigned int
552 class_hash_fun(const char *s)
553 {
554 int i;
555 unsigned raw_hash;
556 for (raw_hash = 0; (i = *s) != '\0'; ++s)
557 raw_hash = raw_hash * 37 + i;
558 return raw_hash;
559 }
560
561 /*
562 * Find a class using the defining loader of the current class
563 * and return a local reference to it.
564 */
565 static jclass load_class_local(context_type *context,const char *classname)
566 {
567 jclass cb = JVM_FindClassFromClass(context->env, classname,
568 JNI_FALSE, context->class);
569 if (cb == 0)
570 CCerror(context, "Cannot find class %s", classname);
571 return cb;
572 }
573
574 /*
575 * Find a class using the defining loader of the current class
576 * and return a global reference to it.
577 */
578 static jclass load_class_global(context_type *context, const char *classname)
579 {
580 JNIEnv *env = context->env;
581 jclass local, global;
582
583 local = load_class_local(context, classname);
584 global = (*env)->NewGlobalRef(env, local);
585 if (global == 0)
586 CCout_of_memory(context);
587 #ifdef DEBUG
588 context->n_globalrefs++;
589 #endif
590 (*env)->DeleteLocalRef(env, local);
591 return global;
592 }
593
594 /*
595 * Return a unique ID given a local class reference. The loadable
596 * flag is true if the defining class loader of context->class
597 * is known to be capable of loading the class.
598 */
599 static unsigned short
600 class_to_ID(context_type *context, jclass cb, jboolean loadable)
601 {
602 JNIEnv *env = context->env;
603 hash_table_type *class_hash = &(context->class_hash);
604 unsigned int hash;
605 hash_bucket_type *bucket;
606 unsigned short *pID;
607 const char *name = JVM_GetClassNameUTF(env, cb);
608
609 check_and_push_string_utf(context, name);
610 hash = class_hash_fun(name);
611 pID = &(class_hash->table[hash % HASH_TABLE_SIZE]);
612 while (*pID) {
613 bucket = GET_BUCKET(class_hash, *pID);
614 if (bucket->hash == hash && strcmp(name, bucket->name) == 0) {
615 /*
616 * There is an unresolved entry with our name
617 * so we're forced to load it in case it matches us.
618 */
619 if (bucket->class == 0) {
620 assert(bucket->loadable == JNI_TRUE);
621 bucket->class = load_class_global(context, name);
622 }
623
624 /*
625 * It's already in the table. Update the loadable
626 * state if it's known and then we're done.
627 */
628 if ((*env)->IsSameObject(env, cb, bucket->class)) {
629 if (loadable && !bucket->loadable)
630 bucket->loadable = JNI_TRUE;
631 goto done;
632 }
633 }
634 pID = &bucket->next;
635 }
636 bucket = new_bucket(context, pID);
637 bucket->next = 0;
638 bucket->hash = hash;
639 bucket->name = malloc(strlen(name) + 1);
640 if (bucket->name == 0)
641 CCout_of_memory(context);
642 strcpy(bucket->name, name);
643 bucket->loadable = loadable;
644 bucket->class = (*env)->NewGlobalRef(env, cb);
645 if (bucket->class == 0)
646 CCout_of_memory(context);
647 #ifdef DEBUG
648 context->n_globalrefs++;
649 #endif
650
651 done:
652 pop_and_free(context);
653 return *pID;
654 }
655
656 /*
657 * Return a unique ID given a class name from the constant pool.
658 * All classes are lazily loaded from the defining loader of
659 * context->class.
660 */
661 static unsigned short
662 class_name_to_ID(context_type *context, const char *name)
663 {
664 hash_table_type *class_hash = &(context->class_hash);
665 unsigned int hash = class_hash_fun(name);
666 hash_bucket_type *bucket;
667 unsigned short *pID;
668 jboolean force_load = JNI_FALSE;
669
670 pID = &(class_hash->table[hash % HASH_TABLE_SIZE]);
671 while (*pID) {
672 bucket = GET_BUCKET(class_hash, *pID);
673 if (bucket->hash == hash && strcmp(name, bucket->name) == 0) {
674 if (bucket->loadable)
675 goto done;
676 force_load = JNI_TRUE;
677 }
678 pID = &bucket->next;
679 }
680
681 if (force_load) {
682 /*
683 * We found at least one matching named entry for a class that
684 * was not known to be loadable through the defining class loader
685 * of context->class. We must load our named class and update
686 * the hash table in case one these entries matches our class.
687 */
688 JNIEnv *env = context->env;
689 jclass cb = load_class_local(context, name);
690 unsigned short id = class_to_ID(context, cb, JNI_TRUE);
691 (*env)->DeleteLocalRef(env, cb);
692 return id;
693 }
694
695 bucket = new_bucket(context, pID);
696 bucket->next = 0;
697 bucket->class = 0;
698 bucket->loadable = JNI_TRUE; /* name-only IDs are implicitly loadable */
699 bucket->hash = hash;
700 bucket->name = malloc(strlen(name) + 1);
701 if (bucket->name == 0)
702 CCout_of_memory(context);
703 strcpy(bucket->name, name);
704
705 done:
706 return *pID;
707 }
708
709 #ifdef DEBUG
710 static const char *
711 ID_to_class_name(context_type *context, unsigned short ID)
712 {
713 hash_table_type *class_hash = &(context->class_hash);
714 hash_bucket_type *bucket = GET_BUCKET(class_hash, ID);
715 return bucket->name;
716 }
717 #endif
718
719 static jclass
720 ID_to_class(context_type *context, unsigned short ID)
721 {
722 hash_table_type *class_hash = &(context->class_hash);
723 hash_bucket_type *bucket = GET_BUCKET(class_hash, ID);
724 if (bucket->class == 0) {
725 assert(bucket->loadable == JNI_TRUE);
726 bucket->class = load_class_global(context, bucket->name);
727 }
728 return bucket->class;
729 }
730
731 static fullinfo_type
732 make_loadable_class_info(context_type *context, jclass cb)
733 {
734 return MAKE_FULLINFO(ITEM_Object, 0,
735 class_to_ID(context, cb, JNI_TRUE));
736 }
737
738 static fullinfo_type
739 make_class_info(context_type *context, jclass cb)
740 {
741 return MAKE_FULLINFO(ITEM_Object, 0,
742 class_to_ID(context, cb, JNI_FALSE));
743 }
744
745 static fullinfo_type
746 make_class_info_from_name(context_type *context, const char *name)
747 {
748 return MAKE_FULLINFO(ITEM_Object, 0,
749 class_name_to_ID(context, name));
750 }
751
752 /* RETURNS
753 * 1: on success chosen to be consistent with previous VerifyClass
754 * 0: verify error
755 * 2: out of memory
756 * 3: class format error
757 *
758 * Called by verify_class. Verify the code of each of the methods
759 * in a class. Note that this function apparently can't be JNICALL,
760 * because if it is the dynamic linker doesn't appear to be able to
761 * find it on Win32.
762 */
763
764 #define CC_OK 1
765 #define CC_VerifyError 0
766 #define CC_OutOfMemory 2
767 #define CC_ClassFormatError 3
768
769 JNIEXPORT jboolean
770 VerifyClassForMajorVersion(JNIEnv *env, jclass cb, char *buffer, jint len,
771 jint major_version)
772 {
773 context_type context_structure;
774 context_type *context = &context_structure;
775 jboolean result = CC_OK;
776 int i;
777 int num_methods;
778 int* code_lengths;
779 unsigned char** code;
780
781 #ifdef DEBUG
782 GlobalContext = context;
783 #endif
784
785 memset(context, 0, sizeof(context_type));
786 context->message = buffer;
787 context->message_buf_len = len;
788
789 context->env = env;
790 context->class = cb;
791
792 /* Set invalid method/field index of the context, in case anyone
793 calls CCerror */
794 context->method_index = -1;
795 context->field_index = -1;
796
797 /* Don't call CCerror or anything that can call it above the setjmp! */
798 if (!setjmp(context->jump_buffer)) {
799 jclass super;
800
801 CCinit(context); /* initialize heap; may throw */
802
803 initialize_class_hash(context);
804
805 context->major_version = major_version;
806 context->nconstants = JVM_GetClassCPEntriesCount(env, cb);
807 context->constant_types = (unsigned char *)
808 malloc(sizeof(unsigned char) * context->nconstants + 1);
809
810 if (context->constant_types == 0)
811 CCout_of_memory(context);
812
813 JVM_GetClassCPTypes(env, cb, context->constant_types);
814
815 if (context->constant_types == 0)
816 CCout_of_memory(context);
817
818 context->object_info =
819 make_class_info_from_name(context, "java/lang/Object");
820 context->string_info =
821 make_class_info_from_name(context, "java/lang/String");
822 context->throwable_info =
823 make_class_info_from_name(context, "java/lang/Throwable");
824 context->cloneable_info =
825 make_class_info_from_name(context, "java/lang/Cloneable");
826 context->serializable_info =
827 make_class_info_from_name(context, "java/io/Serializable");
828
829 context->currentclass_info = make_loadable_class_info(context, cb);
830
831 super = (*env)->GetSuperclass(env, cb);
832
833 if (super != 0) {
834 fullinfo_type *gptr;
835 int i = 0;
836
837 context->superclass_info = make_loadable_class_info(context, super);
838
839 while(super != 0) {
840 jclass tmp_cb = (*env)->GetSuperclass(env, super);
841 (*env)->DeleteLocalRef(env, super);
842 super = tmp_cb;
843 i++;
844 }
845 (*env)->DeleteLocalRef(env, super);
846 super = 0;
847
848 /* Can't go on context heap since it survives more than
849 one method */
850 context->superclasses = gptr =
851 malloc(sizeof(fullinfo_type)*(i + 1));
852 if (gptr == 0) {
853 CCout_of_memory(context);
854 }
855
856 super = (*env)->GetSuperclass(env, context->class);
857 while(super != 0) {
858 jclass tmp_cb;
859 *gptr++ = make_class_info(context, super);
860 tmp_cb = (*env)->GetSuperclass(env, super);
861 (*env)->DeleteLocalRef(env, super);
862 super = tmp_cb;
863 }
864 *gptr = 0;
865 } else {
866 context->superclass_info = 0;
867 }
868
869 (*env)->DeleteLocalRef(env, super);
870
871 /* Look at each method */
872 for (i = JVM_GetClassFieldsCount(env, cb); --i >= 0;)
873 verify_field(context, cb, i);
874 num_methods = JVM_GetClassMethodsCount(env, cb);
875 read_all_code(context, cb, num_methods, &code_lengths, &code);
876 for (i = num_methods - 1; i >= 0; --i)
877 verify_method(context, cb, i, code_lengths[i], code[i]);
878 free_all_code(context, num_methods, code);
879 result = CC_OK;
880 } else {
881 result = context->err_code;
882 }
883
884 /* Cleanup */
885 finalize_class_hash(context);
886
887 while(context->allocated_memory)
888 pop_and_free(context);
889
890 #ifdef DEBUG
891 GlobalContext = 0;
892 #endif
893
894 if (context->exceptions)
895 free(context->exceptions);
896
897 if (context->constant_types)
898 free(context->constant_types);
899
900 if (context->superclasses)
901 free(context->superclasses);
902
903 #ifdef DEBUG
904 /* Make sure all global refs created in the verifier are freed */
905 assert(context->n_globalrefs == 0);
906 #endif
907
908 CCdestroy(context); /* destroy heap */
909 return result;
910 }
911
912 static void
913 verify_field(context_type *context, jclass cb, int field_index)
914 {
915 JNIEnv *env = context->env;
916 int access_bits = JVM_GetFieldIxModifiers(env, cb, field_index);
917 context->field_index = field_index;
918
919 if ( ((access_bits & JVM_ACC_PUBLIC) != 0) &&
920 ((access_bits & (JVM_ACC_PRIVATE | JVM_ACC_PROTECTED)) != 0)) {
921 CCerror(context, "Inconsistent access bits.");
922 }
923 context->field_index = -1;
924 }
925
926
927 /**
928 * We read all of the class's methods' code because it is possible that
929 * the verification of one method could resulting in linking further
930 * down the stack (due to class loading), which could end up rewriting
931 * some of the bytecode of methods we haven't verified yet. Since we
932 * don't want to see the rewritten bytecode, cache all the code and
933 * operate only on that.
934 */
935 static void
936 read_all_code(context_type* context, jclass cb, int num_methods,
937 int** lengths_addr, unsigned char*** code_addr)
938 {
939 int* lengths;
940 unsigned char** code;
941 int i;
942
943 lengths = malloc(sizeof(int) * num_methods);
944 check_and_push_malloc_block(context, lengths);
945
946 code = malloc(sizeof(unsigned char*) * num_methods);
947 check_and_push_malloc_block(context, code);
948
949 *(lengths_addr) = lengths;
950 *(code_addr) = code;
951
952 for (i = 0; i < num_methods; ++i) {
953 lengths[i] = JVM_GetMethodIxByteCodeLength(context->env, cb, i);
954 if (lengths[i] > 0) {
955 code[i] = malloc(sizeof(unsigned char) * (lengths[i] + 1));
956 check_and_push_malloc_block(context, code[i]);
957 JVM_GetMethodIxByteCode(context->env, cb, i, code[i]);
958 } else {
959 code[i] = NULL;
960 }
961 }
962 }
963
964 static void
965 free_all_code(context_type* context, int num_methods, unsigned char** code)
966 {
967 int i;
968 for (i = 0; i < num_methods; ++i) {
969 if (code[i] != NULL) {
970 pop_and_free(context);
971 }
972 }
973 pop_and_free(context); /* code */
974 pop_and_free(context); /* lengths */
975 }
976
977 /* Verify the code of one method */
978 static void
979 verify_method(context_type *context, jclass cb, int method_index,
980 int code_length, unsigned char* code)
981 {
982 JNIEnv *env = context->env;
983 int access_bits = JVM_GetMethodIxModifiers(env, cb, method_index);
984 int *code_data;
985 instruction_data_type *idata = 0;
986 int instruction_count;
987 int i, offset;
988 unsigned int inumber;
989 jint nexceptions;
990
991 if ((access_bits & (JVM_ACC_NATIVE | JVM_ACC_ABSTRACT)) != 0) {
992 /* not much to do for abstract and native methods */
993 return;
994 }
995
996 context->code_length = code_length;
997 context->code = code;
998
999 /* CCerror can give method-specific info once this is set */
1000 context->method_index = method_index;
1001
1002 CCreinit(context); /* initial heap */
1003 code_data = NEW(int, code_length);
1004
1005 #ifdef DEBUG
1006 if (verify_verbose) {
1007 const char *classname = JVM_GetClassNameUTF(env, cb);
1008 const char *methodname =
1009 JVM_GetMethodIxNameUTF(env, cb, method_index);
1010 const char *signature =
1011 JVM_GetMethodIxSignatureUTF(env, cb, method_index);
1012 jio_fprintf(stdout, "Looking at %s.%s%s\n",
1013 (classname ? classname : ""),
1014 (methodname ? methodname : ""),
1015 (signature ? signature : ""));
1016 JVM_ReleaseUTF(classname);
1017 JVM_ReleaseUTF(methodname);
1018 JVM_ReleaseUTF(signature);
1019 }
1020 #endif
1021
1022 if (((access_bits & JVM_ACC_PUBLIC) != 0) &&
1023 ((access_bits & (JVM_ACC_PRIVATE | JVM_ACC_PROTECTED)) != 0)) {
1024 CCerror(context, "Inconsistent access bits.");
1025 }
1026
1027 // If this method is an overpass method, which is generated by the VM,
1028 // we trust the code and no check needs to be done.
1029 if (JVM_IsVMGeneratedMethodIx(env, cb, method_index)) {
1030 return;
1031 }
1032
1033 /* Run through the code. Mark the start of each instruction, and give
1034 * the instruction a number */
1035 for (i = 0, offset = 0; offset < code_length; i++) {
1036 int length = instruction_length(&code[offset], code + code_length);
1037 int next_offset = offset + length;
1038 if (length <= 0)
1039 CCerror(context, "Illegal instruction found at offset %d", offset);
1040 if (next_offset > code_length)
1041 CCerror(context, "Code stops in the middle of instruction "
1042 " starting at offset %d", offset);
1043 code_data[offset] = i;
1044 while (++offset < next_offset)
1045 code_data[offset] = -1; /* illegal location */
1046 }
1047 instruction_count = i; /* number of instructions in code */
1048
1049 /* Allocate a structure to hold info about each instruction. */
1050 idata = NEW(instruction_data_type, instruction_count);
1051
1052 /* Initialize the heap, and other info in the context structure. */
1053 context->code = code;
1054 context->instruction_data = idata;
1055 context->code_data = code_data;
1056 context->instruction_count = instruction_count;
1057 context->handler_info =
1058 NEW(struct handler_info_type,
1059 JVM_GetMethodIxExceptionTableLength(env, cb, method_index));
1060 context->bitmask_size =
1061 (JVM_GetMethodIxLocalsCount(env, cb, method_index)
1062 + (BITS_PER_INT - 1))/BITS_PER_INT;
1063
1064 if (instruction_count == 0)
1065 CCerror(context, "Empty code");
1066
1067 for (inumber = 0, offset = 0; offset < code_length; inumber++) {
1068 int length = instruction_length(&code[offset], code + code_length);
1069 instruction_data_type *this_idata = &idata[inumber];
1070 this_idata->opcode = code[offset];
1071 this_idata->stack_info.stack = NULL;
1072 this_idata->stack_info.stack_size = UNKNOWN_STACK_SIZE;
1073 this_idata->register_info.register_count = UNKNOWN_REGISTER_COUNT;
1074 this_idata->changed = JNI_FALSE; /* no need to look at it yet. */
1075 this_idata->protected = JNI_FALSE; /* no need to look at it yet. */
1076 this_idata->and_flags = (flag_type) -1; /* "bottom" and value */
1077 this_idata->or_flags = 0; /* "bottom" or value*/
1078 /* This also sets up this_data->operand. It also makes the
1079 * xload_x and xstore_x instructions look like the generic form. */
1080 verify_opcode_operands(context, inumber, offset);
1081 offset += length;
1082 }
1083
1084
1085 /* make sure exception table is reasonable. */
1086 initialize_exception_table(context);
1087 /* Set up first instruction, and start of exception handlers. */
1088 initialize_dataflow(context);
1089 /* Run data flow analysis on the instructions. */
1090 run_dataflow(context);
1091
1092 /* verify checked exceptions, if any */
1093 nexceptions = JVM_GetMethodIxExceptionsCount(env, cb, method_index);
1094 context->exceptions = (unsigned short *)
1095 malloc(sizeof(unsigned short) * nexceptions + 1);
1096 if (context->exceptions == 0)
1097 CCout_of_memory(context);
1098 JVM_GetMethodIxExceptionIndexes(env, cb, method_index,
1099 context->exceptions);
1100 for (i = 0; i < nexceptions; i++) {
1101 /* Make sure the constant pool item is JVM_CONSTANT_Class */
1102 verify_constant_pool_type(context, (int)context->exceptions[i],
1103 1 << JVM_CONSTANT_Class);
1104 }
1105 free(context->exceptions);
1106 context->exceptions = 0;
1107 context->code = 0;
1108 context->method_index = -1;
1109 }
1110
1111
1112 /* Look at a single instruction, and verify its operands. Also, for
1113 * simplicity, move the operand into the ->operand field.
1114 * Make sure that branches don't go into the middle of nowhere.
1115 */
1116
1117 static jint _ck_ntohl(jint n)
1118 {
1119 unsigned char *p = (unsigned char *)&n;
1120 return (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
1121 }
1122
1123 static void
1124 verify_opcode_operands(context_type *context, unsigned int inumber, int offset)
1125 {
1126 JNIEnv *env = context->env;
1127 instruction_data_type *idata = context->instruction_data;
1128 instruction_data_type *this_idata = &idata[inumber];
1129 int *code_data = context->code_data;
1130 int mi = context->method_index;
1131 unsigned char *code = context->code;
1132 int opcode = this_idata->opcode;
1133 int var;
1134
1135 /*
1136 * Set the ip fields to 0 not the i fields because the ip fields
1137 * are 64 bits on 64 bit architectures, the i field is only 32
1138 */
1139 this_idata->operand.ip = 0;
1140 this_idata->operand2.ip = 0;
1141
1142 switch (opcode) {
1143
1144 case JVM_OPC_jsr:
1145 /* instruction of ret statement */
1146 this_idata->operand2.i = UNKNOWN_RET_INSTRUCTION;
1147 /* FALLTHROUGH */
1148 case JVM_OPC_ifeq: case JVM_OPC_ifne: case JVM_OPC_iflt:
1149 case JVM_OPC_ifge: case JVM_OPC_ifgt: case JVM_OPC_ifle:
1150 case JVM_OPC_ifnull: case JVM_OPC_ifnonnull:
1151 case JVM_OPC_if_icmpeq: case JVM_OPC_if_icmpne: case JVM_OPC_if_icmplt:
1152 case JVM_OPC_if_icmpge: case JVM_OPC_if_icmpgt: case JVM_OPC_if_icmple:
1153 case JVM_OPC_if_acmpeq: case JVM_OPC_if_acmpne:
1154 case JVM_OPC_goto: {
1155 /* Set the ->operand to be the instruction number of the target. */
1156 int jump = (((signed char)(code[offset+1])) << 8) + code[offset+2];
1157 int target = offset + jump;
1158 if (!isLegalTarget(context, target))
1159 CCerror(context, "Illegal target of jump or branch");
1160 this_idata->operand.i = code_data[target];
1161 break;
1162 }
1163
1164 case JVM_OPC_jsr_w:
1165 /* instruction of ret statement */
1166 this_idata->operand2.i = UNKNOWN_RET_INSTRUCTION;
1167 /* FALLTHROUGH */
1168 case JVM_OPC_goto_w: {
1169 /* Set the ->operand to be the instruction number of the target. */
1170 int jump = (((signed char)(code[offset+1])) << 24) +
1171 (code[offset+2] << 16) + (code[offset+3] << 8) +
1172 (code[offset + 4]);
1173 int target = offset + jump;
1174 if (!isLegalTarget(context, target))
1175 CCerror(context, "Illegal target of jump or branch");
1176 this_idata->operand.i = code_data[target];
1177 break;
1178 }
1179
1180 case JVM_OPC_tableswitch:
1181 case JVM_OPC_lookupswitch: {
1182 /* Set the ->operand to be a table of possible instruction targets. */
1183 int *lpc = (int *) UCALIGN(code + offset + 1);
1184 int *lptr;
1185 int *saved_operand;
1186 int keys;
1187 int k, delta;
1188
1189 if (context->major_version < NONZERO_PADDING_BYTES_IN_SWITCH_MAJOR_VERSION) {
1190 /* 4639449, 4647081: Padding bytes must be zero. */
1191 unsigned char* bptr = (unsigned char*) (code + offset + 1);
1192 for (; bptr < (unsigned char*)lpc; bptr++) {
1193 if (*bptr != 0) {
1194 CCerror(context, "Non zero padding bytes in switch");
1195 }
1196 }
1197 }
1198 if (opcode == JVM_OPC_tableswitch) {
1199 keys = _ck_ntohl(lpc[2]) - _ck_ntohl(lpc[1]) + 1;
1200 delta = 1;
1201 } else {
1202 keys = _ck_ntohl(lpc[1]); /* number of pairs */
1203 delta = 2;
1204 /* Make sure that the tableswitch items are sorted */
1205 for (k = keys - 1, lptr = &lpc[2]; --k >= 0; lptr += 2) {
1206 int this_key = _ck_ntohl(lptr[0]); /* NB: ntohl may be unsigned */
1207 int next_key = _ck_ntohl(lptr[2]);
1208 if (this_key >= next_key) {
1209 CCerror(context, "Unsorted lookup switch");
1210 }
1211 }
1212 }
1213 saved_operand = NEW(int, keys + 2);
1214 if (!isLegalTarget(context, offset + _ck_ntohl(lpc[0])))
1215 CCerror(context, "Illegal default target in switch");
1216 saved_operand[keys + 1] = code_data[offset + _ck_ntohl(lpc[0])];
1217 for (k = keys, lptr = &lpc[3]; --k >= 0; lptr += delta) {
1218 int target = offset + _ck_ntohl(lptr[0]);
1219 if (!isLegalTarget(context, target))
1220 CCerror(context, "Illegal branch in tableswitch");
1221 saved_operand[k + 1] = code_data[target];
1222 }
1223 saved_operand[0] = keys + 1; /* number of successors */
1224 this_idata->operand.ip = saved_operand;
1225 break;
1226 }
1227
1228 case JVM_OPC_ldc: {
1229 /* Make sure the constant pool item is the right type. */
1230 int key = code[offset + 1];
1231 int types = (1 << JVM_CONSTANT_Integer) | (1 << JVM_CONSTANT_Float) |
1232 (1 << JVM_CONSTANT_String);
1233 if (context->major_version >= LDC_CLASS_MAJOR_VERSION) {
1234 types |= 1 << JVM_CONSTANT_Class;
1235 }
1236 if (context->major_version >= LDC_METHOD_HANDLE_MAJOR_VERSION) {
1237 types |= (1 << JVM_CONSTANT_MethodHandle) |
1238 (1 << JVM_CONSTANT_MethodType);
1239 }
1240 this_idata->operand.i = key;
1241 verify_constant_pool_type(context, key, types);
1242 break;
1243 }
1244
1245 case JVM_OPC_ldc_w: {
1246 /* Make sure the constant pool item is the right type. */
1247 int key = (code[offset + 1] << 8) + code[offset + 2];
1248 int types = (1 << JVM_CONSTANT_Integer) | (1 << JVM_CONSTANT_Float) |
1249 (1 << JVM_CONSTANT_String);
1250 if (context->major_version >= LDC_CLASS_MAJOR_VERSION) {
1251 types |= 1 << JVM_CONSTANT_Class;
1252 }
1253 if (context->major_version >= LDC_METHOD_HANDLE_MAJOR_VERSION) {
1254 types |= (1 << JVM_CONSTANT_MethodHandle) |
1255 (1 << JVM_CONSTANT_MethodType);
1256 }
1257 this_idata->operand.i = key;
1258 verify_constant_pool_type(context, key, types);
1259 break;
1260 }
1261
1262 case JVM_OPC_ldc2_w: {
1263 /* Make sure the constant pool item is the right type. */
1264 int key = (code[offset + 1] << 8) + code[offset + 2];
1265 int types = (1 << JVM_CONSTANT_Double) | (1 << JVM_CONSTANT_Long);
1266 this_idata->operand.i = key;
1267 verify_constant_pool_type(context, key, types);
1268 break;
1269 }
1270
1271 case JVM_OPC_getfield: case JVM_OPC_putfield:
1272 case JVM_OPC_getstatic: case JVM_OPC_putstatic: {
1273 /* Make sure the constant pool item is the right type. */
1274 int key = (code[offset + 1] << 8) + code[offset + 2];
1275 this_idata->operand.i = key;
1276 verify_constant_pool_type(context, key, 1 << JVM_CONSTANT_Fieldref);
1277 if (opcode == JVM_OPC_getfield || opcode == JVM_OPC_putfield)
1278 set_protected(context, inumber, key, opcode);
1279 break;
1280 }
1281
1282 case JVM_OPC_invokevirtual:
1283 case JVM_OPC_invokespecial:
1284 case JVM_OPC_invokestatic:
1285 case JVM_OPC_invokeinterface: {
1286 /* Make sure the constant pool item is the right type. */
1287 int key = (code[offset + 1] << 8) + code[offset + 2];
1288 const char *methodname;
1289 jclass cb = context->class;
1290 fullinfo_type clazz_info;
1291 int is_constructor, is_internal;
1292 int kind;
1293
1294 switch (opcode ) {
1295 case JVM_OPC_invokestatic:
1296 kind = ((context->major_version < STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION)
1297 ? (1 << JVM_CONSTANT_Methodref)
1298 : ((1 << JVM_CONSTANT_InterfaceMethodref) | (1 << JVM_CONSTANT_Methodref)));
1299 break;
1300 case JVM_OPC_invokeinterface:
1301 kind = 1 << JVM_CONSTANT_InterfaceMethodref;
1302 break;
1303 default:
1304 kind = 1 << JVM_CONSTANT_Methodref;
1305 }
1306
1307 /* Make sure the constant pool item is the right type. */
1308 verify_constant_pool_type(context, key, kind);
1309 methodname = JVM_GetCPMethodNameUTF(env, cb, key);
1310 check_and_push_string_utf(context, methodname);
1311 is_constructor = !strcmp(methodname, "<init>");
1312 is_internal = methodname[0] == '<';
1313 pop_and_free(context);
1314
1315 clazz_info = cp_index_to_class_fullinfo(context, key,
1316 JVM_CONSTANT_Methodref);
1317 this_idata->operand.i = key;
1318 this_idata->operand2.fi = clazz_info;
1319 if (is_constructor) {
1320 if (opcode != JVM_OPC_invokespecial) {
1321 CCerror(context,
1322 "Must call initializers using invokespecial");
1323 }
1324 this_idata->opcode = JVM_OPC_invokeinit;
1325 } else {
1326 if (is_internal) {
1327 CCerror(context, "Illegal call to internal method");
1328 }
1329 if (opcode == JVM_OPC_invokespecial
1330 && clazz_info != context->currentclass_info
1331 && clazz_info != context->superclass_info) {
1332 int not_found = 1;
1333
1334 jclass super = (*env)->GetSuperclass(env, context->class);
1335 while(super != 0) {
1336 jclass tmp_cb;
1337 fullinfo_type new_info = make_class_info(context, super);
1338 if (clazz_info == new_info) {
1339 not_found = 0;
1340 break;
1341 }
1342 tmp_cb = (*env)->GetSuperclass(env, super);
1343 (*env)->DeleteLocalRef(env, super);
1344 super = tmp_cb;
1345 }
1346 (*env)->DeleteLocalRef(env, super);
1347
1348 /* The optimizer may cause this to happen on local code */
1349 if (not_found) {
1350 CCerror(context, "Illegal use of nonvirtual function call");
1351 }
1352 }
1353 }
1354 if (opcode == JVM_OPC_invokeinterface) {
1355 unsigned int args1;
1356 unsigned int args2;
1357 const char *signature =
1358 JVM_GetCPMethodSignatureUTF(env, context->class, key);
1359 check_and_push_string_utf(context, signature);
1360 args1 = signature_to_args_size(signature) + 1;
1361 args2 = code[offset + 3];
1362 if (args1 != args2) {
1363 CCerror(context,
1364 "Inconsistent args_size for invokeinterface");
1365 }
1366 if (code[offset + 4] != 0) {
1367 CCerror(context,
1368 "Fourth operand byte of invokeinterface must be zero");
1369 }
1370 pop_and_free(context);
1371 } else if (opcode == JVM_OPC_invokevirtual
1372 || opcode == JVM_OPC_invokespecial)
1373 set_protected(context, inumber, key, opcode);
1374 break;
1375 }
1376
1377 case JVM_OPC_invokedynamic:
1378 CCerror(context,
1379 "invokedynamic bytecode is not supported in this class file version");
1380 break;
1381 case JVM_OPC_instanceof:
1382 case JVM_OPC_checkcast:
1383 case JVM_OPC_new:
1384 case JVM_OPC_anewarray:
1385 case JVM_OPC_multianewarray: {
1386 /* Make sure the constant pool item is a class */
1387 int key = (code[offset + 1] << 8) + code[offset + 2];
1388 fullinfo_type target;
1389 verify_constant_pool_type(context, key, 1 << JVM_CONSTANT_Class);
1390 target = cp_index_to_class_fullinfo(context, key, JVM_CONSTANT_Class);
1391 if (GET_ITEM_TYPE(target) == ITEM_Bogus)
1392 CCerror(context, "Illegal type");
1393 switch(opcode) {
1394 case JVM_OPC_anewarray:
1395 if ((GET_INDIRECTION(target)) >= MAX_ARRAY_DIMENSIONS)
1396 CCerror(context, "Array with too many dimensions");
1397 this_idata->operand.fi = MAKE_FULLINFO(GET_ITEM_TYPE(target),
1398 GET_INDIRECTION(target) + 1,
1399 GET_EXTRA_INFO(target));
1400 break;
1401 case JVM_OPC_new:
1402 if (WITH_ZERO_EXTRA_INFO(target) !=
1403 MAKE_FULLINFO(ITEM_Object, 0, 0))
1404 CCerror(context, "Illegal creation of multi-dimensional array");
1405 /* operand gets set to the "uninitialized object". operand2 gets
1406 * set to what the value will be after it's initialized. */
1407 this_idata->operand.fi = MAKE_FULLINFO(ITEM_NewObject, 0, inumber);
1408 this_idata->operand2.fi = target;
1409 break;
1410 case JVM_OPC_multianewarray:
1411 this_idata->operand.fi = target;
1412 this_idata->operand2.i = code[offset + 3];
1413 if ( (this_idata->operand2.i > (int)GET_INDIRECTION(target))
1414 || (this_idata->operand2.i == 0))
1415 CCerror(context, "Illegal dimension argument");
1416 break;
1417 default:
1418 this_idata->operand.fi = target;
1419 }
1420 break;
1421 }
1422
1423 case JVM_OPC_newarray: {
1424 /* Cache the result of the JVM_OPC_newarray into the operand slot */
1425 fullinfo_type full_info;
1426 switch (code[offset + 1]) {
1427 case JVM_T_INT:
1428 full_info = MAKE_FULLINFO(ITEM_Integer, 1, 0); break;
1429 case JVM_T_LONG:
1430 full_info = MAKE_FULLINFO(ITEM_Long, 1, 0); break;
1431 case JVM_T_FLOAT:
1432 full_info = MAKE_FULLINFO(ITEM_Float, 1, 0); break;
1433 case JVM_T_DOUBLE:
1434 full_info = MAKE_FULLINFO(ITEM_Double, 1, 0); break;
1435 case JVM_T_BOOLEAN:
1436 full_info = MAKE_FULLINFO(ITEM_Boolean, 1, 0); break;
1437 case JVM_T_BYTE:
1438 full_info = MAKE_FULLINFO(ITEM_Byte, 1, 0); break;
1439 case JVM_T_CHAR:
1440 full_info = MAKE_FULLINFO(ITEM_Char, 1, 0); break;
1441 case JVM_T_SHORT:
1442 full_info = MAKE_FULLINFO(ITEM_Short, 1, 0); break;
1443 default:
1444 full_info = 0; /* Keep lint happy */
1445 CCerror(context, "Bad type passed to newarray");
1446 }
1447 this_idata->operand.fi = full_info;
1448 break;
1449 }
1450
1451 /* Fudge iload_x, aload_x, etc to look like their generic cousin. */
1452 case JVM_OPC_iload_0: case JVM_OPC_iload_1: case JVM_OPC_iload_2: case JVM_OPC_iload_3:
1453 this_idata->opcode = JVM_OPC_iload;
1454 var = opcode - JVM_OPC_iload_0;
1455 goto check_local_variable;
1456
1457 case JVM_OPC_fload_0: case JVM_OPC_fload_1: case JVM_OPC_fload_2: case JVM_OPC_fload_3:
1458 this_idata->opcode = JVM_OPC_fload;
1459 var = opcode - JVM_OPC_fload_0;
1460 goto check_local_variable;
1461
1462 case JVM_OPC_aload_0: case JVM_OPC_aload_1: case JVM_OPC_aload_2: case JVM_OPC_aload_3:
1463 this_idata->opcode = JVM_OPC_aload;
1464 var = opcode - JVM_OPC_aload_0;
1465 goto check_local_variable;
1466
1467 case JVM_OPC_lload_0: case JVM_OPC_lload_1: case JVM_OPC_lload_2: case JVM_OPC_lload_3:
1468 this_idata->opcode = JVM_OPC_lload;
1469 var = opcode - JVM_OPC_lload_0;
1470 goto check_local_variable2;
1471
1472 case JVM_OPC_dload_0: case JVM_OPC_dload_1: case JVM_OPC_dload_2: case JVM_OPC_dload_3:
1473 this_idata->opcode = JVM_OPC_dload;
1474 var = opcode - JVM_OPC_dload_0;
1475 goto check_local_variable2;
1476
1477 case JVM_OPC_istore_0: case JVM_OPC_istore_1: case JVM_OPC_istore_2: case JVM_OPC_istore_3:
1478 this_idata->opcode = JVM_OPC_istore;
1479 var = opcode - JVM_OPC_istore_0;
1480 goto check_local_variable;
1481
1482 case JVM_OPC_fstore_0: case JVM_OPC_fstore_1: case JVM_OPC_fstore_2: case JVM_OPC_fstore_3:
1483 this_idata->opcode = JVM_OPC_fstore;
1484 var = opcode - JVM_OPC_fstore_0;
1485 goto check_local_variable;
1486
1487 case JVM_OPC_astore_0: case JVM_OPC_astore_1: case JVM_OPC_astore_2: case JVM_OPC_astore_3:
1488 this_idata->opcode = JVM_OPC_astore;
1489 var = opcode - JVM_OPC_astore_0;
1490 goto check_local_variable;
1491
1492 case JVM_OPC_lstore_0: case JVM_OPC_lstore_1: case JVM_OPC_lstore_2: case JVM_OPC_lstore_3:
1493 this_idata->opcode = JVM_OPC_lstore;
1494 var = opcode - JVM_OPC_lstore_0;
1495 goto check_local_variable2;
1496
1497 case JVM_OPC_dstore_0: case JVM_OPC_dstore_1: case JVM_OPC_dstore_2: case JVM_OPC_dstore_3:
1498 this_idata->opcode = JVM_OPC_dstore;
1499 var = opcode - JVM_OPC_dstore_0;
1500 goto check_local_variable2;
1501
1502 case JVM_OPC_wide:
1503 this_idata->opcode = code[offset + 1];
1504 var = (code[offset + 2] << 8) + code[offset + 3];
1505 switch(this_idata->opcode) {
1506 case JVM_OPC_lload: case JVM_OPC_dload:
1507 case JVM_OPC_lstore: case JVM_OPC_dstore:
1508 goto check_local_variable2;
1509 default:
1510 goto check_local_variable;
1511 }
1512
1513 case JVM_OPC_iinc: /* the increment amount doesn't matter */
1514 case JVM_OPC_ret:
1515 case JVM_OPC_aload: case JVM_OPC_iload: case JVM_OPC_fload:
1516 case JVM_OPC_astore: case JVM_OPC_istore: case JVM_OPC_fstore:
1517 var = code[offset + 1];
1518 check_local_variable:
1519 /* Make sure that the variable number isn't illegal. */
1520 this_idata->operand.i = var;
1521 if (var >= JVM_GetMethodIxLocalsCount(env, context->class, mi))
1522 CCerror(context, "Illegal local variable number");
1523 break;
1524
1525 case JVM_OPC_lload: case JVM_OPC_dload: case JVM_OPC_lstore: case JVM_OPC_dstore:
1526 var = code[offset + 1];
1527 check_local_variable2:
1528 /* Make sure that the variable number isn't illegal. */
1529 this_idata->operand.i = var;
1530 if ((var + 1) >= JVM_GetMethodIxLocalsCount(env, context->class, mi))
1531 CCerror(context, "Illegal local variable number");
1532 break;
1533
1534 default:
1535 if (opcode > JVM_OPC_MAX)
1536 CCerror(context, "Quick instructions shouldn't appear yet.");
1537 break;
1538 } /* of switch */
1539 }
1540
1541
1542 static void
1543 set_protected(context_type *context, unsigned int inumber, int key, int opcode)
1544 {
1545 JNIEnv *env = context->env;
1546 fullinfo_type clazz_info;
1547 if (opcode != JVM_OPC_invokevirtual && opcode != JVM_OPC_invokespecial) {
1548 clazz_info = cp_index_to_class_fullinfo(context, key,
1549 JVM_CONSTANT_Fieldref);
1550 } else {
1551 clazz_info = cp_index_to_class_fullinfo(context, key,
1552 JVM_CONSTANT_Methodref);
1553 }
1554 if (is_superclass(context, clazz_info)) {
1555 jclass calledClass =
1556 object_fullinfo_to_classclass(context, clazz_info);
1557 int access;
1558 /* 4734966: JVM_GetCPFieldModifiers() or JVM_GetCPMethodModifiers() only
1559 searches the referenced field or method in calledClass. The following
1560 while loop is added to search up the superclass chain to make this
1561 symbolic resolution consistent with the field/method resolution
1562 specified in VM spec 5.4.3. */
1563 calledClass = (*env)->NewLocalRef(env, calledClass);
1564 do {
1565 jclass tmp_cb;
1566 if (opcode != JVM_OPC_invokevirtual && opcode != JVM_OPC_invokespecial) {
1567 access = JVM_GetCPFieldModifiers
1568 (env, context->class, key, calledClass);
1569 } else {
1570 access = JVM_GetCPMethodModifiers
1571 (env, context->class, key, calledClass);
1572 }
1573 if (access != -1) {
1574 break;
1575 }
1576 tmp_cb = (*env)->GetSuperclass(env, calledClass);
1577 (*env)->DeleteLocalRef(env, calledClass);
1578 calledClass = tmp_cb;
1579 } while (calledClass != 0);
1580
1581 if (access == -1) {
1582 /* field/method not found, detected at runtime. */
1583 } else if (access & JVM_ACC_PROTECTED) {
1584 if (!JVM_IsSameClassPackage(env, calledClass, context->class))
1585 context->instruction_data[inumber].protected = JNI_TRUE;
1586 }
1587 (*env)->DeleteLocalRef(env, calledClass);
1588 }
1589 }
1590
1591
1592 static jboolean
1593 is_superclass(context_type *context, fullinfo_type clazz_info) {
1594 fullinfo_type *fptr = context->superclasses;
1595
1596 if (fptr == 0)
1597 return JNI_FALSE;
1598 for (; *fptr != 0; fptr++) {
1599 if (*fptr == clazz_info)
1600 return JNI_TRUE;
1601 }
1602 return JNI_FALSE;
1603 }
1604
1605
1606 /* Look through each item on the exception table. Each of the fields must
1607 * refer to a legal instruction.
1608 */
1609 static void
1610 initialize_exception_table(context_type *context)
1611 {
1612 JNIEnv *env = context->env;
1613 int mi = context->method_index;
1614 struct handler_info_type *handler_info = context->handler_info;
1615 int *code_data = context->code_data;
1616 int code_length = context->code_length;
1617 int max_stack_size = JVM_GetMethodIxMaxStack(env, context->class, mi);
1618 int i = JVM_GetMethodIxExceptionTableLength(env, context->class, mi);
1619 if (max_stack_size < 1 && i > 0) {
1620 // If the method contains exception handlers, it must have room
1621 // on the expression stack for the exception that the VM could push
1622 CCerror(context, "Stack size too large");
1623 }
1624 for (; --i >= 0; handler_info++) {
1625 JVM_ExceptionTableEntryType einfo;
1626 stack_item_type *stack_item = NEW(stack_item_type, 1);
1627
1628 JVM_GetMethodIxExceptionTableEntry(env, context->class, mi,
1629 i, &einfo);
1630
1631 if (!(einfo.start_pc < einfo.end_pc &&
1632 einfo.start_pc >= 0 &&
1633 isLegalTarget(context, einfo.start_pc) &&
1634 (einfo.end_pc == code_length ||
1635 isLegalTarget(context, einfo.end_pc)))) {
1636 CFerror(context, "Illegal exception table range");
1637 }
1638 if (!((einfo.handler_pc > 0) &&
1639 isLegalTarget(context, einfo.handler_pc))) {
1640 CFerror(context, "Illegal exception table handler");
1641 }
1642
1643 handler_info->start = code_data[einfo.start_pc];
1644 /* einfo.end_pc may point to one byte beyond the end of bytecodes. */
1645 handler_info->end = (einfo.end_pc == context->code_length) ?
1646 context->instruction_count : code_data[einfo.end_pc];
1647 handler_info->handler = code_data[einfo.handler_pc];
1648 handler_info->stack_info.stack = stack_item;
1649 handler_info->stack_info.stack_size = 1;
1650 stack_item->next = NULL;
1651 if (einfo.catchType != 0) {
1652 const char *classname;
1653 /* Constant pool entry type has been checked in format checker */
1654 classname = JVM_GetCPClassNameUTF(env,
1655 context->class,
1656 einfo.catchType);
1657 check_and_push_string_utf(context, classname);
1658 stack_item->item = make_class_info_from_name(context, classname);
1659 if (!isAssignableTo(context,
1660 stack_item->item,
1661 context->throwable_info))
1662 CCerror(context, "catch_type not a subclass of Throwable");
1663 pop_and_free(context);
1664 } else {
1665 stack_item->item = context->throwable_info;
1666 }
1667 }
1668 }
1669
1670
1671 /* Given a pointer to an instruction, return its length. Use the table
1672 * opcode_length[] which is automatically built.
1673 */
1674 static int instruction_length(unsigned char *iptr, unsigned char *end)
1675 {
1676 static unsigned char opcode_length[] = JVM_OPCODE_LENGTH_INITIALIZER;
1677 int instruction = *iptr;
1678 switch (instruction) {
1679 case JVM_OPC_tableswitch: {
1680 int *lpc = (int *)UCALIGN(iptr + 1);
1681 int64_t low, high, index;
1682 if (lpc + 2 >= (int *)end) {
1683 return -1; /* do not read pass the end */
1684 }
1685 low = _ck_ntohl(lpc[1]);
1686 high = _ck_ntohl(lpc[2]);
1687 index = high - low;
1688 // The value of low must be less than or equal to high - i.e. index >= 0
1689 if ((index < 0) || (index > 65535)) {
1690 return -1; /* illegal */
1691 } else {
1692 unsigned char *finish = (unsigned char *)(&lpc[index + 4]);
1693 assert(finish >= iptr);
1694 return (int)(finish - iptr);
1695 }
1696 }
1697
1698 case JVM_OPC_lookupswitch: {
1699 int *lpc = (int *) UCALIGN(iptr + 1);
1700 int npairs;
1701 if (lpc + 1 >= (int *)end)
1702 return -1; /* do not read pass the end */
1703 npairs = _ck_ntohl(lpc[1]);
1704 /* There can't be more than 64K labels because of the limit
1705 * on per-method byte code length.
1706 */
1707 if (npairs < 0 || npairs >= 65536)
1708 return -1;
1709 else {
1710 unsigned char *finish = (unsigned char *)(&lpc[2 * (npairs + 1)]);
1711 assert(finish >= iptr);
1712 return (int)(finish - iptr);
1713 }
1714 }
1715
1716 case JVM_OPC_wide:
1717 if (iptr + 1 >= end)
1718 return -1; /* do not read pass the end */
1719 switch(iptr[1]) {
1720 case JVM_OPC_ret:
1721 case JVM_OPC_iload: case JVM_OPC_istore:
1722 case JVM_OPC_fload: case JVM_OPC_fstore:
1723 case JVM_OPC_aload: case JVM_OPC_astore:
1724 case JVM_OPC_lload: case JVM_OPC_lstore:
1725 case JVM_OPC_dload: case JVM_OPC_dstore:
1726 return 4;
1727 case JVM_OPC_iinc:
1728 return 6;
1729 default:
1730 return -1;
1731 }
1732
1733 default: {
1734 if (instruction < 0 || instruction > JVM_OPC_MAX)
1735 return -1;
1736
1737 /* A length of 0 indicates an error. */
1738 if (opcode_length[instruction] <= 0)
1739 return -1;
1740
1741 return opcode_length[instruction];
1742 }
1743 }
1744 }
1745
1746
1747 /* Given the target of a branch, make sure that it's a legal target. */
1748 static jboolean
1749 isLegalTarget(context_type *context, int offset)
1750 {
1751 int code_length = context->code_length;
1752 int *code_data = context->code_data;
1753 return (offset >= 0 && offset < code_length && code_data[offset] >= 0);
1754 }
1755
1756
1757 /* Make sure that an element of the constant pool really is of the indicated
1758 * type.
1759 */
1760 static void
1761 verify_constant_pool_type(context_type *context, int index, unsigned mask)
1762 {
1763 int nconstants = context->nconstants;
1764 unsigned char *type_table = context->constant_types;
1765 unsigned type;
1766
1767 if ((index <= 0) || (index >= nconstants))
1768 CCerror(context, "Illegal constant pool index");
1769
1770 type = type_table[index];
1771 if ((mask & (1 << type)) == 0)
1772 CCerror(context, "Illegal type in constant pool");
1773 }
1774
1775
1776 static void
1777 initialize_dataflow(context_type *context)
1778 {
1779 JNIEnv *env = context->env;
1780 instruction_data_type *idata = context->instruction_data;
1781 int mi = context->method_index;
1782 jclass cb = context->class;
1783 int args_size = JVM_GetMethodIxArgsSize(env, cb, mi);
1784 fullinfo_type *reg_ptr;
1785 fullinfo_type full_info;
1786 const char *p;
1787 const char *signature;
1788
1789 /* Initialize the function entry, since we know everything about it. */
1790 idata[0].stack_info.stack_size = 0;
1791 idata[0].stack_info.stack = NULL;
1792 idata[0].register_info.register_count = args_size;
1793 idata[0].register_info.registers = NEW(fullinfo_type, args_size);
1794 idata[0].register_info.mask_count = 0;
1795 idata[0].register_info.masks = NULL;
1796 idata[0].and_flags = 0; /* nothing needed */
1797 idata[0].or_flags = FLAG_REACHED; /* instruction reached */
1798 reg_ptr = idata[0].register_info.registers;
1799
1800 if ((JVM_GetMethodIxModifiers(env, cb, mi) & JVM_ACC_STATIC) == 0) {
1801 /* A non static method. If this is an <init> method, the first
1802 * argument is an uninitialized object. Otherwise it is an object of
1803 * the given class type. java.lang.Object.<init> is special since
1804 * we don't call its superclass <init> method.
1805 */
1806 if (JVM_IsConstructorIx(env, cb, mi)
1807 && context->currentclass_info != context->object_info) {
1808 *reg_ptr++ = MAKE_FULLINFO(ITEM_InitObject, 0, 0);
1809 idata[0].or_flags |= FLAG_NEED_CONSTRUCTOR;
1810 } else {
1811 *reg_ptr++ = context->currentclass_info;
1812 }
1813 }
1814 signature = JVM_GetMethodIxSignatureUTF(env, cb, mi);
1815 check_and_push_string_utf(context, signature);
1816 /* Fill in each of the arguments into the registers. */
1817 for (p = signature + 1; *p != JVM_SIGNATURE_ENDFUNC; ) {
1818 char fieldchar = signature_to_fieldtype(context, &p, &full_info);
1819 switch (fieldchar) {
1820 case 'D': case 'L':
1821 *reg_ptr++ = full_info;
1822 *reg_ptr++ = full_info + 1;
1823 break;
1824 default:
1825 *reg_ptr++ = full_info;
1826 break;
1827 }
1828 }
1829 p++; /* skip over right parenthesis */
1830 if (*p == 'V') {
1831 context->return_type = MAKE_FULLINFO(ITEM_Void, 0, 0);
1832 } else {
1833 signature_to_fieldtype(context, &p, &full_info);
1834 context->return_type = full_info;
1835 }
1836 pop_and_free(context);
1837 /* Indicate that we need to look at the first instruction. */
1838 idata[0].changed = JNI_TRUE;
1839 }
1840
1841
1842 /* Run the data flow analysis, as long as there are things to change. */
1843 static void
1844 run_dataflow(context_type *context) {
1845 JNIEnv *env = context->env;
1846 int mi = context->method_index;
1847 jclass cb = context->class;
1848 int max_stack_size = JVM_GetMethodIxMaxStack(env, cb, mi);
1849 instruction_data_type *idata = context->instruction_data;
1850 unsigned int icount = context->instruction_count;
1851 jboolean work_to_do = JNI_TRUE;
1852 unsigned int inumber;
1853
1854 /* Run through the loop, until there is nothing left to do. */
1855 while (work_to_do) {
1856 work_to_do = JNI_FALSE;
1857 for (inumber = 0; inumber < icount; inumber++) {
1858 instruction_data_type *this_idata = &idata[inumber];
1859 if (this_idata->changed) {
1860 register_info_type new_register_info;
1861 stack_info_type new_stack_info;
1862 flag_type new_and_flags, new_or_flags;
1863
1864 this_idata->changed = JNI_FALSE;
1865 work_to_do = JNI_TRUE;
1866 #ifdef DEBUG
1867 if (verify_verbose) {
1868 jio_fprintf(stdout, "Instruction %d: ", inumber);
1869 print_stack(context, &this_idata->stack_info);
1870 print_registers(context, &this_idata->register_info);
1871 print_flags(context,
1872 this_idata->and_flags, this_idata->or_flags);
1873 fflush(stdout);
1874 }
1875 #endif
1876 /* Make sure the registers and flags are appropriate */
1877 check_register_values(context, inumber);
1878 check_flags(context, inumber);
1879
1880 /* Make sure the stack can deal with this instruction */
1881 pop_stack(context, inumber, &new_stack_info);
1882
1883 /* Update the registers and flags */
1884 update_registers(context, inumber, &new_register_info);
1885 update_flags(context, inumber, &new_and_flags, &new_or_flags);
1886
1887 /* Update the stack. */
1888 push_stack(context, inumber, &new_stack_info);
1889
1890 if (new_stack_info.stack_size > max_stack_size)
1891 CCerror(context, "Stack size too large");
1892 #ifdef DEBUG
1893 if (verify_verbose) {
1894 jio_fprintf(stdout, " ");
1895 print_stack(context, &new_stack_info);
1896 print_registers(context, &new_register_info);
1897 print_flags(context, new_and_flags, new_or_flags);
1898 fflush(stdout);
1899 }
1900 #endif
1901 /* Add the new stack and register information to any
1902 * instructions that can follow this instruction. */
1903 merge_into_successors(context, inumber,
1904 &new_register_info, &new_stack_info,
1905 new_and_flags, new_or_flags);
1906 }
1907 }
1908 }
1909 }
1910
1911
1912 /* Make sure that the registers contain a legitimate value for the given
1913 * instruction.
1914 */
1915
1916 static void
1917 check_register_values(context_type *context, unsigned int inumber)
1918 {
1919 instruction_data_type *idata = context->instruction_data;
1920 instruction_data_type *this_idata = &idata[inumber];
1921 int opcode = this_idata->opcode;
1922 int operand = this_idata->operand.i;
1923 int register_count = this_idata->register_info.register_count;
1924 fullinfo_type *registers = this_idata->register_info.registers;
1925 jboolean double_word = JNI_FALSE; /* default value */
1926 int type;
1927
1928 switch (opcode) {
1929 default:
1930 return;
1931 case JVM_OPC_iload: case JVM_OPC_iinc:
1932 type = ITEM_Integer; break;
1933 case JVM_OPC_fload:
1934 type = ITEM_Float; break;
1935 case JVM_OPC_aload:
1936 type = ITEM_Object; break;
1937 case JVM_OPC_ret:
1938 type = ITEM_ReturnAddress; break;
1939 case JVM_OPC_lload:
1940 type = ITEM_Long; double_word = JNI_TRUE; break;
1941 case JVM_OPC_dload:
1942 type = ITEM_Double; double_word = JNI_TRUE; break;
1943 }
1944 if (!double_word) {
1945 fullinfo_type reg;
1946 /* Make sure we don't have an illegal register or one with wrong type */
1947 if (operand >= register_count) {
1948 CCerror(context,
1949 "Accessing value from uninitialized register %d", operand);
1950 }
1951 reg = registers[operand];
1952
1953 if (WITH_ZERO_EXTRA_INFO(reg) == (unsigned)MAKE_FULLINFO(type, 0, 0)) {
1954 /* the register is obviously of the given type */
1955 return;
1956 } else if (GET_INDIRECTION(reg) > 0 && type == ITEM_Object) {
1957 /* address type stuff be used on all arrays */
1958 return;
1959 } else if (GET_ITEM_TYPE(reg) == ITEM_ReturnAddress) {
1960 CCerror(context, "Cannot load return address from register %d",
1961 operand);
1962 /* alternatively
1963 (GET_ITEM_TYPE(reg) == ITEM_ReturnAddress)
1964 && (opcode == JVM_OPC_iload)
1965 && (type == ITEM_Object || type == ITEM_Integer)
1966 but this never occurs
1967 */
1968 } else if (reg == ITEM_InitObject && type == ITEM_Object) {
1969 return;
1970 } else if (WITH_ZERO_EXTRA_INFO(reg) ==
1971 MAKE_FULLINFO(ITEM_NewObject, 0, 0) &&
1972 type == ITEM_Object) {
1973 return;
1974 } else {
1975 CCerror(context, "Register %d contains wrong type", operand);
1976 }
1977 } else {
1978 /* Make sure we don't have an illegal register or one with wrong type */
1979 if ((operand + 1) >= register_count) {
1980 CCerror(context,
1981 "Accessing value from uninitialized register pair %d/%d",
1982 operand, operand+1);
1983 } else {
1984 if ((registers[operand] == (unsigned)MAKE_FULLINFO(type, 0, 0)) &&
1985 (registers[operand + 1] == (unsigned)MAKE_FULLINFO(type + 1, 0, 0))) {
1986 return;
1987 } else {
1988 CCerror(context, "Register pair %d/%d contains wrong type",
1989 operand, operand+1);
1990 }
1991 }
1992 }
1993 }
1994
1995
1996 /* Make sure the flags contain legitimate values for this instruction.
1997 */
1998
1999 static void
2000 check_flags(context_type *context, unsigned int inumber)
2001 {
2002 instruction_data_type *idata = context->instruction_data;
2003 instruction_data_type *this_idata = &idata[inumber];
2004 int opcode = this_idata->opcode;
2005 switch (opcode) {
2006 case JVM_OPC_return:
2007 /* We need a constructor, but we aren't guaranteed it's called */
2008 if ((this_idata->or_flags & FLAG_NEED_CONSTRUCTOR) &&
2009 !(this_idata->and_flags & FLAG_CONSTRUCTED))
2010 CCerror(context, "Constructor must call super() or this()");
2011 /* fall through */
2012 case JVM_OPC_ireturn: case JVM_OPC_lreturn:
2013 case JVM_OPC_freturn: case JVM_OPC_dreturn: case JVM_OPC_areturn:
2014 if (this_idata->or_flags & FLAG_NO_RETURN)
2015 /* This method cannot exit normally */
2016 CCerror(context, "Cannot return normally");
2017 default:
2018 break; /* nothing to do. */
2019 }
2020 }
2021
2022 /* Make sure that the top of the stack contains reasonable values for the
2023 * given instruction. The post-pop values of the stack and its size are
2024 * returned in *new_stack_info.
2025 */
2026
2027 static void
2028 pop_stack(context_type *context, unsigned int inumber, stack_info_type *new_stack_info)
2029 {
2030 instruction_data_type *idata = context->instruction_data;
2031 instruction_data_type *this_idata = &idata[inumber];
2032 int opcode = this_idata->opcode;
2033 stack_item_type *stack = this_idata->stack_info.stack;
2034 int stack_size = this_idata->stack_info.stack_size;
2035 char *stack_operands, *p;
2036 char buffer[257]; /* for holding manufactured argument lists */
2037 fullinfo_type stack_extra_info_buffer[256]; /* save info popped off stack */
2038 fullinfo_type *stack_extra_info = &stack_extra_info_buffer[256];
2039 fullinfo_type full_info; /* only used in case of invoke instructions */
2040 fullinfo_type put_full_info; /* only used in case JVM_OPC_putstatic and JVM_OPC_putfield */
2041
2042 switch(opcode) {
2043 default:
2044 /* For most instructions, we just use a built-in table */
2045 stack_operands = opcode_in_out[opcode][0];
2046 break;
2047
2048 case JVM_OPC_putstatic: case JVM_OPC_putfield: {
2049 /* The top thing on the stack depends on the signature of
2050 * the object. */
2051 int operand = this_idata->operand.i;
2052 const char *signature =
2053 JVM_GetCPFieldSignatureUTF(context->env,
2054 context->class,
2055 operand);
2056 char *ip = buffer;
2057 check_and_push_string_utf(context, signature);
2058 #ifdef DEBUG
2059 if (verify_verbose) {
2060 print_formatted_fieldname(context, operand);
2061 }
2062 #endif
2063 if (opcode == JVM_OPC_putfield)
2064 *ip++ = 'A'; /* object for putfield */
2065 *ip++ = signature_to_fieldtype(context, &signature, &put_full_info);
2066 *ip = '\0';
2067 stack_operands = buffer;
2068 pop_and_free(context);
2069 break;
2070 }
2071
2072 case JVM_OPC_invokevirtual: case JVM_OPC_invokespecial:
2073 case JVM_OPC_invokeinit: /* invokespecial call to <init> */
2074 case JVM_OPC_invokestatic: case JVM_OPC_invokeinterface: {
2075 /* The top stuff on the stack depends on the method signature */
2076 int operand = this_idata->operand.i;
2077 const char *signature =
2078 JVM_GetCPMethodSignatureUTF(context->env,
2079 context->class,
2080 operand);
2081 char *ip = buffer;
2082 const char *p;
2083 check_and_push_string_utf(context, signature);
2084 #ifdef DEBUG
2085 if (verify_verbose) {
2086 print_formatted_methodname(context, operand);
2087 }
2088 #endif
2089 if (opcode != JVM_OPC_invokestatic)
2090 /* First, push the object */
2091 *ip++ = (opcode == JVM_OPC_invokeinit ? '@' : 'A');
2092 for (p = signature + 1; *p != JVM_SIGNATURE_ENDFUNC; ) {
2093 *ip++ = signature_to_fieldtype(context, &p, &full_info);
2094 if (ip >= buffer + sizeof(buffer) - 1)
2095 CCerror(context, "Signature %s has too many arguments",
2096 signature);
2097 }
2098 *ip = 0;
2099 stack_operands = buffer;
2100 pop_and_free(context);
2101 break;
2102 }
2103
2104 case JVM_OPC_multianewarray: {
2105 /* Count can't be larger than 255. So can't overflow buffer */
2106 int count = this_idata->operand2.i; /* number of ints on stack */
2107 memset(buffer, 'I', count);
2108 buffer[count] = '\0';
2109 stack_operands = buffer;
2110 break;
2111 }
2112
2113 } /* of switch */
2114
2115 /* Run through the list of operands >>backwards<< */
2116 for ( p = stack_operands + strlen(stack_operands);
2117 p > stack_operands;
2118 stack = stack->next) {
2119 int type = *--p;
2120 fullinfo_type top_type = stack ? stack->item : 0;
2121 int size = (type == 'D' || type == 'L') ? 2 : 1;
2122 *--stack_extra_info = top_type;
2123 if (stack == NULL)
2124 CCerror(context, "Unable to pop operand off an empty stack");
2125
2126 switch (type) {
2127 case 'I':
2128 if (top_type != MAKE_FULLINFO(ITEM_Integer, 0, 0))
2129 CCerror(context, "Expecting to find integer on stack");
2130 break;
2131
2132 case 'F':
2133 if (top_type != MAKE_FULLINFO(ITEM_Float, 0, 0))
2134 CCerror(context, "Expecting to find float on stack");
2135 break;
2136
2137 case 'A': /* object or array */
2138 if ( (GET_ITEM_TYPE(top_type) != ITEM_Object)
2139 && (GET_INDIRECTION(top_type) == 0)) {
2140 /* The thing isn't an object or an array. Let's see if it's
2141 * one of the special cases */
2142 if ( (WITH_ZERO_EXTRA_INFO(top_type) ==
2143 MAKE_FULLINFO(ITEM_ReturnAddress, 0, 0))
2144 && (opcode == JVM_OPC_astore))
2145 break;
2146 if ( (GET_ITEM_TYPE(top_type) == ITEM_NewObject
2147 || (GET_ITEM_TYPE(top_type) == ITEM_InitObject))
2148 && ((opcode == JVM_OPC_astore) || (opcode == JVM_OPC_aload)))
2149 break;
2150 /* The 2nd edition VM of the specification allows field
2151 * initializations before the superclass initializer,
2152 * if the field is defined within the current class.
2153 */
2154 if ( (GET_ITEM_TYPE(top_type) == ITEM_InitObject)
2155 && (opcode == JVM_OPC_putfield)) {
2156 int operand = this_idata->operand.i;
2157 int access_bits = JVM_GetCPFieldModifiers(context->env,
2158 context->class,
2159 operand,
2160 context->class);
2161 /* Note: This relies on the fact that
2162 * JVM_GetCPFieldModifiers retrieves only local fields,
2163 * and does not respect inheritance.
2164 */
2165 if (access_bits != -1) {
2166 if ( cp_index_to_class_fullinfo(context, operand, JVM_CONSTANT_Fieldref) ==
2167 context->currentclass_info ) {
2168 top_type = context->currentclass_info;
2169 *stack_extra_info = top_type;
2170 break;
2171 }
2172 }
2173 }
2174 CCerror(context, "Expecting to find object/array on stack");
2175 }
2176 break;
2177
2178 case '@': { /* uninitialized object, for call to <init> */
2179 int item_type = GET_ITEM_TYPE(top_type);
2180 if (item_type != ITEM_NewObject && item_type != ITEM_InitObject)
2181 CCerror(context,
2182 "Expecting to find uninitialized object on stack");
2183 break;
2184 }
2185
2186 case 'O': /* object, not array */
2187 if (WITH_ZERO_EXTRA_INFO(top_type) !=
2188 MAKE_FULLINFO(ITEM_Object, 0, 0))
2189 CCerror(context, "Expecting to find object on stack");
2190 break;
2191
2192 case 'a': /* integer, object, or array */
2193 if ( (top_type != MAKE_FULLINFO(ITEM_Integer, 0, 0))
2194 && (GET_ITEM_TYPE(top_type) != ITEM_Object)
2195 && (GET_INDIRECTION(top_type) == 0))
2196 CCerror(context,
2197 "Expecting to find object, array, or int on stack");
2198 break;
2199
2200 case 'D': /* double */
2201 if (top_type != MAKE_FULLINFO(ITEM_Double, 0, 0))
2202 CCerror(context, "Expecting to find double on stack");
2203 break;
2204
2205 case 'L': /* long */
2206 if (top_type != MAKE_FULLINFO(ITEM_Long, 0, 0))
2207 CCerror(context, "Expecting to find long on stack");
2208 break;
2209
2210 case ']': /* array of some type */
2211 if (top_type == NULL_FULLINFO) {
2212 /* do nothing */
2213 } else switch(p[-1]) {
2214 case 'I': /* array of integers */
2215 if (top_type != MAKE_FULLINFO(ITEM_Integer, 1, 0) &&
2216 top_type != NULL_FULLINFO)
2217 CCerror(context,
2218 "Expecting to find array of ints on stack");
2219 break;
2220
2221 case 'L': /* array of longs */
2222 if (top_type != MAKE_FULLINFO(ITEM_Long, 1, 0))
2223 CCerror(context,
2224 "Expecting to find array of longs on stack");
2225 break;
2226
2227 case 'F': /* array of floats */
2228 if (top_type != MAKE_FULLINFO(ITEM_Float, 1, 0))
2229 CCerror(context,
2230 "Expecting to find array of floats on stack");
2231 break;
2232
2233 case 'D': /* array of doubles */
2234 if (top_type != MAKE_FULLINFO(ITEM_Double, 1, 0))
2235 CCerror(context,
2236 "Expecting to find array of doubles on stack");
2237 break;
2238
2239 case 'A': { /* array of addresses (arrays or objects) */
2240 int indirection = GET_INDIRECTION(top_type);
2241 if ((indirection == 0) ||
2242 ((indirection == 1) &&
2243 (GET_ITEM_TYPE(top_type) != ITEM_Object)))
2244 CCerror(context,
2245 "Expecting to find array of objects or arrays "
2246 "on stack");
2247 break;
2248 }
2249
2250 case 'B': /* array of bytes or booleans */
2251 if (top_type != MAKE_FULLINFO(ITEM_Byte, 1, 0) &&
2252 top_type != MAKE_FULLINFO(ITEM_Boolean, 1, 0))
2253 CCerror(context,
2254 "Expecting to find array of bytes or Booleans on stack");
2255 break;
2256
2257 case 'C': /* array of characters */
2258 if (top_type != MAKE_FULLINFO(ITEM_Char, 1, 0))
2259 CCerror(context,
2260 "Expecting to find array of chars on stack");
2261 break;
2262
2263 case 'S': /* array of shorts */
2264 if (top_type != MAKE_FULLINFO(ITEM_Short, 1, 0))
2265 CCerror(context,
2266 "Expecting to find array of shorts on stack");
2267 break;
2268
2269 case '?': /* any type of array is okay */
2270 if (GET_INDIRECTION(top_type) == 0)
2271 CCerror(context,
2272 "Expecting to find array on stack");
2273 break;
2274
2275 default:
2276 CCerror(context, "Internal error #1");
2277 break;
2278 }
2279 p -= 2; /* skip over [ <char> */
2280 break;
2281
2282 case '1': case '2': case '3': case '4': /* stack swapping */
2283 if (top_type == MAKE_FULLINFO(ITEM_Double, 0, 0)
2284 || top_type == MAKE_FULLINFO(ITEM_Long, 0, 0)) {
2285 if ((p > stack_operands) && (p[-1] == '+')) {
2286 context->swap_table[type - '1'] = top_type + 1;
2287 context->swap_table[p[-2] - '1'] = top_type;
2288 size = 2;
2289 p -= 2;
2290 } else {
2291 CCerror(context,
2292 "Attempt to split long or double on the stack");
2293 }
2294 } else {
2295 context->swap_table[type - '1'] = stack->item;
2296 if ((p > stack_operands) && (p[-1] == '+'))
2297 p--; /* ignore */
2298 }
2299 break;
2300 case '+': /* these should have been caught. */
2301 default:
2302 CCerror(context, "Internal error #2");
2303 }
2304 stack_size -= size;
2305 }
2306
2307 /* For many of the opcodes that had an "A" in their field, we really
2308 * need to go back and do a little bit more accurate testing. We can, of
2309 * course, assume that the minimal type checking has already been done.
2310 */
2311 switch (opcode) {
2312 default: break;
2313 case JVM_OPC_aastore: { /* array index object */
2314 fullinfo_type array_type = stack_extra_info[0];
2315 fullinfo_type object_type = stack_extra_info[2];
2316 fullinfo_type target_type = decrement_indirection(array_type);
2317 if ((GET_ITEM_TYPE(object_type) != ITEM_Object)
2318 && (GET_INDIRECTION(object_type) == 0)) {
2319 CCerror(context, "Expecting reference type on operand stack in aastore");
2320 }
2321 if ((GET_ITEM_TYPE(target_type) != ITEM_Object)
2322 && (GET_INDIRECTION(target_type) == 0)) {
2323 CCerror(context, "Component type of the array must be reference type in aastore");
2324 }
2325 break;
2326 }
2327
2328 case JVM_OPC_putfield:
2329 case JVM_OPC_getfield:
2330 case JVM_OPC_putstatic: {
2331 int operand = this_idata->operand.i;
2332 fullinfo_type stack_object = stack_extra_info[0];
2333 if (opcode == JVM_OPC_putfield || opcode == JVM_OPC_getfield) {
2334 if (!isAssignableTo
2335 (context,
2336 stack_object,
2337 cp_index_to_class_fullinfo
2338 (context, operand, JVM_CONSTANT_Fieldref))) {
2339 CCerror(context,
2340 "Incompatible type for getting or setting field");
2341 }
2342 if (this_idata->protected &&
2343 !isAssignableTo(context, stack_object,
2344 context->currentclass_info)) {
2345 CCerror(context, "Bad access to protected data");
2346 }
2347 }
2348 if (opcode == JVM_OPC_putfield || opcode == JVM_OPC_putstatic) {
2349 int item = (opcode == JVM_OPC_putfield ? 1 : 0);
2350 if (!isAssignableTo(context,
2351 stack_extra_info[item], put_full_info)) {
2352 CCerror(context, "Bad type in putfield/putstatic");
2353 }
2354 }
2355 break;
2356 }
2357
2358 case JVM_OPC_athrow:
2359 if (!isAssignableTo(context, stack_extra_info[0],
2360 context->throwable_info)) {
2361 CCerror(context, "Can only throw Throwable objects");
2362 }
2363 break;
2364
2365 case JVM_OPC_aaload: { /* array index */
2366 /* We need to pass the information to the stack updater */
2367 fullinfo_type array_type = stack_extra_info[0];
2368 context->swap_table[0] = decrement_indirection(array_type);
2369 break;
2370 }
2371
2372 case JVM_OPC_invokevirtual: case JVM_OPC_invokespecial:
2373 case JVM_OPC_invokeinit:
2374 case JVM_OPC_invokeinterface: case JVM_OPC_invokestatic: {
2375 int operand = this_idata->operand.i;
2376 const char *signature =
2377 JVM_GetCPMethodSignatureUTF(context->env,
2378 context->class,
2379 operand);
2380 int item;
2381 const char *p;
2382 check_and_push_string_utf(context, signature);
2383 if (opcode == JVM_OPC_invokestatic) {
2384 item = 0;
2385 } else if (opcode == JVM_OPC_invokeinit) {
2386 fullinfo_type init_type = this_idata->operand2.fi;
2387 fullinfo_type object_type = stack_extra_info[0];
2388 context->swap_table[0] = object_type; /* save value */
2389 if (GET_ITEM_TYPE(stack_extra_info[0]) == ITEM_NewObject) {
2390 /* We better be calling the appropriate init. Find the
2391 * inumber of the "JVM_OPC_new" instruction", and figure
2392 * out what the type really is.
2393 */
2394 unsigned int new_inumber = GET_EXTRA_INFO(stack_extra_info[0]);
2395 fullinfo_type target_type = idata[new_inumber].operand2.fi;
2396 context->swap_table[1] = target_type;
2397
2398 if (target_type != init_type) {
2399 CCerror(context, "Call to wrong initialization method");
2400 }
2401 if (this_idata->protected
2402 && !isAssignableTo(context, object_type,
2403 context->currentclass_info)) {
2404 CCerror(context, "Bad access to protected data");
2405 }
2406 } else {
2407 /* We better be calling super() or this(). */
2408 if (init_type != context->superclass_info &&
2409 init_type != context->currentclass_info) {
2410 CCerror(context, "Call to wrong initialization method");
2411 }
2412 context->swap_table[1] = context->currentclass_info;
2413 }
2414 item = 1;
2415 } else {
2416 fullinfo_type target_type = this_idata->operand2.fi;
2417 fullinfo_type object_type = stack_extra_info[0];
2418 if (!isAssignableTo(context, object_type, target_type)){
2419 CCerror(context,
2420 "Incompatible object argument for function call");
2421 }
2422 if (opcode == JVM_OPC_invokespecial
2423 && !isAssignableTo(context, object_type,
2424 context->currentclass_info)) {
2425 /* Make sure object argument is assignment compatible to current class */
2426 CCerror(context,
2427 "Incompatible object argument for invokespecial");
2428 }
2429 if (this_idata->protected
2430 && !isAssignableTo(context, object_type,
2431 context->currentclass_info)) {
2432 /* This is ugly. Special dispensation. Arrays pretend to
2433 implement public Object clone() even though they don't */
2434 const char *utfName =
2435 JVM_GetCPMethodNameUTF(context->env,
2436 context->class,
2437 this_idata->operand.i);
2438 int is_clone = utfName && (strcmp(utfName, "clone") == 0);
2439 JVM_ReleaseUTF(utfName);
2440
2441 if ((target_type == context->object_info) &&
2442 (GET_INDIRECTION(object_type) > 0) &&
2443 is_clone) {
2444 } else {
2445 CCerror(context, "Bad access to protected data");
2446 }
2447 }
2448 item = 1;
2449 }
2450 for (p = signature + 1; *p != JVM_SIGNATURE_ENDFUNC; item++)
2451 if (signature_to_fieldtype(context, &p, &full_info) == 'A') {
2452 if (!isAssignableTo(context,
2453 stack_extra_info[item], full_info)) {
2454 CCerror(context, "Incompatible argument to function");
2455 }
2456 }
2457
2458 pop_and_free(context);
2459 break;
2460 }
2461
2462 case JVM_OPC_return:
2463 if (context->return_type != MAKE_FULLINFO(ITEM_Void, 0, 0))
2464 CCerror(context, "Wrong return type in function");
2465 break;
2466
2467 case JVM_OPC_ireturn: case JVM_OPC_lreturn: case JVM_OPC_freturn:
2468 case JVM_OPC_dreturn: case JVM_OPC_areturn: {
2469 fullinfo_type target_type = context->return_type;
2470 fullinfo_type object_type = stack_extra_info[0];
2471 if (!isAssignableTo(context, object_type, target_type)) {
2472 CCerror(context, "Wrong return type in function");
2473 }
2474 break;
2475 }
2476
2477 case JVM_OPC_new: {
2478 /* Make sure that nothing on the stack already looks like what
2479 * we want to create. I can't image how this could possibly happen
2480 * but we should test for it anyway, since if it could happen, the
2481 * result would be an uninitialized object being able to masquerade
2482 * as an initialized one.
2483 */
2484 stack_item_type *item;
2485 for (item = stack; item != NULL; item = item->next) {
2486 if (item->item == this_idata->operand.fi) {
2487 CCerror(context,
2488 "Uninitialized object on stack at creating point");
2489 }
2490 }
2491 /* Info for update_registers */
2492 context->swap_table[0] = this_idata->operand.fi;
2493 context->swap_table[1] = MAKE_FULLINFO(ITEM_Bogus, 0, 0);
2494
2495 break;
2496 }
2497 }
2498 new_stack_info->stack = stack;
2499 new_stack_info->stack_size = stack_size;
2500 }
2501
2502
2503 /* We've already determined that the instruction is legal. Perform the
2504 * operation on the registers, and return the updated results in
2505 * new_register_count_p and new_registers.
2506 */
2507
2508 static void
2509 update_registers(context_type *context, unsigned int inumber,
2510 register_info_type *new_register_info)
2511 {
2512 instruction_data_type *idata = context->instruction_data;
2513 instruction_data_type *this_idata = &idata[inumber];
2514 int opcode = this_idata->opcode;
2515 int operand = this_idata->operand.i;
2516 int register_count = this_idata->register_info.register_count;
2517 fullinfo_type *registers = this_idata->register_info.registers;
2518 stack_item_type *stack = this_idata->stack_info.stack;
2519 int mask_count = this_idata->register_info.mask_count;
2520 mask_type *masks = this_idata->register_info.masks;
2521
2522 /* Use these as default new values. */
2523 int new_register_count = register_count;
2524 int new_mask_count = mask_count;
2525 fullinfo_type *new_registers = registers;
2526 mask_type *new_masks = masks;
2527
2528 enum { ACCESS_NONE, ACCESS_SINGLE, ACCESS_DOUBLE } access = ACCESS_NONE;
2529 int i;
2530
2531 /* Remember, we've already verified the type at the top of the stack. */
2532 switch (opcode) {
2533 default: break;
2534 case JVM_OPC_istore: case JVM_OPC_fstore: case JVM_OPC_astore:
2535 access = ACCESS_SINGLE;
2536 goto continue_store;
2537
2538 case JVM_OPC_lstore: case JVM_OPC_dstore:
2539 access = ACCESS_DOUBLE;
2540 goto continue_store;
2541
2542 continue_store: {
2543 /* We have a modification to the registers. Copy them if needed. */
2544 fullinfo_type stack_top_type = stack->item;
2545 int max_operand = operand + ((access == ACCESS_DOUBLE) ? 1 : 0);
2546
2547 if ( max_operand < register_count
2548 && registers[operand] == stack_top_type
2549 && ((access == ACCESS_SINGLE) ||
2550 (registers[operand + 1]== stack_top_type + 1)))
2551 /* No changes have been made to the registers. */
2552 break;
2553 new_register_count = MAX(max_operand + 1, register_count);
2554 new_registers = NEW(fullinfo_type, new_register_count);
2555 for (i = 0; i < register_count; i++)
2556 new_registers[i] = registers[i];
2557 for (i = register_count; i < new_register_count; i++)
2558 new_registers[i] = MAKE_FULLINFO(ITEM_Bogus, 0, 0);
2559 new_registers[operand] = stack_top_type;
2560 if (access == ACCESS_DOUBLE)
2561 new_registers[operand + 1] = stack_top_type + 1;
2562 break;
2563 }
2564
2565 case JVM_OPC_iload: case JVM_OPC_fload: case JVM_OPC_aload:
2566 case JVM_OPC_iinc: case JVM_OPC_ret:
2567 access = ACCESS_SINGLE;
2568 break;
2569
2570 case JVM_OPC_lload: case JVM_OPC_dload:
2571 access = ACCESS_DOUBLE;
2572 break;
2573
2574 case JVM_OPC_jsr: case JVM_OPC_jsr_w:
2575 for (i = 0; i < new_mask_count; i++)
2576 if (new_masks[i].entry == operand)
2577 CCerror(context, "Recursive call to jsr entry");
2578 new_masks = add_to_masks(context, masks, mask_count, operand);
2579 new_mask_count++;
2580 break;
2581
2582 case JVM_OPC_invokeinit:
2583 case JVM_OPC_new: {
2584 /* For invokeinit, an uninitialized object has been initialized.
2585 * For new, all previous occurrences of an uninitialized object
2586 * from the same instruction must be made bogus.
2587 * We find all occurrences of swap_table[0] in the registers, and
2588 * replace them with swap_table[1];
2589 */
2590 fullinfo_type from = context->swap_table[0];
2591 fullinfo_type to = context->swap_table[1];
2592
2593 int i;
2594 for (i = 0; i < register_count; i++) {
2595 if (new_registers[i] == from) {
2596 /* Found a match */
2597 break;
2598 }
2599 }
2600 if (i < register_count) { /* We broke out loop for match */
2601 /* We have to change registers, and possibly a mask */
2602 jboolean copied_mask = JNI_FALSE;
2603 int k;
2604 new_registers = NEW(fullinfo_type, register_count);
2605 memcpy(new_registers, registers,
2606 register_count * sizeof(registers[0]));
2607 for ( ; i < register_count; i++) {
2608 if (new_registers[i] == from) {
2609 new_registers[i] = to;
2610 for (k = 0; k < new_mask_count; k++) {
2611 if (!IS_BIT_SET(new_masks[k].modifies, i)) {
2612 if (!copied_mask) {
2613 new_masks = copy_masks(context, new_masks,
2614 mask_count);
2615 copied_mask = JNI_TRUE;
2616 }
2617 SET_BIT(new_masks[k].modifies, i);
2618 }
2619 }
2620 }
2621 }
2622 }
2623 break;
2624 }
2625 } /* of switch */
2626
2627 if ((access != ACCESS_NONE) && (new_mask_count > 0)) {
2628 int i, j;
2629 for (i = 0; i < new_mask_count; i++) {
2630 int *mask = new_masks[i].modifies;
2631 if ((!IS_BIT_SET(mask, operand)) ||
2632 ((access == ACCESS_DOUBLE) &&
2633 !IS_BIT_SET(mask, operand + 1))) {
2634 new_masks = copy_masks(context, new_masks, mask_count);
2635 for (j = i; j < new_mask_count; j++) {
2636 SET_BIT(new_masks[j].modifies, operand);
2637 if (access == ACCESS_DOUBLE)
2638 SET_BIT(new_masks[j].modifies, operand + 1);
2639 }
2640 break;
2641 }
2642 }
2643 }
2644
2645 new_register_info->register_count = new_register_count;
2646 new_register_info->registers = new_registers;
2647 new_register_info->masks = new_masks;
2648 new_register_info->mask_count = new_mask_count;
2649 }
2650
2651
2652
2653 /* We've already determined that the instruction is legal, and have updated
2654 * the registers. Update the flags, too.
2655 */
2656
2657
2658 static void
2659 update_flags(context_type *context, unsigned int inumber,
2660 flag_type *new_and_flags, flag_type *new_or_flags)
2661
2662 {
2663 instruction_data_type *idata = context->instruction_data;
2664 instruction_data_type *this_idata = &idata[inumber];
2665 flag_type and_flags = this_idata->and_flags;
2666 flag_type or_flags = this_idata->or_flags;
2667
2668 /* Set the "we've done a constructor" flag */
2669 if (this_idata->opcode == JVM_OPC_invokeinit) {
2670 fullinfo_type from = context->swap_table[0];
2671 if (from == MAKE_FULLINFO(ITEM_InitObject, 0, 0))
2672 and_flags |= FLAG_CONSTRUCTED;
2673 }
2674 *new_and_flags = and_flags;
2675 *new_or_flags = or_flags;
2676 }
2677
2678
2679
2680 /* We've already determined that the instruction is legal. Perform the
2681 * operation on the stack;
2682 *
2683 * new_stack_size_p and new_stack_p point to the results after the pops have
2684 * already been done. Do the pushes, and then put the results back there.
2685 */
2686
2687 static void
2688 push_stack(context_type *context, unsigned int inumber, stack_info_type *new_stack_info)
2689 {
2690 instruction_data_type *idata = context->instruction_data;
2691 instruction_data_type *this_idata = &idata[inumber];
2692 int opcode = this_idata->opcode;
2693 int operand = this_idata->operand.i;
2694
2695 int stack_size = new_stack_info->stack_size;
2696 stack_item_type *stack = new_stack_info->stack;
2697 char *stack_results;
2698
2699 fullinfo_type full_info = 0;
2700 char buffer[5], *p; /* actually [2] is big enough */
2701
2702 /* We need to look at all those opcodes in which either we can't tell the
2703 * value pushed onto the stack from the opcode, or in which the value
2704 * pushed onto the stack is an object or array. For the latter, we need
2705 * to make sure that full_info is set to the right value.
2706 */
2707 switch(opcode) {
2708 default:
2709 stack_results = opcode_in_out[opcode][1];
2710 break;
2711
2712 case JVM_OPC_ldc: case JVM_OPC_ldc_w: case JVM_OPC_ldc2_w: {
2713 /* Look to constant pool to determine correct result. */
2714 unsigned char *type_table = context->constant_types;
2715 switch (type_table[operand]) {
2716 case JVM_CONSTANT_Integer:
2717 stack_results = "I"; break;
2718 case JVM_CONSTANT_Float:
2719 stack_results = "F"; break;
2720 case JVM_CONSTANT_Double:
2721 stack_results = "D"; break;
2722 case JVM_CONSTANT_Long:
2723 stack_results = "L"; break;
2724 case JVM_CONSTANT_String:
2725 stack_results = "A";
2726 full_info = context->string_info;
2727 break;
2728 case JVM_CONSTANT_Class:
2729 if (context->major_version < LDC_CLASS_MAJOR_VERSION)
2730 CCerror(context, "Internal error #3");
2731 stack_results = "A";
2732 full_info = make_class_info_from_name(context,
2733 "java/lang/Class");
2734 break;
2735 case JVM_CONSTANT_MethodHandle:
2736 case JVM_CONSTANT_MethodType:
2737 if (context->major_version < LDC_METHOD_HANDLE_MAJOR_VERSION)
2738 CCerror(context, "Internal error #3");
2739 stack_results = "A";
2740 switch (type_table[operand]) {
2741 case JVM_CONSTANT_MethodType:
2742 full_info = make_class_info_from_name(context,
2743 "java/lang/invoke/MethodType");
2744 break;
2745 default: //JVM_CONSTANT_MethodHandle
2746 full_info = make_class_info_from_name(context,
2747 "java/lang/invoke/MethodHandle");
2748 break;
2749 }
2750 break;
2751 default:
2752 CCerror(context, "Internal error #3");
2753 stack_results = ""; /* Never reached: keep lint happy */
2754 }
2755 break;
2756 }
2757
2758 case JVM_OPC_getstatic: case JVM_OPC_getfield: {
2759 /* Look to signature to determine correct result. */
2760 int operand = this_idata->operand.i;
2761 const char *signature = JVM_GetCPFieldSignatureUTF(context->env,
2762 context->class,
2763 operand);
2764 check_and_push_string_utf(context, signature);
2765 #ifdef DEBUG
2766 if (verify_verbose) {
2767 print_formatted_fieldname(context, operand);
2768 }
2769 #endif
2770 buffer[0] = signature_to_fieldtype(context, &signature, &full_info);
2771 buffer[1] = '\0';
2772 stack_results = buffer;
2773 pop_and_free(context);
2774 break;
2775 }
2776
2777 case JVM_OPC_invokevirtual: case JVM_OPC_invokespecial:
2778 case JVM_OPC_invokeinit:
2779 case JVM_OPC_invokestatic: case JVM_OPC_invokeinterface: {
2780 /* Look to signature to determine correct result. */
2781 int operand = this_idata->operand.i;
2782 const char *signature = JVM_GetCPMethodSignatureUTF(context->env,
2783 context->class,
2784 operand);
2785 const char *result_signature;
2786 check_and_push_string_utf(context, signature);
2787 result_signature = get_result_signature(signature);
2788 if (result_signature++ == NULL) {
2789 CCerror(context, "Illegal signature %s", signature);
2790 }
2791 if (result_signature[0] == JVM_SIGNATURE_VOID) {
2792 stack_results = "";
2793 } else {
2794 buffer[0] = signature_to_fieldtype(context, &result_signature,
2795 &full_info);
2796 buffer[1] = '\0';
2797 stack_results = buffer;
2798 }
2799 pop_and_free(context);
2800 break;
2801 }
2802
2803 case JVM_OPC_aconst_null:
2804 stack_results = opcode_in_out[opcode][1];
2805 full_info = NULL_FULLINFO; /* special NULL */
2806 break;
2807
2808 case JVM_OPC_new:
2809 case JVM_OPC_checkcast:
2810 case JVM_OPC_newarray:
2811 case JVM_OPC_anewarray:
2812 case JVM_OPC_multianewarray:
2813 stack_results = opcode_in_out[opcode][1];
2814 /* Conveniently, this result type is stored here */
2815 full_info = this_idata->operand.fi;
2816 break;
2817
2818 case JVM_OPC_aaload:
2819 stack_results = opcode_in_out[opcode][1];
2820 /* pop_stack() saved value for us. */
2821 full_info = context->swap_table[0];
2822 break;
2823
2824 case JVM_OPC_aload:
2825 stack_results = opcode_in_out[opcode][1];
2826 /* The register hasn't been modified, so we can use its value. */
2827 full_info = this_idata->register_info.registers[operand];
2828 break;
2829 } /* of switch */
2830
2831 for (p = stack_results; *p != 0; p++) {
2832 int type = *p;
2833 stack_item_type *new_item = NEW(stack_item_type, 1);
2834 new_item->next = stack;
2835 stack = new_item;
2836 switch (type) {
2837 case 'I':
2838 stack->item = MAKE_FULLINFO(ITEM_Integer, 0, 0); break;
2839 case 'F':
2840 stack->item = MAKE_FULLINFO(ITEM_Float, 0, 0); break;
2841 case 'D':
2842 stack->item = MAKE_FULLINFO(ITEM_Double, 0, 0);
2843 stack_size++; break;
2844 case 'L':
2845 stack->item = MAKE_FULLINFO(ITEM_Long, 0, 0);
2846 stack_size++; break;
2847 case 'R':
2848 stack->item = MAKE_FULLINFO(ITEM_ReturnAddress, 0, operand);
2849 break;
2850 case '1': case '2': case '3': case '4': {
2851 /* Get the info saved in the swap_table */
2852 fullinfo_type stype = context->swap_table[type - '1'];
2853 stack->item = stype;
2854 if (stype == MAKE_FULLINFO(ITEM_Long, 0, 0) ||
2855 stype == MAKE_FULLINFO(ITEM_Double, 0, 0)) {
2856 stack_size++; p++;
2857 }
2858 break;
2859 }
2860 case 'A':
2861 /* full_info should have the appropriate value. */
2862 assert(full_info != 0);
2863 stack->item = full_info;
2864 break;
2865 default:
2866 CCerror(context, "Internal error #4");
2867
2868 } /* switch type */
2869 stack_size++;
2870 } /* outer for loop */
2871
2872 if (opcode == JVM_OPC_invokeinit) {
2873 /* If there are any instances of "from" on the stack, we need to
2874 * replace it with "to", since calling <init> initializes all versions
2875 * of the object, obviously. */
2876 fullinfo_type from = context->swap_table[0];
2877 stack_item_type *ptr;
2878 for (ptr = stack; ptr != NULL; ptr = ptr->next) {
2879 if (ptr->item == from) {
2880 fullinfo_type to = context->swap_table[1];
2881 stack = copy_stack(context, stack);
2882 for (ptr = stack; ptr != NULL; ptr = ptr->next)
2883 if (ptr->item == from) ptr->item = to;
2884 break;
2885 }
2886 }
2887 }
2888
2889 new_stack_info->stack_size = stack_size;
2890 new_stack_info->stack = stack;
2891 }
2892
2893
2894 /* We've performed an instruction, and determined the new registers and stack
2895 * value. Look at all of the possibly subsequent instructions, and merge
2896 * this stack value into theirs.
2897 */
2898
2899 static void
2900 merge_into_successors(context_type *context, unsigned int inumber,
2901 register_info_type *register_info,
2902 stack_info_type *stack_info,
2903 flag_type and_flags, flag_type or_flags)
2904 {
2905 instruction_data_type *idata = context->instruction_data;
2906 instruction_data_type *this_idata = &idata[inumber];
2907 int opcode = this_idata->opcode;
2908 int operand = this_idata->operand.i;
2909 struct handler_info_type *handler_info = context->handler_info;
2910 int handler_info_length =
2911 JVM_GetMethodIxExceptionTableLength(context->env,
2912 context->class,
2913 context->method_index);
2914
2915
2916 int buffer[2]; /* default value for successors */
2917 int *successors = buffer; /* table of successors */
2918 int successors_count;
2919 int i;
2920
2921 switch (opcode) {
2922 default:
2923 successors_count = 1;
2924 buffer[0] = inumber + 1;
2925 break;
2926
2927 case JVM_OPC_ifeq: case JVM_OPC_ifne: case JVM_OPC_ifgt:
2928 case JVM_OPC_ifge: case JVM_OPC_iflt: case JVM_OPC_ifle:
2929 case JVM_OPC_ifnull: case JVM_OPC_ifnonnull:
2930 case JVM_OPC_if_icmpeq: case JVM_OPC_if_icmpne: case JVM_OPC_if_icmpgt:
2931 case JVM_OPC_if_icmpge: case JVM_OPC_if_icmplt: case JVM_OPC_if_icmple:
2932 case JVM_OPC_if_acmpeq: case JVM_OPC_if_acmpne:
2933 successors_count = 2;
2934 buffer[0] = inumber + 1;
2935 buffer[1] = operand;
2936 break;
2937
2938 case JVM_OPC_jsr: case JVM_OPC_jsr_w:
2939 if (this_idata->operand2.i != UNKNOWN_RET_INSTRUCTION)
2940 idata[this_idata->operand2.i].changed = JNI_TRUE;
2941 /* FALLTHROUGH */
2942 case JVM_OPC_goto: case JVM_OPC_goto_w:
2943 successors_count = 1;
2944 buffer[0] = operand;
2945 break;
2946
2947
2948 case JVM_OPC_ireturn: case JVM_OPC_lreturn: case JVM_OPC_return:
2949 case JVM_OPC_freturn: case JVM_OPC_dreturn: case JVM_OPC_areturn:
2950 case JVM_OPC_athrow:
2951 /* The testing for the returns is handled in pop_stack() */
2952 successors_count = 0;
2953 break;
2954
2955 case JVM_OPC_ret: {
2956 /* This is slightly slow, but good enough for a seldom used instruction.
2957 * The EXTRA_ITEM_INFO of the ITEM_ReturnAddress indicates the
2958 * address of the first instruction of the subroutine. We can return
2959 * to 1 after any instruction that jsr's to that instruction.
2960 */
2961 if (this_idata->operand2.ip == NULL) {
2962 fullinfo_type *registers = this_idata->register_info.registers;
2963 int called_instruction = GET_EXTRA_INFO(registers[operand]);
2964 int i, count, *ptr;;
2965 for (i = context->instruction_count, count = 0; --i >= 0; ) {
2966 if (((idata[i].opcode == JVM_OPC_jsr) ||
2967 (idata[i].opcode == JVM_OPC_jsr_w)) &&
2968 (idata[i].operand.i == called_instruction))
2969 count++;
2970 }
2971 this_idata->operand2.ip = ptr = NEW(int, count + 1);
2972 *ptr++ = count;
2973 for (i = context->instruction_count, count = 0; --i >= 0; ) {
2974 if (((idata[i].opcode == JVM_OPC_jsr) ||
2975 (idata[i].opcode == JVM_OPC_jsr_w)) &&
2976 (idata[i].operand.i == called_instruction))
2977 *ptr++ = i + 1;
2978 }
2979 }
2980 successors = this_idata->operand2.ip; /* use this instead */
2981 successors_count = *successors++;
2982 break;
2983
2984 }
2985
2986 case JVM_OPC_tableswitch:
2987 case JVM_OPC_lookupswitch:
2988 successors = this_idata->operand.ip; /* use this instead */
2989 successors_count = *successors++;
2990 break;
2991 }
2992
2993 #ifdef DEBUG
2994 if (verify_verbose) {
2995 jio_fprintf(stdout, " [");
2996 for (i = handler_info_length; --i >= 0; handler_info++)
2997 if (handler_info->start <= (int)inumber && handler_info->end > (int)inumber)
2998 jio_fprintf(stdout, "%d* ", handler_info->handler);
2999 for (i = 0; i < successors_count; i++)
3000 jio_fprintf(stdout, "%d ", successors[i]);
3001 jio_fprintf(stdout, "]\n");
3002 }
3003 #endif
3004
3005 handler_info = context->handler_info;
3006 for (i = handler_info_length; --i >= 0; handler_info++) {
3007 if (handler_info->start <= (int)inumber && handler_info->end > (int)inumber) {
3008 int handler = handler_info->handler;
3009 if (opcode != JVM_OPC_invokeinit) {
3010 merge_into_one_successor(context, inumber, handler,
3011 &this_idata->register_info, /* old */
3012 &handler_info->stack_info,
3013 (flag_type) (and_flags
3014 & this_idata->and_flags),
3015 (flag_type) (or_flags
3016 | this_idata->or_flags),
3017 JNI_TRUE);
3018 } else {
3019 /* We need to be a little bit more careful with this
3020 * instruction. Things could either be in the state before
3021 * the instruction or in the state afterwards */
3022 fullinfo_type from = context->swap_table[0];
3023 flag_type temp_or_flags = or_flags;
3024 if (from == MAKE_FULLINFO(ITEM_InitObject, 0, 0))
3025 temp_or_flags |= FLAG_NO_RETURN;
3026 merge_into_one_successor(context, inumber, handler,
3027 &this_idata->register_info, /* old */
3028 &handler_info->stack_info,
3029 this_idata->and_flags,
3030 this_idata->or_flags,
3031 JNI_TRUE);
3032 merge_into_one_successor(context, inumber, handler,
3033 register_info,
3034 &handler_info->stack_info,
3035 and_flags, temp_or_flags, JNI_TRUE);
3036 }
3037 }
3038 }
3039 for (i = 0; i < successors_count; i++) {
3040 int target = successors[i];
3041 if (target >= context->instruction_count)
3042 CCerror(context, "Falling off the end of the code");
3043 merge_into_one_successor(context, inumber, target,
3044 register_info, stack_info, and_flags, or_flags,
3045 JNI_FALSE);
3046 }
3047 }
3048
3049 /* We have a new set of registers and stack values for a given instruction.
3050 * Merge this new set into the values that are already there.
3051 */
3052
3053 static void
3054 merge_into_one_successor(context_type *context,
3055 unsigned int from_inumber, unsigned int to_inumber,
3056 register_info_type *new_register_info,
3057 stack_info_type *new_stack_info,
3058 flag_type new_and_flags, flag_type new_or_flags,
3059 jboolean isException)
3060 {
3061 instruction_data_type *idata = context->instruction_data;
3062 register_info_type register_info_buf;
3063 stack_info_type stack_info_buf;
3064 #ifdef DEBUG
3065 instruction_data_type *this_idata = &idata[to_inumber];
3066 register_info_type old_reg_info;
3067 stack_info_type old_stack_info;
3068 flag_type old_and_flags = 0;
3069 flag_type old_or_flags = 0;
3070 #endif
3071
3072 #ifdef DEBUG
3073 if (verify_verbose) {
3074 old_reg_info = this_idata->register_info;
3075 old_stack_info = this_idata->stack_info;
3076 old_and_flags = this_idata->and_flags;
3077 old_or_flags = this_idata->or_flags;
3078 }
3079 #endif
3080
3081 /* All uninitialized objects are set to "bogus" when jsr and
3082 * ret are executed. Thus uninitialized objects can't propagate
3083 * into or out of a subroutine.
3084 */
3085 if (idata[from_inumber].opcode == JVM_OPC_ret ||
3086 idata[from_inumber].opcode == JVM_OPC_jsr ||
3087 idata[from_inumber].opcode == JVM_OPC_jsr_w) {
3088 int new_register_count = new_register_info->register_count;
3089 fullinfo_type *new_registers = new_register_info->registers;
3090 int i;
3091 stack_item_type *item;
3092
3093 for (item = new_stack_info->stack; item != NULL; item = item->next) {
3094 if (GET_ITEM_TYPE(item->item) == ITEM_NewObject) {
3095 /* This check only succeeds for hand-contrived code.
3096 * Efficiency is not an issue.
3097 */
3098 stack_info_buf.stack = copy_stack(context,
3099 new_stack_info->stack);
3100 stack_info_buf.stack_size = new_stack_info->stack_size;
3101 new_stack_info = &stack_info_buf;
3102 for (item = new_stack_info->stack; item != NULL;
3103 item = item->next) {
3104 if (GET_ITEM_TYPE(item->item) == ITEM_NewObject) {
3105 item->item = MAKE_FULLINFO(ITEM_Bogus, 0, 0);
3106 }
3107 }
3108 break;
3109 }
3110 }
3111 for (i = 0; i < new_register_count; i++) {
3112 if (GET_ITEM_TYPE(new_registers[i]) == ITEM_NewObject) {
3113 /* This check only succeeds for hand-contrived code.
3114 * Efficiency is not an issue.
3115 */
3116 fullinfo_type *new_set = NEW(fullinfo_type,
3117 new_register_count);
3118 for (i = 0; i < new_register_count; i++) {
3119 fullinfo_type t = new_registers[i];
3120 new_set[i] = GET_ITEM_TYPE(t) != ITEM_NewObject ?
3121 t : MAKE_FULLINFO(ITEM_Bogus, 0, 0);
3122 }
3123 register_info_buf.register_count = new_register_count;
3124 register_info_buf.registers = new_set;
3125 register_info_buf.mask_count = new_register_info->mask_count;
3126 register_info_buf.masks = new_register_info->masks;
3127 new_register_info = ®ister_info_buf;
3128 break;
3129 }
3130 }
3131 }
3132
3133 /* Returning from a subroutine is somewhat ugly. The actual thing
3134 * that needs to get merged into the new instruction is a joining
3135 * of info from the ret instruction with stuff in the jsr instruction
3136 */
3137 if (idata[from_inumber].opcode == JVM_OPC_ret && !isException) {
3138 int new_register_count = new_register_info->register_count;
3139 fullinfo_type *new_registers = new_register_info->registers;
3140 int new_mask_count = new_register_info->mask_count;
3141 mask_type *new_masks = new_register_info->masks;
3142 int operand = idata[from_inumber].operand.i;
3143 int called_instruction = GET_EXTRA_INFO(new_registers[operand]);
3144 instruction_data_type *jsr_idata = &idata[to_inumber - 1];
3145 register_info_type *jsr_reginfo = &jsr_idata->register_info;
3146 if (jsr_idata->operand2.i != (int)from_inumber) {
3147 if (jsr_idata->operand2.i != UNKNOWN_RET_INSTRUCTION)
3148 CCerror(context, "Multiple returns to single jsr");
3149 jsr_idata->operand2.i = from_inumber;
3150 }
3151 if (jsr_reginfo->register_count == UNKNOWN_REGISTER_COUNT) {
3152 /* We don't want to handle the returned-to instruction until
3153 * we've dealt with the jsr instruction. When we get to the
3154 * jsr instruction (if ever), we'll re-mark the ret instruction
3155 */
3156 ;
3157 } else {
3158 int register_count = jsr_reginfo->register_count;
3159 fullinfo_type *registers = jsr_reginfo->registers;
3160 int max_registers = MAX(register_count, new_register_count);
3161 fullinfo_type *new_set = NEW(fullinfo_type, max_registers);
3162 int *return_mask;
3163 struct register_info_type new_new_register_info;
3164 int i;
3165 /* Make sure the place we're returning from is legal! */
3166 for (i = new_mask_count; --i >= 0; )
3167 if (new_masks[i].entry == called_instruction)
3168 break;
3169 if (i < 0)
3170 CCerror(context, "Illegal return from subroutine");
3171 /* pop the masks down to the indicated one. Remember the mask
3172 * we're popping off. */
3173 return_mask = new_masks[i].modifies;
3174 new_mask_count = i;
3175 for (i = 0; i < max_registers; i++) {
3176 if (IS_BIT_SET(return_mask, i))
3177 new_set[i] = i < new_register_count ?
3178 new_registers[i] : MAKE_FULLINFO(ITEM_Bogus, 0, 0);
3179 else
3180 new_set[i] = i < register_count ?
3181 registers[i] : MAKE_FULLINFO(ITEM_Bogus, 0, 0);
3182 }
3183 new_new_register_info.register_count = max_registers;
3184 new_new_register_info.registers = new_set;
3185 new_new_register_info.mask_count = new_mask_count;
3186 new_new_register_info.masks = new_masks;
3187
3188
3189 merge_stack(context, from_inumber, to_inumber, new_stack_info);
3190 merge_registers(context, to_inumber - 1, to_inumber,
3191 &new_new_register_info);
3192 merge_flags(context, from_inumber, to_inumber, new_and_flags, new_or_flags);
3193 }
3194 } else {
3195 merge_stack(context, from_inumber, to_inumber, new_stack_info);
3196 merge_registers(context, from_inumber, to_inumber, new_register_info);
3197 merge_flags(context, from_inumber, to_inumber,
3198 new_and_flags, new_or_flags);
3199 }
3200
3201 #ifdef DEBUG
3202 if (verify_verbose && idata[to_inumber].changed) {
3203 register_info_type *register_info = &this_idata->register_info;
3204 stack_info_type *stack_info = &this_idata->stack_info;
3205 if (memcmp(&old_reg_info, register_info, sizeof(old_reg_info)) ||
3206 memcmp(&old_stack_info, stack_info, sizeof(old_stack_info)) ||
3207 (old_and_flags != this_idata->and_flags) ||
3208 (old_or_flags != this_idata->or_flags)) {
3209 jio_fprintf(stdout, " %2d:", to_inumber);
3210 print_stack(context, &old_stack_info);
3211 print_registers(context, &old_reg_info);
3212 print_flags(context, old_and_flags, old_or_flags);
3213 jio_fprintf(stdout, " => ");
3214 print_stack(context, &this_idata->stack_info);
3215 print_registers(context, &this_idata->register_info);
3216 print_flags(context, this_idata->and_flags, this_idata->or_flags);
3217 jio_fprintf(stdout, "\n");
3218 }
3219 }
3220 #endif
3221
3222 }
3223
3224 static void
3225 merge_stack(context_type *context, unsigned int from_inumber,
3226 unsigned int to_inumber, stack_info_type *new_stack_info)
3227 {
3228 instruction_data_type *idata = context->instruction_data;
3229 instruction_data_type *this_idata = &idata[to_inumber];
3230
3231 int new_stack_size = new_stack_info->stack_size;
3232 stack_item_type *new_stack = new_stack_info->stack;
3233
3234 int stack_size = this_idata->stack_info.stack_size;
3235
3236 if (stack_size == UNKNOWN_STACK_SIZE) {
3237 /* First time at this instruction. Just copy. */
3238 this_idata->stack_info.stack_size = new_stack_size;
3239 this_idata->stack_info.stack = new_stack;
3240 this_idata->changed = JNI_TRUE;
3241 } else if (new_stack_size != stack_size) {
3242 CCerror(context, "Inconsistent stack height %d != %d",
3243 new_stack_size, stack_size);
3244 } else {
3245 stack_item_type *stack = this_idata->stack_info.stack;
3246 stack_item_type *old, *new;
3247 jboolean change = JNI_FALSE;
3248 for (old = stack, new = new_stack; old != NULL;
3249 old = old->next, new = new->next) {
3250 assert(new != NULL);
3251 if (!isAssignableTo(context, new->item, old->item)) {
3252 change = JNI_TRUE;
3253 break;
3254 }
3255 }
3256 if (change) {
3257 stack = copy_stack(context, stack);
3258 for (old = stack, new = new_stack; old != NULL;
3259 old = old->next, new = new->next) {
3260 if (new == NULL) {
3261 break;
3262 }
3263 old->item = merge_fullinfo_types(context, old->item, new->item,
3264 JNI_FALSE);
3265 if (GET_ITEM_TYPE(old->item) == ITEM_Bogus) {
3266 CCerror(context, "Mismatched stack types");
3267 }
3268 }
3269 if (old != NULL || new != NULL) {
3270 CCerror(context, "Mismatched stack types");
3271 }
3272 this_idata->stack_info.stack = stack;
3273 this_idata->changed = JNI_TRUE;
3274 }
3275 }
3276 }
3277
3278 static void
3279 merge_registers(context_type *context, unsigned int from_inumber,
3280 unsigned int to_inumber, register_info_type *new_register_info)
3281 {
3282 instruction_data_type *idata = context->instruction_data;
3283 instruction_data_type *this_idata = &idata[to_inumber];
3284 register_info_type *this_reginfo = &this_idata->register_info;
3285
3286 int new_register_count = new_register_info->register_count;
3287 fullinfo_type *new_registers = new_register_info->registers;
3288 int new_mask_count = new_register_info->mask_count;
3289 mask_type *new_masks = new_register_info->masks;
3290
3291
3292 if (this_reginfo->register_count == UNKNOWN_REGISTER_COUNT) {
3293 this_reginfo->register_count = new_register_count;
3294 this_reginfo->registers = new_registers;
3295 this_reginfo->mask_count = new_mask_count;
3296 this_reginfo->masks = new_masks;
3297 this_idata->changed = JNI_TRUE;
3298 } else {
3299 /* See if we've got new information on the register set. */
3300 int register_count = this_reginfo->register_count;
3301 fullinfo_type *registers = this_reginfo->registers;
3302 int mask_count = this_reginfo->mask_count;
3303 mask_type *masks = this_reginfo->masks;
3304
3305 jboolean copy = JNI_FALSE;
3306 int i, j;
3307 if (register_count > new_register_count) {
3308 /* Any register larger than new_register_count is now bogus */
3309 this_reginfo->register_count = new_register_count;
3310 register_count = new_register_count;
3311 this_idata->changed = JNI_TRUE;
3312 }
3313 for (i = 0; i < register_count; i++) {
3314 fullinfo_type prev_value = registers[i];
3315 if ((i < new_register_count)
3316 ? (!isAssignableTo(context, new_registers[i], prev_value))
3317 : (prev_value != MAKE_FULLINFO(ITEM_Bogus, 0, 0))) {
3318 copy = JNI_TRUE;
3319 break;
3320 }
3321 }
3322
3323 if (copy) {
3324 /* We need a copy. So do it. */
3325 fullinfo_type *new_set = NEW(fullinfo_type, register_count);
3326 for (j = 0; j < i; j++)
3327 new_set[j] = registers[j];
3328 for (j = i; j < register_count; j++) {
3329 if (i >= new_register_count)
3330 new_set[j] = MAKE_FULLINFO(ITEM_Bogus, 0, 0);
3331 else
3332 new_set[j] = merge_fullinfo_types(context,
3333 new_registers[j],
3334 registers[j], JNI_FALSE);
3335 }
3336 /* Some of the end items might now be bogus. This step isn't
3337 * necessary, but it may save work later. */
3338 while ( register_count > 0
3339 && GET_ITEM_TYPE(new_set[register_count-1]) == ITEM_Bogus)
3340 register_count--;
3341 this_reginfo->register_count = register_count;
3342 this_reginfo->registers = new_set;
3343 this_idata->changed = JNI_TRUE;
3344 }
3345 if (mask_count > 0) {
3346 /* If the target instruction already has a sequence of masks, then
3347 * we need to merge new_masks into it. We want the entries on
3348 * the mask to be the longest common substring of the two.
3349 * (e.g. a->b->d merged with a->c->d should give a->d)
3350 * The bits set in the mask should be the or of the corresponding
3351 * entries in each of the original masks.
3352 */
3353 int i, j, k;
3354 int matches = 0;
3355 int last_match = -1;
3356 jboolean copy_needed = JNI_FALSE;
3357 for (i = 0; i < mask_count; i++) {
3358 int entry = masks[i].entry;
3359 for (j = last_match + 1; j < new_mask_count; j++) {
3360 if (new_masks[j].entry == entry) {
3361 /* We have a match */
3362 int *prev = masks[i].modifies;
3363 int *new = new_masks[j].modifies;
3364 matches++;
3365 /* See if new_mask has bits set for "entry" that
3366 * weren't set for mask. If so, need to copy. */
3367 for (k = context->bitmask_size - 1;
3368 !copy_needed && k >= 0;
3369 k--)
3370 if (~prev[k] & new[k])
3371 copy_needed = JNI_TRUE;
3372 last_match = j;
3373 break;
3374 }
3375 }
3376 }
3377 if ((matches < mask_count) || copy_needed) {
3378 /* We need to make a copy for the new item, since either the
3379 * size has decreased, or new bits are set. */
3380 mask_type *copy = NEW(mask_type, matches);
3381 for (i = 0; i < matches; i++) {
3382 copy[i].modifies = NEW(int, context->bitmask_size);
3383 }
3384 this_reginfo->masks = copy;
3385 this_reginfo->mask_count = matches;
3386 this_idata->changed = JNI_TRUE;
3387 matches = 0;
3388 last_match = -1;
3389 for (i = 0; i < mask_count; i++) {
3390 int entry = masks[i].entry;
3391 for (j = last_match + 1; j < new_mask_count; j++) {
3392 if (new_masks[j].entry == entry) {
3393 int *prev1 = masks[i].modifies;
3394 int *prev2 = new_masks[j].modifies;
3395 int *new = copy[matches].modifies;
3396 copy[matches].entry = entry;
3397 for (k = context->bitmask_size - 1; k >= 0; k--)
3398 new[k] = prev1[k] | prev2[k];
3399 matches++;
3400 last_match = j;
3401 break;
3402 }
3403 }
3404 }
3405 }
3406 }
3407 }
3408 }
3409
3410
3411 static void
3412 merge_flags(context_type *context, unsigned int from_inumber,
3413 unsigned int to_inumber,
3414 flag_type new_and_flags, flag_type new_or_flags)
3415 {
3416 /* Set this_idata->and_flags &= new_and_flags
3417 this_idata->or_flags |= new_or_flags
3418 */
3419 instruction_data_type *idata = context->instruction_data;
3420 instruction_data_type *this_idata = &idata[to_inumber];
3421 flag_type this_and_flags = this_idata->and_flags;
3422 flag_type this_or_flags = this_idata->or_flags;
3423 flag_type merged_and = this_and_flags & new_and_flags;
3424 flag_type merged_or = this_or_flags | new_or_flags;
3425
3426 if ((merged_and != this_and_flags) || (merged_or != this_or_flags)) {
3427 this_idata->and_flags = merged_and;
3428 this_idata->or_flags = merged_or;
3429 this_idata->changed = JNI_TRUE;
3430 }
3431 }
3432
3433
3434 /* Make a copy of a stack */
3435
3436 static stack_item_type *
3437 copy_stack(context_type *context, stack_item_type *stack)
3438 {
3439 int length;
3440 stack_item_type *ptr;
3441
3442 /* Find the length */
3443 for (ptr = stack, length = 0; ptr != NULL; ptr = ptr->next, length++);
3444
3445 if (length > 0) {
3446 stack_item_type *new_stack = NEW(stack_item_type, length);
3447 stack_item_type *new_ptr;
3448 for ( ptr = stack, new_ptr = new_stack;
3449 ptr != NULL;
3450 ptr = ptr->next, new_ptr++) {
3451 new_ptr->item = ptr->item;
3452 new_ptr->next = new_ptr + 1;
3453 }
3454 new_stack[length - 1].next = NULL;
3455 return new_stack;
3456 } else {
3457 return NULL;
3458 }
3459 }
3460
3461
3462 static mask_type *
3463 copy_masks(context_type *context, mask_type *masks, int mask_count)
3464 {
3465 mask_type *result = NEW(mask_type, mask_count);
3466 int bitmask_size = context->bitmask_size;
3467 int *bitmaps = NEW(int, mask_count * bitmask_size);
3468 int i;
3469 for (i = 0; i < mask_count; i++) {
3470 result[i].entry = masks[i].entry;
3471 result[i].modifies = &bitmaps[i * bitmask_size];
3472 memcpy(result[i].modifies, masks[i].modifies, bitmask_size * sizeof(int));
3473 }
3474 return result;
3475 }
3476
3477
3478 static mask_type *
3479 add_to_masks(context_type *context, mask_type *masks, int mask_count, int d)
3480 {
3481 mask_type *result = NEW(mask_type, mask_count + 1);
3482 int bitmask_size = context->bitmask_size;
3483 int *bitmaps = NEW(int, (mask_count + 1) * bitmask_size);
3484 int i;
3485 for (i = 0; i < mask_count; i++) {
3486 result[i].entry = masks[i].entry;
3487 result[i].modifies = &bitmaps[i * bitmask_size];
3488 memcpy(result[i].modifies, masks[i].modifies, bitmask_size * sizeof(int));
3489 }
3490 result[mask_count].entry = d;
3491 result[mask_count].modifies = &bitmaps[mask_count * bitmask_size];
3492 memset(result[mask_count].modifies, 0, bitmask_size * sizeof(int));
3493 return result;
3494 }
3495
3496
3497
3498 /* We create our own storage manager, since we malloc lots of little items,
3499 * and I don't want to keep trace of when they become free. I sure wish that
3500 * we had heaps, and I could just free the heap when done.
3501 */
3502
3503 #define CCSegSize 2000
3504
3505 struct CCpool { /* a segment of allocated memory in the pool */
3506 struct CCpool *next;
3507 int segSize; /* almost always CCSegSize */
3508 int poolPad;
3509 char space[CCSegSize];
3510 };
3511
3512 /* Initialize the context's heap. */
3513 static void CCinit(context_type *context)
3514 {
3515 struct CCpool *new = (struct CCpool *) malloc(sizeof(struct CCpool));
3516 /* Set context->CCroot to 0 if new == 0 to tell CCdestroy to lay off */
3517 context->CCroot = context->CCcurrent = new;
3518 if (new == 0) {
3519 CCout_of_memory(context);
3520 }
3521 new->next = NULL;
3522 new->segSize = CCSegSize;
3523 context->CCfree_size = CCSegSize;
3524 context->CCfree_ptr = &new->space[0];
3525 }
3526
3527
3528 /* Reuse all the space that we have in the context's heap. */
3529 static void CCreinit(context_type *context)
3530 {
3531 struct CCpool *first = context->CCroot;
3532 context->CCcurrent = first;
3533 context->CCfree_size = CCSegSize;
3534 context->CCfree_ptr = &first->space[0];
3535 }
3536
3537 /* Destroy the context's heap. */
3538 static void CCdestroy(context_type *context)
3539 {
3540 struct CCpool *this = context->CCroot;
3541 while (this) {
3542 struct CCpool *next = this->next;
3543 free(this);
3544 this = next;
3545 }
3546 /* These two aren't necessary. But can't hurt either */
3547 context->CCroot = context->CCcurrent = NULL;
3548 context->CCfree_ptr = 0;
3549 }
3550
3551 /* Allocate an object of the given size from the context's heap. */
3552 static void *
3553 CCalloc(context_type *context, int size, jboolean zero)
3554 {
3555
3556 register char *p;
3557 /* Round CC to the size of a pointer */
3558 size = (size + (sizeof(void *) - 1)) & ~(sizeof(void *) - 1);
3559
3560 if (context->CCfree_size < size) {
3561 struct CCpool *current = context->CCcurrent;
3562 struct CCpool *new;
3563 if (size > CCSegSize) { /* we need to allocate a special block */
3564 new = (struct CCpool *)malloc(sizeof(struct CCpool) +
3565 (size - CCSegSize));
3566 if (new == 0) {
3567 CCout_of_memory(context);
3568 }
3569 new->next = current->next;
3570 new->segSize = size;
3571 current->next = new;
3572 } else {
3573 new = current->next;
3574 if (new == NULL) {
3575 new = (struct CCpool *) malloc(sizeof(struct CCpool));
3576 if (new == 0) {
3577 CCout_of_memory(context);
3578 }
3579 current->next = new;
3580 new->next = NULL;
3581 new->segSize = CCSegSize;
3582 }
3583 }
3584 context->CCcurrent = new;
3585 context->CCfree_ptr = &new->space[0];
3586 context->CCfree_size = new->segSize;
3587 }
3588 p = context->CCfree_ptr;
3589 context->CCfree_ptr += size;
3590 context->CCfree_size -= size;
3591 if (zero)
3592 memset(p, 0, size);
3593 return p;
3594 }
3595
3596 /* Get the class associated with a particular field or method or class in the
3597 * constant pool. If is_field is true, we've got a field or method. If
3598 * false, we've got a class.
3599 */
3600 static fullinfo_type
3601 cp_index_to_class_fullinfo(context_type *context, int cp_index, int kind)
3602 {
3603 JNIEnv *env = context->env;
3604 fullinfo_type result;
3605 const char *classname;
3606 switch (kind) {
3607 case JVM_CONSTANT_Class:
3608 classname = JVM_GetCPClassNameUTF(env,
3609 context->class,
3610 cp_index);
3611 break;
3612 case JVM_CONSTANT_Methodref:
3613 classname = JVM_GetCPMethodClassNameUTF(env,
3614 context->class,
3615 cp_index);
3616 break;
3617 case JVM_CONSTANT_Fieldref:
3618 classname = JVM_GetCPFieldClassNameUTF(env,
3619 context->class,
3620 cp_index);
3621 break;
3622 default:
3623 classname = NULL;
3624 CCerror(context, "Internal error #5");
3625 }
3626
3627 check_and_push_string_utf(context, classname);
3628 if (classname[0] == JVM_SIGNATURE_ARRAY) {
3629 /* This make recursively call us, in case of a class array */
3630 signature_to_fieldtype(context, &classname, &result);
3631 } else {
3632 result = make_class_info_from_name(context, classname);
3633 }
3634 pop_and_free(context);
3635 return result;
3636 }
3637
3638
3639 static int
3640 print_CCerror_info(context_type *context)
3641 {
3642 JNIEnv *env = context->env;
3643 jclass cb = context->class;
3644 const char *classname = JVM_GetClassNameUTF(env, cb);
3645 const char *name = 0;
3646 const char *signature = 0;
3647 int n = 0;
3648 if (context->method_index != -1) {
3649 name = JVM_GetMethodIxNameUTF(env, cb, context->method_index);
3650 signature =
3651 JVM_GetMethodIxSignatureUTF(env, cb, context->method_index);
3652 n += jio_snprintf(context->message, context->message_buf_len,
3653 "(class: %s, method: %s signature: %s) ",
3654 (classname ? classname : ""),
3655 (name ? name : ""),
3656 (signature ? signature : ""));
3657 } else if (context->field_index != -1 ) {
3658 name = JVM_GetMethodIxNameUTF(env, cb, context->field_index);
3659 n += jio_snprintf(context->message, context->message_buf_len,
3660 "(class: %s, field: %s) ",
3661 (classname ? classname : 0),
3662 (name ? name : 0));
3663 } else {
3664 n += jio_snprintf(context->message, context->message_buf_len,
3665 "(class: %s) ", classname ? classname : "");
3666 }
3667 JVM_ReleaseUTF(classname);
3668 JVM_ReleaseUTF(name);
3669 JVM_ReleaseUTF(signature);
3670 return n;
3671 }
3672
3673 static void
3674 CCerror (context_type *context, char *format, ...)
3675 {
3676 int n = print_CCerror_info(context);
3677 va_list args;
3678 if (n >= 0 && n < context->message_buf_len) {
3679 va_start(args, format);
3680 jio_vsnprintf(context->message + n, context->message_buf_len - n,
3681 format, args);
3682 va_end(args);
3683 }
3684 context->err_code = CC_VerifyError;
3685 longjmp(context->jump_buffer, 1);
3686 }
3687
3688 static void
3689 CCout_of_memory(context_type *context)
3690 {
3691 int n = print_CCerror_info(context);
3692 context->err_code = CC_OutOfMemory;
3693 longjmp(context->jump_buffer, 1);
3694 }
3695
3696 static void
3697 CFerror(context_type *context, char *format, ...)
3698 {
3699 int n = print_CCerror_info(context);
3700 va_list args;
3701 if (n >= 0 && n < context->message_buf_len) {
3702 va_start(args, format);
3703 jio_vsnprintf(context->message + n, context->message_buf_len - n,
3704 format, args);
3705 va_end(args);
3706 }
3707 context->err_code = CC_ClassFormatError;
3708 longjmp(context->jump_buffer, 1);
3709 }
3710
3711 /*
3712 * Need to scan the entire signature to find the result type because
3713 * types in the arg list and the result type could contain embedded ')'s.
3714 */
3715 static const char* get_result_signature(const char* signature) {
3716 const char *p;
3717 for (p = signature; *p != JVM_SIGNATURE_ENDFUNC; p++) {
3718 switch (*p) {
3719 case JVM_SIGNATURE_BOOLEAN:
3720 case JVM_SIGNATURE_BYTE:
3721 case JVM_SIGNATURE_CHAR:
3722 case JVM_SIGNATURE_SHORT:
3723 case JVM_SIGNATURE_INT:
3724 case JVM_SIGNATURE_FLOAT:
3725 case JVM_SIGNATURE_DOUBLE:
3726 case JVM_SIGNATURE_LONG:
3727 case JVM_SIGNATURE_FUNC: /* ignore initial (, if given */
3728 break;
3729 case JVM_SIGNATURE_CLASS:
3730 while (*p != JVM_SIGNATURE_ENDCLASS) p++;
3731 break;
3732 case JVM_SIGNATURE_ARRAY:
3733 while (*p == JVM_SIGNATURE_ARRAY) p++;
3734 /* If an array of classes, skip over class name, too. */
3735 if (*p == JVM_SIGNATURE_CLASS) {
3736 while (*p != JVM_SIGNATURE_ENDCLASS) p++;
3737 }
3738 break;
3739 default:
3740 /* Indicate an error. */
3741 return NULL;
3742 }
3743 }
3744 return p++; /* skip over ')'. */
3745 }
3746
3747 static char
3748 signature_to_fieldtype(context_type *context,
3749 const char **signature_p, fullinfo_type *full_info_p)
3750 {
3751 const char *p = *signature_p;
3752 fullinfo_type full_info = MAKE_FULLINFO(ITEM_Bogus, 0, 0);
3753 char result;
3754 int array_depth = 0;
3755
3756 for (;;) {
3757 switch(*p++) {
3758 default:
3759 result = 0;
3760 break;
3761
3762 case JVM_SIGNATURE_BOOLEAN:
3763 full_info = (array_depth > 0)
3764 ? MAKE_FULLINFO(ITEM_Boolean, 0, 0)
3765 : MAKE_FULLINFO(ITEM_Integer, 0, 0);
3766 result = 'I';
3767 break;
3768
3769 case JVM_SIGNATURE_BYTE:
3770 full_info = (array_depth > 0)
3771 ? MAKE_FULLINFO(ITEM_Byte, 0, 0)
3772 : MAKE_FULLINFO(ITEM_Integer, 0, 0);
3773 result = 'I';
3774 break;
3775
3776 case JVM_SIGNATURE_CHAR:
3777 full_info = (array_depth > 0)
3778 ? MAKE_FULLINFO(ITEM_Char, 0, 0)
3779 : MAKE_FULLINFO(ITEM_Integer, 0, 0);
3780 result = 'I';
3781 break;
3782
3783 case JVM_SIGNATURE_SHORT:
3784 full_info = (array_depth > 0)
3785 ? MAKE_FULLINFO(ITEM_Short, 0, 0)
3786 : MAKE_FULLINFO(ITEM_Integer, 0, 0);
3787 result = 'I';
3788 break;
3789
3790 case JVM_SIGNATURE_INT:
3791 full_info = MAKE_FULLINFO(ITEM_Integer, 0, 0);
3792 result = 'I';
3793 break;
3794
3795 case JVM_SIGNATURE_FLOAT:
3796 full_info = MAKE_FULLINFO(ITEM_Float, 0, 0);
3797 result = 'F';
3798 break;
3799
3800 case JVM_SIGNATURE_DOUBLE:
3801 full_info = MAKE_FULLINFO(ITEM_Double, 0, 0);
3802 result = 'D';
3803 break;
3804
3805 case JVM_SIGNATURE_LONG:
3806 full_info = MAKE_FULLINFO(ITEM_Long, 0, 0);
3807 result = 'L';
3808 break;
3809
3810 case JVM_SIGNATURE_ARRAY:
3811 array_depth++;
3812 continue; /* only time we ever do the loop > 1 */
3813
3814 case JVM_SIGNATURE_CLASS: {
3815 char buffer_space[256];
3816 char *buffer = buffer_space;
3817 char *finish = strchr(p, JVM_SIGNATURE_ENDCLASS);
3818 int length;
3819 if (finish == NULL) {
3820 /* Signature must have ';' after the class name.
3821 * If it does not, return 0 and ITEM_Bogus in full_info. */
3822 result = 0;
3823 break;
3824 }
3825 assert(finish >= p);
3826 length = (int)(finish - p);
3827 if (length + 1 > (int)sizeof(buffer_space)) {
3828 buffer = malloc(length + 1);
3829 check_and_push_malloc_block(context, buffer);
3830 }
3831 memcpy(buffer, p, length);
3832 buffer[length] = '\0';
3833 full_info = make_class_info_from_name(context, buffer);
3834 result = 'A';
3835 p = finish + 1;
3836 if (buffer != buffer_space)
3837 pop_and_free(context);
3838 break;
3839 }
3840 } /* end of switch */
3841 break;
3842 }
3843 *signature_p = p;
3844 if (array_depth == 0 || result == 0) {
3845 /* either not an array, or result is bogus */
3846 *full_info_p = full_info;
3847 return result;
3848 } else {
3849 if (array_depth > MAX_ARRAY_DIMENSIONS)
3850 CCerror(context, "Array with too many dimensions");
3851 *full_info_p = MAKE_FULLINFO(GET_ITEM_TYPE(full_info),
3852 array_depth,
3853 GET_EXTRA_INFO(full_info));
3854 return 'A';
3855 }
3856 }
3857
3858
3859 /* Given an array type, create the type that has one less level of
3860 * indirection.
3861 */
3862
3863 static fullinfo_type
3864 decrement_indirection(fullinfo_type array_info)
3865 {
3866 if (array_info == NULL_FULLINFO) {
3867 return NULL_FULLINFO;
3868 } else {
3869 int type = GET_ITEM_TYPE(array_info);
3870 int indirection = GET_INDIRECTION(array_info) - 1;
3871 int extra_info = GET_EXTRA_INFO(array_info);
3872 if ( (indirection == 0)
3873 && ((type == ITEM_Short || type == ITEM_Byte || type == ITEM_Boolean || type == ITEM_Char)))
3874 type = ITEM_Integer;
3875 return MAKE_FULLINFO(type, indirection, extra_info);
3876 }
3877 }
3878
3879
3880 /* See if we can assign an object of the "from" type to an object
3881 * of the "to" type.
3882 */
3883
3884 static jboolean isAssignableTo(context_type *context,
3885 fullinfo_type from, fullinfo_type to)
3886 {
3887 return (merge_fullinfo_types(context, from, to, JNI_TRUE) == to);
3888 }
3889
3890 /* Given two fullinfo_type's, find their lowest common denominator. If
3891 * the assignable_p argument is non-null, we're really just calling to find
3892 * out if "<target> := <value>" is a legitimate assignment.
3893 *
3894 * We treat all interfaces as if they were of type java/lang/Object, since the
3895 * runtime will do the full checking.
3896 */
3897 static fullinfo_type
3898 merge_fullinfo_types(context_type *context,
3899 fullinfo_type value, fullinfo_type target,
3900 jboolean for_assignment)
3901 {
3902 JNIEnv *env = context->env;
3903 if (value == target) {
3904 /* If they're identical, clearly just return what we've got */
3905 return value;
3906 }
3907
3908 /* Both must be either arrays or objects to go further */
3909 if (GET_INDIRECTION(value) == 0 && GET_ITEM_TYPE(value) != ITEM_Object)
3910 return MAKE_FULLINFO(ITEM_Bogus, 0, 0);
3911 if (GET_INDIRECTION(target) == 0 && GET_ITEM_TYPE(target) != ITEM_Object)
3912 return MAKE_FULLINFO(ITEM_Bogus, 0, 0);
3913
3914 /* If either is NULL, return the other. */
3915 if (value == NULL_FULLINFO)
3916 return target;
3917 else if (target == NULL_FULLINFO)
3918 return value;
3919
3920 /* If either is java/lang/Object, that's the result. */
3921 if (target == context->object_info)
3922 return target;
3923 else if (value == context->object_info) {
3924 /* Minor hack. For assignments, Interface := Object, return Interface
3925 * rather than Object, so that isAssignableTo() will get the right
3926 * result. */
3927 if (for_assignment && (WITH_ZERO_EXTRA_INFO(target) ==
3928 MAKE_FULLINFO(ITEM_Object, 0, 0))) {
3929 jclass cb = object_fullinfo_to_classclass(context,
3930 target);
3931 int is_interface = cb && JVM_IsInterface(env, cb);
3932 if (is_interface)
3933 return target;
3934 }
3935 return value;
3936 }
3937 if (GET_INDIRECTION(value) > 0 || GET_INDIRECTION(target) > 0) {
3938 /* At least one is an array. Neither is java/lang/Object or NULL.
3939 * Moreover, the types are not identical.
3940 * The result must either be Object, or an array of some object type.
3941 */
3942 fullinfo_type value_base, target_base;
3943 int dimen_value = GET_INDIRECTION(value);
3944 int dimen_target = GET_INDIRECTION(target);
3945
3946 if (target == context->cloneable_info ||
3947 target == context->serializable_info) {
3948 return target;
3949 }
3950
3951 if (value == context->cloneable_info ||
3952 value == context->serializable_info) {
3953 return value;
3954 }
3955
3956 /* First, if either item's base type isn't ITEM_Object, promote it up
3957 * to an object or array of object. If either is elemental, we can
3958 * punt.
3959 */
3960 if (GET_ITEM_TYPE(value) != ITEM_Object) {
3961 if (dimen_value == 0)
3962 return MAKE_FULLINFO(ITEM_Bogus, 0, 0);
3963 dimen_value--;
3964 value = MAKE_Object_ARRAY(dimen_value);
3965
3966 }
3967 if (GET_ITEM_TYPE(target) != ITEM_Object) {
3968 if (dimen_target == 0)
3969 return MAKE_FULLINFO(ITEM_Bogus, 0, 0);
3970 dimen_target--;
3971 target = MAKE_Object_ARRAY(dimen_target);
3972 }
3973 /* Both are now objects or arrays of some sort of object type */
3974 value_base = WITH_ZERO_INDIRECTION(value);
3975 target_base = WITH_ZERO_INDIRECTION(target);
3976 if (dimen_value == dimen_target) {
3977 /* Arrays of the same dimension. Merge their base types. */
3978 fullinfo_type result_base =
3979 merge_fullinfo_types(context, value_base, target_base,
3980 for_assignment);
3981 if (result_base == MAKE_FULLINFO(ITEM_Bogus, 0, 0))
3982 /* bogus in, bogus out */
3983 return result_base;
3984 return MAKE_FULLINFO(ITEM_Object, dimen_value,
3985 GET_EXTRA_INFO(result_base));
3986 } else {
3987 /* Arrays of different sizes. If the smaller dimension array's base
3988 * type is java/lang/Cloneable or java/io/Serializable, return it.
3989 * Otherwise return java/lang/Object with a dimension of the smaller
3990 * of the two */
3991 if (dimen_value < dimen_target) {
3992 if (value_base == context->cloneable_info ||
3993 value_base == context ->serializable_info) {
3994 return value;
3995 }
3996 return MAKE_Object_ARRAY(dimen_value);
3997 } else {
3998 if (target_base == context->cloneable_info ||
3999 target_base == context->serializable_info) {
4000 return target;
4001 }
4002 return MAKE_Object_ARRAY(dimen_target);
4003 }
4004 }
4005 } else {
4006 /* Both are non-array objects. Neither is java/lang/Object or NULL */
4007 jclass cb_value, cb_target, cb_super_value, cb_super_target;
4008 fullinfo_type result_info;
4009
4010 /* Let's get the classes corresponding to each of these. Treat
4011 * interfaces as if they were java/lang/Object. See hack note above. */
4012 cb_target = object_fullinfo_to_classclass(context, target);
4013 if (cb_target == 0)
4014 return MAKE_FULLINFO(ITEM_Bogus, 0, 0);
4015 if (JVM_IsInterface(env, cb_target))
4016 return for_assignment ? target : context->object_info;
4017 cb_value = object_fullinfo_to_classclass(context, value);
4018 if (cb_value == 0)
4019 return MAKE_FULLINFO(ITEM_Bogus, 0, 0);
4020 if (JVM_IsInterface(env, cb_value))
4021 return context->object_info;
4022
4023 /* If this is for assignment of target := value, we just need to see if
4024 * cb_target is a superclass of cb_value. Save ourselves a lot of
4025 * work.
4026 */
4027 if (for_assignment) {
4028 cb_super_value = (*env)->GetSuperclass(env, cb_value);
4029 while (cb_super_value != 0) {
4030 jclass tmp_cb;
4031 if ((*env)->IsSameObject(env, cb_super_value, cb_target)) {
4032 (*env)->DeleteLocalRef(env, cb_super_value);
4033 return target;
4034 }
4035 tmp_cb = (*env)->GetSuperclass(env, cb_super_value);
4036 (*env)->DeleteLocalRef(env, cb_super_value);
4037 cb_super_value = tmp_cb;
4038 }
4039 (*env)->DeleteLocalRef(env, cb_super_value);
4040 return context->object_info;
4041 }
4042
4043 /* Find out whether cb_value or cb_target is deeper in the class
4044 * tree by moving both toward the root, and seeing who gets there
4045 * first. */
4046 cb_super_value = (*env)->GetSuperclass(env, cb_value);
4047 cb_super_target = (*env)->GetSuperclass(env, cb_target);
4048 while((cb_super_value != 0) &&
4049 (cb_super_target != 0)) {
4050 jclass tmp_cb;
4051 /* Optimization. If either hits the other when going up looking
4052 * for a parent, then might as well return the parent immediately */
4053 if ((*env)->IsSameObject(env, cb_super_value, cb_target)) {
4054 (*env)->DeleteLocalRef(env, cb_super_value);
4055 (*env)->DeleteLocalRef(env, cb_super_target);
4056 return target;
4057 }
4058 if ((*env)->IsSameObject(env, cb_super_target, cb_value)) {
4059 (*env)->DeleteLocalRef(env, cb_super_value);
4060 (*env)->DeleteLocalRef(env, cb_super_target);
4061 return value;
4062 }
4063 tmp_cb = (*env)->GetSuperclass(env, cb_super_value);
4064 (*env)->DeleteLocalRef(env, cb_super_value);
4065 cb_super_value = tmp_cb;
4066
4067 tmp_cb = (*env)->GetSuperclass(env, cb_super_target);
4068 (*env)->DeleteLocalRef(env, cb_super_target);
4069 cb_super_target = tmp_cb;
4070 }
4071 cb_value = (*env)->NewLocalRef(env, cb_value);
4072 cb_target = (*env)->NewLocalRef(env, cb_target);
4073 /* At most one of the following two while clauses will be executed.
4074 * Bring the deeper of cb_target and cb_value to the depth of the
4075 * shallower one.
4076 */
4077 while (cb_super_value != 0) {
4078 /* cb_value is deeper */
4079 jclass cb_tmp;
4080
4081 cb_tmp = (*env)->GetSuperclass(env, cb_super_value);
4082 (*env)->DeleteLocalRef(env, cb_super_value);
4083 cb_super_value = cb_tmp;
4084
4085 cb_tmp = (*env)->GetSuperclass(env, cb_value);
4086 (*env)->DeleteLocalRef(env, cb_value);
4087 cb_value = cb_tmp;
4088 }
4089 while (cb_super_target != 0) {
4090 /* cb_target is deeper */
4091 jclass cb_tmp;
4092
4093 cb_tmp = (*env)->GetSuperclass(env, cb_super_target);
4094 (*env)->DeleteLocalRef(env, cb_super_target);
4095 cb_super_target = cb_tmp;
4096
4097 cb_tmp = (*env)->GetSuperclass(env, cb_target);
4098 (*env)->DeleteLocalRef(env, cb_target);
4099 cb_target = cb_tmp;
4100 }
4101
4102 /* Walk both up, maintaining equal depth, until a join is found. We
4103 * know that we will find one. */
4104 while (!(*env)->IsSameObject(env, cb_value, cb_target)) {
4105 jclass cb_tmp;
4106 cb_tmp = (*env)->GetSuperclass(env, cb_value);
4107 (*env)->DeleteLocalRef(env, cb_value);
4108 cb_value = cb_tmp;
4109 cb_tmp = (*env)->GetSuperclass(env, cb_target);
4110 (*env)->DeleteLocalRef(env, cb_target);
4111 cb_target = cb_tmp;
4112 }
4113 result_info = make_class_info(context, cb_value);
4114 (*env)->DeleteLocalRef(env, cb_value);
4115 (*env)->DeleteLocalRef(env, cb_super_value);
4116 (*env)->DeleteLocalRef(env, cb_target);
4117 (*env)->DeleteLocalRef(env, cb_super_target);
4118 return result_info;
4119 } /* both items are classes */
4120 }
4121
4122
4123 /* Given a fullinfo_type corresponding to an Object, return the jclass
4124 * of that type.
4125 *
4126 * This function always returns a global reference!
4127 */
4128
4129 static jclass
4130 object_fullinfo_to_classclass(context_type *context, fullinfo_type classinfo)
4131 {
4132 unsigned short info = GET_EXTRA_INFO(classinfo);
4133 return ID_to_class(context, info);
4134 }
4135
4136 static void free_block(void *ptr, int kind)
4137 {
4138 switch (kind) {
4139 case VM_STRING_UTF:
4140 JVM_ReleaseUTF(ptr);
4141 break;
4142 case VM_MALLOC_BLK:
4143 free(ptr);
4144 break;
4145 }
4146 }
4147
4148 static void check_and_push_common(context_type *context, void *ptr, int kind)
4149 {
4150 alloc_stack_type *p;
4151 if (ptr == 0)
4152 CCout_of_memory(context);
4153 if (context->alloc_stack_top < ALLOC_STACK_SIZE)
4154 p = &(context->alloc_stack[context->alloc_stack_top++]);
4155 else {
4156 /* Otherwise we have to malloc */
4157 p = malloc(sizeof(alloc_stack_type));
4158 if (p == 0) {
4159 /* Make sure we clean up. */
4160 free_block(ptr, kind);
4161 CCout_of_memory(context);
4162 }
4163 }
4164 p->kind = kind;
4165 p->ptr = ptr;
4166 p->next = context->allocated_memory;
4167 context->allocated_memory = p;
4168 }
4169
4170 static void check_and_push_malloc_block(context_type *context, void *ptr) {
4171 check_and_push_common(context, ptr, VM_MALLOC_BLK);
4172 }
4173
4174 static void check_and_push_string_utf(context_type *context, const char *ptr) {
4175 check_and_push_common(context, (void *)ptr, VM_STRING_UTF);
4176 }
4177
4178 static void pop_and_free(context_type *context)
4179 {
4180 alloc_stack_type *p = context->allocated_memory;
4181 context->allocated_memory = p->next;
4182 free_block(p->ptr, p->kind);
4183 if (p < context->alloc_stack + ALLOC_STACK_SIZE &&
4184 p >= context->alloc_stack)
4185 context->alloc_stack_top--;
4186 else
4187 free(p);
4188 }
4189
4190 static int signature_to_args_size(const char *method_signature)
4191 {
4192 const char *p;
4193 int args_size = 0;
4194 for (p = method_signature; *p != JVM_SIGNATURE_ENDFUNC; p++) {
4195 switch (*p) {
4196 case JVM_SIGNATURE_BOOLEAN:
4197 case JVM_SIGNATURE_BYTE:
4198 case JVM_SIGNATURE_CHAR:
4199 case JVM_SIGNATURE_SHORT:
4200 case JVM_SIGNATURE_INT:
4201 case JVM_SIGNATURE_FLOAT:
4202 args_size += 1;
4203 break;
4204 case JVM_SIGNATURE_CLASS:
4205 args_size += 1;
4206 while (*p != JVM_SIGNATURE_ENDCLASS) p++;
4207 break;
4208 case JVM_SIGNATURE_ARRAY:
4209 args_size += 1;
4210 while ((*p == JVM_SIGNATURE_ARRAY)) p++;
4211 /* If an array of classes, skip over class name, too. */
4212 if (*p == JVM_SIGNATURE_CLASS) {
4213 while (*p != JVM_SIGNATURE_ENDCLASS)
4214 p++;
4215 }
4216 break;
4217 case JVM_SIGNATURE_DOUBLE:
4218 case JVM_SIGNATURE_LONG:
4219 args_size += 2;
4220 break;
4221 case JVM_SIGNATURE_FUNC: /* ignore initial (, if given */
4222 break;
4223 default:
4224 /* Indicate an error. */
4225 return 0;
4226 }
4227 }
4228 return args_size;
4229 }
4230
4231 #ifdef DEBUG
4232
4233 /* Below are for debugging. */
4234
4235 static void print_fullinfo_type(context_type *, fullinfo_type, jboolean);
4236
4237 static void
4238 print_stack(context_type *context, stack_info_type *stack_info)
4239 {
4240 stack_item_type *stack = stack_info->stack;
4241 if (stack_info->stack_size == UNKNOWN_STACK_SIZE) {
4242 jio_fprintf(stdout, "x");
4243 } else {
4244 jio_fprintf(stdout, "(");
4245 for ( ; stack != 0; stack = stack->next)
4246 print_fullinfo_type(context, stack->item,
4247 (jboolean)(verify_verbose > 1 ? JNI_TRUE : JNI_FALSE));
4248 jio_fprintf(stdout, ")");
4249 }
4250 }
4251
4252 static void
4253 print_registers(context_type *context, register_info_type *register_info)
4254 {
4255 int register_count = register_info->register_count;
4256 if (register_count == UNKNOWN_REGISTER_COUNT) {
4257 jio_fprintf(stdout, "x");
4258 } else {
4259 fullinfo_type *registers = register_info->registers;
4260 int mask_count = register_info->mask_count;
4261 mask_type *masks = register_info->masks;
4262 int i, j;
4263
4264 jio_fprintf(stdout, "{");
4265 for (i = 0; i < register_count; i++)
4266 print_fullinfo_type(context, registers[i],
4267 (jboolean)(verify_verbose > 1 ? JNI_TRUE : JNI_FALSE));
4268 jio_fprintf(stdout, "}");
4269 for (i = 0; i < mask_count; i++) {
4270 char *separator = "";
4271 int *modifies = masks[i].modifies;
4272 jio_fprintf(stdout, "<%d: ", masks[i].entry);
4273 for (j = 0;
4274 j < JVM_GetMethodIxLocalsCount(context->env,
4275 context->class,
4276 context->method_index);
4277 j++)
4278 if (IS_BIT_SET(modifies, j)) {
4279 jio_fprintf(stdout, "%s%d", separator, j);
4280 separator = ",";
4281 }
4282 jio_fprintf(stdout, ">");
4283 }
4284 }
4285 }
4286
4287
4288 static void
4289 print_flags(context_type *context, flag_type and_flags, flag_type or_flags)
4290 {
4291 if (and_flags != ((flag_type)-1) || or_flags != 0) {
4292 jio_fprintf(stdout, "<%x %x>", and_flags, or_flags);
4293 }
4294 }
4295
4296 static void
4297 print_fullinfo_type(context_type *context, fullinfo_type type, jboolean verbose)
4298 {
4299 int i;
4300 int indirection = GET_INDIRECTION(type);
4301 for (i = indirection; i-- > 0; )
4302 jio_fprintf(stdout, "[");
4303 switch (GET_ITEM_TYPE(type)) {
4304 case ITEM_Integer:
4305 jio_fprintf(stdout, "I"); break;
4306 case ITEM_Float:
4307 jio_fprintf(stdout, "F"); break;
4308 case ITEM_Double:
4309 jio_fprintf(stdout, "D"); break;
4310 case ITEM_Double_2:
4311 jio_fprintf(stdout, "d"); break;
4312 case ITEM_Long:
4313 jio_fprintf(stdout, "L"); break;
4314 case ITEM_Long_2:
4315 jio_fprintf(stdout, "l"); break;
4316 case ITEM_ReturnAddress:
4317 jio_fprintf(stdout, "a"); break;
4318 case ITEM_Object:
4319 if (!verbose) {
4320 jio_fprintf(stdout, "A");
4321 } else {
4322 unsigned short extra = GET_EXTRA_INFO(type);
4323 if (extra == 0) {
4324 jio_fprintf(stdout, "/Null/");
4325 } else {
4326 const char *name = ID_to_class_name(context, extra);
4327 const char *name2 = strrchr(name, '/');
4328 jio_fprintf(stdout, "/%s/", name2 ? name2 + 1 : name);
4329 }
4330 }
4331 break;
4332 case ITEM_Char:
4333 jio_fprintf(stdout, "C"); break;
4334 case ITEM_Short:
4335 jio_fprintf(stdout, "S"); break;
4336 case ITEM_Boolean:
4337 jio_fprintf(stdout, "Z"); break;
4338 case ITEM_Byte:
4339 jio_fprintf(stdout, "B"); break;
4340 case ITEM_NewObject:
4341 if (!verbose) {
4342 jio_fprintf(stdout, "@");
4343 } else {
4344 int inum = GET_EXTRA_INFO(type);
4345 fullinfo_type real_type =
4346 context->instruction_data[inum].operand2.fi;
4347 jio_fprintf(stdout, ">");
4348 print_fullinfo_type(context, real_type, JNI_TRUE);
4349 jio_fprintf(stdout, "<");
4350 }
4351 break;
4352 case ITEM_InitObject:
4353 jio_fprintf(stdout, verbose ? ">/this/<" : "@");
4354 break;
4355
4356 default:
4357 jio_fprintf(stdout, "?"); break;
4358 }
4359 for (i = indirection; i-- > 0; )
4360 jio_fprintf(stdout, "]");
4361 }
4362
4363
4364 static void
4365 print_formatted_fieldname(context_type *context, int index)
4366 {
4367 JNIEnv *env = context->env;
4368 jclass cb = context->class;
4369 const char *classname = JVM_GetCPFieldClassNameUTF(env, cb, index);
4370 const char *fieldname = JVM_GetCPFieldNameUTF(env, cb, index);
4371 jio_fprintf(stdout, " <%s.%s>",
4372 classname ? classname : "", fieldname ? fieldname : "");
4373 JVM_ReleaseUTF(classname);
4374 JVM_ReleaseUTF(fieldname);
4375 }
4376
4377 static void
4378 print_formatted_methodname(context_type *context, int index)
4379 {
4380 JNIEnv *env = context->env;
4381 jclass cb = context->class;
4382 const char *classname = JVM_GetCPMethodClassNameUTF(env, cb, index);
4383 const char *methodname = JVM_GetCPMethodNameUTF(env, cb, index);
4384 jio_fprintf(stdout, " <%s.%s>",
4385 classname ? classname : "", methodname ? methodname : "");
4386 JVM_ReleaseUTF(classname);
4387 JVM_ReleaseUTF(methodname);
4388 }
4389
4390 #endif /*DEBUG*/