< prev index next >

src/share/vm/classfile/verifier.cpp

Print this page




 108   // print in a single call to reduce interleaving between threads
 109   if (source_file != NULL) {
 110     log_debug(class, resolve)("%s %s %s (verification)", verify, resolve, source_file);
 111   } else {
 112     log_debug(class, resolve)("%s %s (verification)", verify, resolve);
 113   }
 114 }
 115 
 116 // Prints the end-verification message to the appropriate output.
 117 void Verifier::log_end_verification(outputStream* st, const char* klassName, Symbol* exception_name, TRAPS) {
 118   if (HAS_PENDING_EXCEPTION) {
 119     st->print("Verification for %s has", klassName);
 120     st->print_cr(" exception pending %s ",
 121                  PENDING_EXCEPTION->klass()->external_name());
 122   } else if (exception_name != NULL) {
 123     st->print_cr("Verification for %s failed", klassName);
 124   }
 125   st->print_cr("End class verification for: %s", klassName);
 126 }
 127 
 128 bool Verifier::verify(instanceKlassHandle klass, Verifier::Mode mode, bool should_verify_class, TRAPS) {
 129   HandleMark hm(THREAD);
 130   ResourceMark rm(THREAD);
 131 
 132   // Eagerly allocate the identity hash code for a klass. This is a fallout
 133   // from 6320749 and 8059924: hash code generator is not supposed to be called
 134   // during the safepoint, but it allows to sneak the hashcode in during
 135   // verification. Without this eager hashcode generation, we may end up
 136   // installing the hashcode during some other operation, which may be at
 137   // safepoint -- blowing up the checks. It was previously done as the side
 138   // effect (sic!) for external_name(), but instead of doing that, we opt to
 139   // explicitly push the hashcode in here. This is signify the following block
 140   // is IMPORTANT:
 141   if (klass->java_mirror() != NULL) {
 142     klass->java_mirror()->identity_hash();
 143   }
 144 
 145   if (!is_eligible_for_verification(klass, should_verify_class)) {
 146     return true;
 147   }
 148 


 186       exception_message = split_verifier.exception_message();
 187     }
 188   } else {
 189     exception_name = inference_verify(
 190         klass, message_buffer, message_buffer_len, THREAD);
 191   }
 192 
 193   if (log_is_enabled(Info, class, init)){
 194     log_end_verification(Log(class, init)::info_stream(), klassName, exception_name, THREAD);
 195   }
 196   if (log_is_enabled(Info, verification)){
 197     log_end_verification(Log(verification)::info_stream(), klassName, exception_name, THREAD);
 198   }
 199 
 200   if (HAS_PENDING_EXCEPTION) {
 201     return false; // use the existing exception
 202   } else if (exception_name == NULL) {
 203     return true; // verifcation succeeded
 204   } else { // VerifyError or ClassFormatError to be created and thrown
 205     ResourceMark rm(THREAD);
 206     instanceKlassHandle kls =
 207       SystemDictionary::resolve_or_fail(exception_name, true, CHECK_false);
 208     if (log_is_enabled(Debug, class, resolve)) {
 209       Verifier::trace_class_resolution(kls(), klass());
 210     }
 211 
 212     while (!kls.is_null()) {
 213       if (kls == klass) {
 214         // If the class being verified is the exception we're creating
 215         // or one of it's superclasses, we're in trouble and are going
 216         // to infinitely recurse when we try to initialize the exception.
 217         // So bail out here by throwing the preallocated VM error.
 218         THROW_OOP_(Universe::virtual_machine_error_instance(), false);
 219       }
 220       kls = kls->super();
 221     }
 222     message_buffer[message_buffer_len - 1] = '\0'; // just to be sure
 223     THROW_MSG_(exception_name, exception_message, false);
 224   }
 225 }
 226 
 227 bool Verifier::is_eligible_for_verification(instanceKlassHandle klass, bool should_verify_class) {
 228   Symbol* name = klass->name();
 229   Klass* refl_magic_klass = SystemDictionary::reflect_MagicAccessorImpl_klass();
 230 
 231   bool is_reflect = refl_magic_klass != NULL && klass->is_subtype_of(refl_magic_klass);
 232 
 233   return (should_verify_for(klass->class_loader(), should_verify_class) &&
 234     // return if the class is a bootstrapping class
 235     // or defineClass specified not to verify by default (flags override passed arg)
 236     // We need to skip the following four for bootstraping
 237     name != vmSymbols::java_lang_Object() &&
 238     name != vmSymbols::java_lang_Class() &&
 239     name != vmSymbols::java_lang_String() &&
 240     name != vmSymbols::java_lang_Throwable() &&
 241 
 242     // Can not verify the bytecodes for shared classes because they have
 243     // already been rewritten to contain constant pool cache indices,
 244     // which the verifier can't understand.
 245     // Shared classes shouldn't have stackmaps either.
 246     !klass()->is_shared() &&
 247 
 248     // As of the fix for 4486457 we disable verification for all of the
 249     // dynamically-generated bytecodes associated with the 1.4
 250     // reflection implementation, not just those associated with
 251     // jdk/internal/reflect/SerializationConstructorAccessor.
 252     // NOTE: this is called too early in the bootstrapping process to be
 253     // guarded by Universe::is_gte_jdk14x_version().
 254     // Also for lambda generated code, gte jdk8
 255     (!is_reflect));
 256 }
 257 
 258 Symbol* Verifier::inference_verify(
 259     instanceKlassHandle klass, char* message, size_t message_len, TRAPS) {
 260   JavaThread* thread = (JavaThread*)THREAD;
 261   JNIEnv *env = thread->jni_environment();
 262 
 263   void* verify_func = verify_byte_codes_fn();
 264 
 265   if (verify_func == NULL) {
 266     jio_snprintf(message, message_len, "Could not link verifier");
 267     return vmSymbols::java_lang_VerifyError();
 268   }
 269 
 270   ResourceMark rm(THREAD);
 271   log_info(verification)("Verifying class %s with old format", klass->external_name());
 272 
 273   jclass cls = (jclass) JNIHandles::make_local(env, klass->java_mirror());
 274   jint result;
 275 
 276   {
 277     HandleMark hm(thread);
 278     ThreadToNativeFromVM ttn(thread);
 279     // ThreadToNativeFromVM takes care of changing thread_state, so safepoint


 542     streamIndentor si2(ss);
 543     int current_offset = -1;
 544     address end_of_sm_table = (address)sm_table + method->stackmap_data()->length();
 545     for (u2 i = 0; i < sm_table->number_of_entries(); ++i) {
 546       ss->indent();
 547       if (!sm_frame->verify((address)sm_frame, end_of_sm_table)) {
 548         sm_frame->print_truncated(ss, current_offset);
 549         return;
 550       }
 551       sm_frame->print_on(ss, current_offset);
 552       ss->cr();
 553       current_offset += sm_frame->offset_delta();
 554       sm_frame = sm_frame->next();
 555     }
 556   }
 557 }
 558 
 559 // Methods in ClassVerifier
 560 
 561 ClassVerifier::ClassVerifier(
 562     instanceKlassHandle klass, TRAPS)
 563     : _thread(THREAD), _exception_type(NULL), _message(NULL), _klass(klass) {
 564   _this_type = VerificationType::reference_type(klass->name());
 565   // Create list to hold symbols in reference area.
 566   _symbols = new GrowableArray<Symbol*>(100, 0, NULL);
 567 }
 568 
 569 ClassVerifier::~ClassVerifier() {
 570   // Decrement the reference count for any symbols created.
 571   for (int i = 0; i < _symbols->length(); i++) {
 572     Symbol* s = _symbols->at(i);
 573     s->decrement_refcount();
 574   }
 575 }
 576 
 577 VerificationType ClassVerifier::object_type() const {
 578   return VerificationType::reference_type(vmSymbols::java_lang_Object());
 579 }
 580 
 581 TypeOrigin ClassVerifier::ref_ctx(const char* sig, TRAPS) {
 582   VerificationType vt = VerificationType::reference_type(


1984   va_start(va, msg);
1985   ss.vprint(msg, va);
1986   va_end(va);
1987   if (!_method.is_null()) {
1988     ss.print(" in method %s", _method->name_and_sig_as_C_string());
1989   }
1990   _message = ss.as_string();
1991 }
1992 
1993 Klass* ClassVerifier::load_class(Symbol* name, TRAPS) {
1994   HandleMark hm(THREAD);
1995   // Get current loader and protection domain first.
1996   oop loader = current_class()->class_loader();
1997   oop protection_domain = current_class()->protection_domain();
1998 
1999   Klass* kls = SystemDictionary::resolve_or_fail(
2000     name, Handle(THREAD, loader), Handle(THREAD, protection_domain),
2001     true, THREAD);
2002 
2003   if (log_is_enabled(Debug, class, resolve)) {
2004     instanceKlassHandle cur_class = current_class();
2005     Verifier::trace_class_resolution(kls, cur_class());
2006   }
2007   return kls;
2008 }
2009 
2010 bool ClassVerifier::is_protected_access(instanceKlassHandle this_class,
2011                                         Klass* target_class,
2012                                         Symbol* field_name,
2013                                         Symbol* field_sig,
2014                                         bool is_method) {
2015   NoSafepointVerifier nosafepoint;
2016 
2017   // If target class isn't a super class of this class, we don't worry about this case
2018   if (!this_class->is_subclass_of(target_class)) {
2019     return false;
2020   }
2021   // Check if the specified method or field is protected
2022   InstanceKlass* target_instance = InstanceKlass::cast(target_class);
2023   fieldDescriptor fd;
2024   if (is_method) {
2025     Method* m = target_instance->uncached_lookup_method(field_name, field_sig, Klass::find_overpass);
2026     if (m != NULL && m->is_protected()) {
2027       if (!this_class->is_same_class_package(m->method_holder())) {
2028         return true;
2029       }
2030     }


2153         verify_error(ErrorContext::bad_code(bci),
2154                      "Bad lookupswitch instruction");
2155         return;
2156       }
2157     }
2158   }
2159   int target = bci + default_offset;
2160   stackmap_table->check_jump_target(current_frame, target, CHECK_VERIFY(this));
2161   for (int i = 0; i < keys; i++) {
2162     // Because check_jump_target() may safepoint, the bytecode could have
2163     // moved, which means 'aligned_bcp' is no good and needs to be recalculated.
2164     aligned_bcp = (address)round_to((intptr_t)(bcs->bcp() + 1), jintSize);
2165     target = bci + (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize);
2166     stackmap_table->check_jump_target(
2167       current_frame, target, CHECK_VERIFY(this));
2168   }
2169   NOT_PRODUCT(aligned_bcp = NULL);  // no longer valid at this point
2170 }
2171 
2172 bool ClassVerifier::name_in_supers(
2173     Symbol* ref_name, instanceKlassHandle current) {
2174   Klass* super = current->super();
2175   while (super != NULL) {
2176     if (super->name() == ref_name) {
2177       return true;
2178     }
2179     super = super->super();
2180   }
2181   return false;
2182 }
2183 
2184 void ClassVerifier::verify_field_instructions(RawBytecodeStream* bcs,
2185                                               StackMapFrame* current_frame,
2186                                               const constantPoolHandle& cp,
2187                                               bool allow_arrays,
2188                                               TRAPS) {
2189   u2 index = bcs->get_index_u2();
2190   verify_cp_type(bcs->bci(), index, cp,
2191       1 << JVM_CONSTANT_Fieldref, CHECK_VERIFY(this));
2192 
2193   // Get field name and signature


2583       verify_error(ErrorContext::bad_type(bci,
2584           TypeOrigin::cp(new_class_index, new_class_type),
2585           TypeOrigin::cp(ref_class_index, ref_class_type)),
2586           "Call to wrong <init> method");
2587       return;
2588     }
2589     // According to the VM spec, if the referent class is a superclass of the
2590     // current class, and is in a different runtime package, and the method is
2591     // protected, then the objectref must be the current class or a subclass
2592     // of the current class.
2593     VerificationType objectref_type = new_class_type;
2594     if (name_in_supers(ref_class_type.name(), current_class())) {
2595       Klass* ref_klass = load_class(ref_class_type.name(), CHECK);
2596       if (was_recursively_verified()) return;
2597       Method* m = InstanceKlass::cast(ref_klass)->uncached_lookup_method(
2598         vmSymbols::object_initializer_name(),
2599         cp->signature_ref_at(bcs->get_index_u2()),
2600         Klass::find_overpass);
2601       // Do nothing if method is not found.  Let resolution detect the error.
2602       if (m != NULL) {
2603         instanceKlassHandle mh(THREAD, m->method_holder());
2604         if (m->is_protected() && !mh->is_same_class_package(_klass())) {
2605           bool assignable = current_type().is_assignable_from(
2606             objectref_type, this, true, CHECK_VERIFY(this));
2607           if (!assignable) {
2608             verify_error(ErrorContext::bad_type(bci,
2609                 TypeOrigin::cp(new_class_index, objectref_type),
2610                 TypeOrigin::implicit(current_type())),
2611                 "Bad access to protected <init> method");
2612             return;
2613           }
2614         }
2615       }
2616     }
2617     // Check the exception handler target stackmaps with the locals from the
2618     // incoming stackmap (before initialize_object() changes them to outgoing
2619     // state).
2620     if (in_try_block) {
2621       if (was_recursively_verified()) return;
2622       verify_exception_handler_targets(bci, *this_uninit, current_frame,
2623                                        stackmap_table, CHECK_VERIFY(this));
2624     }
2625     current_frame->initialize_object(type, new_class_type);
2626   } else {
2627     verify_error(ErrorContext::bad_type(bci, current_frame->stack_top_ctx()),
2628         "Bad operand type when invoking <init>");
2629     return;
2630   }
2631 }
2632 
2633 bool ClassVerifier::is_same_or_direct_interface(
2634     instanceKlassHandle klass,
2635     VerificationType klass_type,
2636     VerificationType ref_class_type) {
2637   if (ref_class_type.equals(klass_type)) return true;
2638   Array<Klass*>* local_interfaces = klass->local_interfaces();
2639   if (local_interfaces != NULL) {
2640     for (int x = 0; x < local_interfaces->length(); x++) {
2641       Klass* k = local_interfaces->at(x);
2642       assert (k != NULL && k->is_interface(), "invalid interface");
2643       if (ref_class_type.equals(VerificationType::reference_type(k->name()))) {
2644         return true;
2645       }
2646     }
2647   }
2648   return false;
2649 }
2650 
2651 void ClassVerifier::verify_invoke_instructions(
2652     RawBytecodeStream* bcs, u4 code_length, StackMapFrame* current_frame,
2653     bool in_try_block, bool *this_uninit, VerificationType return_type,
2654     const constantPoolHandle& cp, StackMapTable* stackmap_table, TRAPS) {




 108   // print in a single call to reduce interleaving between threads
 109   if (source_file != NULL) {
 110     log_debug(class, resolve)("%s %s %s (verification)", verify, resolve, source_file);
 111   } else {
 112     log_debug(class, resolve)("%s %s (verification)", verify, resolve);
 113   }
 114 }
 115 
 116 // Prints the end-verification message to the appropriate output.
 117 void Verifier::log_end_verification(outputStream* st, const char* klassName, Symbol* exception_name, TRAPS) {
 118   if (HAS_PENDING_EXCEPTION) {
 119     st->print("Verification for %s has", klassName);
 120     st->print_cr(" exception pending %s ",
 121                  PENDING_EXCEPTION->klass()->external_name());
 122   } else if (exception_name != NULL) {
 123     st->print_cr("Verification for %s failed", klassName);
 124   }
 125   st->print_cr("End class verification for: %s", klassName);
 126 }
 127 
 128 bool Verifier::verify(InstanceKlass* klass, Verifier::Mode mode, bool should_verify_class, TRAPS) {
 129   HandleMark hm(THREAD);
 130   ResourceMark rm(THREAD);
 131 
 132   // Eagerly allocate the identity hash code for a klass. This is a fallout
 133   // from 6320749 and 8059924: hash code generator is not supposed to be called
 134   // during the safepoint, but it allows to sneak the hashcode in during
 135   // verification. Without this eager hashcode generation, we may end up
 136   // installing the hashcode during some other operation, which may be at
 137   // safepoint -- blowing up the checks. It was previously done as the side
 138   // effect (sic!) for external_name(), but instead of doing that, we opt to
 139   // explicitly push the hashcode in here. This is signify the following block
 140   // is IMPORTANT:
 141   if (klass->java_mirror() != NULL) {
 142     klass->java_mirror()->identity_hash();
 143   }
 144 
 145   if (!is_eligible_for_verification(klass, should_verify_class)) {
 146     return true;
 147   }
 148 


 186       exception_message = split_verifier.exception_message();
 187     }
 188   } else {
 189     exception_name = inference_verify(
 190         klass, message_buffer, message_buffer_len, THREAD);
 191   }
 192 
 193   if (log_is_enabled(Info, class, init)){
 194     log_end_verification(Log(class, init)::info_stream(), klassName, exception_name, THREAD);
 195   }
 196   if (log_is_enabled(Info, verification)){
 197     log_end_verification(Log(verification)::info_stream(), klassName, exception_name, THREAD);
 198   }
 199 
 200   if (HAS_PENDING_EXCEPTION) {
 201     return false; // use the existing exception
 202   } else if (exception_name == NULL) {
 203     return true; // verifcation succeeded
 204   } else { // VerifyError or ClassFormatError to be created and thrown
 205     ResourceMark rm(THREAD);
 206     Klass* kls =
 207       SystemDictionary::resolve_or_fail(exception_name, true, CHECK_false);
 208     if (log_is_enabled(Debug, class, resolve)) {
 209       Verifier::trace_class_resolution(kls, klass);
 210     }
 211 
 212     while (kls != NULL) {
 213       if (kls == klass) {
 214         // If the class being verified is the exception we're creating
 215         // or one of it's superclasses, we're in trouble and are going
 216         // to infinitely recurse when we try to initialize the exception.
 217         // So bail out here by throwing the preallocated VM error.
 218         THROW_OOP_(Universe::virtual_machine_error_instance(), false);
 219       }
 220       kls = kls->super();
 221     }
 222     message_buffer[message_buffer_len - 1] = '\0'; // just to be sure
 223     THROW_MSG_(exception_name, exception_message, false);
 224   }
 225 }
 226 
 227 bool Verifier::is_eligible_for_verification(InstanceKlass* klass, bool should_verify_class) {
 228   Symbol* name = klass->name();
 229   Klass* refl_magic_klass = SystemDictionary::reflect_MagicAccessorImpl_klass();
 230 
 231   bool is_reflect = refl_magic_klass != NULL && klass->is_subtype_of(refl_magic_klass);
 232 
 233   return (should_verify_for(klass->class_loader(), should_verify_class) &&
 234     // return if the class is a bootstrapping class
 235     // or defineClass specified not to verify by default (flags override passed arg)
 236     // We need to skip the following four for bootstraping
 237     name != vmSymbols::java_lang_Object() &&
 238     name != vmSymbols::java_lang_Class() &&
 239     name != vmSymbols::java_lang_String() &&
 240     name != vmSymbols::java_lang_Throwable() &&
 241 
 242     // Can not verify the bytecodes for shared classes because they have
 243     // already been rewritten to contain constant pool cache indices,
 244     // which the verifier can't understand.
 245     // Shared classes shouldn't have stackmaps either.
 246     !klass->is_shared() &&
 247 
 248     // As of the fix for 4486457 we disable verification for all of the
 249     // dynamically-generated bytecodes associated with the 1.4
 250     // reflection implementation, not just those associated with
 251     // jdk/internal/reflect/SerializationConstructorAccessor.
 252     // NOTE: this is called too early in the bootstrapping process to be
 253     // guarded by Universe::is_gte_jdk14x_version().
 254     // Also for lambda generated code, gte jdk8
 255     (!is_reflect));
 256 }
 257 
 258 Symbol* Verifier::inference_verify(
 259     InstanceKlass* klass, char* message, size_t message_len, TRAPS) {
 260   JavaThread* thread = (JavaThread*)THREAD;
 261   JNIEnv *env = thread->jni_environment();
 262 
 263   void* verify_func = verify_byte_codes_fn();
 264 
 265   if (verify_func == NULL) {
 266     jio_snprintf(message, message_len, "Could not link verifier");
 267     return vmSymbols::java_lang_VerifyError();
 268   }
 269 
 270   ResourceMark rm(THREAD);
 271   log_info(verification)("Verifying class %s with old format", klass->external_name());
 272 
 273   jclass cls = (jclass) JNIHandles::make_local(env, klass->java_mirror());
 274   jint result;
 275 
 276   {
 277     HandleMark hm(thread);
 278     ThreadToNativeFromVM ttn(thread);
 279     // ThreadToNativeFromVM takes care of changing thread_state, so safepoint


 542     streamIndentor si2(ss);
 543     int current_offset = -1;
 544     address end_of_sm_table = (address)sm_table + method->stackmap_data()->length();
 545     for (u2 i = 0; i < sm_table->number_of_entries(); ++i) {
 546       ss->indent();
 547       if (!sm_frame->verify((address)sm_frame, end_of_sm_table)) {
 548         sm_frame->print_truncated(ss, current_offset);
 549         return;
 550       }
 551       sm_frame->print_on(ss, current_offset);
 552       ss->cr();
 553       current_offset += sm_frame->offset_delta();
 554       sm_frame = sm_frame->next();
 555     }
 556   }
 557 }
 558 
 559 // Methods in ClassVerifier
 560 
 561 ClassVerifier::ClassVerifier(
 562     InstanceKlass* klass, TRAPS)
 563     : _thread(THREAD), _exception_type(NULL), _message(NULL), _klass(klass) {
 564   _this_type = VerificationType::reference_type(klass->name());
 565   // Create list to hold symbols in reference area.
 566   _symbols = new GrowableArray<Symbol*>(100, 0, NULL);
 567 }
 568 
 569 ClassVerifier::~ClassVerifier() {
 570   // Decrement the reference count for any symbols created.
 571   for (int i = 0; i < _symbols->length(); i++) {
 572     Symbol* s = _symbols->at(i);
 573     s->decrement_refcount();
 574   }
 575 }
 576 
 577 VerificationType ClassVerifier::object_type() const {
 578   return VerificationType::reference_type(vmSymbols::java_lang_Object());
 579 }
 580 
 581 TypeOrigin ClassVerifier::ref_ctx(const char* sig, TRAPS) {
 582   VerificationType vt = VerificationType::reference_type(


1984   va_start(va, msg);
1985   ss.vprint(msg, va);
1986   va_end(va);
1987   if (!_method.is_null()) {
1988     ss.print(" in method %s", _method->name_and_sig_as_C_string());
1989   }
1990   _message = ss.as_string();
1991 }
1992 
1993 Klass* ClassVerifier::load_class(Symbol* name, TRAPS) {
1994   HandleMark hm(THREAD);
1995   // Get current loader and protection domain first.
1996   oop loader = current_class()->class_loader();
1997   oop protection_domain = current_class()->protection_domain();
1998 
1999   Klass* kls = SystemDictionary::resolve_or_fail(
2000     name, Handle(THREAD, loader), Handle(THREAD, protection_domain),
2001     true, THREAD);
2002 
2003   if (log_is_enabled(Debug, class, resolve)) {
2004     InstanceKlass* cur_class = InstanceKlass::cast(current_class());
2005     Verifier::trace_class_resolution(kls, cur_class);
2006   }
2007   return kls;
2008 }
2009 
2010 bool ClassVerifier::is_protected_access(InstanceKlass* this_class,
2011                                         Klass* target_class,
2012                                         Symbol* field_name,
2013                                         Symbol* field_sig,
2014                                         bool is_method) {
2015   NoSafepointVerifier nosafepoint;
2016 
2017   // If target class isn't a super class of this class, we don't worry about this case
2018   if (!this_class->is_subclass_of(target_class)) {
2019     return false;
2020   }
2021   // Check if the specified method or field is protected
2022   InstanceKlass* target_instance = InstanceKlass::cast(target_class);
2023   fieldDescriptor fd;
2024   if (is_method) {
2025     Method* m = target_instance->uncached_lookup_method(field_name, field_sig, Klass::find_overpass);
2026     if (m != NULL && m->is_protected()) {
2027       if (!this_class->is_same_class_package(m->method_holder())) {
2028         return true;
2029       }
2030     }


2153         verify_error(ErrorContext::bad_code(bci),
2154                      "Bad lookupswitch instruction");
2155         return;
2156       }
2157     }
2158   }
2159   int target = bci + default_offset;
2160   stackmap_table->check_jump_target(current_frame, target, CHECK_VERIFY(this));
2161   for (int i = 0; i < keys; i++) {
2162     // Because check_jump_target() may safepoint, the bytecode could have
2163     // moved, which means 'aligned_bcp' is no good and needs to be recalculated.
2164     aligned_bcp = (address)round_to((intptr_t)(bcs->bcp() + 1), jintSize);
2165     target = bci + (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize);
2166     stackmap_table->check_jump_target(
2167       current_frame, target, CHECK_VERIFY(this));
2168   }
2169   NOT_PRODUCT(aligned_bcp = NULL);  // no longer valid at this point
2170 }
2171 
2172 bool ClassVerifier::name_in_supers(
2173     Symbol* ref_name, InstanceKlass* current) {
2174   Klass* super = current->super();
2175   while (super != NULL) {
2176     if (super->name() == ref_name) {
2177       return true;
2178     }
2179     super = super->super();
2180   }
2181   return false;
2182 }
2183 
2184 void ClassVerifier::verify_field_instructions(RawBytecodeStream* bcs,
2185                                               StackMapFrame* current_frame,
2186                                               const constantPoolHandle& cp,
2187                                               bool allow_arrays,
2188                                               TRAPS) {
2189   u2 index = bcs->get_index_u2();
2190   verify_cp_type(bcs->bci(), index, cp,
2191       1 << JVM_CONSTANT_Fieldref, CHECK_VERIFY(this));
2192 
2193   // Get field name and signature


2583       verify_error(ErrorContext::bad_type(bci,
2584           TypeOrigin::cp(new_class_index, new_class_type),
2585           TypeOrigin::cp(ref_class_index, ref_class_type)),
2586           "Call to wrong <init> method");
2587       return;
2588     }
2589     // According to the VM spec, if the referent class is a superclass of the
2590     // current class, and is in a different runtime package, and the method is
2591     // protected, then the objectref must be the current class or a subclass
2592     // of the current class.
2593     VerificationType objectref_type = new_class_type;
2594     if (name_in_supers(ref_class_type.name(), current_class())) {
2595       Klass* ref_klass = load_class(ref_class_type.name(), CHECK);
2596       if (was_recursively_verified()) return;
2597       Method* m = InstanceKlass::cast(ref_klass)->uncached_lookup_method(
2598         vmSymbols::object_initializer_name(),
2599         cp->signature_ref_at(bcs->get_index_u2()),
2600         Klass::find_overpass);
2601       // Do nothing if method is not found.  Let resolution detect the error.
2602       if (m != NULL) {
2603         InstanceKlass* mh = m->method_holder();
2604         if (m->is_protected() && !mh->is_same_class_package(_klass)) {
2605           bool assignable = current_type().is_assignable_from(
2606             objectref_type, this, true, CHECK_VERIFY(this));
2607           if (!assignable) {
2608             verify_error(ErrorContext::bad_type(bci,
2609                 TypeOrigin::cp(new_class_index, objectref_type),
2610                 TypeOrigin::implicit(current_type())),
2611                 "Bad access to protected <init> method");
2612             return;
2613           }
2614         }
2615       }
2616     }
2617     // Check the exception handler target stackmaps with the locals from the
2618     // incoming stackmap (before initialize_object() changes them to outgoing
2619     // state).
2620     if (in_try_block) {
2621       if (was_recursively_verified()) return;
2622       verify_exception_handler_targets(bci, *this_uninit, current_frame,
2623                                        stackmap_table, CHECK_VERIFY(this));
2624     }
2625     current_frame->initialize_object(type, new_class_type);
2626   } else {
2627     verify_error(ErrorContext::bad_type(bci, current_frame->stack_top_ctx()),
2628         "Bad operand type when invoking <init>");
2629     return;
2630   }
2631 }
2632 
2633 bool ClassVerifier::is_same_or_direct_interface(
2634     InstanceKlass* klass,
2635     VerificationType klass_type,
2636     VerificationType ref_class_type) {
2637   if (ref_class_type.equals(klass_type)) return true;
2638   Array<Klass*>* local_interfaces = klass->local_interfaces();
2639   if (local_interfaces != NULL) {
2640     for (int x = 0; x < local_interfaces->length(); x++) {
2641       Klass* k = local_interfaces->at(x);
2642       assert (k != NULL && k->is_interface(), "invalid interface");
2643       if (ref_class_type.equals(VerificationType::reference_type(k->name()))) {
2644         return true;
2645       }
2646     }
2647   }
2648   return false;
2649 }
2650 
2651 void ClassVerifier::verify_invoke_instructions(
2652     RawBytecodeStream* bcs, u4 code_length, StackMapFrame* current_frame,
2653     bool in_try_block, bool *this_uninit, VerificationType return_type,
2654     const constantPoolHandle& cp, StackMapTable* stackmap_table, TRAPS) {


< prev index next >