1 /*
2 * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package java.lang.reflect;
27
28 import java.lang.annotation.Annotation;
29 import java.lang.invoke.MethodHandle;
30 import java.security.AccessController;
31
32 import jdk.internal.misc.VM;
33 import jdk.internal.module.IllegalAccessLogger;
34 import jdk.internal.reflect.CallerSensitive;
35 import jdk.internal.reflect.Reflection;
36 import jdk.internal.reflect.ReflectionFactory;
37 import sun.security.action.GetPropertyAction;
38 import sun.security.util.SecurityConstants;
39
40 /**
41 * The {@code AccessibleObject} class is the base class for {@code Field},
42 * {@code Method}, and {@code Constructor} objects (known as <em>reflected
43 * objects</em>). It provides the ability to flag a reflected object as
44 * suppressing checks for Java language access control when it is used. This
45 * permits sophisticated applications with sufficient privilege, such as Java
46 * Object Serialization or other persistence mechanisms, to manipulate objects
47 * in a manner that would normally be prohibited.
48 *
49 * <p> Java language access control prevents use of private members outside
50 * their top-level class; package access members outside their package; protected members
51 * outside their package or subclasses; and public members outside their
52 * module unless they are declared in an {@link Module#isExported(String,Module)
53 * exported} package and the user {@link Module#canRead reads} their module. By
54 * default, Java language access control is enforced (with one variation) when
55 * {@code Field}s, {@code Method}s, or {@code Constructor}s are used to get or
56 * set fields, to invoke methods, or to create and initialize new instances of
57 * classes, respectively. Every reflected object checks that the code using it
58 * is in an appropriate class, package, or module. </p>
59 *
60 * <p> The one variation from Java language access control is that the checks
61 * by reflected objects assume readability. That is, the module containing
62 * the use of a reflected object is assumed to read the module in which
63 * the underlying field, method, or constructor is declared. </p>
64 *
65 * <p> Whether the checks for Java language access control can be suppressed
66 * (and thus, whether access can be enabled) depends on whether the reflected
67 * object corresponds to a member in an exported or open package
68 * (see {@link #setAccessible(boolean)}). </p>
69 *
70 * @jls 6.6 Access Control
71 * @since 1.2
72 * @revised 9
73 * @spec JPMS
74 */
75 public class AccessibleObject implements AnnotatedElement {
76
77 static void checkPermission() {
78 SecurityManager sm = System.getSecurityManager();
79 if (sm != null) {
80 // SecurityConstants.ACCESS_PERMISSION is used to check
81 // whether a client has sufficient privilege to defeat Java
82 // language access control checks.
83 sm.checkPermission(SecurityConstants.ACCESS_PERMISSION);
84 }
85 }
86
87 /**
88 * Convenience method to set the {@code accessible} flag for an
89 * array of reflected objects with a single security check (for efficiency).
90 *
91 * <p> This method may be used to enable access to all reflected objects in
92 * the array when access to each reflected object can be enabled as
93 * specified by {@link #setAccessible(boolean) setAccessible(boolean)}. </p>
94 *
95 * <p>If there is a security manager, its
96 * {@code checkPermission} method is first called with a
97 * {@code ReflectPermission("suppressAccessChecks")} permission.
98 *
99 * <p>A {@code SecurityException} is also thrown if any of the elements of
100 * the input {@code array} is a {@link java.lang.reflect.Constructor}
101 * object for the class {@code java.lang.Class} and {@code flag} is true.
102 *
103 * @param array the array of AccessibleObjects
104 * @param flag the new value for the {@code accessible} flag
105 * in each object
106 * @throws InaccessibleObjectException if access cannot be enabled for all
107 * objects in the array
108 * @throws SecurityException if the request is denied by the security manager
109 * or an element in the array is a constructor for {@code
110 * java.lang.Class}
111 * @see SecurityManager#checkPermission
112 * @see ReflectPermission
113 * @revised 9
114 * @spec JPMS
115 */
116 @CallerSensitive
117 public static void setAccessible(AccessibleObject[] array, boolean flag) {
118 checkPermission();
119 if (flag) {
120 Class<?> caller = Reflection.getCallerClass();
121 array = array.clone();
122 for (AccessibleObject ao : array) {
123 ao.checkCanSetAccessible(caller);
124 }
125 }
126 for (AccessibleObject ao : array) {
127 ao.setAccessible0(flag);
128 }
129 }
130
131 /**
132 * Set the {@code accessible} flag for this reflected object to
133 * the indicated boolean value. A value of {@code true} indicates that
134 * the reflected object should suppress checks for Java language access
135 * control when it is used. A value of {@code false} indicates that
136 * the reflected object should enforce checks for Java language access
137 * control when it is used, with the variation noted in the class description.
138 *
139 * <p> This method may be used by a caller in class {@code C} to enable
140 * access to a {@link Member member} of {@link Member#getDeclaringClass()
141 * declaring class} {@code D} if any of the following hold: </p>
142 *
143 * <ul>
144 * <li> {@code C} and {@code D} are in the same module. </li>
145 *
146 * <li> The member is {@code public} and {@code D} is {@code public} in
147 * a package that the module containing {@code D} {@link
148 * Module#isExported(String,Module) exports} to at least the module
149 * containing {@code C}. </li>
150 *
151 * <li> The member is {@code protected} {@code static}, {@code D} is
152 * {@code public} in a package that the module containing {@code D}
153 * exports to at least the module containing {@code C}, and {@code C}
154 * is a subclass of {@code D}. </li>
155 *
156 * <li> {@code D} is in a package that the module containing {@code D}
157 * {@link Module#isOpen(String,Module) opens} to at least the module
158 * containing {@code C}.
159 * All packages in unnamed and open modules are open to all modules and
160 * so this method always succeeds when {@code D} is in an unnamed or
161 * open module. </li>
162 * </ul>
163 *
164 * <p> This method cannot be used to enable access to private members,
165 * members with default (package) access, protected instance members, or
166 * protected constructors when the declaring class is in a different module
167 * to the caller and the package containing the declaring class is not open
168 * to the caller's module. </p>
169 *
170 * <p> If there is a security manager, its
171 * {@code checkPermission} method is first called with a
172 * {@code ReflectPermission("suppressAccessChecks")} permission.
173 *
174 * @param flag the new value for the {@code accessible} flag
175 * @throws InaccessibleObjectException if access cannot be enabled
176 * @throws SecurityException if the request is denied by the security manager
177 * @see #trySetAccessible
178 * @see java.lang.invoke.MethodHandles#privateLookupIn
179 * @revised 9
180 * @spec JPMS
181 */
182 @CallerSensitive // overrides in Method/Field/Constructor are @CS
183 public void setAccessible(boolean flag) {
184 AccessibleObject.checkPermission();
185 setAccessible0(flag);
186 }
187
188 /**
189 * Sets the accessible flag and returns the new value
190 */
191 boolean setAccessible0(boolean flag) {
192 this.override = flag;
193 return flag;
194 }
195
196 /**
197 * Set the {@code accessible} flag for this reflected object to {@code true}
198 * if possible. This method sets the {@code accessible} flag, as if by
199 * invoking {@link #setAccessible(boolean) setAccessible(true)}, and returns
200 * the possibly-updated value for the {@code accessible} flag. If access
201 * cannot be enabled, i.e. the checks or Java language access control cannot
202 * be suppressed, this method returns {@code false} (as opposed to {@code
203 * setAccessible(true)} throwing {@code InaccessibleObjectException} when
204 * it fails).
205 *
206 * <p> This method is a no-op if the {@code accessible} flag for
207 * this reflected object is {@code true}.
208 *
209 * <p> For example, a caller can invoke {@code trySetAccessible}
210 * on a {@code Method} object for a private instance method
211 * {@code p.T::privateMethod} to suppress the checks for Java language access
212 * control when the {@code Method} is invoked.
213 * If {@code p.T} class is in a different module to the caller and
214 * package {@code p} is open to at least the caller's module,
215 * the code below successfully sets the {@code accessible} flag
216 * to {@code true}.
217 *
218 * <pre>
219 * {@code
220 * p.T obj = ....; // instance of p.T
221 * :
222 * Method m = p.T.class.getDeclaredMethod("privateMethod");
223 * if (m.trySetAccessible()) {
224 * m.invoke(obj);
225 * } else {
226 * // package p is not opened to the caller to access private member of T
227 * ...
228 * }
229 * }</pre>
230 *
231 * <p> If there is a security manager, its {@code checkPermission} method
232 * is first called with a {@code ReflectPermission("suppressAccessChecks")}
233 * permission. </p>
234 *
235 * @return {@code true} if the {@code accessible} flag is set to {@code true};
236 * {@code false} if access cannot be enabled.
237 * @throws SecurityException if the request is denied by the security manager
238 *
239 * @since 9
240 * @spec JPMS
241 * @see java.lang.invoke.MethodHandles#privateLookupIn
242 */
243 @CallerSensitive
244 public final boolean trySetAccessible() {
245 AccessibleObject.checkPermission();
246
247 if (override == true) return true;
248
249 // if it's not a Constructor, Method, Field then no access check
250 if (!Member.class.isInstance(this)) {
251 return setAccessible0(true);
252 }
253
254 // does not allow to suppress access check for Class's constructor
255 Class<?> declaringClass = ((Member) this).getDeclaringClass();
256 if (declaringClass == Class.class && this instanceof Constructor) {
257 return false;
258 }
259
260 if (checkCanSetAccessible(Reflection.getCallerClass(),
261 declaringClass,
262 false)) {
263 return setAccessible0(true);
264 } else {
265 return false;
266 }
267 }
268
269
270 /**
271 * If the given AccessibleObject is a {@code Constructor}, {@code Method}
272 * or {@code Field} then checks that its declaring class is in a package
273 * that can be accessed by the given caller of setAccessible.
274 */
275 void checkCanSetAccessible(Class<?> caller) {
276 // do nothing, needs to be overridden by Constructor, Method, Field
277 }
278
279 final void checkCanSetAccessible(Class<?> caller, Class<?> declaringClass) {
280 checkCanSetAccessible(caller, declaringClass, true);
281 }
282
283 private boolean checkCanSetAccessible(Class<?> caller,
284 Class<?> declaringClass,
285 boolean throwExceptionIfDenied) {
286 if (caller == MethodHandle.class) {
287 throw new IllegalCallerException(); // should not happen
288 }
289
290 Module callerModule = caller.getModule();
291 Module declaringModule = declaringClass.getModule();
292
293 if (callerModule == declaringModule) return true;
294 if (callerModule == Object.class.getModule()) return true;
295 if (!declaringModule.isNamed()) return true;
296
297 String pn = declaringClass.getPackageName();
298 int modifiers;
299 if (this instanceof Executable) {
300 modifiers = ((Executable) this).getModifiers();
301 } else {
302 modifiers = ((Field) this).getModifiers();
303 }
304
305 // class is public and package is exported to caller
306 boolean isClassPublic = Modifier.isPublic(declaringClass.getModifiers());
307 if (isClassPublic && declaringModule.isExported(pn, callerModule)) {
308 // member is public
309 if (Modifier.isPublic(modifiers)) {
310 logIfExportedForIllegalAccess(caller, declaringClass);
311 return true;
312 }
313
314 // member is protected-static
315 if (Modifier.isProtected(modifiers)
316 && Modifier.isStatic(modifiers)
317 && isSubclassOf(caller, declaringClass)) {
318 logIfExportedForIllegalAccess(caller, declaringClass);
319 return true;
320 }
321 }
322
323 // package is open to caller
324 if (declaringModule.isOpen(pn, callerModule)) {
325 logIfOpenedForIllegalAccess(caller, declaringClass);
326 return true;
327 }
328
329 if (throwExceptionIfDenied) {
330 // not accessible
331 String msg = "Unable to make ";
332 if (this instanceof Field)
333 msg += "field ";
334 msg += this + " accessible: " + declaringModule + " does not \"";
335 if (isClassPublic && Modifier.isPublic(modifiers))
336 msg += "exports";
337 else
338 msg += "opens";
339 msg += " " + pn + "\" to " + callerModule;
340 InaccessibleObjectException e = new InaccessibleObjectException(msg);
341 if (printStackTraceWhenAccessFails()) {
342 e.printStackTrace(System.err);
343 }
344 throw e;
345 }
346 return false;
347 }
348
349 private boolean isSubclassOf(Class<?> queryClass, Class<?> ofClass) {
350 while (queryClass != null) {
351 if (queryClass == ofClass) {
352 return true;
353 }
354 queryClass = queryClass.getSuperclass();
355 }
356 return false;
357 }
358
359 private void logIfOpenedForIllegalAccess(Class<?> caller, Class<?> declaringClass) {
360 Module callerModule = caller.getModule();
361 Module targetModule = declaringClass.getModule();
362 // callerModule is null during early startup
363 if (callerModule != null && !callerModule.isNamed() && targetModule.isNamed()) {
364 IllegalAccessLogger logger = IllegalAccessLogger.illegalAccessLogger();
365 if (logger != null) {
366 logger.logIfOpenedForIllegalAccess(caller, declaringClass, this::toShortString);
367 }
368 }
369 }
370
371 private void logIfExportedForIllegalAccess(Class<?> caller, Class<?> declaringClass) {
372 Module callerModule = caller.getModule();
373 Module targetModule = declaringClass.getModule();
374 // callerModule is null during early startup
375 if (callerModule != null && !callerModule.isNamed() && targetModule.isNamed()) {
376 IllegalAccessLogger logger = IllegalAccessLogger.illegalAccessLogger();
377 if (logger != null) {
378 logger.logIfExportedForIllegalAccess(caller, declaringClass, this::toShortString);
379 }
380 }
381 }
382
383 /**
384 * Returns a short descriptive string to describe this object in log messages.
385 */
386 String toShortString() {
387 return toString();
388 }
389
390 /**
391 * Get the value of the {@code accessible} flag for this reflected object.
392 *
393 * @return the value of the object's {@code accessible} flag
394 *
395 * @deprecated
396 * This method is deprecated because its name hints that it checks
397 * if the reflected object is accessible when it actually indicates
398 * if the checks for Java language access control are suppressed.
399 * This method may return {@code false} on a reflected object that is
400 * accessible to the caller. To test if this reflected object is accessible,
401 * it should use {@link #canAccess(Object)}.
402 *
403 * @revised 9
404 * @spec JPMS
405 */
406 @Deprecated(since="9")
407 public boolean isAccessible() {
408 return override;
409 }
410
411 /**
412 * Test if the caller can access this reflected object. If this reflected
413 * object corresponds to an instance method or field then this method tests
414 * if the caller can access the given {@code obj} with the reflected object.
415 * For instance methods or fields then the {@code obj} argument must be an
416 * instance of the {@link Member#getDeclaringClass() declaring class}. For
417 * static members and constructors then {@code obj} must be {@code null}.
418 *
419 * <p> This method returns {@code true} if the {@code accessible} flag
420 * is set to {@code true}, i.e. the checks for Java language access control
421 * are suppressed, or if the caller can access the member as
422 * specified in <cite>The Java™ Language Specification</cite>,
423 * with the variation noted in the class description. </p>
424 *
425 * @param obj an instance object of the declaring class of this reflected
426 * object if it is an instance method or field
427 *
428 * @return {@code true} if the caller can access this reflected object.
429 *
430 * @throws IllegalArgumentException
431 * <ul>
432 * <li> if this reflected object is a static member or constructor and
433 * the given {@code obj} is non-{@code null}, or </li>
434 * <li> if this reflected object is an instance method or field
435 * and the given {@code obj} is {@code null} or of type
436 * that is not a subclass of the {@link Member#getDeclaringClass()
437 * declaring class} of the member.</li>
438 * </ul>
439 *
440 * @since 9
441 * @spec JPMS
442 * @jls 6.6 Access Control
443 * @see #trySetAccessible
444 * @see #setAccessible(boolean)
445 */
446 @CallerSensitive
447 public final boolean canAccess(Object obj) {
448 if (!Member.class.isInstance(this)) {
449 return override;
450 }
451
452 Class<?> declaringClass = ((Member) this).getDeclaringClass();
453 int modifiers = ((Member) this).getModifiers();
454 if (!Modifier.isStatic(modifiers) &&
455 (this instanceof Method || this instanceof Field)) {
456 if (obj == null) {
457 throw new IllegalArgumentException("null object for " + this);
458 }
459 // if this object is an instance member, the given object
460 // must be a subclass of the declaring class of this reflected object
461 if (!declaringClass.isAssignableFrom(obj.getClass())) {
462 throw new IllegalArgumentException("object is not an instance of "
463 + declaringClass.getName());
464 }
465 } else if (obj != null) {
466 throw new IllegalArgumentException("non-null object for " + this);
467 }
468
469 // access check is suppressed
470 if (override) return true;
471
472 Class<?> caller = Reflection.getCallerClass();
473 Class<?> targetClass;
474 if (this instanceof Constructor) {
475 targetClass = declaringClass;
476 } else {
477 targetClass = Modifier.isStatic(modifiers) ? null : obj.getClass();
478 }
479 return verifyAccess(caller, declaringClass, targetClass, modifiers);
480 }
481
482 /**
483 * Constructor: only used by the Java Virtual Machine.
484 */
485 protected AccessibleObject() {}
486
487 // Indicates whether language-level access checks are overridden
488 // by this object. Initializes to "false". This field is used by
489 // Field, Method, and Constructor.
490 //
491 // NOTE: for security purposes, this field must not be visible
492 // outside this package.
493 boolean override;
494
495 // Reflection factory used by subclasses for creating field,
496 // method, and constructor accessors. Note that this is called
497 // very early in the bootstrapping process.
498 static final ReflectionFactory reflectionFactory =
499 AccessController.doPrivileged(
500 new ReflectionFactory.GetReflectionFactoryAction());
501
502 /**
503 * @throws NullPointerException {@inheritDoc}
504 * @since 1.5
505 */
506 public <T extends Annotation> T getAnnotation(Class<T> annotationClass) {
507 throw new AssertionError("All subclasses should override this method");
508 }
509
510 /**
511 * {@inheritDoc}
512 * @throws NullPointerException {@inheritDoc}
513 * @since 1.5
514 */
515 @Override
516 public boolean isAnnotationPresent(Class<? extends Annotation> annotationClass) {
517 return AnnotatedElement.super.isAnnotationPresent(annotationClass);
518 }
519
520 /**
521 * @throws NullPointerException {@inheritDoc}
522 * @since 1.8
523 */
524 @Override
525 public <T extends Annotation> T[] getAnnotationsByType(Class<T> annotationClass) {
526 throw new AssertionError("All subclasses should override this method");
527 }
528
529 /**
530 * @since 1.5
531 */
532 public Annotation[] getAnnotations() {
533 return getDeclaredAnnotations();
534 }
535
536 /**
537 * @throws NullPointerException {@inheritDoc}
538 * @since 1.8
539 */
540 @Override
541 public <T extends Annotation> T getDeclaredAnnotation(Class<T> annotationClass) {
542 // Only annotations on classes are inherited, for all other
543 // objects getDeclaredAnnotation is the same as
544 // getAnnotation.
545 return getAnnotation(annotationClass);
546 }
547
548 /**
549 * @throws NullPointerException {@inheritDoc}
550 * @since 1.8
551 */
552 @Override
553 public <T extends Annotation> T[] getDeclaredAnnotationsByType(Class<T> annotationClass) {
554 // Only annotations on classes are inherited, for all other
555 // objects getDeclaredAnnotationsByType is the same as
556 // getAnnotationsByType.
557 return getAnnotationsByType(annotationClass);
558 }
559
560 /**
561 * @since 1.5
562 */
563 public Annotation[] getDeclaredAnnotations() {
564 throw new AssertionError("All subclasses should override this method");
565 }
566
567 // Shared access checking logic.
568
569 // For non-public members or members in package-private classes,
570 // it is necessary to perform somewhat expensive security checks.
571 // If the security check succeeds for a given class, it will
572 // always succeed (it is not affected by the granting or revoking
573 // of permissions); we speed up the check in the common case by
574 // remembering the last Class for which the check succeeded.
575 //
576 // The simple security check for Constructor is to see if
577 // the caller has already been seen, verified, and cached.
578 // (See also Class.newInstance(), which uses a similar method.)
579 //
580 // A more complicated security check cache is needed for Method and Field
581 // The cache can be either null (empty cache), a 2-array of {caller,targetClass},
582 // or a caller (with targetClass implicitly equal to memberClass).
583 // In the 2-array case, the targetClass is always different from the memberClass.
584 volatile Object securityCheckCache;
585
586 final void checkAccess(Class<?> caller, Class<?> memberClass,
587 Class<?> targetClass, int modifiers)
588 throws IllegalAccessException
589 {
590 if (!verifyAccess(caller, memberClass, targetClass, modifiers)) {
591 IllegalAccessException e = Reflection.newIllegalAccessException(
592 caller, memberClass, targetClass, modifiers);
593 if (printStackTraceWhenAccessFails()) {
594 e.printStackTrace(System.err);
595 }
596 throw e;
597 }
598 }
599
600 final boolean verifyAccess(Class<?> caller, Class<?> memberClass,
601 Class<?> targetClass, int modifiers)
602 {
603 if (caller == memberClass) { // quick check
604 return true; // ACCESS IS OK
605 }
606 Object cache = securityCheckCache; // read volatile
607 if (targetClass != null // instance member or constructor
608 && Modifier.isProtected(modifiers)
609 && targetClass != memberClass) {
610 // Must match a 2-list of { caller, targetClass }.
611 if (cache instanceof Class[]) {
612 Class<?>[] cache2 = (Class<?>[]) cache;
613 if (cache2[1] == targetClass &&
614 cache2[0] == caller) {
615 return true; // ACCESS IS OK
616 }
617 // (Test cache[1] first since range check for [1]
618 // subsumes range check for [0].)
619 }
620 } else if (cache == caller) {
621 // Non-protected case (or targetClass == memberClass or static member).
622 return true; // ACCESS IS OK
623 }
624
625 // If no return, fall through to the slow path.
626 return slowVerifyAccess(caller, memberClass, targetClass, modifiers);
627 }
628
629 // Keep all this slow stuff out of line:
630 private boolean slowVerifyAccess(Class<?> caller, Class<?> memberClass,
631 Class<?> targetClass, int modifiers)
632 {
633 if (!Reflection.verifyMemberAccess(caller, memberClass, targetClass, modifiers)) {
634 // access denied
635 return false;
636 }
637
638 // access okay
639 logIfExportedForIllegalAccess(caller, memberClass);
640
641 // Success: Update the cache.
642 Object cache = (targetClass != null
643 && Modifier.isProtected(modifiers)
644 && targetClass != memberClass)
645 ? new Class<?>[] { caller, targetClass }
646 : caller;
647
648 // Note: The two cache elements are not volatile,
649 // but they are effectively final. The Java memory model
650 // guarantees that the initializing stores for the cache
651 // elements will occur before the volatile write.
652 securityCheckCache = cache; // write volatile
653 return true;
654 }
655
656 // true to print a stack trace when access fails
657 private static volatile boolean printStackWhenAccessFails;
658
659 // true if printStack* values are initialized
660 private static volatile boolean printStackPropertiesSet;
661
662 /**
663 * Returns true if a stack trace should be printed when access fails.
664 */
665 private static boolean printStackTraceWhenAccessFails() {
666 if (!printStackPropertiesSet && VM.initLevel() >= 1) {
667 String s = GetPropertyAction.privilegedGetProperty(
668 "sun.reflect.debugModuleAccessChecks");
669 if (s != null) {
670 printStackWhenAccessFails = !s.equalsIgnoreCase("false");
671 }
672 printStackPropertiesSet = true;
673 }
674 return printStackWhenAccessFails;
675 }
676
677 /**
678 * Returns the root AccessibleObject; or null if this object is the root.
679 *
680 * All subclasses override this method.
681 */
682 AccessibleObject getRoot() {
683 throw new InternalError();
684 }
685 }