1 /*
2 * Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23 package jdk.vm.ci.hotspot;
24
25 import static java.lang.String.format;
26
27 import java.io.IOException;
28 import java.io.InputStream;
29 import java.lang.reflect.Constructor;
30 import java.lang.reflect.Executable;
31 import java.lang.reflect.Method;
32 import java.lang.reflect.Modifier;
33 import java.util.Arrays;
34 import java.util.Objects;
35
36 import jdk.vm.ci.common.JVMCIError;
37 import jdk.internal.org.objectweb.asm.ClassReader;
38 import jdk.internal.org.objectweb.asm.ClassVisitor;
39 import jdk.internal.org.objectweb.asm.Label;
40 import jdk.internal.org.objectweb.asm.MethodVisitor;
41 import jdk.internal.org.objectweb.asm.Opcodes;
42 import jdk.internal.org.objectweb.asm.Type;
43 import jdk.internal.misc.Unsafe;
44
45 /**
46 * A {@link ClassVisitor} that verifies {@link HotSpotVMConfig} does not access {@link Unsafe} from
47 * any of its non-static, non-constructor methods. This ensures that a deserialized
48 * {@link HotSpotVMConfig} object does not perform any unsafe reads on addresses that are only valid
49 * in the context in which the object was serialized. Note that this does not catch cases where a
50 * client uses an address stored in a {@link HotSpotVMConfig} field.
51 */
52 final class HotSpotVMConfigVerifier extends ClassVisitor {
53
54 public static boolean check() {
55 Class<?> cls = HotSpotVMConfig.class;
56 String classFilePath = "/" + cls.getName().replace('.', '/') + ".class";
57 try {
58 InputStream classfile = cls.getResourceAsStream(classFilePath);
59 ClassReader cr = new ClassReader(Objects.requireNonNull(classfile, "Could not find class file for " + cls.getName()));
60 ClassVisitor cv = new HotSpotVMConfigVerifier();
61 cr.accept(cv, 0);
62 return true;
63 } catch (IOException e) {
64 throw new JVMCIError(e);
65 }
66 }
67
68 /**
69 * Source file context for error reporting.
70 */
71 String sourceFile = null;
72
73 /**
74 * Line number for error reporting.
75 */
76 int lineNo = -1;
77
78 private static Class<?> resolve(String name) {
79 try {
80 return Class.forName(name.replace('/', '.'));
81 } catch (ClassNotFoundException e) {
82 throw new JVMCIError(e);
83 }
84 }
85
86 HotSpotVMConfigVerifier() {
87 super(Opcodes.ASM5);
88 }
89
90 @Override
91 public void visitSource(String source, String debug) {
92 this.sourceFile = source;
93 }
94
95 void verify(boolean condition, String message) {
96 if (!condition) {
97 error(message);
98 }
99 }
100
101 void error(String message) {
102 String errorMessage = format("%s:%d: %s is not allowed in the context of compilation replay. The unsafe access should be moved into the %s constructor and the result cached in a field",
103 sourceFile, lineNo, message, HotSpotVMConfig.class.getSimpleName());
104 throw new JVMCIError(errorMessage);
105
106 }
107
108 @Override
109 public MethodVisitor visitMethod(int access, String name, String d, String signature, String[] exceptions) {
110 if (!Modifier.isStatic(access) && Modifier.isPublic(access) && !name.equals("<init>")) {
111 return new MethodVisitor(Opcodes.ASM5) {
112
113 @Override
114 public void visitLineNumber(int line, Label start) {
115 lineNo = line;
116 }
117
118 private Executable resolveMethod(String owner, String methodName, String methodDesc) {
119 Class<?> declaringClass = resolve(owner);
120 while (declaringClass != null) {
121 if (methodName.equals("<init>")) {
122 for (Constructor<?> c : declaringClass.getDeclaredConstructors()) {
123 if (methodDesc.equals(Type.getConstructorDescriptor(c))) {
124 return c;
125 }
126 }
127 } else {
128 Type[] argumentTypes = Type.getArgumentTypes(methodDesc);
129 for (Method m : declaringClass.getDeclaredMethods()) {
130 if (m.getName().equals(methodName)) {
131 if (Arrays.equals(argumentTypes, Type.getArgumentTypes(m))) {
132 if (Type.getReturnType(methodDesc).equals(Type.getReturnType(m))) {
133 return m;
134 }
135 }
136 }
137 }
138 }
139 declaringClass = declaringClass.getSuperclass();
140 }
141 throw new NoSuchMethodError(owner + "." + methodName + methodDesc);
142 }
143
144 /**
145 * Checks whether a given method is allowed to be called.
146 */
147 private boolean checkInvokeTarget(Executable method) {
148 if (method.getDeclaringClass().equals(Unsafe.class)) {
149 return false;
150 }
151 return true;
152 }
153
154 @Override
155 public void visitMethodInsn(int opcode, String owner, String methodName, String methodDesc, boolean itf) {
156 Executable callee = resolveMethod(owner, methodName, methodDesc);
157 verify(checkInvokeTarget(callee), "invocation of " + callee);
158 }
159 };
160 } else {
161 return null;
162 }
163 }
164 }