1 /*
2 * Copyright (c) 1998, 2012, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 *
23 */
24
25 #include "precompiled.hpp"
26 #include "classfile/classFileStream.hpp"
27 #include "classfile/javaClasses.hpp"
28 #include "classfile/stackMapTable.hpp"
29 #include "classfile/systemDictionary.hpp"
30 #include "classfile/verifier.hpp"
31 #include "classfile/vmSymbols.hpp"
32 #include "interpreter/bytecodeStream.hpp"
33 #include "memory/oopFactory.hpp"
34 #include "memory/resourceArea.hpp"
35 #include "oops/instanceKlass.hpp"
36 #include "oops/oop.inline.hpp"
37 #include "oops/typeArrayOop.hpp"
38 #include "prims/jvm.h"
39 #include "runtime/fieldDescriptor.hpp"
40 #include "runtime/handles.inline.hpp"
41 #include "runtime/interfaceSupport.hpp"
42 #include "runtime/javaCalls.hpp"
43 #include "runtime/orderAccess.hpp"
44 #include "runtime/os.hpp"
45 #ifdef TARGET_ARCH_x86
46 # include "bytes_x86.hpp"
47 #endif
48 #ifdef TARGET_ARCH_sparc
49 # include "bytes_sparc.hpp"
50 #endif
51 #ifdef TARGET_ARCH_zero
52 # include "bytes_zero.hpp"
53 #endif
54 #ifdef TARGET_ARCH_arm
55 # include "bytes_arm.hpp"
56 #endif
57 #ifdef TARGET_ARCH_ppc
58 # include "bytes_ppc.hpp"
59 #endif
60
61 #define NOFAILOVER_MAJOR_VERSION 51
62
63 // Access to external entry for VerifyClassCodes - old byte code verifier
64
65 extern "C" {
66 typedef jboolean (*verify_byte_codes_fn_t)(JNIEnv *, jclass, char *, jint);
67 typedef jboolean (*verify_byte_codes_fn_new_t)(JNIEnv *, jclass, char *, jint, jint);
68 }
69
70 static void* volatile _verify_byte_codes_fn = NULL;
71
72 static volatile jint _is_new_verify_byte_codes_fn = (jint) true;
73
74 static void* verify_byte_codes_fn() {
75 if (_verify_byte_codes_fn == NULL) {
76 void *lib_handle = os::native_java_library();
77 void *func = os::dll_lookup(lib_handle, "VerifyClassCodesForMajorVersion");
78 OrderAccess::release_store_ptr(&_verify_byte_codes_fn, func);
79 if (func == NULL) {
80 OrderAccess::release_store(&_is_new_verify_byte_codes_fn, false);
81 func = os::dll_lookup(lib_handle, "VerifyClassCodes");
82 OrderAccess::release_store_ptr(&_verify_byte_codes_fn, func);
83 }
84 }
85 return (void*)_verify_byte_codes_fn;
86 }
87
88
89 // Methods in Verifier
90
91 bool Verifier::should_verify_for(oop class_loader, bool should_verify_class) {
92 return (class_loader == NULL || !should_verify_class) ?
93 BytecodeVerificationLocal : BytecodeVerificationRemote;
94 }
95
96 bool Verifier::relax_verify_for(oop loader) {
97 bool trusted = java_lang_ClassLoader::is_trusted_loader(loader);
98 bool need_verify =
99 // verifyAll
100 (BytecodeVerificationLocal && BytecodeVerificationRemote) ||
101 // verifyRemote
102 (!BytecodeVerificationLocal && BytecodeVerificationRemote && !trusted);
103 return !need_verify;
104 }
105
106 bool Verifier::verify(instanceKlassHandle klass, Verifier::Mode mode, bool should_verify_class, TRAPS) {
107 HandleMark hm;
108 ResourceMark rm(THREAD);
109
110 Symbol* exception_name = NULL;
111 const size_t message_buffer_len = klass->name()->utf8_length() + 1024;
112 char* message_buffer = NEW_RESOURCE_ARRAY(char, message_buffer_len);
113
114 const char* klassName = klass->external_name();
115
116 // If the class should be verified, first see if we can use the split
117 // verifier. If not, or if verification fails and FailOverToOldVerifier
118 // is set, then call the inference verifier.
119 if (is_eligible_for_verification(klass, should_verify_class)) {
120 if (TraceClassInitialization) {
121 tty->print_cr("Start class verification for: %s", klassName);
122 }
123 if (UseSplitVerifier &&
124 klass->major_version() >= STACKMAP_ATTRIBUTE_MAJOR_VERSION) {
125 ClassVerifier split_verifier(
126 klass, message_buffer, message_buffer_len, THREAD);
127 split_verifier.verify_class(THREAD);
128 exception_name = split_verifier.result();
129 if (klass->major_version() < NOFAILOVER_MAJOR_VERSION &&
130 FailOverToOldVerifier && !HAS_PENDING_EXCEPTION &&
131 (exception_name == vmSymbols::java_lang_VerifyError() ||
132 exception_name == vmSymbols::java_lang_ClassFormatError())) {
133 if (TraceClassInitialization) {
134 tty->print_cr(
135 "Fail over class verification to old verifier for: %s", klassName);
136 }
137 exception_name = inference_verify(
138 klass, message_buffer, message_buffer_len, THREAD);
139 }
140 } else {
141 exception_name = inference_verify(
142 klass, message_buffer, message_buffer_len, THREAD);
143 }
144
145 if (TraceClassInitialization) {
146 if (HAS_PENDING_EXCEPTION) {
147 tty->print("Verification for %s has", klassName);
148 tty->print_cr(" exception pending %s ",
149 instanceKlass::cast(PENDING_EXCEPTION->klass())->external_name());
150 } else if (exception_name != NULL) {
151 tty->print_cr("Verification for %s failed", klassName);
152 }
153 tty->print_cr("End class verification for: %s", klassName);
154 }
155 }
156
157 if (HAS_PENDING_EXCEPTION) {
158 return false; // use the existing exception
159 } else if (exception_name == NULL) {
160 return true; // verifcation succeeded
161 } else { // VerifyError or ClassFormatError to be created and thrown
162 ResourceMark rm(THREAD);
163 instanceKlassHandle kls =
164 SystemDictionary::resolve_or_fail(exception_name, true, CHECK_false);
165 while (!kls.is_null()) {
166 if (kls == klass) {
167 // If the class being verified is the exception we're creating
168 // or one of it's superclasses, we're in trouble and are going
169 // to infinitely recurse when we try to initialize the exception.
170 // So bail out here by throwing the preallocated VM error.
171 THROW_OOP_(Universe::virtual_machine_error_instance(), false);
172 }
173 kls = kls->super();
174 }
175 message_buffer[message_buffer_len - 1] = '\0'; // just to be sure
176 THROW_MSG_(exception_name, message_buffer, false);
177 }
178 }
179
180 bool Verifier::is_eligible_for_verification(instanceKlassHandle klass, bool should_verify_class) {
181 Symbol* name = klass->name();
182 klassOop refl_magic_klass = SystemDictionary::reflect_MagicAccessorImpl_klass();
183
184 return (should_verify_for(klass->class_loader(), should_verify_class) &&
185 // return if the class is a bootstrapping class
186 // or defineClass specified not to verify by default (flags override passed arg)
187 // We need to skip the following four for bootstraping
188 name != vmSymbols::java_lang_Object() &&
189 name != vmSymbols::java_lang_Class() &&
190 name != vmSymbols::java_lang_String() &&
191 name != vmSymbols::java_lang_Throwable() &&
192
193 // Can not verify the bytecodes for shared classes because they have
194 // already been rewritten to contain constant pool cache indices,
195 // which the verifier can't understand.
196 // Shared classes shouldn't have stackmaps either.
197 !klass()->is_shared() &&
198
199 // As of the fix for 4486457 we disable verification for all of the
200 // dynamically-generated bytecodes associated with the 1.4
201 // reflection implementation, not just those associated with
202 // sun/reflect/SerializationConstructorAccessor.
203 // NOTE: this is called too early in the bootstrapping process to be
204 // guarded by Universe::is_gte_jdk14x_version()/UseNewReflection.
205 (refl_magic_klass == NULL ||
206 !klass->is_subtype_of(refl_magic_klass) ||
207 VerifyReflectionBytecodes)
208 );
209 }
210
211 Symbol* Verifier::inference_verify(
212 instanceKlassHandle klass, char* message, size_t message_len, TRAPS) {
213 JavaThread* thread = (JavaThread*)THREAD;
214 JNIEnv *env = thread->jni_environment();
215
216 void* verify_func = verify_byte_codes_fn();
217
218 if (verify_func == NULL) {
219 jio_snprintf(message, message_len, "Could not link verifier");
220 return vmSymbols::java_lang_VerifyError();
221 }
222
223 ResourceMark rm(THREAD);
224 if (ClassVerifier::_verify_verbose) {
225 tty->print_cr("Verifying class %s with old format", klass->external_name());
226 }
227
228 jclass cls = (jclass) JNIHandles::make_local(env, klass->java_mirror());
229 jint result;
230
231 {
232 HandleMark hm(thread);
233 ThreadToNativeFromVM ttn(thread);
234 // ThreadToNativeFromVM takes care of changing thread_state, so safepoint
235 // code knows that we have left the VM
236
237 if (_is_new_verify_byte_codes_fn) {
238 verify_byte_codes_fn_new_t func =
239 CAST_TO_FN_PTR(verify_byte_codes_fn_new_t, verify_func);
240 result = (*func)(env, cls, message, (int)message_len,
241 klass->major_version());
242 } else {
243 verify_byte_codes_fn_t func =
244 CAST_TO_FN_PTR(verify_byte_codes_fn_t, verify_func);
245 result = (*func)(env, cls, message, (int)message_len);
246 }
247 }
248
249 JNIHandles::destroy_local(cls);
250
251 // These numbers are chosen so that VerifyClassCodes interface doesn't need
252 // to be changed (still return jboolean (unsigned char)), and result is
253 // 1 when verification is passed.
254 if (result == 0) {
255 return vmSymbols::java_lang_VerifyError();
256 } else if (result == 1) {
257 return NULL; // verified.
258 } else if (result == 2) {
259 THROW_MSG_(vmSymbols::java_lang_OutOfMemoryError(), message, NULL);
260 } else if (result == 3) {
261 return vmSymbols::java_lang_ClassFormatError();
262 } else {
263 ShouldNotReachHere();
264 return NULL;
265 }
266 }
267
268 // Methods in ClassVerifier
269
270 bool ClassVerifier::_verify_verbose = false;
271
272 ClassVerifier::ClassVerifier(
273 instanceKlassHandle klass, char* msg, size_t msg_len, TRAPS)
274 : _thread(THREAD), _exception_type(NULL), _message(msg),
275 _message_buffer_len(msg_len), _klass(klass) {
276 _this_type = VerificationType::reference_type(klass->name());
277 // Create list to hold symbols in reference area.
278 _symbols = new GrowableArray<Symbol*>(100, 0, NULL);
279 }
280
281 ClassVerifier::~ClassVerifier() {
282 // Decrement the reference count for any symbols created.
283 for (int i = 0; i < _symbols->length(); i++) {
284 Symbol* s = _symbols->at(i);
285 s->decrement_refcount();
286 }
287 }
288
289 VerificationType ClassVerifier::object_type() const {
290 return VerificationType::reference_type(vmSymbols::java_lang_Object());
291 }
292
293 void ClassVerifier::verify_class(TRAPS) {
294 if (_verify_verbose) {
295 tty->print_cr("Verifying class %s with new format",
296 _klass->external_name());
297 }
298
299 objArrayHandle methods(THREAD, _klass->methods());
300 int num_methods = methods->length();
301
302 for (int index = 0; index < num_methods; index++) {
303 // Check for recursive re-verification before each method.
304 if (was_recursively_verified()) return;
305
306 methodOop m = (methodOop)methods->obj_at(index);
307 if (m->is_native() || m->is_abstract()) {
308 // If m is native or abstract, skip it. It is checked in class file
309 // parser that methods do not override a final method.
310 continue;
311 }
312 verify_method(methodHandle(THREAD, m), CHECK_VERIFY(this));
313 }
314
315 if (_verify_verbose || TraceClassInitialization) {
316 if (was_recursively_verified())
317 tty->print_cr("Recursive verification detected for: %s",
318 _klass->external_name());
319 }
320 }
321
322 void ClassVerifier::verify_method(methodHandle m, TRAPS) {
323 _method = m; // initialize _method
324 if (_verify_verbose) {
325 tty->print_cr("Verifying method %s", m->name_and_sig_as_C_string());
326 }
327
328 const char* bad_type_msg = "Bad type on operand stack in %s";
329
330 int32_t max_stack = m->max_stack();
331 int32_t max_locals = m->max_locals();
332 constantPoolHandle cp(THREAD, m->constants());
333
334 if (!SignatureVerifier::is_valid_method_signature(m->signature())) {
335 class_format_error("Invalid method signature");
336 return;
337 }
338
339 // Initial stack map frame: offset is 0, stack is initially empty.
340 StackMapFrame current_frame(max_locals, max_stack, this);
341 // Set initial locals
342 VerificationType return_type = current_frame.set_locals_from_arg(
343 m, current_type(), CHECK_VERIFY(this));
344
345 int32_t stackmap_index = 0; // index to the stackmap array
346
347 u4 code_length = m->code_size();
348
349 // Scan the bytecode and map each instruction's start offset to a number.
350 char* code_data = generate_code_data(m, code_length, CHECK_VERIFY(this));
351
352 int ex_min = code_length;
353 int ex_max = -1;
354 // Look through each item on the exception table. Each of the fields must refer
355 // to a legal instruction.
356 verify_exception_handler_table(
357 code_length, code_data, ex_min, ex_max, CHECK_VERIFY(this));
358
359 // Look through each entry on the local variable table and make sure
360 // its range of code array offsets is valid. (4169817)
361 if (m->has_localvariable_table()) {
362 verify_local_variable_table(code_length, code_data, CHECK_VERIFY(this));
363 }
364
365 typeArrayHandle stackmap_data(THREAD, m->stackmap_data());
366 StackMapStream stream(stackmap_data);
367 StackMapReader reader(this, &stream, code_data, code_length, THREAD);
368 StackMapTable stackmap_table(&reader, ¤t_frame, max_locals, max_stack,
369 code_data, code_length, CHECK_VERIFY(this));
370
371 if (_verify_verbose) {
372 stackmap_table.print();
373 }
374
375 RawBytecodeStream bcs(m);
376
377 // Scan the byte code linearly from the start to the end
378 bool no_control_flow = false; // Set to true when there is no direct control
379 // flow from current instruction to the next
380 // instruction in sequence
381 Bytecodes::Code opcode;
382 while (!bcs.is_last_bytecode()) {
383 // Check for recursive re-verification before each bytecode.
384 if (was_recursively_verified()) return;
385
386 opcode = bcs.raw_next();
387 u2 bci = bcs.bci();
388
389 // Set current frame's offset to bci
390 current_frame.set_offset(bci);
391
392 // Make sure every offset in stackmap table point to the beginning to
393 // an instruction. Match current_frame to stackmap_table entry with
394 // the same offset if exists.
395 stackmap_index = verify_stackmap_table(
396 stackmap_index, bci, ¤t_frame, &stackmap_table,
397 no_control_flow, CHECK_VERIFY(this));
398
399 bool this_uninit = false; // Set to true when invokespecial <init> initialized 'this'
400
401 // Merge with the next instruction
402 {
403 u2 index;
404 int target;
405 VerificationType type, type2;
406 VerificationType atype;
407
408 #ifndef PRODUCT
409 if (_verify_verbose) {
410 current_frame.print();
411 tty->print_cr("offset = %d, opcode = %s", bci, Bytecodes::name(opcode));
412 }
413 #endif
414
415 // Make sure wide instruction is in correct format
416 if (bcs.is_wide()) {
417 if (opcode != Bytecodes::_iinc && opcode != Bytecodes::_iload &&
418 opcode != Bytecodes::_aload && opcode != Bytecodes::_lload &&
419 opcode != Bytecodes::_istore && opcode != Bytecodes::_astore &&
420 opcode != Bytecodes::_lstore && opcode != Bytecodes::_fload &&
421 opcode != Bytecodes::_dload && opcode != Bytecodes::_fstore &&
422 opcode != Bytecodes::_dstore) {
423 verify_error(bci, "Bad wide instruction");
424 return;
425 }
426 }
427
428 switch (opcode) {
429 case Bytecodes::_nop :
430 no_control_flow = false; break;
431 case Bytecodes::_aconst_null :
432 current_frame.push_stack(
433 VerificationType::null_type(), CHECK_VERIFY(this));
434 no_control_flow = false; break;
435 case Bytecodes::_iconst_m1 :
436 case Bytecodes::_iconst_0 :
437 case Bytecodes::_iconst_1 :
438 case Bytecodes::_iconst_2 :
439 case Bytecodes::_iconst_3 :
440 case Bytecodes::_iconst_4 :
441 case Bytecodes::_iconst_5 :
442 current_frame.push_stack(
443 VerificationType::integer_type(), CHECK_VERIFY(this));
444 no_control_flow = false; break;
445 case Bytecodes::_lconst_0 :
446 case Bytecodes::_lconst_1 :
447 current_frame.push_stack_2(
448 VerificationType::long_type(),
449 VerificationType::long2_type(), CHECK_VERIFY(this));
450 no_control_flow = false; break;
451 case Bytecodes::_fconst_0 :
452 case Bytecodes::_fconst_1 :
453 case Bytecodes::_fconst_2 :
454 current_frame.push_stack(
455 VerificationType::float_type(), CHECK_VERIFY(this));
456 no_control_flow = false; break;
457 case Bytecodes::_dconst_0 :
458 case Bytecodes::_dconst_1 :
459 current_frame.push_stack_2(
460 VerificationType::double_type(),
461 VerificationType::double2_type(), CHECK_VERIFY(this));
462 no_control_flow = false; break;
463 case Bytecodes::_sipush :
464 case Bytecodes::_bipush :
465 current_frame.push_stack(
466 VerificationType::integer_type(), CHECK_VERIFY(this));
467 no_control_flow = false; break;
468 case Bytecodes::_ldc :
469 verify_ldc(
470 opcode, bcs.get_index_u1(), ¤t_frame,
471 cp, bci, CHECK_VERIFY(this));
472 no_control_flow = false; break;
473 case Bytecodes::_ldc_w :
474 case Bytecodes::_ldc2_w :
475 verify_ldc(
476 opcode, bcs.get_index_u2(), ¤t_frame,
477 cp, bci, CHECK_VERIFY(this));
478 no_control_flow = false; break;
479 case Bytecodes::_iload :
480 verify_iload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
481 no_control_flow = false; break;
482 case Bytecodes::_iload_0 :
483 case Bytecodes::_iload_1 :
484 case Bytecodes::_iload_2 :
485 case Bytecodes::_iload_3 :
486 index = opcode - Bytecodes::_iload_0;
487 verify_iload(index, ¤t_frame, CHECK_VERIFY(this));
488 no_control_flow = false; break;
489 case Bytecodes::_lload :
490 verify_lload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
491 no_control_flow = false; break;
492 case Bytecodes::_lload_0 :
493 case Bytecodes::_lload_1 :
494 case Bytecodes::_lload_2 :
495 case Bytecodes::_lload_3 :
496 index = opcode - Bytecodes::_lload_0;
497 verify_lload(index, ¤t_frame, CHECK_VERIFY(this));
498 no_control_flow = false; break;
499 case Bytecodes::_fload :
500 verify_fload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
501 no_control_flow = false; break;
502 case Bytecodes::_fload_0 :
503 case Bytecodes::_fload_1 :
504 case Bytecodes::_fload_2 :
505 case Bytecodes::_fload_3 :
506 index = opcode - Bytecodes::_fload_0;
507 verify_fload(index, ¤t_frame, CHECK_VERIFY(this));
508 no_control_flow = false; break;
509 case Bytecodes::_dload :
510 verify_dload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
511 no_control_flow = false; break;
512 case Bytecodes::_dload_0 :
513 case Bytecodes::_dload_1 :
514 case Bytecodes::_dload_2 :
515 case Bytecodes::_dload_3 :
516 index = opcode - Bytecodes::_dload_0;
517 verify_dload(index, ¤t_frame, CHECK_VERIFY(this));
518 no_control_flow = false; break;
519 case Bytecodes::_aload :
520 verify_aload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
521 no_control_flow = false; break;
522 case Bytecodes::_aload_0 :
523 case Bytecodes::_aload_1 :
524 case Bytecodes::_aload_2 :
525 case Bytecodes::_aload_3 :
526 index = opcode - Bytecodes::_aload_0;
527 verify_aload(index, ¤t_frame, CHECK_VERIFY(this));
528 no_control_flow = false; break;
529 case Bytecodes::_iaload :
530 type = current_frame.pop_stack(
531 VerificationType::integer_type(), CHECK_VERIFY(this));
532 atype = current_frame.pop_stack(
533 VerificationType::reference_check(), CHECK_VERIFY(this));
534 if (!atype.is_int_array()) {
535 verify_error(bci, bad_type_msg, "iaload");
536 return;
537 }
538 current_frame.push_stack(
539 VerificationType::integer_type(), CHECK_VERIFY(this));
540 no_control_flow = false; break;
541 case Bytecodes::_baload :
542 type = current_frame.pop_stack(
543 VerificationType::integer_type(), CHECK_VERIFY(this));
544 atype = current_frame.pop_stack(
545 VerificationType::reference_check(), CHECK_VERIFY(this));
546 if (!atype.is_bool_array() && !atype.is_byte_array()) {
547 verify_error(bci, bad_type_msg, "baload");
548 return;
549 }
550 current_frame.push_stack(
551 VerificationType::integer_type(), CHECK_VERIFY(this));
552 no_control_flow = false; break;
553 case Bytecodes::_caload :
554 type = current_frame.pop_stack(
555 VerificationType::integer_type(), CHECK_VERIFY(this));
556 atype = current_frame.pop_stack(
557 VerificationType::reference_check(), CHECK_VERIFY(this));
558 if (!atype.is_char_array()) {
559 verify_error(bci, bad_type_msg, "caload");
560 return;
561 }
562 current_frame.push_stack(
563 VerificationType::integer_type(), CHECK_VERIFY(this));
564 no_control_flow = false; break;
565 case Bytecodes::_saload :
566 type = current_frame.pop_stack(
567 VerificationType::integer_type(), CHECK_VERIFY(this));
568 atype = current_frame.pop_stack(
569 VerificationType::reference_check(), CHECK_VERIFY(this));
570 if (!atype.is_short_array()) {
571 verify_error(bci, bad_type_msg, "saload");
572 return;
573 }
574 current_frame.push_stack(
575 VerificationType::integer_type(), CHECK_VERIFY(this));
576 no_control_flow = false; break;
577 case Bytecodes::_laload :
578 type = current_frame.pop_stack(
579 VerificationType::integer_type(), CHECK_VERIFY(this));
580 atype = current_frame.pop_stack(
581 VerificationType::reference_check(), CHECK_VERIFY(this));
582 if (!atype.is_long_array()) {
583 verify_error(bci, bad_type_msg, "laload");
584 return;
585 }
586 current_frame.push_stack_2(
587 VerificationType::long_type(),
588 VerificationType::long2_type(), CHECK_VERIFY(this));
589 no_control_flow = false; break;
590 case Bytecodes::_faload :
591 type = current_frame.pop_stack(
592 VerificationType::integer_type(), CHECK_VERIFY(this));
593 atype = current_frame.pop_stack(
594 VerificationType::reference_check(), CHECK_VERIFY(this));
595 if (!atype.is_float_array()) {
596 verify_error(bci, bad_type_msg, "faload");
597 return;
598 }
599 current_frame.push_stack(
600 VerificationType::float_type(), CHECK_VERIFY(this));
601 no_control_flow = false; break;
602 case Bytecodes::_daload :
603 type = current_frame.pop_stack(
604 VerificationType::integer_type(), CHECK_VERIFY(this));
605 atype = current_frame.pop_stack(
606 VerificationType::reference_check(), CHECK_VERIFY(this));
607 if (!atype.is_double_array()) {
608 verify_error(bci, bad_type_msg, "daload");
609 return;
610 }
611 current_frame.push_stack_2(
612 VerificationType::double_type(),
613 VerificationType::double2_type(), CHECK_VERIFY(this));
614 no_control_flow = false; break;
615 case Bytecodes::_aaload : {
616 type = current_frame.pop_stack(
617 VerificationType::integer_type(), CHECK_VERIFY(this));
618 atype = current_frame.pop_stack(
619 VerificationType::reference_check(), CHECK_VERIFY(this));
620 if (!atype.is_reference_array()) {
621 verify_error(bci, bad_type_msg, "aaload");
622 return;
623 }
624 if (atype.is_null()) {
625 current_frame.push_stack(
626 VerificationType::null_type(), CHECK_VERIFY(this));
627 } else {
628 VerificationType component =
629 atype.get_component(this, CHECK_VERIFY(this));
630 current_frame.push_stack(component, CHECK_VERIFY(this));
631 }
632 no_control_flow = false; break;
633 }
634 case Bytecodes::_istore :
635 verify_istore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
636 no_control_flow = false; break;
637 case Bytecodes::_istore_0 :
638 case Bytecodes::_istore_1 :
639 case Bytecodes::_istore_2 :
640 case Bytecodes::_istore_3 :
641 index = opcode - Bytecodes::_istore_0;
642 verify_istore(index, ¤t_frame, CHECK_VERIFY(this));
643 no_control_flow = false; break;
644 case Bytecodes::_lstore :
645 verify_lstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
646 no_control_flow = false; break;
647 case Bytecodes::_lstore_0 :
648 case Bytecodes::_lstore_1 :
649 case Bytecodes::_lstore_2 :
650 case Bytecodes::_lstore_3 :
651 index = opcode - Bytecodes::_lstore_0;
652 verify_lstore(index, ¤t_frame, CHECK_VERIFY(this));
653 no_control_flow = false; break;
654 case Bytecodes::_fstore :
655 verify_fstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
656 no_control_flow = false; break;
657 case Bytecodes::_fstore_0 :
658 case Bytecodes::_fstore_1 :
659 case Bytecodes::_fstore_2 :
660 case Bytecodes::_fstore_3 :
661 index = opcode - Bytecodes::_fstore_0;
662 verify_fstore(index, ¤t_frame, CHECK_VERIFY(this));
663 no_control_flow = false; break;
664 case Bytecodes::_dstore :
665 verify_dstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
666 no_control_flow = false; break;
667 case Bytecodes::_dstore_0 :
668 case Bytecodes::_dstore_1 :
669 case Bytecodes::_dstore_2 :
670 case Bytecodes::_dstore_3 :
671 index = opcode - Bytecodes::_dstore_0;
672 verify_dstore(index, ¤t_frame, CHECK_VERIFY(this));
673 no_control_flow = false; break;
674 case Bytecodes::_astore :
675 verify_astore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
676 no_control_flow = false; break;
677 case Bytecodes::_astore_0 :
678 case Bytecodes::_astore_1 :
679 case Bytecodes::_astore_2 :
680 case Bytecodes::_astore_3 :
681 index = opcode - Bytecodes::_astore_0;
682 verify_astore(index, ¤t_frame, CHECK_VERIFY(this));
683 no_control_flow = false; break;
684 case Bytecodes::_iastore :
685 type = current_frame.pop_stack(
686 VerificationType::integer_type(), CHECK_VERIFY(this));
687 type2 = current_frame.pop_stack(
688 VerificationType::integer_type(), CHECK_VERIFY(this));
689 atype = current_frame.pop_stack(
690 VerificationType::reference_check(), CHECK_VERIFY(this));
691 if (!atype.is_int_array()) {
692 verify_error(bci, bad_type_msg, "iastore");
693 return;
694 }
695 no_control_flow = false; break;
696 case Bytecodes::_bastore :
697 type = current_frame.pop_stack(
698 VerificationType::integer_type(), CHECK_VERIFY(this));
699 type2 = current_frame.pop_stack(
700 VerificationType::integer_type(), CHECK_VERIFY(this));
701 atype = current_frame.pop_stack(
702 VerificationType::reference_check(), CHECK_VERIFY(this));
703 if (!atype.is_bool_array() && !atype.is_byte_array()) {
704 verify_error(bci, bad_type_msg, "bastore");
705 return;
706 }
707 no_control_flow = false; break;
708 case Bytecodes::_castore :
709 current_frame.pop_stack(
710 VerificationType::integer_type(), CHECK_VERIFY(this));
711 current_frame.pop_stack(
712 VerificationType::integer_type(), CHECK_VERIFY(this));
713 atype = current_frame.pop_stack(
714 VerificationType::reference_check(), CHECK_VERIFY(this));
715 if (!atype.is_char_array()) {
716 verify_error(bci, bad_type_msg, "castore");
717 return;
718 }
719 no_control_flow = false; break;
720 case Bytecodes::_sastore :
721 current_frame.pop_stack(
722 VerificationType::integer_type(), CHECK_VERIFY(this));
723 current_frame.pop_stack(
724 VerificationType::integer_type(), CHECK_VERIFY(this));
725 atype = current_frame.pop_stack(
726 VerificationType::reference_check(), CHECK_VERIFY(this));
727 if (!atype.is_short_array()) {
728 verify_error(bci, bad_type_msg, "sastore");
729 return;
730 }
731 no_control_flow = false; break;
732 case Bytecodes::_lastore :
733 current_frame.pop_stack_2(
734 VerificationType::long2_type(),
735 VerificationType::long_type(), CHECK_VERIFY(this));
736 current_frame.pop_stack(
737 VerificationType::integer_type(), CHECK_VERIFY(this));
738 atype = current_frame.pop_stack(
739 VerificationType::reference_check(), CHECK_VERIFY(this));
740 if (!atype.is_long_array()) {
741 verify_error(bci, bad_type_msg, "lastore");
742 return;
743 }
744 no_control_flow = false; break;
745 case Bytecodes::_fastore :
746 current_frame.pop_stack(
747 VerificationType::float_type(), CHECK_VERIFY(this));
748 current_frame.pop_stack
749 (VerificationType::integer_type(), CHECK_VERIFY(this));
750 atype = current_frame.pop_stack(
751 VerificationType::reference_check(), CHECK_VERIFY(this));
752 if (!atype.is_float_array()) {
753 verify_error(bci, bad_type_msg, "fastore");
754 return;
755 }
756 no_control_flow = false; break;
757 case Bytecodes::_dastore :
758 current_frame.pop_stack_2(
759 VerificationType::double2_type(),
760 VerificationType::double_type(), CHECK_VERIFY(this));
761 current_frame.pop_stack(
762 VerificationType::integer_type(), CHECK_VERIFY(this));
763 atype = current_frame.pop_stack(
764 VerificationType::reference_check(), CHECK_VERIFY(this));
765 if (!atype.is_double_array()) {
766 verify_error(bci, bad_type_msg, "dastore");
767 return;
768 }
769 no_control_flow = false; break;
770 case Bytecodes::_aastore :
771 type = current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
772 type2 = current_frame.pop_stack(
773 VerificationType::integer_type(), CHECK_VERIFY(this));
774 atype = current_frame.pop_stack(
775 VerificationType::reference_check(), CHECK_VERIFY(this));
776 // more type-checking is done at runtime
777 if (!atype.is_reference_array()) {
778 verify_error(bci, bad_type_msg, "aastore");
779 return;
780 }
781 // 4938384: relaxed constraint in JVMS 3nd edition.
782 no_control_flow = false; break;
783 case Bytecodes::_pop :
784 current_frame.pop_stack(
785 VerificationType::category1_check(), CHECK_VERIFY(this));
786 no_control_flow = false; break;
787 case Bytecodes::_pop2 :
788 type = current_frame.pop_stack(CHECK_VERIFY(this));
789 if (type.is_category1()) {
790 current_frame.pop_stack(
791 VerificationType::category1_check(), CHECK_VERIFY(this));
792 } else if (type.is_category2_2nd()) {
793 current_frame.pop_stack(
794 VerificationType::category2_check(), CHECK_VERIFY(this));
795 } else {
796 verify_error(bci, bad_type_msg, "pop2");
797 return;
798 }
799 no_control_flow = false; break;
800 case Bytecodes::_dup :
801 type = current_frame.pop_stack(
802 VerificationType::category1_check(), CHECK_VERIFY(this));
803 current_frame.push_stack(type, CHECK_VERIFY(this));
804 current_frame.push_stack(type, CHECK_VERIFY(this));
805 no_control_flow = false; break;
806 case Bytecodes::_dup_x1 :
807 type = current_frame.pop_stack(
808 VerificationType::category1_check(), CHECK_VERIFY(this));
809 type2 = current_frame.pop_stack(
810 VerificationType::category1_check(), CHECK_VERIFY(this));
811 current_frame.push_stack(type, CHECK_VERIFY(this));
812 current_frame.push_stack(type2, CHECK_VERIFY(this));
813 current_frame.push_stack(type, CHECK_VERIFY(this));
814 no_control_flow = false; break;
815 case Bytecodes::_dup_x2 :
816 {
817 VerificationType type3;
818 type = current_frame.pop_stack(
819 VerificationType::category1_check(), CHECK_VERIFY(this));
820 type2 = current_frame.pop_stack(CHECK_VERIFY(this));
821 if (type2.is_category1()) {
822 type3 = current_frame.pop_stack(
823 VerificationType::category1_check(), CHECK_VERIFY(this));
824 } else if (type2.is_category2_2nd()) {
825 type3 = current_frame.pop_stack(
826 VerificationType::category2_check(), CHECK_VERIFY(this));
827 } else {
828 verify_error(bci, bad_type_msg, "dup_x2");
829 return;
830 }
831 current_frame.push_stack(type, CHECK_VERIFY(this));
832 current_frame.push_stack(type3, CHECK_VERIFY(this));
833 current_frame.push_stack(type2, CHECK_VERIFY(this));
834 current_frame.push_stack(type, CHECK_VERIFY(this));
835 no_control_flow = false; break;
836 }
837 case Bytecodes::_dup2 :
838 type = current_frame.pop_stack(CHECK_VERIFY(this));
839 if (type.is_category1()) {
840 type2 = current_frame.pop_stack(
841 VerificationType::category1_check(), CHECK_VERIFY(this));
842 } else if (type.is_category2_2nd()) {
843 type2 = current_frame.pop_stack(
844 VerificationType::category2_check(), CHECK_VERIFY(this));
845 } else {
846 verify_error(bci, bad_type_msg, "dup2");
847 return;
848 }
849 current_frame.push_stack(type2, CHECK_VERIFY(this));
850 current_frame.push_stack(type, CHECK_VERIFY(this));
851 current_frame.push_stack(type2, CHECK_VERIFY(this));
852 current_frame.push_stack(type, CHECK_VERIFY(this));
853 no_control_flow = false; break;
854 case Bytecodes::_dup2_x1 :
855 {
856 VerificationType type3;
857 type = current_frame.pop_stack(CHECK_VERIFY(this));
858 if (type.is_category1()) {
859 type2 = current_frame.pop_stack(
860 VerificationType::category1_check(), CHECK_VERIFY(this));
861 } else if(type.is_category2_2nd()) {
862 type2 = current_frame.pop_stack
863 (VerificationType::category2_check(), CHECK_VERIFY(this));
864 } else {
865 verify_error(bci, bad_type_msg, "dup2_x1");
866 return;
867 }
868 type3 = current_frame.pop_stack(
869 VerificationType::category1_check(), CHECK_VERIFY(this));
870 current_frame.push_stack(type2, CHECK_VERIFY(this));
871 current_frame.push_stack(type, CHECK_VERIFY(this));
872 current_frame.push_stack(type3, CHECK_VERIFY(this));
873 current_frame.push_stack(type2, CHECK_VERIFY(this));
874 current_frame.push_stack(type, CHECK_VERIFY(this));
875 no_control_flow = false; break;
876 }
877 case Bytecodes::_dup2_x2 :
878 {
879 VerificationType type3, type4;
880 type = current_frame.pop_stack(CHECK_VERIFY(this));
881 if (type.is_category1()) {
882 type2 = current_frame.pop_stack(
883 VerificationType::category1_check(), CHECK_VERIFY(this));
884 } else if (type.is_category2_2nd()) {
885 type2 = current_frame.pop_stack(
886 VerificationType::category2_check(), CHECK_VERIFY(this));
887 } else {
888 verify_error(bci, bad_type_msg, "dup2_x2");
889 return;
890 }
891 type3 = current_frame.pop_stack(CHECK_VERIFY(this));
892 if (type3.is_category1()) {
893 type4 = current_frame.pop_stack(
894 VerificationType::category1_check(), CHECK_VERIFY(this));
895 } else if (type3.is_category2_2nd()) {
896 type4 = current_frame.pop_stack(
897 VerificationType::category2_check(), CHECK_VERIFY(this));
898 } else {
899 verify_error(bci, bad_type_msg, "dup2_x2");
900 return;
901 }
902 current_frame.push_stack(type2, CHECK_VERIFY(this));
903 current_frame.push_stack(type, CHECK_VERIFY(this));
904 current_frame.push_stack(type4, CHECK_VERIFY(this));
905 current_frame.push_stack(type3, CHECK_VERIFY(this));
906 current_frame.push_stack(type2, CHECK_VERIFY(this));
907 current_frame.push_stack(type, CHECK_VERIFY(this));
908 no_control_flow = false; break;
909 }
910 case Bytecodes::_swap :
911 type = current_frame.pop_stack(
912 VerificationType::category1_check(), CHECK_VERIFY(this));
913 type2 = current_frame.pop_stack(
914 VerificationType::category1_check(), CHECK_VERIFY(this));
915 current_frame.push_stack(type, CHECK_VERIFY(this));
916 current_frame.push_stack(type2, CHECK_VERIFY(this));
917 no_control_flow = false; break;
918 case Bytecodes::_iadd :
919 case Bytecodes::_isub :
920 case Bytecodes::_imul :
921 case Bytecodes::_idiv :
922 case Bytecodes::_irem :
923 case Bytecodes::_ishl :
924 case Bytecodes::_ishr :
925 case Bytecodes::_iushr :
926 case Bytecodes::_ior :
927 case Bytecodes::_ixor :
928 case Bytecodes::_iand :
929 current_frame.pop_stack(
930 VerificationType::integer_type(), CHECK_VERIFY(this));
931 // fall through
932 case Bytecodes::_ineg :
933 current_frame.pop_stack(
934 VerificationType::integer_type(), CHECK_VERIFY(this));
935 current_frame.push_stack(
936 VerificationType::integer_type(), CHECK_VERIFY(this));
937 no_control_flow = false; break;
938 case Bytecodes::_ladd :
939 case Bytecodes::_lsub :
940 case Bytecodes::_lmul :
941 case Bytecodes::_ldiv :
942 case Bytecodes::_lrem :
943 case Bytecodes::_land :
944 case Bytecodes::_lor :
945 case Bytecodes::_lxor :
946 current_frame.pop_stack_2(
947 VerificationType::long2_type(),
948 VerificationType::long_type(), CHECK_VERIFY(this));
949 // fall through
950 case Bytecodes::_lneg :
951 current_frame.pop_stack_2(
952 VerificationType::long2_type(),
953 VerificationType::long_type(), CHECK_VERIFY(this));
954 current_frame.push_stack_2(
955 VerificationType::long_type(),
956 VerificationType::long2_type(), CHECK_VERIFY(this));
957 no_control_flow = false; break;
958 case Bytecodes::_lshl :
959 case Bytecodes::_lshr :
960 case Bytecodes::_lushr :
961 current_frame.pop_stack(
962 VerificationType::integer_type(), CHECK_VERIFY(this));
963 current_frame.pop_stack_2(
964 VerificationType::long2_type(),
965 VerificationType::long_type(), CHECK_VERIFY(this));
966 current_frame.push_stack_2(
967 VerificationType::long_type(),
968 VerificationType::long2_type(), CHECK_VERIFY(this));
969 no_control_flow = false; break;
970 case Bytecodes::_fadd :
971 case Bytecodes::_fsub :
972 case Bytecodes::_fmul :
973 case Bytecodes::_fdiv :
974 case Bytecodes::_frem :
975 current_frame.pop_stack(
976 VerificationType::float_type(), CHECK_VERIFY(this));
977 // fall through
978 case Bytecodes::_fneg :
979 current_frame.pop_stack(
980 VerificationType::float_type(), CHECK_VERIFY(this));
981 current_frame.push_stack(
982 VerificationType::float_type(), CHECK_VERIFY(this));
983 no_control_flow = false; break;
984 case Bytecodes::_dadd :
985 case Bytecodes::_dsub :
986 case Bytecodes::_dmul :
987 case Bytecodes::_ddiv :
988 case Bytecodes::_drem :
989 current_frame.pop_stack_2(
990 VerificationType::double2_type(),
991 VerificationType::double_type(), CHECK_VERIFY(this));
992 // fall through
993 case Bytecodes::_dneg :
994 current_frame.pop_stack_2(
995 VerificationType::double2_type(),
996 VerificationType::double_type(), CHECK_VERIFY(this));
997 current_frame.push_stack_2(
998 VerificationType::double_type(),
999 VerificationType::double2_type(), CHECK_VERIFY(this));
1000 no_control_flow = false; break;
1001 case Bytecodes::_iinc :
1002 verify_iinc(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
1003 no_control_flow = false; break;
1004 case Bytecodes::_i2l :
1005 type = current_frame.pop_stack(
1006 VerificationType::integer_type(), CHECK_VERIFY(this));
1007 current_frame.push_stack_2(
1008 VerificationType::long_type(),
1009 VerificationType::long2_type(), CHECK_VERIFY(this));
1010 no_control_flow = false; break;
1011 case Bytecodes::_l2i :
1012 current_frame.pop_stack_2(
1013 VerificationType::long2_type(),
1014 VerificationType::long_type(), CHECK_VERIFY(this));
1015 current_frame.push_stack(
1016 VerificationType::integer_type(), CHECK_VERIFY(this));
1017 no_control_flow = false; break;
1018 case Bytecodes::_i2f :
1019 current_frame.pop_stack(
1020 VerificationType::integer_type(), CHECK_VERIFY(this));
1021 current_frame.push_stack(
1022 VerificationType::float_type(), CHECK_VERIFY(this));
1023 no_control_flow = false; break;
1024 case Bytecodes::_i2d :
1025 current_frame.pop_stack(
1026 VerificationType::integer_type(), CHECK_VERIFY(this));
1027 current_frame.push_stack_2(
1028 VerificationType::double_type(),
1029 VerificationType::double2_type(), CHECK_VERIFY(this));
1030 no_control_flow = false; break;
1031 case Bytecodes::_l2f :
1032 current_frame.pop_stack_2(
1033 VerificationType::long2_type(),
1034 VerificationType::long_type(), CHECK_VERIFY(this));
1035 current_frame.push_stack(
1036 VerificationType::float_type(), CHECK_VERIFY(this));
1037 no_control_flow = false; break;
1038 case Bytecodes::_l2d :
1039 current_frame.pop_stack_2(
1040 VerificationType::long2_type(),
1041 VerificationType::long_type(), CHECK_VERIFY(this));
1042 current_frame.push_stack_2(
1043 VerificationType::double_type(),
1044 VerificationType::double2_type(), CHECK_VERIFY(this));
1045 no_control_flow = false; break;
1046 case Bytecodes::_f2i :
1047 current_frame.pop_stack(
1048 VerificationType::float_type(), CHECK_VERIFY(this));
1049 current_frame.push_stack(
1050 VerificationType::integer_type(), CHECK_VERIFY(this));
1051 no_control_flow = false; break;
1052 case Bytecodes::_f2l :
1053 current_frame.pop_stack(
1054 VerificationType::float_type(), CHECK_VERIFY(this));
1055 current_frame.push_stack_2(
1056 VerificationType::long_type(),
1057 VerificationType::long2_type(), CHECK_VERIFY(this));
1058 no_control_flow = false; break;
1059 case Bytecodes::_f2d :
1060 current_frame.pop_stack(
1061 VerificationType::float_type(), CHECK_VERIFY(this));
1062 current_frame.push_stack_2(
1063 VerificationType::double_type(),
1064 VerificationType::double2_type(), CHECK_VERIFY(this));
1065 no_control_flow = false; break;
1066 case Bytecodes::_d2i :
1067 current_frame.pop_stack_2(
1068 VerificationType::double2_type(),
1069 VerificationType::double_type(), CHECK_VERIFY(this));
1070 current_frame.push_stack(
1071 VerificationType::integer_type(), CHECK_VERIFY(this));
1072 no_control_flow = false; break;
1073 case Bytecodes::_d2l :
1074 current_frame.pop_stack_2(
1075 VerificationType::double2_type(),
1076 VerificationType::double_type(), CHECK_VERIFY(this));
1077 current_frame.push_stack_2(
1078 VerificationType::long_type(),
1079 VerificationType::long2_type(), CHECK_VERIFY(this));
1080 no_control_flow = false; break;
1081 case Bytecodes::_d2f :
1082 current_frame.pop_stack_2(
1083 VerificationType::double2_type(),
1084 VerificationType::double_type(), CHECK_VERIFY(this));
1085 current_frame.push_stack(
1086 VerificationType::float_type(), CHECK_VERIFY(this));
1087 no_control_flow = false; break;
1088 case Bytecodes::_i2b :
1089 case Bytecodes::_i2c :
1090 case Bytecodes::_i2s :
1091 current_frame.pop_stack(
1092 VerificationType::integer_type(), CHECK_VERIFY(this));
1093 current_frame.push_stack(
1094 VerificationType::integer_type(), CHECK_VERIFY(this));
1095 no_control_flow = false; break;
1096 case Bytecodes::_lcmp :
1097 current_frame.pop_stack_2(
1098 VerificationType::long2_type(),
1099 VerificationType::long_type(), CHECK_VERIFY(this));
1100 current_frame.pop_stack_2(
1101 VerificationType::long2_type(),
1102 VerificationType::long_type(), CHECK_VERIFY(this));
1103 current_frame.push_stack(
1104 VerificationType::integer_type(), CHECK_VERIFY(this));
1105 no_control_flow = false; break;
1106 case Bytecodes::_fcmpl :
1107 case Bytecodes::_fcmpg :
1108 current_frame.pop_stack(
1109 VerificationType::float_type(), CHECK_VERIFY(this));
1110 current_frame.pop_stack(
1111 VerificationType::float_type(), CHECK_VERIFY(this));
1112 current_frame.push_stack(
1113 VerificationType::integer_type(), CHECK_VERIFY(this));
1114 no_control_flow = false; break;
1115 case Bytecodes::_dcmpl :
1116 case Bytecodes::_dcmpg :
1117 current_frame.pop_stack_2(
1118 VerificationType::double2_type(),
1119 VerificationType::double_type(), CHECK_VERIFY(this));
1120 current_frame.pop_stack_2(
1121 VerificationType::double2_type(),
1122 VerificationType::double_type(), CHECK_VERIFY(this));
1123 current_frame.push_stack(
1124 VerificationType::integer_type(), CHECK_VERIFY(this));
1125 no_control_flow = false; break;
1126 case Bytecodes::_if_icmpeq:
1127 case Bytecodes::_if_icmpne:
1128 case Bytecodes::_if_icmplt:
1129 case Bytecodes::_if_icmpge:
1130 case Bytecodes::_if_icmpgt:
1131 case Bytecodes::_if_icmple:
1132 current_frame.pop_stack(
1133 VerificationType::integer_type(), CHECK_VERIFY(this));
1134 // fall through
1135 case Bytecodes::_ifeq:
1136 case Bytecodes::_ifne:
1137 case Bytecodes::_iflt:
1138 case Bytecodes::_ifge:
1139 case Bytecodes::_ifgt:
1140 case Bytecodes::_ifle:
1141 current_frame.pop_stack(
1142 VerificationType::integer_type(), CHECK_VERIFY(this));
1143 target = bcs.dest();
1144 stackmap_table.check_jump_target(
1145 ¤t_frame, target, CHECK_VERIFY(this));
1146 no_control_flow = false; break;
1147 case Bytecodes::_if_acmpeq :
1148 case Bytecodes::_if_acmpne :
1149 current_frame.pop_stack(
1150 VerificationType::reference_check(), CHECK_VERIFY(this));
1151 // fall through
1152 case Bytecodes::_ifnull :
1153 case Bytecodes::_ifnonnull :
1154 current_frame.pop_stack(
1155 VerificationType::reference_check(), CHECK_VERIFY(this));
1156 target = bcs.dest();
1157 stackmap_table.check_jump_target
1158 (¤t_frame, target, CHECK_VERIFY(this));
1159 no_control_flow = false; break;
1160 case Bytecodes::_goto :
1161 target = bcs.dest();
1162 stackmap_table.check_jump_target(
1163 ¤t_frame, target, CHECK_VERIFY(this));
1164 no_control_flow = true; break;
1165 case Bytecodes::_goto_w :
1166 target = bcs.dest_w();
1167 stackmap_table.check_jump_target(
1168 ¤t_frame, target, CHECK_VERIFY(this));
1169 no_control_flow = true; break;
1170 case Bytecodes::_tableswitch :
1171 case Bytecodes::_lookupswitch :
1172 verify_switch(
1173 &bcs, code_length, code_data, ¤t_frame,
1174 &stackmap_table, CHECK_VERIFY(this));
1175 no_control_flow = true; break;
1176 case Bytecodes::_ireturn :
1177 type = current_frame.pop_stack(
1178 VerificationType::integer_type(), CHECK_VERIFY(this));
1179 verify_return_value(return_type, type, bci, CHECK_VERIFY(this));
1180 no_control_flow = true; break;
1181 case Bytecodes::_lreturn :
1182 type2 = current_frame.pop_stack(
1183 VerificationType::long2_type(), CHECK_VERIFY(this));
1184 type = current_frame.pop_stack(
1185 VerificationType::long_type(), CHECK_VERIFY(this));
1186 verify_return_value(return_type, type, bci, CHECK_VERIFY(this));
1187 no_control_flow = true; break;
1188 case Bytecodes::_freturn :
1189 type = current_frame.pop_stack(
1190 VerificationType::float_type(), CHECK_VERIFY(this));
1191 verify_return_value(return_type, type, bci, CHECK_VERIFY(this));
1192 no_control_flow = true; break;
1193 case Bytecodes::_dreturn :
1194 type2 = current_frame.pop_stack(
1195 VerificationType::double2_type(), CHECK_VERIFY(this));
1196 type = current_frame.pop_stack(
1197 VerificationType::double_type(), CHECK_VERIFY(this));
1198 verify_return_value(return_type, type, bci, CHECK_VERIFY(this));
1199 no_control_flow = true; break;
1200 case Bytecodes::_areturn :
1201 type = current_frame.pop_stack(
1202 VerificationType::reference_check(), CHECK_VERIFY(this));
1203 verify_return_value(return_type, type, bci, CHECK_VERIFY(this));
1204 no_control_flow = true; break;
1205 case Bytecodes::_return :
1206 if (return_type != VerificationType::bogus_type()) {
1207 verify_error(bci, "Method expects no return value");
1208 return;
1209 }
1210 // Make sure "this" has been initialized if current method is an
1211 // <init>
1212 if (_method->name() == vmSymbols::object_initializer_name() &&
1213 current_frame.flag_this_uninit()) {
1214 verify_error(bci,
1215 "Constructor must call super() or this() before return");
1216 return;
1217 }
1218 no_control_flow = true; break;
1219 case Bytecodes::_getstatic :
1220 case Bytecodes::_putstatic :
1221 case Bytecodes::_getfield :
1222 case Bytecodes::_putfield :
1223 verify_field_instructions(
1224 &bcs, ¤t_frame, cp, CHECK_VERIFY(this));
1225 no_control_flow = false; break;
1226 case Bytecodes::_invokevirtual :
1227 case Bytecodes::_invokespecial :
1228 case Bytecodes::_invokestatic :
1229 verify_invoke_instructions(
1230 &bcs, code_length, ¤t_frame,
1231 &this_uninit, return_type, cp, CHECK_VERIFY(this));
1232 no_control_flow = false; break;
1233 case Bytecodes::_invokeinterface :
1234 case Bytecodes::_invokedynamic :
1235 verify_invoke_instructions(
1236 &bcs, code_length, ¤t_frame,
1237 &this_uninit, return_type, cp, CHECK_VERIFY(this));
1238 no_control_flow = false; break;
1239 case Bytecodes::_new :
1240 {
1241 index = bcs.get_index_u2();
1242 verify_cp_class_type(index, cp, CHECK_VERIFY(this));
1243 VerificationType new_class_type =
1244 cp_index_to_type(index, cp, CHECK_VERIFY(this));
1245 if (!new_class_type.is_object()) {
1246 verify_error(bci, "Illegal new instruction");
1247 return;
1248 }
1249 type = VerificationType::uninitialized_type(bci);
1250 current_frame.push_stack(type, CHECK_VERIFY(this));
1251 no_control_flow = false; break;
1252 }
1253 case Bytecodes::_newarray :
1254 type = get_newarray_type(bcs.get_index(), bci, CHECK_VERIFY(this));
1255 current_frame.pop_stack(
1256 VerificationType::integer_type(), CHECK_VERIFY(this));
1257 current_frame.push_stack(type, CHECK_VERIFY(this));
1258 no_control_flow = false; break;
1259 case Bytecodes::_anewarray :
1260 verify_anewarray(
1261 bcs.get_index_u2(), cp, ¤t_frame, CHECK_VERIFY(this));
1262 no_control_flow = false; break;
1263 case Bytecodes::_arraylength :
1264 type = current_frame.pop_stack(
1265 VerificationType::reference_check(), CHECK_VERIFY(this));
1266 if (!(type.is_null() || type.is_array())) {
1267 verify_error(bci, bad_type_msg, "arraylength");
1268 }
1269 current_frame.push_stack(
1270 VerificationType::integer_type(), CHECK_VERIFY(this));
1271 no_control_flow = false; break;
1272 case Bytecodes::_checkcast :
1273 {
1274 index = bcs.get_index_u2();
1275 verify_cp_class_type(index, cp, CHECK_VERIFY(this));
1276 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1277 VerificationType klass_type = cp_index_to_type(
1278 index, cp, CHECK_VERIFY(this));
1279 current_frame.push_stack(klass_type, CHECK_VERIFY(this));
1280 no_control_flow = false; break;
1281 }
1282 case Bytecodes::_instanceof : {
1283 index = bcs.get_index_u2();
1284 verify_cp_class_type(index, cp, CHECK_VERIFY(this));
1285 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1286 current_frame.push_stack(
1287 VerificationType::integer_type(), CHECK_VERIFY(this));
1288 no_control_flow = false; break;
1289 }
1290 case Bytecodes::_monitorenter :
1291 case Bytecodes::_monitorexit :
1292 current_frame.pop_stack(
1293 VerificationType::reference_check(), CHECK_VERIFY(this));
1294 no_control_flow = false; break;
1295 case Bytecodes::_multianewarray :
1296 {
1297 index = bcs.get_index_u2();
1298 u2 dim = *(bcs.bcp()+3);
1299 verify_cp_class_type(index, cp, CHECK_VERIFY(this));
1300 VerificationType new_array_type =
1301 cp_index_to_type(index, cp, CHECK_VERIFY(this));
1302 if (!new_array_type.is_array()) {
1303 verify_error(bci,
1304 "Illegal constant pool index in multianewarray instruction");
1305 return;
1306 }
1307 if (dim < 1 || new_array_type.dimensions() < dim) {
1308 verify_error(bci,
1309 "Illegal dimension in multianewarray instruction");
1310 return;
1311 }
1312 for (int i = 0; i < dim; i++) {
1313 current_frame.pop_stack(
1314 VerificationType::integer_type(), CHECK_VERIFY(this));
1315 }
1316 current_frame.push_stack(new_array_type, CHECK_VERIFY(this));
1317 no_control_flow = false; break;
1318 }
1319 case Bytecodes::_athrow :
1320 type = VerificationType::reference_type(
1321 vmSymbols::java_lang_Throwable());
1322 current_frame.pop_stack(type, CHECK_VERIFY(this));
1323 no_control_flow = true; break;
1324 default:
1325 // We only need to check the valid bytecodes in class file.
1326 // And jsr and ret are not in the new class file format in JDK1.5.
1327 verify_error(bci, "Bad instruction");
1328 no_control_flow = false;
1329 return;
1330 } // end switch
1331 } // end Merge with the next instruction
1332
1333 // Look for possible jump target in exception handlers and see if it
1334 // matches current_frame
1335 if (bci >= ex_min && bci < ex_max) {
1336 verify_exception_handler_targets(
1337 bci, this_uninit, ¤t_frame, &stackmap_table, CHECK_VERIFY(this));
1338 }
1339 } // end while
1340
1341 // Make sure that control flow does not fall through end of the method
1342 if (!no_control_flow) {
1343 verify_error(code_length, "Control flow falls through code end");
1344 return;
1345 }
1346 }
1347
1348 char* ClassVerifier::generate_code_data(methodHandle m, u4 code_length, TRAPS) {
1349 char* code_data = NEW_RESOURCE_ARRAY(char, code_length);
1350 memset(code_data, 0, sizeof(char) * code_length);
1351 RawBytecodeStream bcs(m);
1352
1353 while (!bcs.is_last_bytecode()) {
1354 if (bcs.raw_next() != Bytecodes::_illegal) {
1355 int bci = bcs.bci();
1356 if (bcs.raw_code() == Bytecodes::_new) {
1357 code_data[bci] = NEW_OFFSET;
1358 } else {
1359 code_data[bci] = BYTECODE_OFFSET;
1360 }
1361 } else {
1362 verify_error(bcs.bci(), "Bad instruction");
1363 return NULL;
1364 }
1365 }
1366
1367 return code_data;
1368 }
1369
1370 void ClassVerifier::verify_exception_handler_table(u4 code_length, char* code_data, int& min, int& max, TRAPS) {
1371 ExceptionTable exhandlers(_method());
1372 int exlength = exhandlers.length();
1373 constantPoolHandle cp (THREAD, _method->constants());
1374
1375 for(int i = 0; i < exlength; i++) {
1376 //reacquire the table in case a GC happened
1377 ExceptionTable exhandlers(_method());
1378 u2 start_pc = exhandlers.start_pc(i);
1379 u2 end_pc = exhandlers.end_pc(i);
1380 u2 handler_pc = exhandlers.handler_pc(i);
1381 if (start_pc >= code_length || code_data[start_pc] == 0) {
1382 class_format_error("Illegal exception table start_pc %d", start_pc);
1383 return;
1384 }
1385 if (end_pc != code_length) { // special case: end_pc == code_length
1386 if (end_pc > code_length || code_data[end_pc] == 0) {
1387 class_format_error("Illegal exception table end_pc %d", end_pc);
1388 return;
1389 }
1390 }
1391 if (handler_pc >= code_length || code_data[handler_pc] == 0) {
1392 class_format_error("Illegal exception table handler_pc %d", handler_pc);
1393 return;
1394 }
1395 int catch_type_index = exhandlers.catch_type_index(i);
1396 if (catch_type_index != 0) {
1397 VerificationType catch_type = cp_index_to_type(
1398 catch_type_index, cp, CHECK_VERIFY(this));
1399 VerificationType throwable =
1400 VerificationType::reference_type(vmSymbols::java_lang_Throwable());
1401 bool is_subclass = throwable.is_assignable_from(
1402 catch_type, this, CHECK_VERIFY(this));
1403 if (!is_subclass) {
1404 // 4286534: should throw VerifyError according to recent spec change
1405 verify_error(
1406 "Catch type is not a subclass of Throwable in handler %d",
1407 handler_pc);
1408 return;
1409 }
1410 }
1411 if (start_pc < min) min = start_pc;
1412 if (end_pc > max) max = end_pc;
1413 }
1414 }
1415
1416 void ClassVerifier::verify_local_variable_table(u4 code_length, char* code_data, TRAPS) {
1417 int localvariable_table_length = _method()->localvariable_table_length();
1418 if (localvariable_table_length > 0) {
1419 LocalVariableTableElement* table = _method()->localvariable_table_start();
1420 for (int i = 0; i < localvariable_table_length; i++) {
1421 u2 start_bci = table[i].start_bci;
1422 u2 length = table[i].length;
1423
1424 if (start_bci >= code_length || code_data[start_bci] == 0) {
1425 class_format_error(
1426 "Illegal local variable table start_pc %d", start_bci);
1427 return;
1428 }
1429 u4 end_bci = (u4)(start_bci + length);
1430 if (end_bci != code_length) {
1431 if (end_bci >= code_length || code_data[end_bci] == 0) {
1432 class_format_error( "Illegal local variable table length %d", length);
1433 return;
1434 }
1435 }
1436 }
1437 }
1438 }
1439
1440 u2 ClassVerifier::verify_stackmap_table(u2 stackmap_index, u2 bci,
1441 StackMapFrame* current_frame,
1442 StackMapTable* stackmap_table,
1443 bool no_control_flow, TRAPS) {
1444 if (stackmap_index < stackmap_table->get_frame_count()) {
1445 u2 this_offset = stackmap_table->get_offset(stackmap_index);
1446 if (no_control_flow && this_offset > bci) {
1447 verify_error(bci, "Expecting a stack map frame");
1448 return 0;
1449 }
1450 if (this_offset == bci) {
1451 // See if current stack map can be assigned to the frame in table.
1452 // current_frame is the stackmap frame got from the last instruction.
1453 // If matched, current_frame will be updated by this method.
1454 bool match = stackmap_table->match_stackmap(
1455 current_frame, this_offset, stackmap_index,
1456 !no_control_flow, true, CHECK_VERIFY_(this, 0));
1457 if (!match) {
1458 // report type error
1459 verify_error(bci, "Instruction type does not match stack map");
1460 return 0;
1461 }
1462 stackmap_index++;
1463 } else if (this_offset < bci) {
1464 // current_offset should have met this_offset.
1465 class_format_error("Bad stack map offset %d", this_offset);
1466 return 0;
1467 }
1468 } else if (no_control_flow) {
1469 verify_error(bci, "Expecting a stack map frame");
1470 return 0;
1471 }
1472 return stackmap_index;
1473 }
1474
1475 void ClassVerifier::verify_exception_handler_targets(u2 bci, bool this_uninit, StackMapFrame* current_frame,
1476 StackMapTable* stackmap_table, TRAPS) {
1477 constantPoolHandle cp (THREAD, _method->constants());
1478 ExceptionTable exhandlers(_method());
1479 int exlength = exhandlers.length();
1480 for(int i = 0; i < exlength; i++) {
1481 //reacquire the table in case a GC happened
1482 ExceptionTable exhandlers(_method());
1483 u2 start_pc = exhandlers.start_pc(i);
1484 u2 end_pc = exhandlers.end_pc(i);
1485 u2 handler_pc = exhandlers.handler_pc(i);
1486 int catch_type_index = exhandlers.catch_type_index(i);
1487 if(bci >= start_pc && bci < end_pc) {
1488 u1 flags = current_frame->flags();
1489 if (this_uninit) { flags |= FLAG_THIS_UNINIT; }
1490 StackMapFrame* new_frame = current_frame->frame_in_exception_handler(flags);
1491 if (catch_type_index != 0) {
1492 // We know that this index refers to a subclass of Throwable
1493 VerificationType catch_type = cp_index_to_type(
1494 catch_type_index, cp, CHECK_VERIFY(this));
1495 new_frame->push_stack(catch_type, CHECK_VERIFY(this));
1496 } else {
1497 VerificationType throwable =
1498 VerificationType::reference_type(vmSymbols::java_lang_Throwable());
1499 new_frame->push_stack(throwable, CHECK_VERIFY(this));
1500 }
1501 bool match = stackmap_table->match_stackmap(
1502 new_frame, handler_pc, true, false, CHECK_VERIFY(this));
1503 if (!match) {
1504 verify_error(bci,
1505 "Stack map does not match the one at exception handler %d",
1506 handler_pc);
1507 return;
1508 }
1509 }
1510 }
1511 }
1512
1513 void ClassVerifier::verify_cp_index(constantPoolHandle cp, int index, TRAPS) {
1514 int nconstants = cp->length();
1515 if ((index <= 0) || (index >= nconstants)) {
1516 verify_error("Illegal constant pool index %d in class %s",
1517 index, instanceKlass::cast(cp->pool_holder())->external_name());
1518 return;
1519 }
1520 }
1521
1522 void ClassVerifier::verify_cp_type(
1523 int index, constantPoolHandle cp, unsigned int types, TRAPS) {
1524
1525 // In some situations, bytecode rewriting may occur while we're verifying.
1526 // In this case, a constant pool cache exists and some indices refer to that
1527 // instead. Be sure we don't pick up such indices by accident.
1528 // We must check was_recursively_verified() before we get here.
1529 guarantee(cp->cache() == NULL, "not rewritten yet");
1530
1531 verify_cp_index(cp, index, CHECK_VERIFY(this));
1532 unsigned int tag = cp->tag_at(index).value();
1533 if ((types & (1 << tag)) == 0) {
1534 verify_error(
1535 "Illegal type at constant pool entry %d in class %s",
1536 index, instanceKlass::cast(cp->pool_holder())->external_name());
1537 return;
1538 }
1539 }
1540
1541 void ClassVerifier::verify_cp_class_type(
1542 int index, constantPoolHandle cp, TRAPS) {
1543 verify_cp_index(cp, index, CHECK_VERIFY(this));
1544 constantTag tag = cp->tag_at(index);
1545 if (!tag.is_klass() && !tag.is_unresolved_klass()) {
1546 verify_error("Illegal type at constant pool entry %d in class %s",
1547 index, instanceKlass::cast(cp->pool_holder())->external_name());
1548 return;
1549 }
1550 }
1551
1552 void ClassVerifier::format_error_message(
1553 const char* fmt, int offset, va_list va) {
1554 ResourceMark rm(_thread);
1555 stringStream message(_message, _message_buffer_len);
1556 message.vprint(fmt, va);
1557 if (!_method.is_null()) {
1558 message.print(" in method %s", _method->name_and_sig_as_C_string());
1559 }
1560 if (offset != -1) {
1561 message.print(" at offset %d", offset);
1562 }
1563 }
1564
1565 void ClassVerifier::verify_error(u2 offset, const char* fmt, ...) {
1566 _exception_type = vmSymbols::java_lang_VerifyError();
1567 va_list va;
1568 va_start(va, fmt);
1569 format_error_message(fmt, offset, va);
1570 va_end(va);
1571 }
1572
1573 void ClassVerifier::verify_error(const char* fmt, ...) {
1574 _exception_type = vmSymbols::java_lang_VerifyError();
1575 va_list va;
1576 va_start(va, fmt);
1577 format_error_message(fmt, -1, va);
1578 va_end(va);
1579 }
1580
1581 void ClassVerifier::class_format_error(const char* msg, ...) {
1582 _exception_type = vmSymbols::java_lang_ClassFormatError();
1583 va_list va;
1584 va_start(va, msg);
1585 format_error_message(msg, -1, va);
1586 va_end(va);
1587 }
1588
1589 klassOop ClassVerifier::load_class(Symbol* name, TRAPS) {
1590 // Get current loader and protection domain first.
1591 oop loader = current_class()->class_loader();
1592 oop protection_domain = current_class()->protection_domain();
1593
1594 return SystemDictionary::resolve_or_fail(
1595 name, Handle(THREAD, loader), Handle(THREAD, protection_domain),
1596 true, CHECK_NULL);
1597 }
1598
1599 bool ClassVerifier::is_protected_access(instanceKlassHandle this_class,
1600 klassOop target_class,
1601 Symbol* field_name,
1602 Symbol* field_sig,
1603 bool is_method) {
1604 No_Safepoint_Verifier nosafepoint;
1605
1606 // If target class isn't a super class of this class, we don't worry about this case
1607 if (!this_class->is_subclass_of(target_class)) {
1608 return false;
1609 }
1610 // Check if the specified method or field is protected
1611 instanceKlass* target_instance = instanceKlass::cast(target_class);
1612 fieldDescriptor fd;
1613 if (is_method) {
1614 methodOop m = target_instance->uncached_lookup_method(field_name, field_sig);
1615 if (m != NULL && m->is_protected()) {
1616 if (!this_class->is_same_class_package(m->method_holder())) {
1617 return true;
1618 }
1619 }
1620 } else {
1621 klassOop member_klass = target_instance->find_field(field_name, field_sig, &fd);
1622 if(member_klass != NULL && fd.is_protected()) {
1623 if (!this_class->is_same_class_package(member_klass)) {
1624 return true;
1625 }
1626 }
1627 }
1628 return false;
1629 }
1630
1631 void ClassVerifier::verify_ldc(
1632 int opcode, u2 index, StackMapFrame *current_frame,
1633 constantPoolHandle cp, u2 bci, TRAPS) {
1634 verify_cp_index(cp, index, CHECK_VERIFY(this));
1635 constantTag tag = cp->tag_at(index);
1636 unsigned int types;
1637 if (opcode == Bytecodes::_ldc || opcode == Bytecodes::_ldc_w) {
1638 if (!tag.is_unresolved_string() && !tag.is_unresolved_klass()) {
1639 types = (1 << JVM_CONSTANT_Integer) | (1 << JVM_CONSTANT_Float)
1640 | (1 << JVM_CONSTANT_String) | (1 << JVM_CONSTANT_Class)
1641 | (1 << JVM_CONSTANT_MethodHandle) | (1 << JVM_CONSTANT_MethodType);
1642 // Note: The class file parser already verified the legality of
1643 // MethodHandle and MethodType constants.
1644 verify_cp_type(index, cp, types, CHECK_VERIFY(this));
1645 }
1646 } else {
1647 assert(opcode == Bytecodes::_ldc2_w, "must be ldc2_w");
1648 types = (1 << JVM_CONSTANT_Double) | (1 << JVM_CONSTANT_Long);
1649 verify_cp_type(index, cp, types, CHECK_VERIFY(this));
1650 }
1651 if (tag.is_string() && cp->is_pseudo_string_at(index)) {
1652 current_frame->push_stack(object_type(), CHECK_VERIFY(this));
1653 } else if (tag.is_string() || tag.is_unresolved_string()) {
1654 current_frame->push_stack(
1655 VerificationType::reference_type(
1656 vmSymbols::java_lang_String()), CHECK_VERIFY(this));
1657 } else if (tag.is_klass() || tag.is_unresolved_klass()) {
1658 current_frame->push_stack(
1659 VerificationType::reference_type(
1660 vmSymbols::java_lang_Class()), CHECK_VERIFY(this));
1661 } else if (tag.is_int()) {
1662 current_frame->push_stack(
1663 VerificationType::integer_type(), CHECK_VERIFY(this));
1664 } else if (tag.is_float()) {
1665 current_frame->push_stack(
1666 VerificationType::float_type(), CHECK_VERIFY(this));
1667 } else if (tag.is_double()) {
1668 current_frame->push_stack_2(
1669 VerificationType::double_type(),
1670 VerificationType::double2_type(), CHECK_VERIFY(this));
1671 } else if (tag.is_long()) {
1672 current_frame->push_stack_2(
1673 VerificationType::long_type(),
1674 VerificationType::long2_type(), CHECK_VERIFY(this));
1675 } else if (tag.is_method_handle()) {
1676 current_frame->push_stack(
1677 VerificationType::reference_type(
1678 vmSymbols::java_lang_invoke_MethodHandle()), CHECK_VERIFY(this));
1679 } else if (tag.is_method_type()) {
1680 current_frame->push_stack(
1681 VerificationType::reference_type(
1682 vmSymbols::java_lang_invoke_MethodType()), CHECK_VERIFY(this));
1683 } else {
1684 verify_error(bci, "Invalid index in ldc");
1685 return;
1686 }
1687 }
1688
1689 void ClassVerifier::verify_switch(
1690 RawBytecodeStream* bcs, u4 code_length, char* code_data,
1691 StackMapFrame* current_frame, StackMapTable* stackmap_table, TRAPS) {
1692 int bci = bcs->bci();
1693 address bcp = bcs->bcp();
1694 address aligned_bcp = (address) round_to((intptr_t)(bcp + 1), jintSize);
1695
1696 // 4639449 & 4647081: padding bytes must be 0
1697 u2 padding_offset = 1;
1698 while ((bcp + padding_offset) < aligned_bcp) {
1699 if(*(bcp + padding_offset) != 0) {
1700 verify_error(bci, "Nonzero padding byte in lookswitch or tableswitch");
1701 return;
1702 }
1703 padding_offset++;
1704 }
1705 int default_offset = (int) Bytes::get_Java_u4(aligned_bcp);
1706 int keys, delta;
1707 current_frame->pop_stack(
1708 VerificationType::integer_type(), CHECK_VERIFY(this));
1709 if (bcs->raw_code() == Bytecodes::_tableswitch) {
1710 jint low = (jint)Bytes::get_Java_u4(aligned_bcp + jintSize);
1711 jint high = (jint)Bytes::get_Java_u4(aligned_bcp + 2*jintSize);
1712 if (low > high) {
1713 verify_error(bci,
1714 "low must be less than or equal to high in tableswitch");
1715 return;
1716 }
1717 keys = high - low + 1;
1718 if (keys < 0) {
1719 verify_error(bci, "too many keys in tableswitch");
1720 return;
1721 }
1722 delta = 1;
1723 } else {
1724 keys = (int)Bytes::get_Java_u4(aligned_bcp + jintSize);
1725 if (keys < 0) {
1726 verify_error(bci, "number of keys in lookupswitch less than 0");
1727 return;
1728 }
1729 delta = 2;
1730 // Make sure that the lookupswitch items are sorted
1731 for (int i = 0; i < (keys - 1); i++) {
1732 jint this_key = Bytes::get_Java_u4(aligned_bcp + (2+2*i)*jintSize);
1733 jint next_key = Bytes::get_Java_u4(aligned_bcp + (2+2*i+2)*jintSize);
1734 if (this_key >= next_key) {
1735 verify_error(bci, "Bad lookupswitch instruction");
1736 return;
1737 }
1738 }
1739 }
1740 int target = bci + default_offset;
1741 stackmap_table->check_jump_target(current_frame, target, CHECK_VERIFY(this));
1742 for (int i = 0; i < keys; i++) {
1743 target = bci + (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize);
1744 stackmap_table->check_jump_target(
1745 current_frame, target, CHECK_VERIFY(this));
1746 }
1747 }
1748
1749 bool ClassVerifier::name_in_supers(
1750 Symbol* ref_name, instanceKlassHandle current) {
1751 klassOop super = current->super();
1752 while (super != NULL) {
1753 if (super->klass_part()->name() == ref_name) {
1754 return true;
1755 }
1756 super = super->klass_part()->super();
1757 }
1758 return false;
1759 }
1760
1761 void ClassVerifier::verify_field_instructions(RawBytecodeStream* bcs,
1762 StackMapFrame* current_frame,
1763 constantPoolHandle cp,
1764 TRAPS) {
1765 u2 index = bcs->get_index_u2();
1766 verify_cp_type(index, cp, 1 << JVM_CONSTANT_Fieldref, CHECK_VERIFY(this));
1767
1768 // Get field name and signature
1769 Symbol* field_name = cp->name_ref_at(index);
1770 Symbol* field_sig = cp->signature_ref_at(index);
1771
1772 if (!SignatureVerifier::is_valid_type_signature(field_sig)) {
1773 class_format_error(
1774 "Invalid signature for field in class %s referenced "
1775 "from constant pool index %d", _klass->external_name(), index);
1776 return;
1777 }
1778
1779 // Get referenced class type
1780 VerificationType ref_class_type = cp_ref_index_to_type(
1781 index, cp, CHECK_VERIFY(this));
1782 if (!ref_class_type.is_object()) {
1783 verify_error(
1784 "Expecting reference to class in class %s at constant pool index %d",
1785 _klass->external_name(), index);
1786 return;
1787 }
1788 VerificationType target_class_type = ref_class_type;
1789
1790 assert(sizeof(VerificationType) == sizeof(uintptr_t),
1791 "buffer type must match VerificationType size");
1792 uintptr_t field_type_buffer[2];
1793 VerificationType* field_type = (VerificationType*)field_type_buffer;
1794 // If we make a VerificationType[2] array directly, the compiler calls
1795 // to the c-runtime library to do the allocation instead of just
1796 // stack allocating it. Plus it would run constructors. This shows up
1797 // in performance profiles.
1798
1799 SignatureStream sig_stream(field_sig, false);
1800 VerificationType stack_object_type;
1801 int n = change_sig_to_verificationType(
1802 &sig_stream, field_type, CHECK_VERIFY(this));
1803 u2 bci = bcs->bci();
1804 bool is_assignable;
1805 switch (bcs->raw_code()) {
1806 case Bytecodes::_getstatic: {
1807 for (int i = 0; i < n; i++) {
1808 current_frame->push_stack(field_type[i], CHECK_VERIFY(this));
1809 }
1810 break;
1811 }
1812 case Bytecodes::_putstatic: {
1813 for (int i = n - 1; i >= 0; i--) {
1814 current_frame->pop_stack(field_type[i], CHECK_VERIFY(this));
1815 }
1816 break;
1817 }
1818 case Bytecodes::_getfield: {
1819 stack_object_type = current_frame->pop_stack(
1820 target_class_type, CHECK_VERIFY(this));
1821 for (int i = 0; i < n; i++) {
1822 current_frame->push_stack(field_type[i], CHECK_VERIFY(this));
1823 }
1824 goto check_protected;
1825 }
1826 case Bytecodes::_putfield: {
1827 for (int i = n - 1; i >= 0; i--) {
1828 current_frame->pop_stack(field_type[i], CHECK_VERIFY(this));
1829 }
1830 stack_object_type = current_frame->pop_stack(CHECK_VERIFY(this));
1831
1832 // The JVMS 2nd edition allows field initialization before the superclass
1833 // initializer, if the field is defined within the current class.
1834 fieldDescriptor fd;
1835 if (stack_object_type == VerificationType::uninitialized_this_type() &&
1836 target_class_type.equals(current_type()) &&
1837 _klass->find_local_field(field_name, field_sig, &fd)) {
1838 stack_object_type = current_type();
1839 }
1840 is_assignable = target_class_type.is_assignable_from(
1841 stack_object_type, this, CHECK_VERIFY(this));
1842 if (!is_assignable) {
1843 verify_error(bci, "Bad type on operand stack in putfield");
1844 return;
1845 }
1846 }
1847 check_protected: {
1848 if (_this_type == stack_object_type)
1849 break; // stack_object_type must be assignable to _current_class_type
1850 Symbol* ref_class_name =
1851 cp->klass_name_at(cp->klass_ref_index_at(index));
1852 if (!name_in_supers(ref_class_name, current_class()))
1853 // stack_object_type must be assignable to _current_class_type since:
1854 // 1. stack_object_type must be assignable to ref_class.
1855 // 2. ref_class must be _current_class or a subclass of it. It can't
1856 // be a superclass of it. See revised JVMS 5.4.4.
1857 break;
1858
1859 klassOop ref_class_oop = load_class(ref_class_name, CHECK);
1860 if (is_protected_access(current_class(), ref_class_oop, field_name,
1861 field_sig, false)) {
1862 // It's protected access, check if stack object is assignable to
1863 // current class.
1864 is_assignable = current_type().is_assignable_from(
1865 stack_object_type, this, CHECK_VERIFY(this));
1866 if (!is_assignable) {
1867 verify_error(bci, "Bad access to protected data in getfield");
1868 return;
1869 }
1870 }
1871 break;
1872 }
1873 default: ShouldNotReachHere();
1874 }
1875 }
1876
1877 void ClassVerifier::verify_invoke_init(
1878 RawBytecodeStream* bcs, VerificationType ref_class_type,
1879 StackMapFrame* current_frame, u4 code_length, bool *this_uninit,
1880 constantPoolHandle cp, TRAPS) {
1881 u2 bci = bcs->bci();
1882 VerificationType type = current_frame->pop_stack(
1883 VerificationType::reference_check(), CHECK_VERIFY(this));
1884 if (type == VerificationType::uninitialized_this_type()) {
1885 // The method must be an <init> method of either this class, or one of its
1886 // superclasses
1887 if (ref_class_type.name() != current_class()->name() &&
1888 !name_in_supers(ref_class_type.name(), current_class())) {
1889 verify_error(bci, "Bad <init> method call");
1890 return;
1891 }
1892 current_frame->initialize_object(type, current_type());
1893 *this_uninit = true;
1894 } else if (type.is_uninitialized()) {
1895 u2 new_offset = type.bci();
1896 address new_bcp = bcs->bcp() - bci + new_offset;
1897 if (new_offset > (code_length - 3) || (*new_bcp) != Bytecodes::_new) {
1898 verify_error(new_offset, "Expecting new instruction");
1899 return;
1900 }
1901 u2 new_class_index = Bytes::get_Java_u2(new_bcp + 1);
1902 verify_cp_class_type(new_class_index, cp, CHECK_VERIFY(this));
1903
1904 // The method must be an <init> method of the indicated class
1905 VerificationType new_class_type = cp_index_to_type(
1906 new_class_index, cp, CHECK_VERIFY(this));
1907 if (!new_class_type.equals(ref_class_type)) {
1908 verify_error(bci, "Call to wrong <init> method");
1909 return;
1910 }
1911 // According to the VM spec, if the referent class is a superclass of the
1912 // current class, and is in a different runtime package, and the method is
1913 // protected, then the objectref must be the current class or a subclass
1914 // of the current class.
1915 VerificationType objectref_type = new_class_type;
1916 if (name_in_supers(ref_class_type.name(), current_class())) {
1917 klassOop ref_klass = load_class(
1918 ref_class_type.name(), CHECK_VERIFY(this));
1919 methodOop m = instanceKlass::cast(ref_klass)->uncached_lookup_method(
1920 vmSymbols::object_initializer_name(),
1921 cp->signature_ref_at(bcs->get_index_u2()));
1922 instanceKlassHandle mh(THREAD, m->method_holder());
1923 if (m->is_protected() && !mh->is_same_class_package(_klass())) {
1924 bool assignable = current_type().is_assignable_from(
1925 objectref_type, this, CHECK_VERIFY(this));
1926 if (!assignable) {
1927 verify_error(bci, "Bad access to protected <init> method");
1928 return;
1929 }
1930 }
1931 }
1932 current_frame->initialize_object(type, new_class_type);
1933 } else {
1934 verify_error(bci, "Bad operand type when invoking <init>");
1935 return;
1936 }
1937 }
1938
1939 void ClassVerifier::verify_invoke_instructions(
1940 RawBytecodeStream* bcs, u4 code_length, StackMapFrame* current_frame,
1941 bool *this_uninit, VerificationType return_type,
1942 constantPoolHandle cp, TRAPS) {
1943 // Make sure the constant pool item is the right type
1944 u2 index = bcs->get_index_u2();
1945 Bytecodes::Code opcode = bcs->raw_code();
1946 unsigned int types = (opcode == Bytecodes::_invokeinterface
1947 ? 1 << JVM_CONSTANT_InterfaceMethodref
1948 : opcode == Bytecodes::_invokedynamic
1949 ? 1 << JVM_CONSTANT_InvokeDynamic
1950 : 1 << JVM_CONSTANT_Methodref);
1951 verify_cp_type(index, cp, types, CHECK_VERIFY(this));
1952
1953 // Get method name and signature
1954 Symbol* method_name = cp->name_ref_at(index);
1955 Symbol* method_sig = cp->signature_ref_at(index);
1956
1957 if (!SignatureVerifier::is_valid_method_signature(method_sig)) {
1958 class_format_error(
1959 "Invalid method signature in class %s referenced "
1960 "from constant pool index %d", _klass->external_name(), index);
1961 return;
1962 }
1963
1964 // Get referenced class type
1965 VerificationType ref_class_type;
1966 if (opcode == Bytecodes::_invokedynamic) {
1967 if (!EnableInvokeDynamic ||
1968 _klass->major_version() < Verifier::INVOKEDYNAMIC_MAJOR_VERSION) {
1969 class_format_error(
1970 (!EnableInvokeDynamic ?
1971 "invokedynamic instructions not enabled in this JVM" :
1972 "invokedynamic instructions not supported by this class file version"),
1973 _klass->external_name());
1974 return;
1975 }
1976 } else {
1977 ref_class_type = cp_ref_index_to_type(index, cp, CHECK_VERIFY(this));
1978 }
1979
1980 // For a small signature length, we just allocate 128 bytes instead
1981 // of parsing the signature once to find its size.
1982 // -3 is for '(', ')' and return descriptor; multiply by 2 is for
1983 // longs/doubles to be consertive.
1984 assert(sizeof(VerificationType) == sizeof(uintptr_t),
1985 "buffer type must match VerificationType size");
1986 uintptr_t on_stack_sig_types_buffer[128];
1987 // If we make a VerificationType[128] array directly, the compiler calls
1988 // to the c-runtime library to do the allocation instead of just
1989 // stack allocating it. Plus it would run constructors. This shows up
1990 // in performance profiles.
1991
1992 VerificationType* sig_types;
1993 int size = (method_sig->utf8_length() - 3) * 2;
1994 if (size > 128) {
1995 // Long and double occupies two slots here.
1996 ArgumentSizeComputer size_it(method_sig);
1997 size = size_it.size();
1998 sig_types = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, VerificationType, size);
1999 } else{
2000 sig_types = (VerificationType*)on_stack_sig_types_buffer;
2001 }
2002 SignatureStream sig_stream(method_sig);
2003 int sig_i = 0;
2004 while (!sig_stream.at_return_type()) {
2005 sig_i += change_sig_to_verificationType(
2006 &sig_stream, &sig_types[sig_i], CHECK_VERIFY(this));
2007 sig_stream.next();
2008 }
2009 int nargs = sig_i;
2010
2011 #ifdef ASSERT
2012 {
2013 ArgumentSizeComputer size_it(method_sig);
2014 assert(nargs == size_it.size(), "Argument sizes do not match");
2015 assert(nargs <= (method_sig->utf8_length() - 3) * 2, "estimate of max size isn't conservative enough");
2016 }
2017 #endif
2018
2019 // Check instruction operands
2020 u2 bci = bcs->bci();
2021 if (opcode == Bytecodes::_invokeinterface) {
2022 address bcp = bcs->bcp();
2023 // 4905268: count operand in invokeinterface should be nargs+1, not nargs.
2024 // JSR202 spec: The count operand of an invokeinterface instruction is valid if it is
2025 // the difference between the size of the operand stack before and after the instruction
2026 // executes.
2027 if (*(bcp+3) != (nargs+1)) {
2028 verify_error(bci, "Inconsistent args count operand in invokeinterface");
2029 return;
2030 }
2031 if (*(bcp+4) != 0) {
2032 verify_error(bci, "Fourth operand byte of invokeinterface must be zero");
2033 return;
2034 }
2035 }
2036
2037 if (opcode == Bytecodes::_invokedynamic) {
2038 address bcp = bcs->bcp();
2039 if (*(bcp+3) != 0 || *(bcp+4) != 0) {
2040 verify_error(bci, "Third and fourth operand bytes of invokedynamic must be zero");
2041 return;
2042 }
2043 }
2044
2045 if (method_name->byte_at(0) == '<') {
2046 // Make sure <init> can only be invoked by invokespecial
2047 if (opcode != Bytecodes::_invokespecial ||
2048 method_name != vmSymbols::object_initializer_name()) {
2049 verify_error(bci, "Illegal call to internal method");
2050 return;
2051 }
2052 } else if (opcode == Bytecodes::_invokespecial
2053 && !ref_class_type.equals(current_type())
2054 && !ref_class_type.equals(VerificationType::reference_type(
2055 current_class()->super()->klass_part()->name()))) {
2056 bool subtype = ref_class_type.is_assignable_from(
2057 current_type(), this, CHECK_VERIFY(this));
2058 if (!subtype) {
2059 verify_error(bci, "Bad invokespecial instruction: "
2060 "current class isn't assignable to reference class.");
2061 return;
2062 }
2063 }
2064 // Match method descriptor with operand stack
2065 for (int i = nargs - 1; i >= 0; i--) { // Run backwards
2066 current_frame->pop_stack(sig_types[i], CHECK_VERIFY(this));
2067 }
2068 // Check objectref on operand stack
2069 if (opcode != Bytecodes::_invokestatic &&
2070 opcode != Bytecodes::_invokedynamic) {
2071 if (method_name == vmSymbols::object_initializer_name()) { // <init> method
2072 verify_invoke_init(bcs, ref_class_type, current_frame,
2073 code_length, this_uninit, cp, CHECK_VERIFY(this));
2074 } else { // other methods
2075 // Ensures that target class is assignable to method class.
2076 if (opcode == Bytecodes::_invokespecial) {
2077 current_frame->pop_stack(current_type(), CHECK_VERIFY(this));
2078 } else if (opcode == Bytecodes::_invokevirtual) {
2079 VerificationType stack_object_type =
2080 current_frame->pop_stack(ref_class_type, CHECK_VERIFY(this));
2081 if (current_type() != stack_object_type) {
2082 assert(cp->cache() == NULL, "not rewritten yet");
2083 Symbol* ref_class_name =
2084 cp->klass_name_at(cp->klass_ref_index_at(index));
2085 // See the comments in verify_field_instructions() for
2086 // the rationale behind this.
2087 if (name_in_supers(ref_class_name, current_class())) {
2088 klassOop ref_class = load_class(ref_class_name, CHECK);
2089 if (is_protected_access(
2090 _klass, ref_class, method_name, method_sig, true)) {
2091 // It's protected access, check if stack object is
2092 // assignable to current class.
2093 bool is_assignable = current_type().is_assignable_from(
2094 stack_object_type, this, CHECK_VERIFY(this));
2095 if (!is_assignable) {
2096 if (ref_class_type.name() == vmSymbols::java_lang_Object()
2097 && stack_object_type.is_array()
2098 && method_name == vmSymbols::clone_name()) {
2099 // Special case: arrays pretend to implement public Object
2100 // clone().
2101 } else {
2102 verify_error(bci,
2103 "Bad access to protected data in invokevirtual");
2104 return;
2105 }
2106 }
2107 }
2108 }
2109 }
2110 } else {
2111 assert(opcode == Bytecodes::_invokeinterface, "Unexpected opcode encountered");
2112 current_frame->pop_stack(ref_class_type, CHECK_VERIFY(this));
2113 }
2114 }
2115 }
2116 // Push the result type.
2117 if (sig_stream.type() != T_VOID) {
2118 if (method_name == vmSymbols::object_initializer_name()) {
2119 // <init> method must have a void return type
2120 verify_error(bci, "Return type must be void in <init> method");
2121 return;
2122 }
2123 VerificationType return_type[2];
2124 int n = change_sig_to_verificationType(
2125 &sig_stream, return_type, CHECK_VERIFY(this));
2126 for (int i = 0; i < n; i++) {
2127 current_frame->push_stack(return_type[i], CHECK_VERIFY(this)); // push types backwards
2128 }
2129 }
2130 }
2131
2132 VerificationType ClassVerifier::get_newarray_type(
2133 u2 index, u2 bci, TRAPS) {
2134 const char* from_bt[] = {
2135 NULL, NULL, NULL, NULL, "[Z", "[C", "[F", "[D", "[B", "[S", "[I", "[J",
2136 };
2137 if (index < T_BOOLEAN || index > T_LONG) {
2138 verify_error(bci, "Illegal newarray instruction");
2139 return VerificationType::bogus_type();
2140 }
2141
2142 // from_bt[index] contains the array signature which has a length of 2
2143 Symbol* sig = create_temporary_symbol(
2144 from_bt[index], 2, CHECK_(VerificationType::bogus_type()));
2145 return VerificationType::reference_type(sig);
2146 }
2147
2148 void ClassVerifier::verify_anewarray(
2149 u2 index, constantPoolHandle cp, StackMapFrame* current_frame, TRAPS) {
2150 verify_cp_class_type(index, cp, CHECK_VERIFY(this));
2151 current_frame->pop_stack(
2152 VerificationType::integer_type(), CHECK_VERIFY(this));
2153
2154 VerificationType component_type =
2155 cp_index_to_type(index, cp, CHECK_VERIFY(this));
2156 int length;
2157 char* arr_sig_str;
2158 if (component_type.is_array()) { // it's an array
2159 const char* component_name = component_type.name()->as_utf8();
2160 // add one dimension to component
2161 length = (int)strlen(component_name) + 1;
2162 arr_sig_str = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, char, length);
2163 arr_sig_str[0] = '[';
2164 strncpy(&arr_sig_str[1], component_name, length - 1);
2165 } else { // it's an object or interface
2166 const char* component_name = component_type.name()->as_utf8();
2167 // add one dimension to component with 'L' prepended and ';' postpended.
2168 length = (int)strlen(component_name) + 3;
2169 arr_sig_str = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, char, length);
2170 arr_sig_str[0] = '[';
2171 arr_sig_str[1] = 'L';
2172 strncpy(&arr_sig_str[2], component_name, length - 2);
2173 arr_sig_str[length - 1] = ';';
2174 }
2175 Symbol* arr_sig = create_temporary_symbol(
2176 arr_sig_str, length, CHECK_VERIFY(this));
2177 VerificationType new_array_type = VerificationType::reference_type(arr_sig);
2178 current_frame->push_stack(new_array_type, CHECK_VERIFY(this));
2179 }
2180
2181 void ClassVerifier::verify_iload(u2 index, StackMapFrame* current_frame, TRAPS) {
2182 current_frame->get_local(
2183 index, VerificationType::integer_type(), CHECK_VERIFY(this));
2184 current_frame->push_stack(
2185 VerificationType::integer_type(), CHECK_VERIFY(this));
2186 }
2187
2188 void ClassVerifier::verify_lload(u2 index, StackMapFrame* current_frame, TRAPS) {
2189 current_frame->get_local_2(
2190 index, VerificationType::long_type(),
2191 VerificationType::long2_type(), CHECK_VERIFY(this));
2192 current_frame->push_stack_2(
2193 VerificationType::long_type(),
2194 VerificationType::long2_type(), CHECK_VERIFY(this));
2195 }
2196
2197 void ClassVerifier::verify_fload(u2 index, StackMapFrame* current_frame, TRAPS) {
2198 current_frame->get_local(
2199 index, VerificationType::float_type(), CHECK_VERIFY(this));
2200 current_frame->push_stack(
2201 VerificationType::float_type(), CHECK_VERIFY(this));
2202 }
2203
2204 void ClassVerifier::verify_dload(u2 index, StackMapFrame* current_frame, TRAPS) {
2205 current_frame->get_local_2(
2206 index, VerificationType::double_type(),
2207 VerificationType::double2_type(), CHECK_VERIFY(this));
2208 current_frame->push_stack_2(
2209 VerificationType::double_type(),
2210 VerificationType::double2_type(), CHECK_VERIFY(this));
2211 }
2212
2213 void ClassVerifier::verify_aload(u2 index, StackMapFrame* current_frame, TRAPS) {
2214 VerificationType type = current_frame->get_local(
2215 index, VerificationType::reference_check(), CHECK_VERIFY(this));
2216 current_frame->push_stack(type, CHECK_VERIFY(this));
2217 }
2218
2219 void ClassVerifier::verify_istore(u2 index, StackMapFrame* current_frame, TRAPS) {
2220 current_frame->pop_stack(
2221 VerificationType::integer_type(), CHECK_VERIFY(this));
2222 current_frame->set_local(
2223 index, VerificationType::integer_type(), CHECK_VERIFY(this));
2224 }
2225
2226 void ClassVerifier::verify_lstore(u2 index, StackMapFrame* current_frame, TRAPS) {
2227 current_frame->pop_stack_2(
2228 VerificationType::long2_type(),
2229 VerificationType::long_type(), CHECK_VERIFY(this));
2230 current_frame->set_local_2(
2231 index, VerificationType::long_type(),
2232 VerificationType::long2_type(), CHECK_VERIFY(this));
2233 }
2234
2235 void ClassVerifier::verify_fstore(u2 index, StackMapFrame* current_frame, TRAPS) {
2236 current_frame->pop_stack(VerificationType::float_type(), CHECK_VERIFY(this));
2237 current_frame->set_local(
2238 index, VerificationType::float_type(), CHECK_VERIFY(this));
2239 }
2240
2241 void ClassVerifier::verify_dstore(u2 index, StackMapFrame* current_frame, TRAPS) {
2242 current_frame->pop_stack_2(
2243 VerificationType::double2_type(),
2244 VerificationType::double_type(), CHECK_VERIFY(this));
2245 current_frame->set_local_2(
2246 index, VerificationType::double_type(),
2247 VerificationType::double2_type(), CHECK_VERIFY(this));
2248 }
2249
2250 void ClassVerifier::verify_astore(u2 index, StackMapFrame* current_frame, TRAPS) {
2251 VerificationType type = current_frame->pop_stack(
2252 VerificationType::reference_check(), CHECK_VERIFY(this));
2253 current_frame->set_local(index, type, CHECK_VERIFY(this));
2254 }
2255
2256 void ClassVerifier::verify_iinc(u2 index, StackMapFrame* current_frame, TRAPS) {
2257 VerificationType type = current_frame->get_local(
2258 index, VerificationType::integer_type(), CHECK_VERIFY(this));
2259 current_frame->set_local(index, type, CHECK_VERIFY(this));
2260 }
2261
2262 void ClassVerifier::verify_return_value(
2263 VerificationType return_type, VerificationType type, u2 bci, TRAPS) {
2264 if (return_type == VerificationType::bogus_type()) {
2265 verify_error(bci, "Method expects a return value");
2266 return;
2267 }
2268 bool match = return_type.is_assignable_from(type, this, CHECK_VERIFY(this));
2269 if (!match) {
2270 verify_error(bci, "Bad return type");
2271 return;
2272 }
2273 }
2274
2275 // The verifier creates symbols which are substrings of Symbols.
2276 // These are stored in the verifier until the end of verification so that
2277 // they can be reference counted.
2278 Symbol* ClassVerifier::create_temporary_symbol(const Symbol *s, int begin,
2279 int end, TRAPS) {
2280 Symbol* sym = SymbolTable::new_symbol(s, begin, end, CHECK_NULL);
2281 _symbols->push(sym);
2282 return sym;
2283 }
2284
2285 Symbol* ClassVerifier::create_temporary_symbol(const char *s, int length, TRAPS) {
2286 Symbol* sym = SymbolTable::new_symbol(s, length, CHECK_NULL);
2287 _symbols->push(sym);
2288 return sym;
2289 }