222 // to infinitely recurse when we try to initialize the exception.
223 // So bail out here by throwing the preallocated VM error.
224 THROW_OOP_(Universe::virtual_machine_error_instance(), false);
225 }
226 kls = kls->super();
227 }
228 message_buffer[message_buffer_len - 1] = '\0'; // just to be sure
229 THROW_MSG_(exception_name, exception_message, false);
230 }
231 }
232
233 bool Verifier::is_eligible_for_verification(InstanceKlass* klass, bool should_verify_class) {
234 Symbol* name = klass->name();
235 Klass* refl_magic_klass = SystemDictionary::reflect_MagicAccessorImpl_klass();
236
237 bool is_reflect = refl_magic_klass != NULL && klass->is_subtype_of(refl_magic_klass);
238
239 return (should_verify_for(klass->class_loader(), should_verify_class) &&
240 // return if the class is a bootstrapping class
241 // or defineClass specified not to verify by default (flags override passed arg)
242 // We need to skip the following four for bootstraping
243 name != vmSymbols::java_lang_Object() &&
244 name != vmSymbols::java_lang_Class() &&
245 name != vmSymbols::java_lang_String() &&
246 name != vmSymbols::java_lang_Throwable() &&
247
248 // Can not verify the bytecodes for shared classes because they have
249 // already been rewritten to contain constant pool cache indices,
250 // which the verifier can't understand.
251 // Shared classes shouldn't have stackmaps either.
252 !klass->is_shared() &&
253
254 // As of the fix for 4486457 we disable verification for all of the
255 // dynamically-generated bytecodes associated with the 1.4
256 // reflection implementation, not just those associated with
257 // jdk/internal/reflect/SerializationConstructorAccessor.
258 // NOTE: this is called too early in the bootstrapping process to be
259 // guarded by Universe::is_gte_jdk14x_version().
260 // Also for lambda generated code, gte jdk8
261 (!is_reflect));
262 }
263
264 Symbol* Verifier::inference_verify(
265 InstanceKlass* klass, char* message, size_t message_len, TRAPS) {
266 JavaThread* thread = (JavaThread*)THREAD;
267 JNIEnv *env = thread->jni_environment();
268
269 void* verify_func = verify_byte_codes_fn();
270
271 if (verify_func == NULL) {
272 jio_snprintf(message, message_len, "Could not link verifier");
273 return vmSymbols::java_lang_VerifyError();
567 ClassVerifier::ClassVerifier(
568 InstanceKlass* klass, TRAPS)
569 : _thread(THREAD), _exception_type(NULL), _message(NULL), _klass(klass) {
570 _this_type = VerificationType::reference_type(klass->name());
571 // Create list to hold symbols in reference area.
572 _symbols = new GrowableArray<Symbol*>(100, 0, NULL);
573 }
574
575 ClassVerifier::~ClassVerifier() {
576 // Decrement the reference count for any symbols created.
577 for (int i = 0; i < _symbols->length(); i++) {
578 Symbol* s = _symbols->at(i);
579 s->decrement_refcount();
580 }
581 }
582
583 VerificationType ClassVerifier::object_type() const {
584 return VerificationType::reference_type(vmSymbols::java_lang_Object());
585 }
586
587 TypeOrigin ClassVerifier::ref_ctx(const char* sig, TRAPS) {
588 VerificationType vt = VerificationType::reference_type(
589 create_temporary_symbol(sig, (int)strlen(sig), THREAD));
590 return TypeOrigin::implicit(vt);
591 }
592
593 void ClassVerifier::verify_class(TRAPS) {
594 log_info(verification)("Verifying class %s with new format", _klass->external_name());
595
596 Array<Method*>* methods = _klass->methods();
597 int num_methods = methods->length();
598
599 for (int index = 0; index < num_methods; index++) {
600 // Check for recursive re-verification before each method.
601 if (was_recursively_verified()) return;
602
603 Method* m = methods->at(index);
604 if (m->is_native() || m->is_abstract() || m->is_overpass()) {
605 // If m is native or abstract, skip it. It is checked in class file
606 // parser that methods do not override a final method. Overpass methods
607 // are trusted since the VM generates them.
608 continue;
609 }
610 verify_method(methodHandle(THREAD, m), CHECK_VERIFY(this));
611 }
612
617 }
618 }
619
620 void ClassVerifier::verify_method(const methodHandle& m, TRAPS) {
621 HandleMark hm(THREAD);
622 _method = m; // initialize _method
623 log_info(verification)("Verifying method %s", m->name_and_sig_as_C_string());
624
625 // For clang, the only good constant format string is a literal constant format string.
626 #define bad_type_msg "Bad type on operand stack in %s"
627
628 int32_t max_stack = m->verifier_max_stack();
629 int32_t max_locals = m->max_locals();
630 constantPoolHandle cp(THREAD, m->constants());
631
632 if (!SignatureVerifier::is_valid_method_signature(m->signature())) {
633 class_format_error("Invalid method signature");
634 return;
635 }
636
637 // Initial stack map frame: offset is 0, stack is initially empty.
638 StackMapFrame current_frame(max_locals, max_stack, this);
639 // Set initial locals
640 VerificationType return_type = current_frame.set_locals_from_arg(
641 m, current_type(), CHECK_VERIFY(this));
642
643 int32_t stackmap_index = 0; // index to the stackmap array
644
645 u4 code_length = m->code_size();
646
647 // Scan the bytecode and map each instruction's start offset to a number.
648 char* code_data = generate_code_data(m, code_length, CHECK_VERIFY(this));
649
650 int ex_min = code_length;
651 int ex_max = -1;
652 // Look through each item on the exception table. Each of the fields must refer
653 // to a legal instruction.
654 if (was_recursively_verified()) return;
655 verify_exception_handler_table(
656 code_length, code_data, ex_min, ex_max, CHECK_VERIFY(this));
824 case Bytecodes::_fload :
825 verify_fload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
826 no_control_flow = false; break;
827 case Bytecodes::_fload_0 :
828 case Bytecodes::_fload_1 :
829 case Bytecodes::_fload_2 :
830 case Bytecodes::_fload_3 :
831 index = opcode - Bytecodes::_fload_0;
832 verify_fload(index, ¤t_frame, CHECK_VERIFY(this));
833 no_control_flow = false; break;
834 case Bytecodes::_dload :
835 verify_dload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
836 no_control_flow = false; break;
837 case Bytecodes::_dload_0 :
838 case Bytecodes::_dload_1 :
839 case Bytecodes::_dload_2 :
840 case Bytecodes::_dload_3 :
841 index = opcode - Bytecodes::_dload_0;
842 verify_dload(index, ¤t_frame, CHECK_VERIFY(this));
843 no_control_flow = false; break;
844 case Bytecodes::_aload :
845 verify_aload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
846 no_control_flow = false; break;
847 case Bytecodes::_aload_0 :
848 case Bytecodes::_aload_1 :
849 case Bytecodes::_aload_2 :
850 case Bytecodes::_aload_3 :
851 index = opcode - Bytecodes::_aload_0;
852 verify_aload(index, ¤t_frame, CHECK_VERIFY(this));
853 no_control_flow = false; break;
854 case Bytecodes::_iaload :
855 type = current_frame.pop_stack(
856 VerificationType::integer_type(), CHECK_VERIFY(this));
857 atype = current_frame.pop_stack(
858 VerificationType::reference_check(), CHECK_VERIFY(this));
859 if (!atype.is_int_array()) {
860 verify_error(ErrorContext::bad_type(bci,
861 current_frame.stack_top_ctx(), ref_ctx("[I", THREAD)),
862 bad_type_msg, "iaload");
863 return;
956 VerificationType::integer_type(), CHECK_VERIFY(this));
957 atype = current_frame.pop_stack(
958 VerificationType::reference_check(), CHECK_VERIFY(this));
959 if (!atype.is_reference_array()) {
960 verify_error(ErrorContext::bad_type(bci,
961 current_frame.stack_top_ctx(),
962 TypeOrigin::implicit(VerificationType::reference_check())),
963 bad_type_msg, "aaload");
964 return;
965 }
966 if (atype.is_null()) {
967 current_frame.push_stack(
968 VerificationType::null_type(), CHECK_VERIFY(this));
969 } else {
970 VerificationType component =
971 atype.get_component(this, CHECK_VERIFY(this));
972 current_frame.push_stack(component, CHECK_VERIFY(this));
973 }
974 no_control_flow = false; break;
975 }
976 case Bytecodes::_istore :
977 verify_istore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
978 no_control_flow = false; break;
979 case Bytecodes::_istore_0 :
980 case Bytecodes::_istore_1 :
981 case Bytecodes::_istore_2 :
982 case Bytecodes::_istore_3 :
983 index = opcode - Bytecodes::_istore_0;
984 verify_istore(index, ¤t_frame, CHECK_VERIFY(this));
985 no_control_flow = false; break;
986 case Bytecodes::_lstore :
987 verify_lstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
988 no_control_flow = false; break;
989 case Bytecodes::_lstore_0 :
990 case Bytecodes::_lstore_1 :
991 case Bytecodes::_lstore_2 :
992 case Bytecodes::_lstore_3 :
993 index = opcode - Bytecodes::_lstore_0;
994 verify_lstore(index, ¤t_frame, CHECK_VERIFY(this));
995 no_control_flow = false; break;
996 case Bytecodes::_fstore :
997 verify_fstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
998 no_control_flow = false; break;
999 case Bytecodes::_fstore_0 :
1000 case Bytecodes::_fstore_1 :
1001 case Bytecodes::_fstore_2 :
1002 case Bytecodes::_fstore_3 :
1003 index = opcode - Bytecodes::_fstore_0;
1004 verify_fstore(index, ¤t_frame, CHECK_VERIFY(this));
1005 no_control_flow = false; break;
1006 case Bytecodes::_dstore :
1007 verify_dstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
1008 no_control_flow = false; break;
1009 case Bytecodes::_dstore_0 :
1010 case Bytecodes::_dstore_1 :
1011 case Bytecodes::_dstore_2 :
1012 case Bytecodes::_dstore_3 :
1013 index = opcode - Bytecodes::_dstore_0;
1014 verify_dstore(index, ¤t_frame, CHECK_VERIFY(this));
1015 no_control_flow = false; break;
1016 case Bytecodes::_astore :
1017 verify_astore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
1018 no_control_flow = false; break;
1019 case Bytecodes::_astore_0 :
1020 case Bytecodes::_astore_1 :
1021 case Bytecodes::_astore_2 :
1022 case Bytecodes::_astore_3 :
1023 index = opcode - Bytecodes::_astore_0;
1024 verify_astore(index, ¤t_frame, CHECK_VERIFY(this));
1025 no_control_flow = false; break;
1026 case Bytecodes::_iastore :
1027 type = current_frame.pop_stack(
1028 VerificationType::integer_type(), CHECK_VERIFY(this));
1029 type2 = current_frame.pop_stack(
1030 VerificationType::integer_type(), CHECK_VERIFY(this));
1031 atype = current_frame.pop_stack(
1032 VerificationType::reference_check(), CHECK_VERIFY(this));
1033 if (!atype.is_int_array()) {
1034 verify_error(ErrorContext::bad_type(bci,
1035 current_frame.stack_top_ctx(), ref_ctx("[I", THREAD)),
1122 bad_type_msg, "dastore");
1123 return;
1124 }
1125 no_control_flow = false; break;
1126 case Bytecodes::_aastore :
1127 type = current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1128 type2 = current_frame.pop_stack(
1129 VerificationType::integer_type(), CHECK_VERIFY(this));
1130 atype = current_frame.pop_stack(
1131 VerificationType::reference_check(), CHECK_VERIFY(this));
1132 // more type-checking is done at runtime
1133 if (!atype.is_reference_array()) {
1134 verify_error(ErrorContext::bad_type(bci,
1135 current_frame.stack_top_ctx(),
1136 TypeOrigin::implicit(VerificationType::reference_check())),
1137 bad_type_msg, "aastore");
1138 return;
1139 }
1140 // 4938384: relaxed constraint in JVMS 3nd edition.
1141 no_control_flow = false; break;
1142 case Bytecodes::_pop :
1143 current_frame.pop_stack(
1144 VerificationType::category1_check(), CHECK_VERIFY(this));
1145 no_control_flow = false; break;
1146 case Bytecodes::_pop2 :
1147 type = current_frame.pop_stack(CHECK_VERIFY(this));
1148 if (type.is_category1()) {
1149 current_frame.pop_stack(
1150 VerificationType::category1_check(), CHECK_VERIFY(this));
1151 } else if (type.is_category2_2nd()) {
1152 current_frame.pop_stack(
1153 VerificationType::category2_check(), CHECK_VERIFY(this));
1154 } else {
1155 /* Unreachable? Would need a category2_1st on TOS
1156 * which does not appear possible. */
1157 verify_error(
1158 ErrorContext::bad_type(bci, current_frame.stack_top_ctx()),
1159 bad_type_msg, "pop2");
1160 return;
1161 }
1573 case Bytecodes::_freturn :
1574 type = current_frame.pop_stack(
1575 VerificationType::float_type(), CHECK_VERIFY(this));
1576 verify_return_value(return_type, type, bci,
1577 ¤t_frame, CHECK_VERIFY(this));
1578 no_control_flow = true; break;
1579 case Bytecodes::_dreturn :
1580 type2 = current_frame.pop_stack(
1581 VerificationType::double2_type(), CHECK_VERIFY(this));
1582 type = current_frame.pop_stack(
1583 VerificationType::double_type(), CHECK_VERIFY(this));
1584 verify_return_value(return_type, type, bci,
1585 ¤t_frame, CHECK_VERIFY(this));
1586 no_control_flow = true; break;
1587 case Bytecodes::_areturn :
1588 type = current_frame.pop_stack(
1589 VerificationType::reference_check(), CHECK_VERIFY(this));
1590 verify_return_value(return_type, type, bci,
1591 ¤t_frame, CHECK_VERIFY(this));
1592 no_control_flow = true; break;
1593 case Bytecodes::_return :
1594 if (return_type != VerificationType::bogus_type()) {
1595 verify_error(ErrorContext::bad_code(bci),
1596 "Method expects a return value");
1597 return;
1598 }
1599 // Make sure "this" has been initialized if current method is an
1600 // <init>.
1601 if (_method->name() == vmSymbols::object_initializer_name() &&
1602 current_frame.flag_this_uninit()) {
1603 verify_error(ErrorContext::bad_code(bci),
1604 "Constructor must call super() or this() "
1605 "before return");
1606 return;
1607 }
1608 no_control_flow = true; break;
1609 case Bytecodes::_getstatic :
1610 case Bytecodes::_putstatic :
1611 // pass TRUE, operand can be an array type for getstatic/putstatic.
1612 verify_field_instructions(
1613 &bcs, ¤t_frame, cp, true, CHECK_VERIFY(this));
1614 no_control_flow = false; break;
1615 case Bytecodes::_getfield :
1616 case Bytecodes::_putfield :
1617 // pass FALSE, operand can't be an array type for getfield/putfield.
1618 verify_field_instructions(
1619 &bcs, ¤t_frame, cp, false, CHECK_VERIFY(this));
1620 no_control_flow = false; break;
1621 case Bytecodes::_invokevirtual :
1622 case Bytecodes::_invokespecial :
1623 case Bytecodes::_invokestatic :
1624 verify_invoke_instructions(
1625 &bcs, code_length, ¤t_frame, (bci >= ex_min && bci < ex_max),
1626 &this_uninit, return_type, cp, &stackmap_table, CHECK_VERIFY(this));
1627 no_control_flow = false; break;
1628 case Bytecodes::_invokeinterface :
1629 case Bytecodes::_invokedynamic :
1630 verify_invoke_instructions(
1631 &bcs, code_length, ¤t_frame, (bci >= ex_min && bci < ex_max),
1632 &this_uninit, return_type, cp, &stackmap_table, CHECK_VERIFY(this));
1633 no_control_flow = false; break;
1634 case Bytecodes::_new :
1635 {
1636 index = bcs.get_index_u2();
1637 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1638 VerificationType new_class_type =
1639 cp_index_to_type(index, cp, CHECK_VERIFY(this));
1640 if (!new_class_type.is_object()) {
1641 verify_error(ErrorContext::bad_type(bci,
1642 TypeOrigin::cp(index, new_class_type)),
1643 "Illegal new instruction");
1644 return;
1645 }
1646 type = VerificationType::uninitialized_type(bci);
1647 current_frame.push_stack(type, CHECK_VERIFY(this));
1648 no_control_flow = false; break;
1649 }
1650 case Bytecodes::_newarray :
1651 type = get_newarray_type(bcs.get_index(), bci, CHECK_VERIFY(this));
1652 current_frame.pop_stack(
1653 VerificationType::integer_type(), CHECK_VERIFY(this));
1654 current_frame.push_stack(type, CHECK_VERIFY(this));
1655 no_control_flow = false; break;
1656 case Bytecodes::_anewarray :
1657 verify_anewarray(
1658 bci, bcs.get_index_u2(), cp, ¤t_frame, CHECK_VERIFY(this));
1659 no_control_flow = false; break;
1660 case Bytecodes::_arraylength :
1661 type = current_frame.pop_stack(
1662 VerificationType::reference_check(), CHECK_VERIFY(this));
1663 if (!(type.is_null() || type.is_array())) {
1664 verify_error(ErrorContext::bad_type(
1665 bci, current_frame.stack_top_ctx()),
1666 bad_type_msg, "arraylength");
1667 }
1668 current_frame.push_stack(
1669 VerificationType::integer_type(), CHECK_VERIFY(this));
1670 no_control_flow = false; break;
1671 case Bytecodes::_checkcast :
1672 {
1673 index = bcs.get_index_u2();
1674 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1675 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1676 VerificationType klass_type = cp_index_to_type(
1677 index, cp, CHECK_VERIFY(this));
1678 current_frame.push_stack(klass_type, CHECK_VERIFY(this));
1679 no_control_flow = false; break;
1680 }
1681 case Bytecodes::_instanceof : {
1682 index = bcs.get_index_u2();
1683 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1684 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1685 current_frame.push_stack(
1686 VerificationType::integer_type(), CHECK_VERIFY(this));
1687 no_control_flow = false; break;
1688 }
1689 case Bytecodes::_monitorenter :
1690 case Bytecodes::_monitorexit :
1691 current_frame.pop_stack(
1692 VerificationType::reference_check(), CHECK_VERIFY(this));
1693 no_control_flow = false; break;
1694 case Bytecodes::_multianewarray :
1695 {
1696 index = bcs.get_index_u2();
1697 u2 dim = *(bcs.bcp()+3);
1698 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1699 VerificationType new_array_type =
1700 cp_index_to_type(index, cp, CHECK_VERIFY(this));
1701 if (!new_array_type.is_array()) {
1702 verify_error(ErrorContext::bad_type(bci,
1703 TypeOrigin::cp(index, new_array_type)),
1704 "Illegal constant pool index in multianewarray instruction");
1705 return;
1706 }
1707 if (dim < 1 || new_array_type.dimensions() < dim) {
1708 verify_error(ErrorContext::bad_code(bci),
1709 "Illegal dimension in multianewarray instruction: %d", dim);
1710 return;
1711 }
1712 for (int i = 0; i < dim; i++) {
1713 current_frame.pop_stack(
1714 VerificationType::integer_type(), CHECK_VERIFY(this));
1715 }
1716 current_frame.push_stack(new_array_type, CHECK_VERIFY(this));
1717 no_control_flow = false; break;
1718 }
1719 case Bytecodes::_athrow :
1720 type = VerificationType::reference_type(
1787 for(int i = 0; i < exlength; i++) {
1788 u2 start_pc = exhandlers.start_pc(i);
1789 u2 end_pc = exhandlers.end_pc(i);
1790 u2 handler_pc = exhandlers.handler_pc(i);
1791 if (start_pc >= code_length || code_data[start_pc] == 0) {
1792 class_format_error("Illegal exception table start_pc %d", start_pc);
1793 return;
1794 }
1795 if (end_pc != code_length) { // special case: end_pc == code_length
1796 if (end_pc > code_length || code_data[end_pc] == 0) {
1797 class_format_error("Illegal exception table end_pc %d", end_pc);
1798 return;
1799 }
1800 }
1801 if (handler_pc >= code_length || code_data[handler_pc] == 0) {
1802 class_format_error("Illegal exception table handler_pc %d", handler_pc);
1803 return;
1804 }
1805 int catch_type_index = exhandlers.catch_type_index(i);
1806 if (catch_type_index != 0) {
1807 VerificationType catch_type = cp_index_to_type(
1808 catch_type_index, cp, CHECK_VERIFY(this));
1809 VerificationType throwable =
1810 VerificationType::reference_type(vmSymbols::java_lang_Throwable());
1811 bool is_subclass = throwable.is_assignable_from(
1812 catch_type, this, false, CHECK_VERIFY(this));
1813 if (!is_subclass) {
1814 // 4286534: should throw VerifyError according to recent spec change
1815 verify_error(ErrorContext::bad_type(handler_pc,
1816 TypeOrigin::cp(catch_type_index, catch_type),
1817 TypeOrigin::implicit(throwable)),
1818 "Catch type is not a subclass "
1819 "of Throwable in exception handler %d", handler_pc);
1820 return;
1821 }
1822 }
1823 if (start_pc < min) min = start_pc;
1824 if (end_pc > max) max = end_pc;
1825 }
1826 }
1827
1890 // before calling this method to make sure a prior class load did not cause the
1891 // current class to get verified.
1892 void ClassVerifier::verify_exception_handler_targets(u2 bci, bool this_uninit,
1893 StackMapFrame* current_frame,
1894 StackMapTable* stackmap_table, TRAPS) {
1895 constantPoolHandle cp (THREAD, _method->constants());
1896 ExceptionTable exhandlers(_method());
1897 int exlength = exhandlers.length();
1898 for(int i = 0; i < exlength; i++) {
1899 u2 start_pc = exhandlers.start_pc(i);
1900 u2 end_pc = exhandlers.end_pc(i);
1901 u2 handler_pc = exhandlers.handler_pc(i);
1902 int catch_type_index = exhandlers.catch_type_index(i);
1903 if(bci >= start_pc && bci < end_pc) {
1904 u1 flags = current_frame->flags();
1905 if (this_uninit) { flags |= FLAG_THIS_UNINIT; }
1906 StackMapFrame* new_frame = current_frame->frame_in_exception_handler(flags);
1907 if (catch_type_index != 0) {
1908 if (was_recursively_verified()) return;
1909 // We know that this index refers to a subclass of Throwable
1910 VerificationType catch_type = cp_index_to_type(
1911 catch_type_index, cp, CHECK_VERIFY(this));
1912 new_frame->push_stack(catch_type, CHECK_VERIFY(this));
1913 } else {
1914 VerificationType throwable =
1915 VerificationType::reference_type(vmSymbols::java_lang_Throwable());
1916 new_frame->push_stack(throwable, CHECK_VERIFY(this));
1917 }
1918 ErrorContext ctx;
1919 bool matches = stackmap_table->match_stackmap(
1920 new_frame, handler_pc, true, false, &ctx, CHECK_VERIFY(this));
1921 if (!matches) {
1922 verify_error(ctx, "Stack map does not match the one at "
1923 "exception handler %d", handler_pc);
1924 return;
1925 }
1926 }
1927 }
1928 }
1929
1930 void ClassVerifier::verify_cp_index(
1932 int nconstants = cp->length();
1933 if ((index <= 0) || (index >= nconstants)) {
1934 verify_error(ErrorContext::bad_cp_index(bci, index),
1935 "Illegal constant pool index %d in class %s",
1936 index, cp->pool_holder()->external_name());
1937 return;
1938 }
1939 }
1940
1941 void ClassVerifier::verify_cp_type(
1942 u2 bci, int index, const constantPoolHandle& cp, unsigned int types, TRAPS) {
1943
1944 // In some situations, bytecode rewriting may occur while we're verifying.
1945 // In this case, a constant pool cache exists and some indices refer to that
1946 // instead. Be sure we don't pick up such indices by accident.
1947 // We must check was_recursively_verified() before we get here.
1948 guarantee(cp->cache() == NULL, "not rewritten yet");
1949
1950 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
1951 unsigned int tag = cp->tag_at(index).value();
1952 if ((types & (1 << tag)) == 0) {
1953 verify_error(ErrorContext::bad_cp_index(bci, index),
1954 "Illegal type at constant pool entry %d in class %s",
1955 index, cp->pool_holder()->external_name());
1956 return;
1957 }
1958 }
1959
1960 void ClassVerifier::verify_cp_class_type(
1961 u2 bci, int index, const constantPoolHandle& cp, TRAPS) {
1962 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
1963 constantTag tag = cp->tag_at(index);
1964 if (!tag.is_klass() && !tag.is_unresolved_klass()) {
1965 verify_error(ErrorContext::bad_cp_index(bci, index),
1966 "Illegal type at constant pool entry %d in class %s",
1967 index, cp->pool_holder()->external_name());
1968 return;
1969 }
1970 }
1971
1972 void ClassVerifier::verify_error(ErrorContext ctx, const char* msg, ...) {
1973 stringStream ss;
1974
1975 ctx.reset_frames();
1976 _exception_type = vmSymbols::java_lang_VerifyError();
1977 _error_context = ctx;
1978 va_list va;
1979 va_start(va, msg);
1980 ss.vprint(msg, va);
1981 va_end(va);
1982 _message = ss.as_string();
1983 #ifdef ASSERT
1984 ResourceMark rm;
1985 const char* exception_name = _exception_type->as_C_string();
1986 Exceptions::debug_check_abort(exception_name, NULL);
1987 #endif // ndef ASSERT
1988 }
1989
1990 void ClassVerifier::class_format_error(const char* msg, ...) {
1991 stringStream ss;
2039 }
2040 }
2041 } else {
2042 Klass* member_klass = target_instance->find_field(field_name, field_sig, &fd);
2043 if (member_klass != NULL && fd.is_protected()) {
2044 if (!this_class->is_same_class_package(member_klass)) {
2045 return true;
2046 }
2047 }
2048 }
2049 return false;
2050 }
2051
2052 void ClassVerifier::verify_ldc(
2053 int opcode, u2 index, StackMapFrame* current_frame,
2054 const constantPoolHandle& cp, u2 bci, TRAPS) {
2055 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2056 constantTag tag = cp->tag_at(index);
2057 unsigned int types;
2058 if (opcode == Bytecodes::_ldc || opcode == Bytecodes::_ldc_w) {
2059 if (!tag.is_unresolved_klass()) {
2060 types = (1 << JVM_CONSTANT_Integer) | (1 << JVM_CONSTANT_Float)
2061 | (1 << JVM_CONSTANT_String) | (1 << JVM_CONSTANT_Class)
2062 | (1 << JVM_CONSTANT_MethodHandle) | (1 << JVM_CONSTANT_MethodType);
2063 // Note: The class file parser already verified the legality of
2064 // MethodHandle and MethodType constants.
2065 verify_cp_type(bci, index, cp, types, CHECK_VERIFY(this));
2066 }
2067 } else {
2068 assert(opcode == Bytecodes::_ldc2_w, "must be ldc2_w");
2069 types = (1 << JVM_CONSTANT_Double) | (1 << JVM_CONSTANT_Long);
2070 verify_cp_type(bci, index, cp, types, CHECK_VERIFY(this));
2071 }
2072 if (tag.is_string() && cp->is_pseudo_string_at(index)) {
2073 current_frame->push_stack(object_type(), CHECK_VERIFY(this));
2074 } else if (tag.is_string()) {
2075 current_frame->push_stack(
2076 VerificationType::reference_type(
2077 vmSymbols::java_lang_String()), CHECK_VERIFY(this));
2078 } else if (tag.is_klass() || tag.is_unresolved_klass()) {
2079 current_frame->push_stack(
2080 VerificationType::reference_type(
2081 vmSymbols::java_lang_Class()), CHECK_VERIFY(this));
2082 } else if (tag.is_int()) {
2083 current_frame->push_stack(
2084 VerificationType::integer_type(), CHECK_VERIFY(this));
2085 } else if (tag.is_float()) {
2086 current_frame->push_stack(
2087 VerificationType::float_type(), CHECK_VERIFY(this));
2088 } else if (tag.is_double()) {
2089 current_frame->push_stack_2(
2090 VerificationType::double_type(),
2091 VerificationType::double2_type(), CHECK_VERIFY(this));
2092 } else if (tag.is_long()) {
2093 current_frame->push_stack_2(
2094 VerificationType::long_type(),
2095 VerificationType::long2_type(), CHECK_VERIFY(this));
2096 } else if (tag.is_method_handle()) {
2097 current_frame->push_stack(
2098 VerificationType::reference_type(
2194 void ClassVerifier::verify_field_instructions(RawBytecodeStream* bcs,
2195 StackMapFrame* current_frame,
2196 const constantPoolHandle& cp,
2197 bool allow_arrays,
2198 TRAPS) {
2199 u2 index = bcs->get_index_u2();
2200 verify_cp_type(bcs->bci(), index, cp,
2201 1 << JVM_CONSTANT_Fieldref, CHECK_VERIFY(this));
2202
2203 // Get field name and signature
2204 Symbol* field_name = cp->name_ref_at(index);
2205 Symbol* field_sig = cp->signature_ref_at(index);
2206
2207 if (!SignatureVerifier::is_valid_type_signature(field_sig)) {
2208 class_format_error(
2209 "Invalid signature for field in class %s referenced "
2210 "from constant pool index %d", _klass->external_name(), index);
2211 return;
2212 }
2213
2214 // Get referenced class type
2215 VerificationType ref_class_type = cp_ref_index_to_type(
2216 index, cp, CHECK_VERIFY(this));
2217 if (!ref_class_type.is_object() &&
2218 (!allow_arrays || !ref_class_type.is_array())) {
2219 verify_error(ErrorContext::bad_type(bcs->bci(),
2220 TypeOrigin::cp(index, ref_class_type)),
2221 "Expecting reference to class in class %s at constant pool index %d",
2222 _klass->external_name(), index);
2223 return;
2224 }
2225 VerificationType target_class_type = ref_class_type;
2226
2227 assert(sizeof(VerificationType) == sizeof(uintptr_t),
2228 "buffer type must match VerificationType size");
2229 uintptr_t field_type_buffer[2];
2230 VerificationType* field_type = (VerificationType*)field_type_buffer;
2231 // If we make a VerificationType[2] array directly, the compiler calls
2232 // to the c-runtime library to do the allocation instead of just
2233 // stack allocating it. Plus it would run constructors. This shows up
2234 // in performance profiles.
2235
2236 SignatureStream sig_stream(field_sig, false);
2237 VerificationType stack_object_type;
2238 int n = change_sig_to_verificationType(
2239 &sig_stream, field_type, CHECK_VERIFY(this));
2240 u2 bci = bcs->bci();
2241 bool is_assignable;
2242 switch (bcs->raw_code()) {
2243 case Bytecodes::_getstatic: {
2244 for (int i = 0; i < n; i++) {
2301 if (is_protected_access(current_class(), ref_class_oop, field_name,
2302 field_sig, false)) {
2303 // It's protected access, check if stack object is assignable to
2304 // current class.
2305 is_assignable = current_type().is_assignable_from(
2306 stack_object_type, this, true, CHECK_VERIFY(this));
2307 if (!is_assignable) {
2308 verify_error(ErrorContext::bad_type(bci,
2309 current_frame->stack_top_ctx(),
2310 TypeOrigin::implicit(current_type())),
2311 "Bad access to protected data in getfield");
2312 return;
2313 }
2314 }
2315 break;
2316 }
2317 default: ShouldNotReachHere();
2318 }
2319 }
2320
2321 // Look at the method's handlers. If the bci is in the handler's try block
2322 // then check if the handler_pc is already on the stack. If not, push it
2323 // unless the handler has already been scanned.
2324 void ClassVerifier::push_handlers(ExceptionTable* exhandlers,
2325 GrowableArray<u4>* handler_list,
2326 GrowableArray<u4>* handler_stack,
2327 u4 bci) {
2328 int exlength = exhandlers->length();
2329 for(int x = 0; x < exlength; x++) {
2330 if (bci >= exhandlers->start_pc(x) && bci < exhandlers->end_pc(x)) {
2331 u4 exhandler_pc = exhandlers->handler_pc(x);
2332 if (!handler_list->contains(exhandler_pc)) {
2333 handler_stack->append_if_missing(exhandler_pc);
2334 handler_list->append(exhandler_pc);
2335 }
2336 }
2337 }
2338 }
2339
2340 // Return TRUE if all code paths starting with start_bc_offset end in
2570 stackmap_table, CHECK_VERIFY(this));
2571 } // in_try_block
2572
2573 current_frame->initialize_object(type, current_type());
2574 *this_uninit = true;
2575 } else if (type.is_uninitialized()) {
2576 u2 new_offset = type.bci();
2577 address new_bcp = bcs->bcp() - bci + new_offset;
2578 if (new_offset > (code_length - 3) || (*new_bcp) != Bytecodes::_new) {
2579 /* Unreachable? Stack map parsing ensures valid type and new
2580 * instructions have a valid BCI. */
2581 verify_error(ErrorContext::bad_code(new_offset),
2582 "Expecting new instruction");
2583 return;
2584 }
2585 u2 new_class_index = Bytes::get_Java_u2(new_bcp + 1);
2586 if (was_recursively_verified()) return;
2587 verify_cp_class_type(bci, new_class_index, cp, CHECK_VERIFY(this));
2588
2589 // The method must be an <init> method of the indicated class
2590 VerificationType new_class_type = cp_index_to_type(
2591 new_class_index, cp, CHECK_VERIFY(this));
2592 if (!new_class_type.equals(ref_class_type)) {
2593 verify_error(ErrorContext::bad_type(bci,
2594 TypeOrigin::cp(new_class_index, new_class_type),
2595 TypeOrigin::cp(ref_class_index, ref_class_type)),
2596 "Call to wrong <init> method");
2597 return;
2598 }
2599 // According to the VM spec, if the referent class is a superclass of the
2600 // current class, and is in a different runtime package, and the method is
2601 // protected, then the objectref must be the current class or a subclass
2602 // of the current class.
2603 VerificationType objectref_type = new_class_type;
2604 if (name_in_supers(ref_class_type.name(), current_class())) {
2605 Klass* ref_klass = load_class(ref_class_type.name(), CHECK);
2606 if (was_recursively_verified()) return;
2607 Method* m = InstanceKlass::cast(ref_klass)->uncached_lookup_method(
2608 vmSymbols::object_initializer_name(),
2609 cp->signature_ref_at(bcs->get_index_u2()),
2610 Klass::find_overpass);
2678 types = (_klass->major_version() < STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION) ?
2679 (1 << JVM_CONSTANT_Methodref) :
2680 ((1 << JVM_CONSTANT_InterfaceMethodref) | (1 << JVM_CONSTANT_Methodref));
2681 break;
2682 default:
2683 types = 1 << JVM_CONSTANT_Methodref;
2684 }
2685 verify_cp_type(bcs->bci(), index, cp, types, CHECK_VERIFY(this));
2686
2687 // Get method name and signature
2688 Symbol* method_name = cp->name_ref_at(index);
2689 Symbol* method_sig = cp->signature_ref_at(index);
2690
2691 if (!SignatureVerifier::is_valid_method_signature(method_sig)) {
2692 class_format_error(
2693 "Invalid method signature in class %s referenced "
2694 "from constant pool index %d", _klass->external_name(), index);
2695 return;
2696 }
2697
2698 // Get referenced class type
2699 VerificationType ref_class_type;
2700 if (opcode == Bytecodes::_invokedynamic) {
2701 if (_klass->major_version() < Verifier::INVOKEDYNAMIC_MAJOR_VERSION) {
2702 class_format_error(
2703 "invokedynamic instructions not supported by this class file version (%d), class %s",
2704 _klass->major_version(), _klass->external_name());
2705 return;
2706 }
2707 } else {
2708 ref_class_type = cp_ref_index_to_type(index, cp, CHECK_VERIFY(this));
2709 }
2710
2711 // For a small signature length, we just allocate 128 bytes instead
2712 // of parsing the signature once to find its size.
2713 // -3 is for '(', ')' and return descriptor; multiply by 2 is for
2714 // longs/doubles to be consertive.
2715 assert(sizeof(VerificationType) == sizeof(uintptr_t),
2716 "buffer type must match VerificationType size");
2717 uintptr_t on_stack_sig_types_buffer[128];
2718 // If we make a VerificationType[128] array directly, the compiler calls
2719 // to the c-runtime library to do the allocation instead of just
2720 // stack allocating it. Plus it would run constructors. This shows up
2721 // in performance profiles.
2722
2723 VerificationType* sig_types;
2724 int size = (method_sig->utf8_length() - 3) * 2;
2725 if (size > 128) {
2726 // Long and double occupies two slots here.
2727 ArgumentSizeComputer size_it(method_sig);
2728 size = size_it.size();
2729 sig_types = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, VerificationType, size);
2913
2914 VerificationType ClassVerifier::get_newarray_type(
2915 u2 index, u2 bci, TRAPS) {
2916 const char* from_bt[] = {
2917 NULL, NULL, NULL, NULL, "[Z", "[C", "[F", "[D", "[B", "[S", "[I", "[J",
2918 };
2919 if (index < T_BOOLEAN || index > T_LONG) {
2920 verify_error(ErrorContext::bad_code(bci), "Illegal newarray instruction");
2921 return VerificationType::bogus_type();
2922 }
2923
2924 // from_bt[index] contains the array signature which has a length of 2
2925 Symbol* sig = create_temporary_symbol(
2926 from_bt[index], 2, CHECK_(VerificationType::bogus_type()));
2927 return VerificationType::reference_type(sig);
2928 }
2929
2930 void ClassVerifier::verify_anewarray(
2931 u2 bci, u2 index, const constantPoolHandle& cp,
2932 StackMapFrame* current_frame, TRAPS) {
2933 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
2934 current_frame->pop_stack(
2935 VerificationType::integer_type(), CHECK_VERIFY(this));
2936
2937 if (was_recursively_verified()) return;
2938 VerificationType component_type =
2939 cp_index_to_type(index, cp, CHECK_VERIFY(this));
2940 int length;
2941 char* arr_sig_str;
2942 if (component_type.is_array()) { // it's an array
2943 const char* component_name = component_type.name()->as_utf8();
2944 // Check for more than MAX_ARRAY_DIMENSIONS
2945 length = (int)strlen(component_name);
2946 if (length > MAX_ARRAY_DIMENSIONS &&
2947 component_name[MAX_ARRAY_DIMENSIONS - 1] == '[') {
2948 verify_error(ErrorContext::bad_code(bci),
2949 "Illegal anewarray instruction, array has more than 255 dimensions");
2950 }
2951 // add one dimension to component
2952 length++;
2953 arr_sig_str = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, char, length);
2954 arr_sig_str[0] = '[';
2955 strncpy(&arr_sig_str[1], component_name, length - 1);
2956 } else { // it's an object or interface
2957 const char* component_name = component_type.name()->as_utf8();
2958 // add one dimension to component with 'L' prepended and ';' postpended.
2959 length = (int)strlen(component_name) + 3;
2960 arr_sig_str = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, char, length);
2961 arr_sig_str[0] = '[';
2962 arr_sig_str[1] = 'L';
2963 strncpy(&arr_sig_str[2], component_name, length - 2);
2964 arr_sig_str[length - 1] = ';';
2965 }
2966 Symbol* arr_sig = create_temporary_symbol(
2967 arr_sig_str, length, CHECK_VERIFY(this));
2968 VerificationType new_array_type = VerificationType::reference_type(arr_sig);
2969 current_frame->push_stack(new_array_type, CHECK_VERIFY(this));
2970 }
2971
2972 void ClassVerifier::verify_iload(u2 index, StackMapFrame* current_frame, TRAPS) {
2973 current_frame->get_local(
2974 index, VerificationType::integer_type(), CHECK_VERIFY(this));
2975 current_frame->push_stack(
2976 VerificationType::integer_type(), CHECK_VERIFY(this));
2977 }
2978
2979 void ClassVerifier::verify_lload(u2 index, StackMapFrame* current_frame, TRAPS) {
2980 current_frame->get_local_2(
2981 index, VerificationType::long_type(),
2982 VerificationType::long2_type(), CHECK_VERIFY(this));
2990 index, VerificationType::float_type(), CHECK_VERIFY(this));
2991 current_frame->push_stack(
2992 VerificationType::float_type(), CHECK_VERIFY(this));
2993 }
2994
2995 void ClassVerifier::verify_dload(u2 index, StackMapFrame* current_frame, TRAPS) {
2996 current_frame->get_local_2(
2997 index, VerificationType::double_type(),
2998 VerificationType::double2_type(), CHECK_VERIFY(this));
2999 current_frame->push_stack_2(
3000 VerificationType::double_type(),
3001 VerificationType::double2_type(), CHECK_VERIFY(this));
3002 }
3003
3004 void ClassVerifier::verify_aload(u2 index, StackMapFrame* current_frame, TRAPS) {
3005 VerificationType type = current_frame->get_local(
3006 index, VerificationType::reference_check(), CHECK_VERIFY(this));
3007 current_frame->push_stack(type, CHECK_VERIFY(this));
3008 }
3009
3010 void ClassVerifier::verify_istore(u2 index, StackMapFrame* current_frame, TRAPS) {
3011 current_frame->pop_stack(
3012 VerificationType::integer_type(), CHECK_VERIFY(this));
3013 current_frame->set_local(
3014 index, VerificationType::integer_type(), CHECK_VERIFY(this));
3015 }
3016
3017 void ClassVerifier::verify_lstore(u2 index, StackMapFrame* current_frame, TRAPS) {
3018 current_frame->pop_stack_2(
3019 VerificationType::long2_type(),
3020 VerificationType::long_type(), CHECK_VERIFY(this));
3021 current_frame->set_local_2(
3022 index, VerificationType::long_type(),
3023 VerificationType::long2_type(), CHECK_VERIFY(this));
3024 }
3025
3026 void ClassVerifier::verify_fstore(u2 index, StackMapFrame* current_frame, TRAPS) {
3027 current_frame->pop_stack(VerificationType::float_type(), CHECK_VERIFY(this));
3028 current_frame->set_local(
3029 index, VerificationType::float_type(), CHECK_VERIFY(this));
3030 }
3031
3032 void ClassVerifier::verify_dstore(u2 index, StackMapFrame* current_frame, TRAPS) {
3033 current_frame->pop_stack_2(
3034 VerificationType::double2_type(),
3035 VerificationType::double_type(), CHECK_VERIFY(this));
3036 current_frame->set_local_2(
3037 index, VerificationType::double_type(),
3038 VerificationType::double2_type(), CHECK_VERIFY(this));
3039 }
3040
3041 void ClassVerifier::verify_astore(u2 index, StackMapFrame* current_frame, TRAPS) {
3042 VerificationType type = current_frame->pop_stack(
3043 VerificationType::reference_check(), CHECK_VERIFY(this));
3044 current_frame->set_local(index, type, CHECK_VERIFY(this));
3045 }
3046
3047 void ClassVerifier::verify_iinc(u2 index, StackMapFrame* current_frame, TRAPS) {
3048 VerificationType type = current_frame->get_local(
3049 index, VerificationType::integer_type(), CHECK_VERIFY(this));
3050 current_frame->set_local(index, type, CHECK_VERIFY(this));
3051 }
3052
3053 void ClassVerifier::verify_return_value(
3054 VerificationType return_type, VerificationType type, u2 bci,
3055 StackMapFrame* current_frame, TRAPS) {
3056 if (return_type == VerificationType::bogus_type()) {
3057 verify_error(ErrorContext::bad_type(bci,
3058 current_frame->stack_top_ctx(), TypeOrigin::signature(return_type)),
3059 "Method expects a return value");
3060 return;
3061 }
3062 bool match = return_type.is_assignable_from(type, this, false, CHECK_VERIFY(this));
3063 if (!match) {
|
222 // to infinitely recurse when we try to initialize the exception.
223 // So bail out here by throwing the preallocated VM error.
224 THROW_OOP_(Universe::virtual_machine_error_instance(), false);
225 }
226 kls = kls->super();
227 }
228 message_buffer[message_buffer_len - 1] = '\0'; // just to be sure
229 THROW_MSG_(exception_name, exception_message, false);
230 }
231 }
232
233 bool Verifier::is_eligible_for_verification(InstanceKlass* klass, bool should_verify_class) {
234 Symbol* name = klass->name();
235 Klass* refl_magic_klass = SystemDictionary::reflect_MagicAccessorImpl_klass();
236
237 bool is_reflect = refl_magic_klass != NULL && klass->is_subtype_of(refl_magic_klass);
238
239 return (should_verify_for(klass->class_loader(), should_verify_class) &&
240 // return if the class is a bootstrapping class
241 // or defineClass specified not to verify by default (flags override passed arg)
242 // We need to skip the following few for bootstrapping
243 name != vmSymbols::java_lang_Object() &&
244 name != vmSymbols::java_lang____Value() &&
245 name != vmSymbols::java_lang_Class() &&
246 name != vmSymbols::java_lang_String() &&
247 name != vmSymbols::java_lang_Throwable() &&
248
249 // Can not verify the bytecodes for shared classes because they have
250 // already been rewritten to contain constant pool cache indices,
251 // which the verifier can't understand.
252 // Shared classes shouldn't have stackmaps either.
253 !klass->is_shared() &&
254
255 // A MVT derived value type contains no code atrribute - no private static
256 // methods, no instance methods, no <clinit>, no <init>. So while format
257 // checking is performed on it, verification is not.
258 (!((EnableMVT || EnableValhalla) && klass->access_flags().is_value_type())) &&
259
260 // As of the fix for 4486457 we disable verification for all of the
261 // dynamically-generated bytecodes associated with the 1.4
262 // reflection implementation, not just those associated with
263 // jdk/internal/reflect/SerializationConstructorAccessor.
264 // NOTE: this is called too early in the bootstrapping process to be
265 // guarded by Universe::is_gte_jdk14x_version().
266 // Also for lambda generated code, gte jdk8
267 (!is_reflect));
268 }
269
270 Symbol* Verifier::inference_verify(
271 InstanceKlass* klass, char* message, size_t message_len, TRAPS) {
272 JavaThread* thread = (JavaThread*)THREAD;
273 JNIEnv *env = thread->jni_environment();
274
275 void* verify_func = verify_byte_codes_fn();
276
277 if (verify_func == NULL) {
278 jio_snprintf(message, message_len, "Could not link verifier");
279 return vmSymbols::java_lang_VerifyError();
573 ClassVerifier::ClassVerifier(
574 InstanceKlass* klass, TRAPS)
575 : _thread(THREAD), _exception_type(NULL), _message(NULL), _klass(klass) {
576 _this_type = VerificationType::reference_type(klass->name());
577 // Create list to hold symbols in reference area.
578 _symbols = new GrowableArray<Symbol*>(100, 0, NULL);
579 }
580
581 ClassVerifier::~ClassVerifier() {
582 // Decrement the reference count for any symbols created.
583 for (int i = 0; i < _symbols->length(); i++) {
584 Symbol* s = _symbols->at(i);
585 s->decrement_refcount();
586 }
587 }
588
589 VerificationType ClassVerifier::object_type() const {
590 return VerificationType::reference_type(vmSymbols::java_lang_Object());
591 }
592
593 VerificationType ClassVerifier::__value_type() const {
594 return VerificationType::valuetype_type(vmSymbols::java_lang____Value());
595 }
596
597 TypeOrigin ClassVerifier::ref_ctx(const char* sig, TRAPS) {
598 VerificationType vt = VerificationType::reference_type(
599 create_temporary_symbol(sig, (int)strlen(sig), THREAD));
600 return TypeOrigin::implicit(vt);
601 }
602
603 TypeOrigin ClassVerifier::valuetype_ctx(const char* sig, TRAPS) {
604 VerificationType vt = VerificationType::valuetype_type(
605 create_temporary_symbol(sig, (int)strlen(sig), THREAD));
606 return TypeOrigin::implicit(vt);
607 }
608
609 void ClassVerifier::verify_class(TRAPS) {
610 log_info(verification)("Verifying class %s with new format", _klass->external_name());
611
612 Array<Method*>* methods = _klass->methods();
613 int num_methods = methods->length();
614
615 for (int index = 0; index < num_methods; index++) {
616 // Check for recursive re-verification before each method.
617 if (was_recursively_verified()) return;
618
619 Method* m = methods->at(index);
620 if (m->is_native() || m->is_abstract() || m->is_overpass()) {
621 // If m is native or abstract, skip it. It is checked in class file
622 // parser that methods do not override a final method. Overpass methods
623 // are trusted since the VM generates them.
624 continue;
625 }
626 verify_method(methodHandle(THREAD, m), CHECK_VERIFY(this));
627 }
628
633 }
634 }
635
636 void ClassVerifier::verify_method(const methodHandle& m, TRAPS) {
637 HandleMark hm(THREAD);
638 _method = m; // initialize _method
639 log_info(verification)("Verifying method %s", m->name_and_sig_as_C_string());
640
641 // For clang, the only good constant format string is a literal constant format string.
642 #define bad_type_msg "Bad type on operand stack in %s"
643
644 int32_t max_stack = m->verifier_max_stack();
645 int32_t max_locals = m->max_locals();
646 constantPoolHandle cp(THREAD, m->constants());
647
648 if (!SignatureVerifier::is_valid_method_signature(m->signature())) {
649 class_format_error("Invalid method signature");
650 return;
651 }
652
653 // Verify value type bytecodes if enabled and class file version supports them.
654 // Commented check out for now until class file version 54.1 is generated.
655 bool vbytecodes_allowed = (EnableMVT || EnableValhalla);
656 //_klass->major_version() >= Verifier::VALUETYPE_MAJOR_VERSION &&
657 //_klass->minor_version() >= Verifier::VALUETYPE_MINOR_VERSION);
658
659 // Initial stack map frame: offset is 0, stack is initially empty.
660 StackMapFrame current_frame(max_locals, max_stack, this);
661 // Set initial locals
662 VerificationType return_type = current_frame.set_locals_from_arg(
663 m, current_type(), CHECK_VERIFY(this));
664
665 int32_t stackmap_index = 0; // index to the stackmap array
666
667 u4 code_length = m->code_size();
668
669 // Scan the bytecode and map each instruction's start offset to a number.
670 char* code_data = generate_code_data(m, code_length, CHECK_VERIFY(this));
671
672 int ex_min = code_length;
673 int ex_max = -1;
674 // Look through each item on the exception table. Each of the fields must refer
675 // to a legal instruction.
676 if (was_recursively_verified()) return;
677 verify_exception_handler_table(
678 code_length, code_data, ex_min, ex_max, CHECK_VERIFY(this));
846 case Bytecodes::_fload :
847 verify_fload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
848 no_control_flow = false; break;
849 case Bytecodes::_fload_0 :
850 case Bytecodes::_fload_1 :
851 case Bytecodes::_fload_2 :
852 case Bytecodes::_fload_3 :
853 index = opcode - Bytecodes::_fload_0;
854 verify_fload(index, ¤t_frame, CHECK_VERIFY(this));
855 no_control_flow = false; break;
856 case Bytecodes::_dload :
857 verify_dload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
858 no_control_flow = false; break;
859 case Bytecodes::_dload_0 :
860 case Bytecodes::_dload_1 :
861 case Bytecodes::_dload_2 :
862 case Bytecodes::_dload_3 :
863 index = opcode - Bytecodes::_dload_0;
864 verify_dload(index, ¤t_frame, CHECK_VERIFY(this));
865 no_control_flow = false; break;
866 case Bytecodes::_vload :
867 if (!vbytecodes_allowed) {
868 class_format_error(
869 "vload not supported by this class file version (%d.%d), class %s",
870 _klass->major_version(), _klass->minor_version(), _klass->external_name());
871 return;
872 }
873 verify_vload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
874 no_control_flow = false; break;
875 case Bytecodes::_aload :
876 verify_aload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
877 no_control_flow = false; break;
878 case Bytecodes::_aload_0 :
879 case Bytecodes::_aload_1 :
880 case Bytecodes::_aload_2 :
881 case Bytecodes::_aload_3 :
882 index = opcode - Bytecodes::_aload_0;
883 verify_aload(index, ¤t_frame, CHECK_VERIFY(this));
884 no_control_flow = false; break;
885 case Bytecodes::_iaload :
886 type = current_frame.pop_stack(
887 VerificationType::integer_type(), CHECK_VERIFY(this));
888 atype = current_frame.pop_stack(
889 VerificationType::reference_check(), CHECK_VERIFY(this));
890 if (!atype.is_int_array()) {
891 verify_error(ErrorContext::bad_type(bci,
892 current_frame.stack_top_ctx(), ref_ctx("[I", THREAD)),
893 bad_type_msg, "iaload");
894 return;
987 VerificationType::integer_type(), CHECK_VERIFY(this));
988 atype = current_frame.pop_stack(
989 VerificationType::reference_check(), CHECK_VERIFY(this));
990 if (!atype.is_reference_array()) {
991 verify_error(ErrorContext::bad_type(bci,
992 current_frame.stack_top_ctx(),
993 TypeOrigin::implicit(VerificationType::reference_check())),
994 bad_type_msg, "aaload");
995 return;
996 }
997 if (atype.is_null()) {
998 current_frame.push_stack(
999 VerificationType::null_type(), CHECK_VERIFY(this));
1000 } else {
1001 VerificationType component =
1002 atype.get_component(this, CHECK_VERIFY(this));
1003 current_frame.push_stack(component, CHECK_VERIFY(this));
1004 }
1005 no_control_flow = false; break;
1006 }
1007 case Bytecodes::_vaload : {
1008 if (!vbytecodes_allowed) {
1009 class_format_error(
1010 "vaload not supported by this class file version (%d.%d), class %s",
1011 _klass->major_version(), _klass->minor_version(), _klass->external_name());
1012 return;
1013 }
1014 type = current_frame.pop_stack(
1015 VerificationType::integer_type(), CHECK_VERIFY(this));
1016 atype = current_frame.pop_stack(
1017 VerificationType::reference_check(), CHECK_VERIFY(this));
1018 // The null check is strictly not be necessary, left in for future proofing.
1019 // Will be reconsidered if type indexes are removed.
1020 if (atype.is_null() || !atype.is_value_array()) {
1021 verify_error(ErrorContext::bad_type(bci,
1022 current_frame.stack_top_ctx(),
1023 TypeOrigin::implicit(VerificationType::reference_check())),
1024 bad_type_msg, "vaload");
1025 return;
1026 }
1027 VerificationType component = atype.get_component(this, CHECK_VERIFY(this));
1028 if (!component.is_valuetype()) {
1029 verify_error(ErrorContext::bad_type(bci,
1030 current_frame.stack_top_ctx(),
1031 TypeOrigin::implicit(VerificationType::valuetype_check())),
1032 bad_type_msg, "vaload");
1033 return;
1034 }
1035 current_frame.push_stack(component, CHECK_VERIFY(this));
1036 no_control_flow = false; break;
1037 }
1038 case Bytecodes::_istore :
1039 verify_istore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
1040 no_control_flow = false; break;
1041 case Bytecodes::_istore_0 :
1042 case Bytecodes::_istore_1 :
1043 case Bytecodes::_istore_2 :
1044 case Bytecodes::_istore_3 :
1045 index = opcode - Bytecodes::_istore_0;
1046 verify_istore(index, ¤t_frame, CHECK_VERIFY(this));
1047 no_control_flow = false; break;
1048 case Bytecodes::_lstore :
1049 verify_lstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
1050 no_control_flow = false; break;
1051 case Bytecodes::_lstore_0 :
1052 case Bytecodes::_lstore_1 :
1053 case Bytecodes::_lstore_2 :
1054 case Bytecodes::_lstore_3 :
1055 index = opcode - Bytecodes::_lstore_0;
1056 verify_lstore(index, ¤t_frame, CHECK_VERIFY(this));
1057 no_control_flow = false; break;
1058 case Bytecodes::_fstore :
1059 verify_fstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
1060 no_control_flow = false; break;
1061 case Bytecodes::_fstore_0 :
1062 case Bytecodes::_fstore_1 :
1063 case Bytecodes::_fstore_2 :
1064 case Bytecodes::_fstore_3 :
1065 index = opcode - Bytecodes::_fstore_0;
1066 verify_fstore(index, ¤t_frame, CHECK_VERIFY(this));
1067 no_control_flow = false; break;
1068 case Bytecodes::_dstore :
1069 verify_dstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
1070 no_control_flow = false; break;
1071 case Bytecodes::_dstore_0 :
1072 case Bytecodes::_dstore_1 :
1073 case Bytecodes::_dstore_2 :
1074 case Bytecodes::_dstore_3 :
1075 index = opcode - Bytecodes::_dstore_0;
1076 verify_dstore(index, ¤t_frame, CHECK_VERIFY(this));
1077 no_control_flow = false; break;
1078 case Bytecodes::_vstore :
1079 if (!vbytecodes_allowed) {
1080 class_format_error(
1081 "vstore not supported by this class file version (%d.%d), class %s",
1082 _klass->major_version(), _klass->minor_version(), _klass->external_name());
1083 return;
1084 }
1085 verify_vstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
1086 no_control_flow = false; break;
1087 case Bytecodes::_astore :
1088 verify_astore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
1089 no_control_flow = false; break;
1090 case Bytecodes::_astore_0 :
1091 case Bytecodes::_astore_1 :
1092 case Bytecodes::_astore_2 :
1093 case Bytecodes::_astore_3 :
1094 index = opcode - Bytecodes::_astore_0;
1095 verify_astore(index, ¤t_frame, CHECK_VERIFY(this));
1096 no_control_flow = false; break;
1097 case Bytecodes::_iastore :
1098 type = current_frame.pop_stack(
1099 VerificationType::integer_type(), CHECK_VERIFY(this));
1100 type2 = current_frame.pop_stack(
1101 VerificationType::integer_type(), CHECK_VERIFY(this));
1102 atype = current_frame.pop_stack(
1103 VerificationType::reference_check(), CHECK_VERIFY(this));
1104 if (!atype.is_int_array()) {
1105 verify_error(ErrorContext::bad_type(bci,
1106 current_frame.stack_top_ctx(), ref_ctx("[I", THREAD)),
1193 bad_type_msg, "dastore");
1194 return;
1195 }
1196 no_control_flow = false; break;
1197 case Bytecodes::_aastore :
1198 type = current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1199 type2 = current_frame.pop_stack(
1200 VerificationType::integer_type(), CHECK_VERIFY(this));
1201 atype = current_frame.pop_stack(
1202 VerificationType::reference_check(), CHECK_VERIFY(this));
1203 // more type-checking is done at runtime
1204 if (!atype.is_reference_array()) {
1205 verify_error(ErrorContext::bad_type(bci,
1206 current_frame.stack_top_ctx(),
1207 TypeOrigin::implicit(VerificationType::reference_check())),
1208 bad_type_msg, "aastore");
1209 return;
1210 }
1211 // 4938384: relaxed constraint in JVMS 3nd edition.
1212 no_control_flow = false; break;
1213 case Bytecodes::_vastore :
1214 if (!vbytecodes_allowed) {
1215 class_format_error(
1216 "vastore not supported by this class file version (%d.%d), class %s",
1217 _klass->major_version(), _klass->minor_version(), _klass->external_name());
1218 return;
1219 }
1220 type = current_frame.pop_stack(__value_type(), CHECK_VERIFY(this));
1221 type2 = current_frame.pop_stack(
1222 VerificationType::integer_type(), CHECK_VERIFY(this));
1223 atype = current_frame.pop_stack(
1224 VerificationType::reference_check(), CHECK_VERIFY(this));
1225 // The null check is strictly not be necessary, left in for future proofing.
1226 // Will be reconsidered if type indexes are removed.
1227 if (atype.is_null() || !atype.is_value_array()) {
1228 verify_error(ErrorContext::bad_type(bci,
1229 current_frame.stack_top_ctx(),
1230 TypeOrigin::implicit(VerificationType::reference_check())),
1231 bad_type_msg, "vastore");
1232 return;
1233 }
1234 no_control_flow = false; break;
1235 case Bytecodes::_pop :
1236 current_frame.pop_stack(
1237 VerificationType::category1_check(), CHECK_VERIFY(this));
1238 no_control_flow = false; break;
1239 case Bytecodes::_pop2 :
1240 type = current_frame.pop_stack(CHECK_VERIFY(this));
1241 if (type.is_category1()) {
1242 current_frame.pop_stack(
1243 VerificationType::category1_check(), CHECK_VERIFY(this));
1244 } else if (type.is_category2_2nd()) {
1245 current_frame.pop_stack(
1246 VerificationType::category2_check(), CHECK_VERIFY(this));
1247 } else {
1248 /* Unreachable? Would need a category2_1st on TOS
1249 * which does not appear possible. */
1250 verify_error(
1251 ErrorContext::bad_type(bci, current_frame.stack_top_ctx()),
1252 bad_type_msg, "pop2");
1253 return;
1254 }
1666 case Bytecodes::_freturn :
1667 type = current_frame.pop_stack(
1668 VerificationType::float_type(), CHECK_VERIFY(this));
1669 verify_return_value(return_type, type, bci,
1670 ¤t_frame, CHECK_VERIFY(this));
1671 no_control_flow = true; break;
1672 case Bytecodes::_dreturn :
1673 type2 = current_frame.pop_stack(
1674 VerificationType::double2_type(), CHECK_VERIFY(this));
1675 type = current_frame.pop_stack(
1676 VerificationType::double_type(), CHECK_VERIFY(this));
1677 verify_return_value(return_type, type, bci,
1678 ¤t_frame, CHECK_VERIFY(this));
1679 no_control_flow = true; break;
1680 case Bytecodes::_areturn :
1681 type = current_frame.pop_stack(
1682 VerificationType::reference_check(), CHECK_VERIFY(this));
1683 verify_return_value(return_type, type, bci,
1684 ¤t_frame, CHECK_VERIFY(this));
1685 no_control_flow = true; break;
1686 case Bytecodes::_vreturn :
1687 if (!vbytecodes_allowed) {
1688 class_format_error(
1689 "vreturn not supported by this class file version (%d.%d), class %s",
1690 _klass->major_version(), _klass->minor_version(), _klass->external_name());
1691 return;
1692 }
1693 type = current_frame.pop_stack(
1694 VerificationType::valuetype_check(), CHECK_VERIFY(this));
1695 verify_return_value(return_type, type, bci,
1696 ¤t_frame, CHECK_VERIFY(this));
1697 no_control_flow = true; break;
1698 case Bytecodes::_return :
1699 if (return_type != VerificationType::bogus_type()) {
1700 verify_error(ErrorContext::bad_code(bci),
1701 "Method expects a return value");
1702 return;
1703 }
1704 // Make sure "this" has been initialized if current method is an
1705 // <init>.
1706 if (_method->name() == vmSymbols::object_initializer_name() &&
1707 current_frame.flag_this_uninit()) {
1708 verify_error(ErrorContext::bad_code(bci),
1709 "Constructor must call super() or this() "
1710 "before return");
1711 return;
1712 }
1713 no_control_flow = true; break;
1714 case Bytecodes::_getstatic :
1715 case Bytecodes::_putstatic :
1716 // pass TRUE, operand can be an array type for getstatic/putstatic.
1717 verify_field_instructions(
1718 &bcs, ¤t_frame, cp, true, CHECK_VERIFY(this));
1719 no_control_flow = false; break;
1720 case Bytecodes::_getfield :
1721 case Bytecodes::_putfield :
1722 // pass FALSE, operand can't be an array type for getfield/putfield.
1723 verify_field_instructions(
1724 &bcs, ¤t_frame, cp, false, CHECK_VERIFY(this));
1725 no_control_flow = false; break;
1726 case Bytecodes::_vwithfield :
1727 if (!vbytecodes_allowed) {
1728 class_format_error(
1729 "vwithfield not supported by this class file version (%d.%d), class %s",
1730 _klass->major_version(), _klass->minor_version(), _klass->external_name());
1731 return;
1732 }
1733 verify_vwithfield(&bcs, ¤t_frame, cp, CHECK_VERIFY(this));
1734 no_control_flow = false; break;
1735 case Bytecodes::_invokevirtual :
1736 case Bytecodes::_invokespecial :
1737 case Bytecodes::_invokestatic :
1738 verify_invoke_instructions(
1739 &bcs, code_length, ¤t_frame, (bci >= ex_min && bci < ex_max),
1740 &this_uninit, return_type, cp, &stackmap_table, CHECK_VERIFY(this));
1741 no_control_flow = false; break;
1742 case Bytecodes::_invokeinterface :
1743 case Bytecodes::_invokedynamic :
1744 verify_invoke_instructions(
1745 &bcs, code_length, ¤t_frame, (bci >= ex_min && bci < ex_max),
1746 &this_uninit, return_type, cp, &stackmap_table, CHECK_VERIFY(this));
1747 no_control_flow = false; break;
1748 case Bytecodes::_new :
1749 {
1750 index = bcs.get_index_u2();
1751 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1752 VerificationType new_class_type =
1753 cp_index_to_reference_type(index, cp, CHECK_VERIFY(this));
1754 if (!new_class_type.is_object()) {
1755 verify_error(ErrorContext::bad_type(bci,
1756 TypeOrigin::cp(index, new_class_type)),
1757 "Illegal new instruction");
1758 return;
1759 }
1760 type = VerificationType::uninitialized_type(bci);
1761 current_frame.push_stack(type, CHECK_VERIFY(this));
1762 no_control_flow = false; break;
1763 }
1764 case Bytecodes::_vdefault :
1765 {
1766 if (!vbytecodes_allowed) {
1767 class_format_error(
1768 "vdefault not supported by this class file version (%d.%d), class %s",
1769 _klass->major_version(), _klass->minor_version(), _klass->external_name());
1770 return;
1771 }
1772 index = bcs.get_index_u2();
1773 verify_cp_value_type(bci, index, cp, CHECK_VERIFY(this));
1774 VerificationType new_value_type =
1775 cp_index_to_valuetype(index, cp, CHECK_VERIFY(this));
1776 if (!new_value_type.is_valuetype()) {
1777 verify_error(ErrorContext::bad_type(bci,
1778 TypeOrigin::cp(index, new_value_type)),
1779 "Illegal vdefault instruction");
1780 return;
1781 }
1782 current_frame.push_stack(new_value_type, CHECK_VERIFY(this));
1783 no_control_flow = false; break;
1784 }
1785 case Bytecodes::_newarray :
1786 type = get_newarray_type(bcs.get_index(), bci, CHECK_VERIFY(this));
1787 current_frame.pop_stack(
1788 VerificationType::integer_type(), CHECK_VERIFY(this));
1789 current_frame.push_stack(type, CHECK_VERIFY(this));
1790 no_control_flow = false; break;
1791 case Bytecodes::_anewarray :
1792 verify_anewarray(
1793 bci, bcs.get_index_u2(), cp, ¤t_frame, CHECK_VERIFY(this));
1794 no_control_flow = false; break;
1795 case Bytecodes::_arraylength :
1796 type = current_frame.pop_stack(
1797 VerificationType::reference_check(), CHECK_VERIFY(this));
1798 if (!(type.is_null() || type.is_array())) {
1799 verify_error(ErrorContext::bad_type(
1800 bci, current_frame.stack_top_ctx()),
1801 bad_type_msg, "arraylength");
1802 }
1803 current_frame.push_stack(
1804 VerificationType::integer_type(), CHECK_VERIFY(this));
1805 no_control_flow = false; break;
1806 case Bytecodes::_checkcast :
1807 {
1808 index = bcs.get_index_u2();
1809 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1810 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1811 VerificationType klass_type = cp_index_to_reference_type(
1812 index, cp, CHECK_VERIFY(this));
1813 current_frame.push_stack(klass_type, CHECK_VERIFY(this));
1814 no_control_flow = false; break;
1815 }
1816 case Bytecodes::_instanceof : {
1817 index = bcs.get_index_u2();
1818 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1819 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1820 current_frame.push_stack(
1821 VerificationType::integer_type(), CHECK_VERIFY(this));
1822 no_control_flow = false; break;
1823 }
1824 case Bytecodes::_vbox : {
1825 if (!EnableMVT || !vbytecodes_allowed) {
1826 class_format_error(
1827 "vbox not supported by this class file version (%d.%d), class %s",
1828 _klass->major_version(), _klass->minor_version(), _klass->external_name());
1829 return;
1830 }
1831 index = bcs.get_index_u2();
1832 verify_cp_class_type(bci, index, cp, CHECK_VERIFY(this));
1833 current_frame.pop_stack(VerificationType::valuetype_check(), CHECK_VERIFY(this));
1834 VerificationType klass_type = cp_index_to_reference_type(
1835 index, cp, CHECK_VERIFY(this));
1836 current_frame.push_stack(klass_type, CHECK_VERIFY(this));
1837 no_control_flow = false; break;
1838 }
1839 case Bytecodes::_vunbox : {
1840 if (!EnableMVT || !vbytecodes_allowed) {
1841 class_format_error(
1842 "vunbox not supported by this class file version (%d.%d), class %s",
1843 _klass->major_version(), _klass->minor_version(), _klass->external_name());
1844 return;
1845 }
1846 index = bcs.get_index_u2();
1847 verify_cp_value_type(bci, index, cp, CHECK_VERIFY(this));
1848 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1849 VerificationType value_type = cp_index_to_valuetype(
1850 index, cp, CHECK_VERIFY(this));
1851 current_frame.push_stack(value_type, CHECK_VERIFY(this));
1852 no_control_flow = false; break;
1853 }
1854 case Bytecodes::_monitorenter :
1855 case Bytecodes::_monitorexit :
1856 current_frame.pop_stack(
1857 VerificationType::reference_check(), CHECK_VERIFY(this));
1858 no_control_flow = false; break;
1859 case Bytecodes::_multianewarray :
1860 {
1861 index = bcs.get_index_u2();
1862 u2 dim = *(bcs.bcp()+3);
1863 verify_cp_class_or_value_type(bci, index, cp, CHECK_VERIFY(this));
1864 VerificationType new_array_type =
1865 cp_index_to_reference_type(index, cp, CHECK_VERIFY(this));
1866 if (!new_array_type.is_array()) {
1867 verify_error(ErrorContext::bad_type(bci,
1868 TypeOrigin::cp(index, new_array_type)),
1869 "Illegal constant pool index in multianewarray instruction");
1870 return;
1871 }
1872 if (dim < 1 || new_array_type.dimensions() < dim) {
1873 verify_error(ErrorContext::bad_code(bci),
1874 "Illegal dimension in multianewarray instruction: %d", dim);
1875 return;
1876 }
1877 for (int i = 0; i < dim; i++) {
1878 current_frame.pop_stack(
1879 VerificationType::integer_type(), CHECK_VERIFY(this));
1880 }
1881 current_frame.push_stack(new_array_type, CHECK_VERIFY(this));
1882 no_control_flow = false; break;
1883 }
1884 case Bytecodes::_athrow :
1885 type = VerificationType::reference_type(
1952 for(int i = 0; i < exlength; i++) {
1953 u2 start_pc = exhandlers.start_pc(i);
1954 u2 end_pc = exhandlers.end_pc(i);
1955 u2 handler_pc = exhandlers.handler_pc(i);
1956 if (start_pc >= code_length || code_data[start_pc] == 0) {
1957 class_format_error("Illegal exception table start_pc %d", start_pc);
1958 return;
1959 }
1960 if (end_pc != code_length) { // special case: end_pc == code_length
1961 if (end_pc > code_length || code_data[end_pc] == 0) {
1962 class_format_error("Illegal exception table end_pc %d", end_pc);
1963 return;
1964 }
1965 }
1966 if (handler_pc >= code_length || code_data[handler_pc] == 0) {
1967 class_format_error("Illegal exception table handler_pc %d", handler_pc);
1968 return;
1969 }
1970 int catch_type_index = exhandlers.catch_type_index(i);
1971 if (catch_type_index != 0) {
1972 VerificationType catch_type = cp_index_to_reference_type(
1973 catch_type_index, cp, CHECK_VERIFY(this));
1974 VerificationType throwable =
1975 VerificationType::reference_type(vmSymbols::java_lang_Throwable());
1976 bool is_subclass = throwable.is_assignable_from(
1977 catch_type, this, false, CHECK_VERIFY(this));
1978 if (!is_subclass) {
1979 // 4286534: should throw VerifyError according to recent spec change
1980 verify_error(ErrorContext::bad_type(handler_pc,
1981 TypeOrigin::cp(catch_type_index, catch_type),
1982 TypeOrigin::implicit(throwable)),
1983 "Catch type is not a subclass "
1984 "of Throwable in exception handler %d", handler_pc);
1985 return;
1986 }
1987 }
1988 if (start_pc < min) min = start_pc;
1989 if (end_pc > max) max = end_pc;
1990 }
1991 }
1992
2055 // before calling this method to make sure a prior class load did not cause the
2056 // current class to get verified.
2057 void ClassVerifier::verify_exception_handler_targets(u2 bci, bool this_uninit,
2058 StackMapFrame* current_frame,
2059 StackMapTable* stackmap_table, TRAPS) {
2060 constantPoolHandle cp (THREAD, _method->constants());
2061 ExceptionTable exhandlers(_method());
2062 int exlength = exhandlers.length();
2063 for(int i = 0; i < exlength; i++) {
2064 u2 start_pc = exhandlers.start_pc(i);
2065 u2 end_pc = exhandlers.end_pc(i);
2066 u2 handler_pc = exhandlers.handler_pc(i);
2067 int catch_type_index = exhandlers.catch_type_index(i);
2068 if(bci >= start_pc && bci < end_pc) {
2069 u1 flags = current_frame->flags();
2070 if (this_uninit) { flags |= FLAG_THIS_UNINIT; }
2071 StackMapFrame* new_frame = current_frame->frame_in_exception_handler(flags);
2072 if (catch_type_index != 0) {
2073 if (was_recursively_verified()) return;
2074 // We know that this index refers to a subclass of Throwable
2075 VerificationType catch_type = cp_index_to_reference_type(
2076 catch_type_index, cp, CHECK_VERIFY(this));
2077 new_frame->push_stack(catch_type, CHECK_VERIFY(this));
2078 } else {
2079 VerificationType throwable =
2080 VerificationType::reference_type(vmSymbols::java_lang_Throwable());
2081 new_frame->push_stack(throwable, CHECK_VERIFY(this));
2082 }
2083 ErrorContext ctx;
2084 bool matches = stackmap_table->match_stackmap(
2085 new_frame, handler_pc, true, false, &ctx, CHECK_VERIFY(this));
2086 if (!matches) {
2087 verify_error(ctx, "Stack map does not match the one at "
2088 "exception handler %d", handler_pc);
2089 return;
2090 }
2091 }
2092 }
2093 }
2094
2095 void ClassVerifier::verify_cp_index(
2097 int nconstants = cp->length();
2098 if ((index <= 0) || (index >= nconstants)) {
2099 verify_error(ErrorContext::bad_cp_index(bci, index),
2100 "Illegal constant pool index %d in class %s",
2101 index, cp->pool_holder()->external_name());
2102 return;
2103 }
2104 }
2105
2106 void ClassVerifier::verify_cp_type(
2107 u2 bci, int index, const constantPoolHandle& cp, unsigned int types, TRAPS) {
2108
2109 // In some situations, bytecode rewriting may occur while we're verifying.
2110 // In this case, a constant pool cache exists and some indices refer to that
2111 // instead. Be sure we don't pick up such indices by accident.
2112 // We must check was_recursively_verified() before we get here.
2113 guarantee(cp->cache() == NULL, "not rewritten yet");
2114
2115 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2116 unsigned int tag = cp->tag_at(index).value();
2117
2118 if (tag == JVM_CONSTANT_Value) {
2119 tag = SAFE_JVM_CONSTANT_Value; //avoid overflow
2120 }
2121
2122 if ((types & (1 << tag)) == 0) {
2123 verify_error(ErrorContext::bad_cp_index(bci, index),
2124 "Illegal type at constant pool entry %d in class %s",
2125 index, cp->pool_holder()->external_name());
2126 return;
2127 }
2128 }
2129
2130 void ClassVerifier::verify_cp_class_type(
2131 u2 bci, int index, const constantPoolHandle& cp, TRAPS) {
2132 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2133 constantTag tag = cp->tag_at(index);
2134 if (!tag.is_klass() && !tag.is_unresolved_klass()) {
2135 verify_error(ErrorContext::bad_cp_index(bci, index),
2136 "Illegal type at constant pool entry %d in class %s",
2137 index, cp->pool_holder()->external_name());
2138 return;
2139 }
2140 }
2141
2142 void ClassVerifier::verify_cp_value_type(
2143 u2 bci, int index, const constantPoolHandle& cp, TRAPS) {
2144 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2145 constantTag tag = cp->tag_at(index);
2146 if (!tag.is_value_type() && !tag.is_unresolved_value_type()) {
2147 verify_error(ErrorContext::bad_cp_index(bci, index),
2148 "Illegal type at constant pool entry %d in class %s",
2149 index, cp->pool_holder()->external_name());
2150 return;
2151 }
2152 }
2153
2154 // Used for MVT value type overloaded bytecodes (anewarray, getfield, multianewarray)
2155 void ClassVerifier::verify_cp_class_or_value_type(
2156 u2 bci, int index, const constantPoolHandle& cp, TRAPS) {
2157 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2158 constantTag tag = cp->tag_at(index);
2159 if (!tag.is_klass() && !tag.is_unresolved_klass() &&
2160 !tag.is_value_type() && !tag.is_unresolved_value_type()) {
2161 verify_error(ErrorContext::bad_cp_index(bci, index),
2162 "Illegal type at constant pool entry %d in class %s",
2163 index, cp->pool_holder()->external_name());
2164 return;
2165 }
2166 }
2167
2168 void ClassVerifier::verify_error(ErrorContext ctx, const char* msg, ...) {
2169 stringStream ss;
2170
2171 ctx.reset_frames();
2172 _exception_type = vmSymbols::java_lang_VerifyError();
2173 _error_context = ctx;
2174 va_list va;
2175 va_start(va, msg);
2176 ss.vprint(msg, va);
2177 va_end(va);
2178 _message = ss.as_string();
2179 #ifdef ASSERT
2180 ResourceMark rm;
2181 const char* exception_name = _exception_type->as_C_string();
2182 Exceptions::debug_check_abort(exception_name, NULL);
2183 #endif // ndef ASSERT
2184 }
2185
2186 void ClassVerifier::class_format_error(const char* msg, ...) {
2187 stringStream ss;
2235 }
2236 }
2237 } else {
2238 Klass* member_klass = target_instance->find_field(field_name, field_sig, &fd);
2239 if (member_klass != NULL && fd.is_protected()) {
2240 if (!this_class->is_same_class_package(member_klass)) {
2241 return true;
2242 }
2243 }
2244 }
2245 return false;
2246 }
2247
2248 void ClassVerifier::verify_ldc(
2249 int opcode, u2 index, StackMapFrame* current_frame,
2250 const constantPoolHandle& cp, u2 bci, TRAPS) {
2251 verify_cp_index(bci, cp, index, CHECK_VERIFY(this));
2252 constantTag tag = cp->tag_at(index);
2253 unsigned int types;
2254 if (opcode == Bytecodes::_ldc || opcode == Bytecodes::_ldc_w) {
2255 if (!tag.is_unresolved_klass() && !tag.is_unresolved_value_type()) {
2256 types = (1 << JVM_CONSTANT_Integer) | (1 << JVM_CONSTANT_Float)
2257 | (1 << JVM_CONSTANT_String) | (1 << JVM_CONSTANT_Class)
2258 | (1 << SAFE_JVM_CONSTANT_Value)
2259 | (1 << JVM_CONSTANT_MethodHandle) | (1 << JVM_CONSTANT_MethodType);
2260 // Note: The class file parser already verified the legality of
2261 // MethodHandle and MethodType constants.
2262 // Note: SAFE_JVM_CONSTANT_Value is used instead of JVM_CONSTANT_Value
2263 // since JVM_CONSTANT_Value is an internally defined CP tag that is
2264 // defined with a large value. When shifting left JVM_CONSTANT_Value
2265 // would overrun the width of types.
2266 verify_cp_type(bci, index, cp, types, CHECK_VERIFY(this));
2267 }
2268 } else {
2269 assert(opcode == Bytecodes::_ldc2_w, "must be ldc2_w");
2270 types = (1 << JVM_CONSTANT_Double) | (1 << JVM_CONSTANT_Long);
2271 verify_cp_type(bci, index, cp, types, CHECK_VERIFY(this));
2272 }
2273 if (tag.is_string() && cp->is_pseudo_string_at(index)) {
2274 current_frame->push_stack(object_type(), CHECK_VERIFY(this));
2275 } else if (tag.is_string()) {
2276 current_frame->push_stack(
2277 VerificationType::reference_type(
2278 vmSymbols::java_lang_String()), CHECK_VERIFY(this));
2279 } else if (tag.is_klass() || tag.is_unresolved_klass() ||
2280 tag.is_value_type() || tag.is_unresolved_value_type()) {
2281 current_frame->push_stack(
2282 VerificationType::reference_type(
2283 vmSymbols::java_lang_Class()), CHECK_VERIFY(this));
2284 } else if (tag.is_int()) {
2285 current_frame->push_stack(
2286 VerificationType::integer_type(), CHECK_VERIFY(this));
2287 } else if (tag.is_float()) {
2288 current_frame->push_stack(
2289 VerificationType::float_type(), CHECK_VERIFY(this));
2290 } else if (tag.is_double()) {
2291 current_frame->push_stack_2(
2292 VerificationType::double_type(),
2293 VerificationType::double2_type(), CHECK_VERIFY(this));
2294 } else if (tag.is_long()) {
2295 current_frame->push_stack_2(
2296 VerificationType::long_type(),
2297 VerificationType::long2_type(), CHECK_VERIFY(this));
2298 } else if (tag.is_method_handle()) {
2299 current_frame->push_stack(
2300 VerificationType::reference_type(
2396 void ClassVerifier::verify_field_instructions(RawBytecodeStream* bcs,
2397 StackMapFrame* current_frame,
2398 const constantPoolHandle& cp,
2399 bool allow_arrays,
2400 TRAPS) {
2401 u2 index = bcs->get_index_u2();
2402 verify_cp_type(bcs->bci(), index, cp,
2403 1 << JVM_CONSTANT_Fieldref, CHECK_VERIFY(this));
2404
2405 // Get field name and signature
2406 Symbol* field_name = cp->name_ref_at(index);
2407 Symbol* field_sig = cp->signature_ref_at(index);
2408
2409 if (!SignatureVerifier::is_valid_type_signature(field_sig)) {
2410 class_format_error(
2411 "Invalid signature for field in class %s referenced "
2412 "from constant pool index %d", _klass->external_name(), index);
2413 return;
2414 }
2415
2416 // Get referenced class or value type
2417 constantTag field_class_tag = cp->tag_at(cp->klass_ref_index_at(index));
2418 VerificationType ref_class_type;
2419
2420 // getfield is overloaded to allow for either a reference or value type
2421 if (bcs->raw_code() == Bytecodes::_getfield &&
2422 (EnableMVT || EnableValhalla) &&
2423 (field_class_tag.is_value_type() || field_class_tag.is_unresolved_value_type())) {
2424 ref_class_type = cp_value_index_to_type(index, cp, CHECK_VERIFY(this));
2425 if (!ref_class_type.is_valuetype()) {
2426 verify_error(ErrorContext::bad_type(bcs->bci(),
2427 TypeOrigin::cp(index, ref_class_type)),
2428 "Expecting reference to value type in class %s at constant pool index %d",
2429 _klass->external_name(), index);
2430 return;
2431 }
2432 } else {
2433 ref_class_type = cp_ref_index_to_type(index, cp, CHECK_VERIFY(this));
2434 if (!ref_class_type.is_object() &&
2435 (!allow_arrays || !ref_class_type.is_array())) {
2436 verify_error(ErrorContext::bad_type(bcs->bci(),
2437 TypeOrigin::cp(index, ref_class_type)),
2438 "Expecting reference to class in class %s at constant pool index %d",
2439 _klass->external_name(), index);
2440 return;
2441 }
2442 }
2443
2444 VerificationType target_class_type = ref_class_type;
2445
2446 assert(sizeof(VerificationType) == sizeof(uintptr_t),
2447 "buffer type must match VerificationType size");
2448 uintptr_t field_type_buffer[2];
2449 VerificationType* field_type = (VerificationType*)field_type_buffer;
2450 // If we make a VerificationType[2] array directly, the compiler calls
2451 // to the c-runtime library to do the allocation instead of just
2452 // stack allocating it. Plus it would run constructors. This shows up
2453 // in performance profiles.
2454
2455 SignatureStream sig_stream(field_sig, false);
2456 VerificationType stack_object_type;
2457 int n = change_sig_to_verificationType(
2458 &sig_stream, field_type, CHECK_VERIFY(this));
2459 u2 bci = bcs->bci();
2460 bool is_assignable;
2461 switch (bcs->raw_code()) {
2462 case Bytecodes::_getstatic: {
2463 for (int i = 0; i < n; i++) {
2520 if (is_protected_access(current_class(), ref_class_oop, field_name,
2521 field_sig, false)) {
2522 // It's protected access, check if stack object is assignable to
2523 // current class.
2524 is_assignable = current_type().is_assignable_from(
2525 stack_object_type, this, true, CHECK_VERIFY(this));
2526 if (!is_assignable) {
2527 verify_error(ErrorContext::bad_type(bci,
2528 current_frame->stack_top_ctx(),
2529 TypeOrigin::implicit(current_type())),
2530 "Bad access to protected data in getfield");
2531 return;
2532 }
2533 }
2534 break;
2535 }
2536 default: ShouldNotReachHere();
2537 }
2538 }
2539
2540 void ClassVerifier::verify_vwithfield(RawBytecodeStream* bcs,
2541 StackMapFrame* current_frame,
2542 const constantPoolHandle& cp,
2543 TRAPS) {
2544 u2 index = bcs->get_index_u2();
2545 verify_cp_type(bcs->bci(), index, cp,
2546 1 << JVM_CONSTANT_Fieldref, CHECK_VERIFY(this));
2547
2548 // Get field name and signature
2549 Symbol* field_name = cp->name_ref_at(index);
2550 Symbol* field_sig = cp->signature_ref_at(index);
2551
2552 if (!SignatureVerifier::is_valid_type_signature(field_sig)) {
2553 class_format_error(
2554 "Invalid signature for field in value type %s referenced "
2555 "from constant pool index %d", _klass->external_name(), index);
2556 return;
2557 }
2558
2559 // Check referenced value type
2560 VerificationType ref_value_type = cp_value_index_to_type(
2561 index, cp, CHECK_VERIFY(this));
2562 if (!ref_value_type.is_valuetype()) {
2563 verify_error(ErrorContext::bad_type(bcs->bci(),
2564 TypeOrigin::cp(index, ref_value_type)),
2565 "Expecting reference to value type in class %s at constant pool index %d",
2566 _klass->external_name(), index);
2567 return;
2568 }
2569 VerificationType target_value_type = ref_value_type;
2570
2571 assert(sizeof(VerificationType) == sizeof(uintptr_t),
2572 "buffer type must match VerificationType size");
2573 uintptr_t field_type_buffer[2];
2574 VerificationType* field_type = (VerificationType*)field_type_buffer;
2575 // If we make a VerificationType[2] array directly, the compiler calls
2576 // to the c-runtime library to do the allocation instead of just
2577 // stack allocating it. Plus it would run constructors. This shows up
2578 // in performance profiles.
2579
2580 SignatureStream sig_stream(field_sig, false);
2581 int n = change_sig_to_verificationType(
2582 &sig_stream, field_type, CHECK_VERIFY(this));
2583 u2 bci = bcs->bci();
2584
2585 // The type of value2 must be compatible with the descriptor of the referenced field.
2586 // n could be 2 if it is a double or long.
2587 for (int i = n - 1; i >= 0; i--) {
2588 current_frame->pop_stack(field_type[i], CHECK_VERIFY(this));
2589 }
2590
2591 // The type of value1 must be the direct value class type appearing in the field reference.
2592 VerificationType stack_object_type = current_frame->pop_stack(CHECK_VERIFY(this));
2593
2594 bool is_assignable = target_value_type.is_assignable_from(
2595 stack_object_type, this, false, CHECK_VERIFY(this));
2596 if (!is_assignable) {
2597 verify_error(ErrorContext::bad_type(bci,
2598 current_frame->stack_top_ctx(),
2599 TypeOrigin::cp(index, target_value_type)),
2600 "Bad type on operand stack in vwithfield");
2601 return;
2602 }
2603
2604 // The derived value class instance from another, modifying a field
2605 current_frame->push_stack(stack_object_type, CHECK_VERIFY(this));
2606 }
2607
2608 // Look at the method's handlers. If the bci is in the handler's try block
2609 // then check if the handler_pc is already on the stack. If not, push it
2610 // unless the handler has already been scanned.
2611 void ClassVerifier::push_handlers(ExceptionTable* exhandlers,
2612 GrowableArray<u4>* handler_list,
2613 GrowableArray<u4>* handler_stack,
2614 u4 bci) {
2615 int exlength = exhandlers->length();
2616 for(int x = 0; x < exlength; x++) {
2617 if (bci >= exhandlers->start_pc(x) && bci < exhandlers->end_pc(x)) {
2618 u4 exhandler_pc = exhandlers->handler_pc(x);
2619 if (!handler_list->contains(exhandler_pc)) {
2620 handler_stack->append_if_missing(exhandler_pc);
2621 handler_list->append(exhandler_pc);
2622 }
2623 }
2624 }
2625 }
2626
2627 // Return TRUE if all code paths starting with start_bc_offset end in
2857 stackmap_table, CHECK_VERIFY(this));
2858 } // in_try_block
2859
2860 current_frame->initialize_object(type, current_type());
2861 *this_uninit = true;
2862 } else if (type.is_uninitialized()) {
2863 u2 new_offset = type.bci();
2864 address new_bcp = bcs->bcp() - bci + new_offset;
2865 if (new_offset > (code_length - 3) || (*new_bcp) != Bytecodes::_new) {
2866 /* Unreachable? Stack map parsing ensures valid type and new
2867 * instructions have a valid BCI. */
2868 verify_error(ErrorContext::bad_code(new_offset),
2869 "Expecting new instruction");
2870 return;
2871 }
2872 u2 new_class_index = Bytes::get_Java_u2(new_bcp + 1);
2873 if (was_recursively_verified()) return;
2874 verify_cp_class_type(bci, new_class_index, cp, CHECK_VERIFY(this));
2875
2876 // The method must be an <init> method of the indicated class
2877 VerificationType new_class_type = cp_index_to_reference_type(
2878 new_class_index, cp, CHECK_VERIFY(this));
2879 if (!new_class_type.equals(ref_class_type)) {
2880 verify_error(ErrorContext::bad_type(bci,
2881 TypeOrigin::cp(new_class_index, new_class_type),
2882 TypeOrigin::cp(ref_class_index, ref_class_type)),
2883 "Call to wrong <init> method");
2884 return;
2885 }
2886 // According to the VM spec, if the referent class is a superclass of the
2887 // current class, and is in a different runtime package, and the method is
2888 // protected, then the objectref must be the current class or a subclass
2889 // of the current class.
2890 VerificationType objectref_type = new_class_type;
2891 if (name_in_supers(ref_class_type.name(), current_class())) {
2892 Klass* ref_klass = load_class(ref_class_type.name(), CHECK);
2893 if (was_recursively_verified()) return;
2894 Method* m = InstanceKlass::cast(ref_klass)->uncached_lookup_method(
2895 vmSymbols::object_initializer_name(),
2896 cp->signature_ref_at(bcs->get_index_u2()),
2897 Klass::find_overpass);
2965 types = (_klass->major_version() < STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION) ?
2966 (1 << JVM_CONSTANT_Methodref) :
2967 ((1 << JVM_CONSTANT_InterfaceMethodref) | (1 << JVM_CONSTANT_Methodref));
2968 break;
2969 default:
2970 types = 1 << JVM_CONSTANT_Methodref;
2971 }
2972 verify_cp_type(bcs->bci(), index, cp, types, CHECK_VERIFY(this));
2973
2974 // Get method name and signature
2975 Symbol* method_name = cp->name_ref_at(index);
2976 Symbol* method_sig = cp->signature_ref_at(index);
2977
2978 if (!SignatureVerifier::is_valid_method_signature(method_sig)) {
2979 class_format_error(
2980 "Invalid method signature in class %s referenced "
2981 "from constant pool index %d", _klass->external_name(), index);
2982 return;
2983 }
2984
2985 // Get referenced class or value type
2986 VerificationType ref_class_type;
2987 if (opcode == Bytecodes::_invokedynamic) {
2988 if (_klass->major_version() < Verifier::INVOKEDYNAMIC_MAJOR_VERSION) {
2989 class_format_error(
2990 "invokedynamic instructions not supported by this class file version (%d), class %s",
2991 _klass->major_version(), _klass->external_name());
2992 return;
2993 }
2994 } else {
2995 constantTag method_class_tag = cp->tag_at(cp->klass_ref_index_at(index));
2996 if (EnableValhalla &&
2997 opcode == Bytecodes::_invokevirtual &&
2998 (method_class_tag.is_value_type() || method_class_tag.is_unresolved_value_type())) {
2999 ref_class_type = cp_value_index_to_type(index, cp, CHECK_VERIFY(this));
3000 } else {
3001 ref_class_type = cp_ref_index_to_type(index, cp, CHECK_VERIFY(this));
3002 }
3003 }
3004
3005 // For a small signature length, we just allocate 128 bytes instead
3006 // of parsing the signature once to find its size.
3007 // -3 is for '(', ')' and return descriptor; multiply by 2 is for
3008 // longs/doubles to be consertive.
3009 assert(sizeof(VerificationType) == sizeof(uintptr_t),
3010 "buffer type must match VerificationType size");
3011 uintptr_t on_stack_sig_types_buffer[128];
3012 // If we make a VerificationType[128] array directly, the compiler calls
3013 // to the c-runtime library to do the allocation instead of just
3014 // stack allocating it. Plus it would run constructors. This shows up
3015 // in performance profiles.
3016
3017 VerificationType* sig_types;
3018 int size = (method_sig->utf8_length() - 3) * 2;
3019 if (size > 128) {
3020 // Long and double occupies two slots here.
3021 ArgumentSizeComputer size_it(method_sig);
3022 size = size_it.size();
3023 sig_types = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, VerificationType, size);
3207
3208 VerificationType ClassVerifier::get_newarray_type(
3209 u2 index, u2 bci, TRAPS) {
3210 const char* from_bt[] = {
3211 NULL, NULL, NULL, NULL, "[Z", "[C", "[F", "[D", "[B", "[S", "[I", "[J",
3212 };
3213 if (index < T_BOOLEAN || index > T_LONG) {
3214 verify_error(ErrorContext::bad_code(bci), "Illegal newarray instruction");
3215 return VerificationType::bogus_type();
3216 }
3217
3218 // from_bt[index] contains the array signature which has a length of 2
3219 Symbol* sig = create_temporary_symbol(
3220 from_bt[index], 2, CHECK_(VerificationType::bogus_type()));
3221 return VerificationType::reference_type(sig);
3222 }
3223
3224 void ClassVerifier::verify_anewarray(
3225 u2 bci, u2 index, const constantPoolHandle& cp,
3226 StackMapFrame* current_frame, TRAPS) {
3227 verify_cp_class_or_value_type(bci, index, cp, CHECK_VERIFY(this));
3228 current_frame->pop_stack(
3229 VerificationType::integer_type(), CHECK_VERIFY(this));
3230
3231 if (was_recursively_verified()) return;
3232 constantTag class_tag = cp->tag_at(index);
3233 VerificationType component_type;
3234 if (class_tag.is_value_type() || class_tag.is_unresolved_value_type()) {
3235 component_type = cp_index_to_valuetype(index, cp, CHECK_VERIFY(this));
3236 } else {
3237 component_type = cp_index_to_reference_type(index, cp, CHECK_VERIFY(this));
3238 }
3239 int length;
3240 char* arr_sig_str;
3241 if (component_type.is_array()) { // it's an array
3242 const char* component_name = component_type.name()->as_utf8();
3243 // Check for more than MAX_ARRAY_DIMENSIONS
3244 length = (int)strlen(component_name);
3245 if (length > MAX_ARRAY_DIMENSIONS &&
3246 component_name[MAX_ARRAY_DIMENSIONS - 1] == '[') {
3247 verify_error(ErrorContext::bad_code(bci),
3248 "Illegal anewarray instruction, array has more than 255 dimensions");
3249 }
3250 // add one dimension to component
3251 length++;
3252 arr_sig_str = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, char, length);
3253 arr_sig_str[0] = '[';
3254 strncpy(&arr_sig_str[1], component_name, length - 1);
3255 } else { // it's an object or interface
3256 const char* component_name = component_type.name()->as_utf8();
3257 // add one dimension to component with 'L' or 'Q' (value type) prepended and ';' appended.
3258 length = (int)strlen(component_name) + 3;
3259 arr_sig_str = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, char, length);
3260 arr_sig_str[0] = '[';
3261 arr_sig_str[1] = component_type.is_reference() ? 'L' : 'Q';
3262 strncpy(&arr_sig_str[2], component_name, length - 2);
3263 arr_sig_str[length - 1] = ';';
3264 }
3265 Symbol* arr_sig = create_temporary_symbol(
3266 arr_sig_str, length, CHECK_VERIFY(this));
3267 VerificationType new_array_type = VerificationType::reference_type(arr_sig);
3268 current_frame->push_stack(new_array_type, CHECK_VERIFY(this));
3269 }
3270
3271 void ClassVerifier::verify_iload(u2 index, StackMapFrame* current_frame, TRAPS) {
3272 current_frame->get_local(
3273 index, VerificationType::integer_type(), CHECK_VERIFY(this));
3274 current_frame->push_stack(
3275 VerificationType::integer_type(), CHECK_VERIFY(this));
3276 }
3277
3278 void ClassVerifier::verify_lload(u2 index, StackMapFrame* current_frame, TRAPS) {
3279 current_frame->get_local_2(
3280 index, VerificationType::long_type(),
3281 VerificationType::long2_type(), CHECK_VERIFY(this));
3289 index, VerificationType::float_type(), CHECK_VERIFY(this));
3290 current_frame->push_stack(
3291 VerificationType::float_type(), CHECK_VERIFY(this));
3292 }
3293
3294 void ClassVerifier::verify_dload(u2 index, StackMapFrame* current_frame, TRAPS) {
3295 current_frame->get_local_2(
3296 index, VerificationType::double_type(),
3297 VerificationType::double2_type(), CHECK_VERIFY(this));
3298 current_frame->push_stack_2(
3299 VerificationType::double_type(),
3300 VerificationType::double2_type(), CHECK_VERIFY(this));
3301 }
3302
3303 void ClassVerifier::verify_aload(u2 index, StackMapFrame* current_frame, TRAPS) {
3304 VerificationType type = current_frame->get_local(
3305 index, VerificationType::reference_check(), CHECK_VERIFY(this));
3306 current_frame->push_stack(type, CHECK_VERIFY(this));
3307 }
3308
3309 void ClassVerifier::verify_vload(u2 index, StackMapFrame* current_frame, TRAPS) {
3310 VerificationType type = current_frame->get_local(
3311 index, VerificationType::valuetype_check(), CHECK_VERIFY(this));
3312 current_frame->push_stack(type, CHECK_VERIFY(this));
3313 }
3314
3315 void ClassVerifier::verify_istore(u2 index, StackMapFrame* current_frame, TRAPS) {
3316 current_frame->pop_stack(
3317 VerificationType::integer_type(), CHECK_VERIFY(this));
3318 current_frame->set_local(
3319 index, VerificationType::integer_type(), CHECK_VERIFY(this));
3320 }
3321
3322 void ClassVerifier::verify_lstore(u2 index, StackMapFrame* current_frame, TRAPS) {
3323 current_frame->pop_stack_2(
3324 VerificationType::long2_type(),
3325 VerificationType::long_type(), CHECK_VERIFY(this));
3326 current_frame->set_local_2(
3327 index, VerificationType::long_type(),
3328 VerificationType::long2_type(), CHECK_VERIFY(this));
3329 }
3330
3331 void ClassVerifier::verify_fstore(u2 index, StackMapFrame* current_frame, TRAPS) {
3332 current_frame->pop_stack(VerificationType::float_type(), CHECK_VERIFY(this));
3333 current_frame->set_local(
3334 index, VerificationType::float_type(), CHECK_VERIFY(this));
3335 }
3336
3337 void ClassVerifier::verify_dstore(u2 index, StackMapFrame* current_frame, TRAPS) {
3338 current_frame->pop_stack_2(
3339 VerificationType::double2_type(),
3340 VerificationType::double_type(), CHECK_VERIFY(this));
3341 current_frame->set_local_2(
3342 index, VerificationType::double_type(),
3343 VerificationType::double2_type(), CHECK_VERIFY(this));
3344 }
3345
3346 void ClassVerifier::verify_astore(u2 index, StackMapFrame* current_frame, TRAPS) {
3347 VerificationType type = current_frame->pop_stack(
3348 VerificationType::reference_check(), CHECK_VERIFY(this));
3349 current_frame->set_local(index, type, CHECK_VERIFY(this));
3350 }
3351
3352 void ClassVerifier::verify_vstore(u2 index, StackMapFrame* current_frame, TRAPS) {
3353 VerificationType type = current_frame->pop_stack(
3354 VerificationType::valuetype_check(), CHECK_VERIFY(this));
3355 current_frame->set_local(index, type, CHECK_VERIFY(this));
3356 }
3357
3358 void ClassVerifier::verify_iinc(u2 index, StackMapFrame* current_frame, TRAPS) {
3359 VerificationType type = current_frame->get_local(
3360 index, VerificationType::integer_type(), CHECK_VERIFY(this));
3361 current_frame->set_local(index, type, CHECK_VERIFY(this));
3362 }
3363
3364 void ClassVerifier::verify_return_value(
3365 VerificationType return_type, VerificationType type, u2 bci,
3366 StackMapFrame* current_frame, TRAPS) {
3367 if (return_type == VerificationType::bogus_type()) {
3368 verify_error(ErrorContext::bad_type(bci,
3369 current_frame->stack_top_ctx(), TypeOrigin::signature(return_type)),
3370 "Method expects a return value");
3371 return;
3372 }
3373 bool match = return_type.is_assignable_from(type, this, false, CHECK_VERIFY(this));
3374 if (!match) {
|