16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 *
23 */
24
25 #ifndef SHARE_VM_CLASSFILE_VERIFIER_HPP
26 #define SHARE_VM_CLASSFILE_VERIFIER_HPP
27
28 #include "classfile/verificationType.hpp"
29 #include "gc/shared/gcLocker.hpp"
30 #include "oops/klass.hpp"
31 #include "oops/method.hpp"
32 #include "runtime/handles.hpp"
33 #include "utilities/exceptions.hpp"
34 #include "utilities/growableArray.hpp"
35
36 // The verifier class
37 class Verifier : AllStatic {
38 public:
39 enum {
40 STRICTER_ACCESS_CTRL_CHECK_VERSION = 49,
41 STACKMAP_ATTRIBUTE_MAJOR_VERSION = 50,
42 INVOKEDYNAMIC_MAJOR_VERSION = 51,
43 NO_RELAX_ACCESS_CTRL_CHECK_VERSION = 52
44 };
45 typedef enum { ThrowException, NoException } Mode;
46
47 /**
48 * Verify the bytecodes for a class. If 'throw_exception' is true
49 * then the appropriate VerifyError or ClassFormatError will be thrown.
50 * Otherwise, no exception is thrown and the return indicates the
51 * error.
52 */
53 static void log_end_verification(outputStream* st, const char* klassName, Symbol* exception_name, TRAPS);
54 static bool verify(InstanceKlass* klass, Mode mode, bool should_verify_class, TRAPS);
55
56 // Return false if the class is loaded by the bootstrap loader,
57 // or if defineClass was called requesting skipping verification
58 // -Xverify:all/none override this value
59 static bool should_verify_for(oop class_loader, bool should_verify_class);
60
61 // Relax certain access checks to enable some broken 1.1 apps to run on 1.2.
62 static bool relax_access_for(oop class_loader);
63
254
255 // A new instance of this class is created for each class being verified
256 class ClassVerifier : public StackObj {
257 private:
258 Thread* _thread;
259 GrowableArray<Symbol*>* _symbols; // keep a list of symbols created
260
261 Symbol* _exception_type;
262 char* _message;
263
264 ErrorContext _error_context; // contains information about an error
265
266 void verify_method(const methodHandle& method, TRAPS);
267 char* generate_code_data(const methodHandle& m, u4 code_length, TRAPS);
268 void verify_exception_handler_table(u4 code_length, char* code_data,
269 int& min, int& max, TRAPS);
270 void verify_local_variable_table(u4 code_length, char* code_data, TRAPS);
271
272 VerificationType cp_ref_index_to_type(
273 int index, const constantPoolHandle& cp, TRAPS) {
274 return cp_index_to_type(cp->klass_ref_index_at(index), cp, THREAD);
275 }
276
277 bool is_protected_access(
278 InstanceKlass* this_class, Klass* target_class,
279 Symbol* field_name, Symbol* field_sig, bool is_method);
280
281 void verify_cp_index(u2 bci, const constantPoolHandle& cp, int index, TRAPS);
282 void verify_cp_type(u2 bci, int index, const constantPoolHandle& cp,
283 unsigned int types, TRAPS);
284 void verify_cp_class_type(u2 bci, int index, const constantPoolHandle& cp, TRAPS);
285
286 u2 verify_stackmap_table(
287 u2 stackmap_index, u2 bci, StackMapFrame* current_frame,
288 StackMapTable* stackmap_table, bool no_control_flow, TRAPS);
289
290 void verify_exception_handler_targets(
291 u2 bci, bool this_uninit, StackMapFrame* current_frame,
292 StackMapTable* stackmap_table, TRAPS);
293
294 void verify_ldc(
295 int opcode, u2 index, StackMapFrame *current_frame,
296 const constantPoolHandle& cp, u2 bci, TRAPS);
297
298 void verify_switch(
299 RawBytecodeStream* bcs, u4 code_length, char* code_data,
300 StackMapFrame* current_frame, StackMapTable* stackmap_table, TRAPS);
301
302 void verify_field_instructions(
303 RawBytecodeStream* bcs, StackMapFrame* current_frame,
304 const constantPoolHandle& cp, bool allow_arrays, TRAPS);
305
306 void verify_invoke_init(
307 RawBytecodeStream* bcs, u2 ref_index, VerificationType ref_class_type,
308 StackMapFrame* current_frame, u4 code_length, bool in_try_block,
309 bool* this_uninit, const constantPoolHandle& cp, StackMapTable* stackmap_table,
310 TRAPS);
311
312 // Used by ends_in_athrow() to push all handlers that contain bci onto the
313 // handler_stack, if the handler has not already been pushed on the stack.
314 void push_handlers(ExceptionTable* exhandlers,
315 GrowableArray<u4>* handler_list,
316 GrowableArray<u4>* handler_stack,
317 u4 bci);
318
319 // Returns true if all paths starting with start_bc_offset end in athrow
320 // bytecode or loop.
321 bool ends_in_athrow(u4 start_bc_offset);
322
323 void verify_invoke_instructions(
324 RawBytecodeStream* bcs, u4 code_length, StackMapFrame* current_frame,
325 bool in_try_block, bool* this_uninit, VerificationType return_type,
326 const constantPoolHandle& cp, StackMapTable* stackmap_table, TRAPS);
327
328 VerificationType get_newarray_type(u2 index, u2 bci, TRAPS);
329 void verify_anewarray(u2 bci, u2 index, const constantPoolHandle& cp,
330 StackMapFrame* current_frame, TRAPS);
331 void verify_return_value(
332 VerificationType return_type, VerificationType type, u2 offset,
333 StackMapFrame* current_frame, TRAPS);
334
335 void verify_iload (u2 index, StackMapFrame* current_frame, TRAPS);
336 void verify_lload (u2 index, StackMapFrame* current_frame, TRAPS);
337 void verify_fload (u2 index, StackMapFrame* current_frame, TRAPS);
338 void verify_dload (u2 index, StackMapFrame* current_frame, TRAPS);
339 void verify_aload (u2 index, StackMapFrame* current_frame, TRAPS);
340 void verify_istore(u2 index, StackMapFrame* current_frame, TRAPS);
341 void verify_lstore(u2 index, StackMapFrame* current_frame, TRAPS);
342 void verify_fstore(u2 index, StackMapFrame* current_frame, TRAPS);
343 void verify_dstore(u2 index, StackMapFrame* current_frame, TRAPS);
344 void verify_astore(u2 index, StackMapFrame* current_frame, TRAPS);
345 void verify_iinc (u2 index, StackMapFrame* current_frame, TRAPS);
346
347 bool name_in_supers(Symbol* ref_name, InstanceKlass* current);
348
349 VerificationType object_type() const;
350
351 InstanceKlass* _klass; // the class being verified
352 methodHandle _method; // current method being verified
353 VerificationType _this_type; // the verification type of the current class
354
355 // Some recursive calls from the verifier to the name resolver
356 // can cause the current class to be re-verified and rewritten.
357 // If this happens, the original verification should not continue,
358 // because constant pool indexes will have changed.
359 // The rewriter is preceded by the verifier. If the verifier throws
360 // an error, rewriting is prevented. Also, rewriting always precedes
361 // bytecode execution or compilation. Thus, is_rewritten implies
362 // that a class has been verified and prepared for execution.
363 bool was_recursively_verified() { return _klass->is_rewritten(); }
364
365 bool is_same_or_direct_interface(InstanceKlass* klass,
366 VerificationType klass_type, VerificationType ref_class_type);
367
368 public:
369 enum {
390 // Return status modes
391 Symbol* result() const { return _exception_type; }
392 bool has_error() const { return result() != NULL; }
393 char* exception_message() {
394 stringStream ss;
395 ss.print("%s", _message);
396 _error_context.details(&ss, _method());
397 return ss.as_string();
398 }
399
400 // Called when verify or class format errors are encountered.
401 // May throw an exception based upon the mode.
402 void verify_error(ErrorContext ctx, const char* fmt, ...) ATTRIBUTE_PRINTF(3, 4);
403 void class_format_error(const char* fmt, ...) ATTRIBUTE_PRINTF(2, 3);
404
405 Klass* load_class(Symbol* name, TRAPS);
406
407 int change_sig_to_verificationType(
408 SignatureStream* sig_type, VerificationType* inference_type, TRAPS);
409
410 VerificationType cp_index_to_type(int index, const constantPoolHandle& cp, TRAPS) {
411 return VerificationType::reference_type(cp->klass_name_at(index));
412 }
413
414 // Keep a list of temporary symbols created during verification because
415 // their reference counts need to be decremented when the verifier object
416 // goes out of scope. Since these symbols escape the scope in which they're
417 // created, we can't use a TempNewSymbol.
418 Symbol* create_temporary_symbol(const Symbol* s, int begin, int end, TRAPS);
419 Symbol* create_temporary_symbol(const char *s, int length, TRAPS);
420
421 Symbol* create_temporary_symbol(Symbol* s) {
422 // This version just updates the reference count and saves the symbol to be
423 // dereferenced later.
424 s->increment_refcount();
425 _symbols->push(s);
426 return s;
427 }
428
429 TypeOrigin ref_ctx(const char* str, TRAPS);
430
431 };
432
433 inline int ClassVerifier::change_sig_to_verificationType(
434 SignatureStream* sig_type, VerificationType* inference_type, TRAPS) {
435 BasicType bt = sig_type->type();
436 switch (bt) {
437 case T_OBJECT:
438 case T_ARRAY:
439 {
440 Symbol* name = sig_type->as_symbol(CHECK_0);
441 // Create another symbol to save as signature stream unreferences this symbol.
442 Symbol* name_copy = create_temporary_symbol(name);
443 assert(name_copy == name, "symbols don't match");
444 *inference_type =
445 VerificationType::reference_type(name_copy);
446 return 1;
447 }
448 case T_LONG:
449 *inference_type = VerificationType::long_type();
450 *++inference_type = VerificationType::long2_type();
451 return 2;
452 case T_DOUBLE:
453 *inference_type = VerificationType::double_type();
454 *++inference_type = VerificationType::double2_type();
455 return 2;
456 case T_INT:
457 case T_BOOLEAN:
458 case T_BYTE:
459 case T_CHAR:
460 case T_SHORT:
461 *inference_type = VerificationType::integer_type();
462 return 1;
463 case T_FLOAT:
464 *inference_type = VerificationType::float_type();
465 return 1;
|
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 *
23 */
24
25 #ifndef SHARE_VM_CLASSFILE_VERIFIER_HPP
26 #define SHARE_VM_CLASSFILE_VERIFIER_HPP
27
28 #include "classfile/verificationType.hpp"
29 #include "gc/shared/gcLocker.hpp"
30 #include "oops/klass.hpp"
31 #include "oops/method.hpp"
32 #include "runtime/handles.hpp"
33 #include "utilities/exceptions.hpp"
34 #include "utilities/growableArray.hpp"
35
36 // For bit tests involving JVM_CONSTANT_Value during verification,
37 // define a "safe" number to avoid integer overflow of types
38 #define SAFE_JVM_CONSTANT_Value JVM_CONSTANT_ExternalMax
39
40 // The verifier class
41 class Verifier : AllStatic {
42 public:
43 enum {
44 STRICTER_ACCESS_CTRL_CHECK_VERSION = 49,
45 STACKMAP_ATTRIBUTE_MAJOR_VERSION = 50,
46 INVOKEDYNAMIC_MAJOR_VERSION = 51,
47 NO_RELAX_ACCESS_CTRL_CHECK_VERSION = 52,
48 VALUETYPE_MAJOR_VERSION = 53,
49 VALUETYPE_MINOR_VERSION = 1
50 };
51 typedef enum { ThrowException, NoException } Mode;
52
53 /**
54 * Verify the bytecodes for a class. If 'throw_exception' is true
55 * then the appropriate VerifyError or ClassFormatError will be thrown.
56 * Otherwise, no exception is thrown and the return indicates the
57 * error.
58 */
59 static void log_end_verification(outputStream* st, const char* klassName, Symbol* exception_name, TRAPS);
60 static bool verify(InstanceKlass* klass, Mode mode, bool should_verify_class, TRAPS);
61
62 // Return false if the class is loaded by the bootstrap loader,
63 // or if defineClass was called requesting skipping verification
64 // -Xverify:all/none override this value
65 static bool should_verify_for(oop class_loader, bool should_verify_class);
66
67 // Relax certain access checks to enable some broken 1.1 apps to run on 1.2.
68 static bool relax_access_for(oop class_loader);
69
260
261 // A new instance of this class is created for each class being verified
262 class ClassVerifier : public StackObj {
263 private:
264 Thread* _thread;
265 GrowableArray<Symbol*>* _symbols; // keep a list of symbols created
266
267 Symbol* _exception_type;
268 char* _message;
269
270 ErrorContext _error_context; // contains information about an error
271
272 void verify_method(const methodHandle& method, TRAPS);
273 char* generate_code_data(const methodHandle& m, u4 code_length, TRAPS);
274 void verify_exception_handler_table(u4 code_length, char* code_data,
275 int& min, int& max, TRAPS);
276 void verify_local_variable_table(u4 code_length, char* code_data, TRAPS);
277
278 VerificationType cp_ref_index_to_type(
279 int index, const constantPoolHandle& cp, TRAPS) {
280 return cp_index_to_reference_type(cp->klass_ref_index_at(index), cp, THREAD);
281 }
282
283 VerificationType cp_value_index_to_type(
284 int index, const constantPoolHandle& cp, TRAPS) {
285 return cp_index_to_valuetype(cp->klass_ref_index_at(index), cp, THREAD);
286 }
287
288 bool is_protected_access(
289 InstanceKlass* this_class, Klass* target_class,
290 Symbol* field_name, Symbol* field_sig, bool is_method);
291
292 void verify_cp_index(u2 bci, const constantPoolHandle& cp, int index, TRAPS);
293 void verify_cp_type(u2 bci, int index, const constantPoolHandle& cp,
294 unsigned int types, TRAPS);
295 void verify_cp_class_type(u2 bci, int index, const constantPoolHandle& cp, TRAPS);
296 void verify_cp_value_type(u2 bci, int index, const constantPoolHandle& cp, TRAPS);
297 void verify_cp_class_or_value_type(u2 bci, int index, const constantPoolHandle& cp, TRAPS);
298
299 u2 verify_stackmap_table(
300 u2 stackmap_index, u2 bci, StackMapFrame* current_frame,
301 StackMapTable* stackmap_table, bool no_control_flow, TRAPS);
302
303 void verify_exception_handler_targets(
304 u2 bci, bool this_uninit, StackMapFrame* current_frame,
305 StackMapTable* stackmap_table, TRAPS);
306
307 void verify_ldc(
308 int opcode, u2 index, StackMapFrame *current_frame,
309 const constantPoolHandle& cp, u2 bci, TRAPS);
310
311 void verify_switch(
312 RawBytecodeStream* bcs, u4 code_length, char* code_data,
313 StackMapFrame* current_frame, StackMapTable* stackmap_table, TRAPS);
314
315 void verify_field_instructions(
316 RawBytecodeStream* bcs, StackMapFrame* current_frame,
317 const constantPoolHandle& cp, bool allow_arrays, TRAPS);
318
319 void verify_vwithfield(
320 RawBytecodeStream* bcs, StackMapFrame* current_frame,
321 const constantPoolHandle& cp, TRAPS);
322
323 void verify_invoke_init(
324 RawBytecodeStream* bcs, u2 ref_index, VerificationType ref_class_type,
325 StackMapFrame* current_frame, u4 code_length, bool in_try_block,
326 bool* this_uninit, const constantPoolHandle& cp, StackMapTable* stackmap_table,
327 TRAPS);
328
329 // Used by ends_in_athrow() to push all handlers that contain bci onto the
330 // handler_stack, if the handler has not already been pushed on the stack.
331 void push_handlers(ExceptionTable* exhandlers,
332 GrowableArray<u4>* handler_list,
333 GrowableArray<u4>* handler_stack,
334 u4 bci);
335
336 // Returns true if all paths starting with start_bc_offset end in athrow
337 // bytecode or loop.
338 bool ends_in_athrow(u4 start_bc_offset);
339
340 void verify_invoke_instructions(
341 RawBytecodeStream* bcs, u4 code_length, StackMapFrame* current_frame,
342 bool in_try_block, bool* this_uninit, VerificationType return_type,
343 const constantPoolHandle& cp, StackMapTable* stackmap_table, TRAPS);
344
345 VerificationType get_newarray_type(u2 index, u2 bci, TRAPS);
346 void verify_anewarray(u2 bci, u2 index, const constantPoolHandle& cp,
347 StackMapFrame* current_frame, TRAPS);
348 void verify_return_value(
349 VerificationType return_type, VerificationType type, u2 offset,
350 StackMapFrame* current_frame, TRAPS);
351
352 void verify_iload (u2 index, StackMapFrame* current_frame, TRAPS);
353 void verify_lload (u2 index, StackMapFrame* current_frame, TRAPS);
354 void verify_fload (u2 index, StackMapFrame* current_frame, TRAPS);
355 void verify_dload (u2 index, StackMapFrame* current_frame, TRAPS);
356 void verify_aload (u2 index, StackMapFrame* current_frame, TRAPS);
357 void verify_vload (u2 index, StackMapFrame* current_frame, TRAPS);
358 void verify_istore(u2 index, StackMapFrame* current_frame, TRAPS);
359 void verify_lstore(u2 index, StackMapFrame* current_frame, TRAPS);
360 void verify_fstore(u2 index, StackMapFrame* current_frame, TRAPS);
361 void verify_dstore(u2 index, StackMapFrame* current_frame, TRAPS);
362 void verify_astore(u2 index, StackMapFrame* current_frame, TRAPS);
363 void verify_vstore(u2 index, StackMapFrame* current_frame, TRAPS);
364 void verify_iinc (u2 index, StackMapFrame* current_frame, TRAPS);
365
366 bool name_in_supers(Symbol* ref_name, InstanceKlass* current);
367
368 VerificationType object_type() const;
369 VerificationType __value_type() const;
370
371 InstanceKlass* _klass; // the class being verified
372 methodHandle _method; // current method being verified
373 VerificationType _this_type; // the verification type of the current class
374
375 // Some recursive calls from the verifier to the name resolver
376 // can cause the current class to be re-verified and rewritten.
377 // If this happens, the original verification should not continue,
378 // because constant pool indexes will have changed.
379 // The rewriter is preceded by the verifier. If the verifier throws
380 // an error, rewriting is prevented. Also, rewriting always precedes
381 // bytecode execution or compilation. Thus, is_rewritten implies
382 // that a class has been verified and prepared for execution.
383 bool was_recursively_verified() { return _klass->is_rewritten(); }
384
385 bool is_same_or_direct_interface(InstanceKlass* klass,
386 VerificationType klass_type, VerificationType ref_class_type);
387
388 public:
389 enum {
410 // Return status modes
411 Symbol* result() const { return _exception_type; }
412 bool has_error() const { return result() != NULL; }
413 char* exception_message() {
414 stringStream ss;
415 ss.print("%s", _message);
416 _error_context.details(&ss, _method());
417 return ss.as_string();
418 }
419
420 // Called when verify or class format errors are encountered.
421 // May throw an exception based upon the mode.
422 void verify_error(ErrorContext ctx, const char* fmt, ...) ATTRIBUTE_PRINTF(3, 4);
423 void class_format_error(const char* fmt, ...) ATTRIBUTE_PRINTF(2, 3);
424
425 Klass* load_class(Symbol* name, TRAPS);
426
427 int change_sig_to_verificationType(
428 SignatureStream* sig_type, VerificationType* inference_type, TRAPS);
429
430 VerificationType cp_index_to_reference_type(int index, const constantPoolHandle& cp, TRAPS) {
431 return VerificationType::reference_type(cp->klass_name_at(index));
432 }
433
434 VerificationType cp_index_to_valuetype(int index, const constantPoolHandle& cp, TRAPS) {
435 return VerificationType::valuetype_type(cp->klass_name_at(index));
436 }
437
438 // Keep a list of temporary symbols created during verification because
439 // their reference counts need to be decremented when the verifier object
440 // goes out of scope. Since these symbols escape the scope in which they're
441 // created, we can't use a TempNewSymbol.
442 Symbol* create_temporary_symbol(const Symbol* s, int begin, int end, TRAPS);
443 Symbol* create_temporary_symbol(const char *s, int length, TRAPS);
444
445 Symbol* create_temporary_symbol(Symbol* s) {
446 // This version just updates the reference count and saves the symbol to be
447 // dereferenced later.
448 s->increment_refcount();
449 _symbols->push(s);
450 return s;
451 }
452
453 TypeOrigin ref_ctx(const char* str, TRAPS);
454 TypeOrigin valuetype_ctx(const char* str, TRAPS);
455
456 };
457
458 inline int ClassVerifier::change_sig_to_verificationType(
459 SignatureStream* sig_type, VerificationType* inference_type, TRAPS) {
460 BasicType bt = sig_type->type();
461 switch (bt) {
462 case T_OBJECT:
463 case T_ARRAY:
464 case T_VALUETYPE:
465 {
466 Symbol* name = sig_type->as_symbol(CHECK_0);
467 // Create another symbol to save as signature stream unreferences this symbol.
468 Symbol* name_copy = create_temporary_symbol(name);
469 assert(name_copy == name, "symbols don't match");
470 *inference_type = ((bt == T_VALUETYPE) ? VerificationType::valuetype_type(name_copy) :
471 VerificationType::reference_type(name_copy));
472 return 1;
473 }
474 case T_LONG:
475 *inference_type = VerificationType::long_type();
476 *++inference_type = VerificationType::long2_type();
477 return 2;
478 case T_DOUBLE:
479 *inference_type = VerificationType::double_type();
480 *++inference_type = VerificationType::double2_type();
481 return 2;
482 case T_INT:
483 case T_BOOLEAN:
484 case T_BYTE:
485 case T_CHAR:
486 case T_SHORT:
487 *inference_type = VerificationType::integer_type();
488 return 1;
489 case T_FLOAT:
490 *inference_type = VerificationType::float_type();
491 return 1;
|