rev 49922 : 8202419: Avoid creating Permission constants early
Reviewed-by: TBD

   1 /*
   2  * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package java.lang.reflect;
  27 
  28 import java.lang.annotation.Annotation;
  29 import java.lang.invoke.MethodHandle;
  30 import java.security.AccessController;
  31 
  32 import jdk.internal.misc.VM;
  33 import jdk.internal.module.IllegalAccessLogger;
  34 import jdk.internal.reflect.CallerSensitive;
  35 import jdk.internal.reflect.Reflection;
  36 import jdk.internal.reflect.ReflectionFactory;
  37 import sun.security.action.GetPropertyAction;
  38 import sun.security.util.SecurityConstants;
  39 
  40 /**
  41  * The {@code AccessibleObject} class is the base class for {@code Field},
  42  * {@code Method}, and {@code Constructor} objects (known as <em>reflected
  43  * objects</em>). It provides the ability to flag a reflected object as
  44  * suppressing checks for Java language access control when it is used. This
  45  * permits sophisticated applications with sufficient privilege, such as Java
  46  * Object Serialization or other persistence mechanisms, to manipulate objects
  47  * in a manner that would normally be prohibited.
  48  *
  49  * <p> Java language access control prevents use of private members outside
  50  * their class; package access members outside their package; protected members
  51  * outside their package or subclasses; and public members outside their
  52  * module unless they are declared in an {@link Module#isExported(String,Module)
  53  * exported} package and the user {@link Module#canRead reads} their module. By
  54  * default, Java language access control is enforced (with one variation) when
  55  * {@code Field}s, {@code Method}s, or {@code Constructor}s are used to get or
  56  * set fields, to invoke methods, or to create and initialize new instances of
  57  * classes, respectively. Every reflected object checks that the code using it
  58  * is in an appropriate class, package, or module. </p>
  59  *
  60  * <p> The one variation from Java language access control is that the checks
  61  * by reflected objects assume readability. That is, the module containing
  62  * the use of a reflected object is assumed to read the module in which
  63  * the underlying field, method, or constructor is declared. </p>
  64  *
  65  * <p> Whether the checks for Java language access control can be suppressed
  66  * (and thus, whether access can be enabled) depends on whether the reflected
  67  * object corresponds to a member in an exported or open package
  68  * (see {@link #setAccessible(boolean)}). </p>
  69  *
  70  * @jls 6.6 Access Control
  71  * @since 1.2
  72  * @revised 9
  73  * @spec JPMS
  74  */
  75 public class AccessibleObject implements AnnotatedElement {
  76 








  77     static void checkPermission() {
  78         SecurityManager sm = System.getSecurityManager();
  79         if (sm != null) sm.checkPermission(SecurityConstants.ACCESS_PERMISSION);
  80     }
  81 
  82     /**
  83      * Convenience method to set the {@code accessible} flag for an
  84      * array of reflected objects with a single security check (for efficiency).
  85      *
  86      * <p> This method may be used to enable access to all reflected objects in
  87      * the array when access to each reflected object can be enabled as
  88      * specified by {@link #setAccessible(boolean) setAccessible(boolean)}. </p>
  89      *
  90      * <p>If there is a security manager, its
  91      * {@code checkPermission} method is first called with a
  92      * {@code ReflectPermission("suppressAccessChecks")} permission.
  93      *
  94      * <p>A {@code SecurityException} is also thrown if any of the elements of
  95      * the input {@code array} is a {@link java.lang.reflect.Constructor}
  96      * object for the class {@code java.lang.Class} and {@code flag} is true.
  97      *
  98      * @param array the array of AccessibleObjects
  99      * @param flag  the new value for the {@code accessible} flag
 100      *              in each object
 101      * @throws InaccessibleObjectException if access cannot be enabled for all
 102      *         objects in the array
 103      * @throws SecurityException if the request is denied by the security manager
 104      *         or an element in the array is a constructor for {@code
 105      *         java.lang.Class}
 106      * @see SecurityManager#checkPermission
 107      * @see ReflectPermission
 108      * @revised 9
 109      * @spec JPMS
 110      */
 111     @CallerSensitive
 112     public static void setAccessible(AccessibleObject[] array, boolean flag) {
 113         checkPermission();
 114         if (flag) {
 115             Class<?> caller = Reflection.getCallerClass();
 116             array = array.clone();
 117             for (AccessibleObject ao : array) {
 118                 ao.checkCanSetAccessible(caller);
 119             }
 120         }
 121         for (AccessibleObject ao : array) {
 122             ao.setAccessible0(flag);
 123         }
 124     }
 125 
 126     /**
 127      * Set the {@code accessible} flag for this reflected object to
 128      * the indicated boolean value.  A value of {@code true} indicates that
 129      * the reflected object should suppress checks for Java language access
 130      * control when it is used. A value of {@code false} indicates that
 131      * the reflected object should enforce checks for Java language access
 132      * control when it is used, with the variation noted in the class description.
 133      *
 134      * <p> This method may be used by a caller in class {@code C} to enable
 135      * access to a {@link Member member} of {@link Member#getDeclaringClass()
 136      * declaring class} {@code D} if any of the following hold: </p>
 137      *
 138      * <ul>
 139      *     <li> {@code C} and {@code D} are in the same module. </li>
 140      *
 141      *     <li> The member is {@code public} and {@code D} is {@code public} in
 142      *     a package that the module containing {@code D} {@link
 143      *     Module#isExported(String,Module) exports} to at least the module
 144      *     containing {@code C}. </li>
 145      *
 146      *     <li> The member is {@code protected} {@code static}, {@code D} is
 147      *     {@code public} in a package that the module containing {@code D}
 148      *     exports to at least the module containing {@code C}, and {@code C}
 149      *     is a subclass of {@code D}. </li>
 150      *
 151      *     <li> {@code D} is in a package that the module containing {@code D}
 152      *     {@link Module#isOpen(String,Module) opens} to at least the module
 153      *     containing {@code C}.
 154      *     All packages in unnamed and open modules are open to all modules and
 155      *     so this method always succeeds when {@code D} is in an unnamed or
 156      *     open module. </li>
 157      * </ul>
 158      *
 159      * <p> This method cannot be used to enable access to private members,
 160      * members with default (package) access, protected instance members, or
 161      * protected constructors when the declaring class is in a different module
 162      * to the caller and the package containing the declaring class is not open
 163      * to the caller's module. </p>
 164      *
 165      * <p> If there is a security manager, its
 166      * {@code checkPermission} method is first called with a
 167      * {@code ReflectPermission("suppressAccessChecks")} permission.
 168      *
 169      * @param flag the new value for the {@code accessible} flag
 170      * @throws InaccessibleObjectException if access cannot be enabled
 171      * @throws SecurityException if the request is denied by the security manager
 172      * @see #trySetAccessible
 173      * @see java.lang.invoke.MethodHandles#privateLookupIn
 174      * @revised 9
 175      * @spec JPMS
 176      */
 177     @CallerSensitive   // overrides in Method/Field/Constructor are @CS
 178     public void setAccessible(boolean flag) {
 179         AccessibleObject.checkPermission();
 180         setAccessible0(flag);
 181     }
 182 
 183     /**
 184      * Sets the accessible flag and returns the new value
 185      */
 186     boolean setAccessible0(boolean flag) {
 187         this.override = flag;
 188         return flag;
 189     }
 190 
 191     /**
 192      * Set the {@code accessible} flag for this reflected object to {@code true}
 193      * if possible. This method sets the {@code accessible} flag, as if by
 194      * invoking {@link #setAccessible(boolean) setAccessible(true)}, and returns
 195      * the possibly-updated value for the {@code accessible} flag. If access
 196      * cannot be enabled, i.e. the checks or Java language access control cannot
 197      * be suppressed, this method returns {@code false} (as opposed to {@code
 198      * setAccessible(true)} throwing {@code InaccessibleObjectException} when
 199      * it fails).
 200      *
 201      * <p> This method is a no-op if the {@code accessible} flag for
 202      * this reflected object is {@code true}.
 203      *
 204      * <p> For example, a caller can invoke {@code trySetAccessible}
 205      * on a {@code Method} object for a private instance method
 206      * {@code p.T::privateMethod} to suppress the checks for Java language access
 207      * control when the {@code Method} is invoked.
 208      * If {@code p.T} class is in a different module to the caller and
 209      * package {@code p} is open to at least the caller's module,
 210      * the code below successfully sets the {@code accessible} flag
 211      * to {@code true}.
 212      *
 213      * <pre>
 214      * {@code
 215      *     p.T obj = ....;  // instance of p.T
 216      *     :
 217      *     Method m = p.T.class.getDeclaredMethod("privateMethod");
 218      *     if (m.trySetAccessible()) {
 219      *         m.invoke(obj);
 220      *     } else {
 221      *         // package p is not opened to the caller to access private member of T
 222      *         ...
 223      *     }
 224      * }</pre>
 225      *
 226      * <p> If there is a security manager, its {@code checkPermission} method
 227      * is first called with a {@code ReflectPermission("suppressAccessChecks")}
 228      * permission. </p>
 229      *
 230      * @return {@code true} if the {@code accessible} flag is set to {@code true};
 231      *         {@code false} if access cannot be enabled.
 232      * @throws SecurityException if the request is denied by the security manager
 233      *
 234      * @since 9
 235      * @spec JPMS
 236      * @see java.lang.invoke.MethodHandles#privateLookupIn
 237      */
 238     @CallerSensitive
 239     public final boolean trySetAccessible() {
 240         AccessibleObject.checkPermission();
 241 
 242         if (override == true) return true;
 243 
 244         // if it's not a Constructor, Method, Field then no access check
 245         if (!Member.class.isInstance(this)) {
 246             return setAccessible0(true);
 247         }
 248 
 249         // does not allow to suppress access check for Class's constructor
 250         Class<?> declaringClass = ((Member) this).getDeclaringClass();
 251         if (declaringClass == Class.class && this instanceof Constructor) {
 252             return false;
 253         }
 254 
 255         if (checkCanSetAccessible(Reflection.getCallerClass(),
 256                                   declaringClass,
 257                                   false)) {
 258             return setAccessible0(true);
 259         } else {
 260             return false;
 261         }
 262     }
 263 
 264 
 265    /**
 266     * If the given AccessibleObject is a {@code Constructor}, {@code Method}
 267     * or {@code Field} then checks that its declaring class is in a package
 268     * that can be accessed by the given caller of setAccessible.
 269     */
 270     void checkCanSetAccessible(Class<?> caller) {
 271         // do nothing, needs to be overridden by Constructor, Method, Field
 272     }
 273 
 274     final void checkCanSetAccessible(Class<?> caller, Class<?> declaringClass) {
 275         checkCanSetAccessible(caller, declaringClass, true);
 276     }
 277 
 278     private boolean checkCanSetAccessible(Class<?> caller,
 279                                           Class<?> declaringClass,
 280                                           boolean throwExceptionIfDenied) {
 281         if (caller == MethodHandle.class) {
 282             throw new IllegalCallerException();   // should not happen
 283         }
 284 
 285         Module callerModule = caller.getModule();
 286         Module declaringModule = declaringClass.getModule();
 287 
 288         if (callerModule == declaringModule) return true;
 289         if (callerModule == Object.class.getModule()) return true;
 290         if (!declaringModule.isNamed()) return true;
 291 
 292         String pn = declaringClass.getPackageName();
 293         int modifiers;
 294         if (this instanceof Executable) {
 295             modifiers = ((Executable) this).getModifiers();
 296         } else {
 297             modifiers = ((Field) this).getModifiers();
 298         }
 299 
 300         // class is public and package is exported to caller
 301         boolean isClassPublic = Modifier.isPublic(declaringClass.getModifiers());
 302         if (isClassPublic && declaringModule.isExported(pn, callerModule)) {
 303             // member is public
 304             if (Modifier.isPublic(modifiers)) {
 305                 logIfExportedForIllegalAccess(caller, declaringClass);
 306                 return true;
 307             }
 308 
 309             // member is protected-static
 310             if (Modifier.isProtected(modifiers)
 311                 && Modifier.isStatic(modifiers)
 312                 && isSubclassOf(caller, declaringClass)) {
 313                 logIfExportedForIllegalAccess(caller, declaringClass);
 314                 return true;
 315             }
 316         }
 317 
 318         // package is open to caller
 319         if (declaringModule.isOpen(pn, callerModule)) {
 320             logIfOpenedForIllegalAccess(caller, declaringClass);
 321             return true;
 322         }
 323 
 324         if (throwExceptionIfDenied) {
 325             // not accessible
 326             String msg = "Unable to make ";
 327             if (this instanceof Field)
 328                 msg += "field ";
 329             msg += this + " accessible: " + declaringModule + " does not \"";
 330             if (isClassPublic && Modifier.isPublic(modifiers))
 331                 msg += "exports";
 332             else
 333                 msg += "opens";
 334             msg += " " + pn + "\" to " + callerModule;
 335             InaccessibleObjectException e = new InaccessibleObjectException(msg);
 336             if (printStackTraceWhenAccessFails()) {
 337                 e.printStackTrace(System.err);
 338             }
 339             throw e;
 340         }
 341         return false;
 342     }
 343 
 344     private boolean isSubclassOf(Class<?> queryClass, Class<?> ofClass) {
 345         while (queryClass != null) {
 346             if (queryClass == ofClass) {
 347                 return true;
 348             }
 349             queryClass = queryClass.getSuperclass();
 350         }
 351         return false;
 352     }
 353 
 354     private void logIfOpenedForIllegalAccess(Class<?> caller, Class<?> declaringClass) {
 355         Module callerModule = caller.getModule();
 356         Module targetModule = declaringClass.getModule();
 357         // callerModule is null during early startup
 358         if (callerModule != null && !callerModule.isNamed() && targetModule.isNamed()) {
 359             IllegalAccessLogger logger = IllegalAccessLogger.illegalAccessLogger();
 360             if (logger != null) {
 361                 logger.logIfOpenedForIllegalAccess(caller, declaringClass, this::toShortString);
 362             }
 363         }
 364     }
 365 
 366     private void logIfExportedForIllegalAccess(Class<?> caller, Class<?> declaringClass) {
 367         Module callerModule = caller.getModule();
 368         Module targetModule = declaringClass.getModule();
 369         // callerModule is null during early startup
 370         if (callerModule != null && !callerModule.isNamed() && targetModule.isNamed()) {
 371             IllegalAccessLogger logger = IllegalAccessLogger.illegalAccessLogger();
 372             if (logger != null) {
 373                 logger.logIfExportedForIllegalAccess(caller, declaringClass, this::toShortString);
 374             }
 375         }
 376     }
 377 
 378     /**
 379      * Returns a short descriptive string to describe this object in log messages.
 380      */
 381     String toShortString() {
 382         return toString();
 383     }
 384 
 385     /**
 386      * Get the value of the {@code accessible} flag for this reflected object.
 387      *
 388      * @return the value of the object's {@code accessible} flag
 389      *
 390      * @deprecated
 391      * This method is deprecated because its name hints that it checks
 392      * if the reflected object is accessible when it actually indicates
 393      * if the checks for Java language access control are suppressed.
 394      * This method may return {@code false} on a reflected object that is
 395      * accessible to the caller. To test if this reflected object is accessible,
 396      * it should use {@link #canAccess(Object)}.
 397      *
 398      * @revised 9
 399      * @spec JPMS
 400      */
 401     @Deprecated(since="9")
 402     public boolean isAccessible() {
 403         return override;
 404     }
 405 
 406     /**
 407      * Test if the caller can access this reflected object. If this reflected
 408      * object corresponds to an instance method or field then this method tests
 409      * if the caller can access the given {@code obj} with the reflected object.
 410      * For instance methods or fields then the {@code obj} argument must be an
 411      * instance of the {@link Member#getDeclaringClass() declaring class}. For
 412      * static members and constructors then {@code obj} must be {@code null}.
 413      *
 414      * <p> This method returns {@code true} if the {@code accessible} flag
 415      * is set to {@code true}, i.e. the checks for Java language access control
 416      * are suppressed, or if the caller can access the member as
 417      * specified in <cite>The Java&trade; Language Specification</cite>,
 418      * with the variation noted in the class description. </p>
 419      *
 420      * @param obj an instance object of the declaring class of this reflected
 421      *            object if it is an instance method or field
 422      *
 423      * @return {@code true} if the caller can access this reflected object.
 424      *
 425      * @throws IllegalArgumentException
 426      *         <ul>
 427      *         <li> if this reflected object is a static member or constructor and
 428      *              the given {@code obj} is non-{@code null}, or </li>
 429      *         <li> if this reflected object is an instance method or field
 430      *              and the given {@code obj} is {@code null} or of type
 431      *              that is not a subclass of the {@link Member#getDeclaringClass()
 432      *              declaring class} of the member.</li>
 433      *         </ul>
 434      *
 435      * @since 9
 436      * @spec JPMS
 437      * @jls 6.6 Access Control
 438      * @see #trySetAccessible
 439      * @see #setAccessible(boolean)
 440      */
 441     @CallerSensitive
 442     public final boolean canAccess(Object obj) {
 443         if (!Member.class.isInstance(this)) {
 444             return override;
 445         }
 446 
 447         Class<?> declaringClass = ((Member) this).getDeclaringClass();
 448         int modifiers = ((Member) this).getModifiers();
 449         if (!Modifier.isStatic(modifiers) &&
 450                 (this instanceof Method || this instanceof Field)) {
 451             if (obj == null) {
 452                 throw new IllegalArgumentException("null object for " + this);
 453             }
 454             // if this object is an instance member, the given object
 455             // must be a subclass of the declaring class of this reflected object
 456             if (!declaringClass.isAssignableFrom(obj.getClass())) {
 457                 throw new IllegalArgumentException("object is not an instance of "
 458                                                    + declaringClass.getName());
 459             }
 460         } else if (obj != null) {
 461             throw new IllegalArgumentException("non-null object for " + this);
 462         }
 463 
 464         // access check is suppressed
 465         if (override) return true;
 466 
 467         Class<?> caller = Reflection.getCallerClass();
 468         Class<?> targetClass;
 469         if (this instanceof Constructor) {
 470             targetClass = declaringClass;
 471         } else {
 472             targetClass = Modifier.isStatic(modifiers) ? null : obj.getClass();
 473         }
 474         return verifyAccess(caller, declaringClass, targetClass, modifiers);
 475     }
 476 
 477     /**
 478      * Constructor: only used by the Java Virtual Machine.
 479      */
 480     protected AccessibleObject() {}
 481 
 482     // Indicates whether language-level access checks are overridden
 483     // by this object. Initializes to "false". This field is used by
 484     // Field, Method, and Constructor.
 485     //
 486     // NOTE: for security purposes, this field must not be visible
 487     // outside this package.
 488     boolean override;
 489 
 490     // Reflection factory used by subclasses for creating field,
 491     // method, and constructor accessors. Note that this is called
 492     // very early in the bootstrapping process.
 493     static final ReflectionFactory reflectionFactory =
 494         AccessController.doPrivileged(
 495             new ReflectionFactory.GetReflectionFactoryAction());
 496 
 497     /**
 498      * @throws NullPointerException {@inheritDoc}
 499      * @since 1.5
 500      */
 501     public <T extends Annotation> T getAnnotation(Class<T> annotationClass) {
 502         throw new AssertionError("All subclasses should override this method");
 503     }
 504 
 505     /**
 506      * {@inheritDoc}
 507      * @throws NullPointerException {@inheritDoc}
 508      * @since 1.5
 509      */
 510     @Override
 511     public boolean isAnnotationPresent(Class<? extends Annotation> annotationClass) {
 512         return AnnotatedElement.super.isAnnotationPresent(annotationClass);
 513     }
 514 
 515     /**
 516      * @throws NullPointerException {@inheritDoc}
 517      * @since 1.8
 518      */
 519     @Override
 520     public <T extends Annotation> T[] getAnnotationsByType(Class<T> annotationClass) {
 521         throw new AssertionError("All subclasses should override this method");
 522     }
 523 
 524     /**
 525      * @since 1.5
 526      */
 527     public Annotation[] getAnnotations() {
 528         return getDeclaredAnnotations();
 529     }
 530 
 531     /**
 532      * @throws NullPointerException {@inheritDoc}
 533      * @since 1.8
 534      */
 535     @Override
 536     public <T extends Annotation> T getDeclaredAnnotation(Class<T> annotationClass) {
 537         // Only annotations on classes are inherited, for all other
 538         // objects getDeclaredAnnotation is the same as
 539         // getAnnotation.
 540         return getAnnotation(annotationClass);
 541     }
 542 
 543     /**
 544      * @throws NullPointerException {@inheritDoc}
 545      * @since 1.8
 546      */
 547     @Override
 548     public <T extends Annotation> T[] getDeclaredAnnotationsByType(Class<T> annotationClass) {
 549         // Only annotations on classes are inherited, for all other
 550         // objects getDeclaredAnnotationsByType is the same as
 551         // getAnnotationsByType.
 552         return getAnnotationsByType(annotationClass);
 553     }
 554 
 555     /**
 556      * @since 1.5
 557      */
 558     public Annotation[] getDeclaredAnnotations()  {
 559         throw new AssertionError("All subclasses should override this method");
 560     }
 561 
 562 
 563     // Shared access checking logic.
 564 
 565     // For non-public members or members in package-private classes,
 566     // it is necessary to perform somewhat expensive security checks.
 567     // If the security check succeeds for a given class, it will
 568     // always succeed (it is not affected by the granting or revoking
 569     // of permissions); we speed up the check in the common case by
 570     // remembering the last Class for which the check succeeded.
 571     //
 572     // The simple security check for Constructor is to see if
 573     // the caller has already been seen, verified, and cached.
 574     // (See also Class.newInstance(), which uses a similar method.)
 575     //
 576     // A more complicated security check cache is needed for Method and Field
 577     // The cache can be either null (empty cache), a 2-array of {caller,targetClass},
 578     // or a caller (with targetClass implicitly equal to memberClass).
 579     // In the 2-array case, the targetClass is always different from the memberClass.
 580     volatile Object securityCheckCache;
 581 
 582     final void checkAccess(Class<?> caller, Class<?> memberClass,
 583                            Class<?> targetClass, int modifiers)
 584         throws IllegalAccessException
 585     {
 586         if (!verifyAccess(caller, memberClass, targetClass, modifiers)) {
 587             IllegalAccessException e = Reflection.newIllegalAccessException(
 588                 caller, memberClass, targetClass, modifiers);
 589             if (printStackTraceWhenAccessFails()) {
 590                 e.printStackTrace(System.err);
 591             }
 592             throw e;
 593         }
 594     }
 595 
 596     final boolean verifyAccess(Class<?> caller, Class<?> memberClass,
 597                                Class<?> targetClass, int modifiers)
 598     {
 599         if (caller == memberClass) {  // quick check
 600             return true;             // ACCESS IS OK
 601         }
 602         Object cache = securityCheckCache;  // read volatile
 603         if (targetClass != null // instance member or constructor
 604             && Modifier.isProtected(modifiers)
 605             && targetClass != memberClass) {
 606             // Must match a 2-list of { caller, targetClass }.
 607             if (cache instanceof Class[]) {
 608                 Class<?>[] cache2 = (Class<?>[]) cache;
 609                 if (cache2[1] == targetClass &&
 610                     cache2[0] == caller) {
 611                     return true;     // ACCESS IS OK
 612                 }
 613                 // (Test cache[1] first since range check for [1]
 614                 // subsumes range check for [0].)
 615             }
 616         } else if (cache == caller) {
 617             // Non-protected case (or targetClass == memberClass or static member).
 618             return true;             // ACCESS IS OK
 619         }
 620 
 621         // If no return, fall through to the slow path.
 622         return slowVerifyAccess(caller, memberClass, targetClass, modifiers);
 623     }
 624 
 625     // Keep all this slow stuff out of line:
 626     private boolean slowVerifyAccess(Class<?> caller, Class<?> memberClass,
 627                                      Class<?> targetClass, int modifiers)
 628     {
 629         if (!Reflection.verifyMemberAccess(caller, memberClass, targetClass, modifiers)) {
 630             // access denied
 631             return false;
 632         }
 633 
 634         // access okay
 635         logIfExportedForIllegalAccess(caller, memberClass);
 636 
 637         // Success: Update the cache.
 638         Object cache = (targetClass != null
 639                         && Modifier.isProtected(modifiers)
 640                         && targetClass != memberClass)
 641                         ? new Class<?>[] { caller, targetClass }
 642                         : caller;
 643 
 644         // Note:  The two cache elements are not volatile,
 645         // but they are effectively final.  The Java memory model
 646         // guarantees that the initializing stores for the cache
 647         // elements will occur before the volatile write.
 648         securityCheckCache = cache;         // write volatile
 649         return true;
 650     }
 651 
 652     // true to print a stack trace when access fails
 653     private static volatile boolean printStackWhenAccessFails;
 654 
 655     // true if printStack* values are initialized
 656     private static volatile boolean printStackPropertiesSet;
 657 
 658     /**
 659      * Returns true if a stack trace should be printed when access fails.
 660      */
 661     private static boolean printStackTraceWhenAccessFails() {
 662         if (!printStackPropertiesSet && VM.initLevel() >= 1) {
 663             String s = GetPropertyAction.privilegedGetProperty(
 664                     "sun.reflect.debugModuleAccessChecks");
 665             if (s != null) {
 666                 printStackWhenAccessFails = !s.equalsIgnoreCase("false");
 667             }
 668             printStackPropertiesSet = true;
 669         }
 670         return printStackWhenAccessFails;
 671     }
 672 }
--- EOF ---