1 /*
2 * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package java.lang.reflect;
27
28 import java.lang.annotation.Annotation;
29 import java.lang.invoke.MethodHandle;
30 import java.lang.ref.WeakReference;
31 import java.security.AccessController;
32
33 import jdk.internal.misc.VM;
34 import jdk.internal.module.IllegalAccessLogger;
35 import jdk.internal.reflect.CallerSensitive;
36 import jdk.internal.reflect.Reflection;
37 import jdk.internal.reflect.ReflectionFactory;
38 import sun.security.action.GetPropertyAction;
39 import sun.security.util.SecurityConstants;
40
41 /**
42 * The {@code AccessibleObject} class is the base class for {@code Field},
43 * {@code Method}, and {@code Constructor} objects (known as <em>reflected
44 * objects</em>). It provides the ability to flag a reflected object as
45 * suppressing checks for Java language access control when it is used. This
46 * permits sophisticated applications with sufficient privilege, such as Java
47 * Object Serialization or other persistence mechanisms, to manipulate objects
48 * in a manner that would normally be prohibited.
49 *
50 * <p> Java language access control prevents use of private members outside
51 * their top-level class; package access members outside their package; protected members
52 * outside their package or subclasses; and public members outside their
53 * module unless they are declared in an {@link Module#isExported(String,Module)
54 * exported} package and the user {@link Module#canRead reads} their module. By
55 * default, Java language access control is enforced (with one variation) when
56 * {@code Field}s, {@code Method}s, or {@code Constructor}s are used to get or
57 * set fields, to invoke methods, or to create and initialize new instances of
58 * classes, respectively. Every reflected object checks that the code using it
59 * is in an appropriate class, package, or module. The check when invoked by
60 * <a href="{@docRoot}/../specs/jni/index.html">JNI code</a> with no Java
61 * class on the stack only succeeds if the member and the declaring class are
62 * public, and the class is in a package that is exported to all modules. </p>
63 *
64 * <p> The one variation from Java language access control is that the checks
65 * by reflected objects assume readability. That is, the module containing
66 * the use of a reflected object is assumed to read the module in which
67 * the underlying field, method, or constructor is declared. </p>
68 *
69 * <p> Whether the checks for Java language access control can be suppressed
70 * (and thus, whether access can be enabled) depends on whether the reflected
71 * object corresponds to a member in an exported or open package
72 * (see {@link #setAccessible(boolean)}). </p>
73 *
74 * @jls 6.6 Access Control
75 * @since 1.2
76 * @revised 9
77 * @spec JPMS
78 */
79 public class AccessibleObject implements AnnotatedElement {
80
81 static void checkPermission() {
82 SecurityManager sm = System.getSecurityManager();
83 if (sm != null) {
84 // SecurityConstants.ACCESS_PERMISSION is used to check
85 // whether a client has sufficient privilege to defeat Java
86 // language access control checks.
87 sm.checkPermission(SecurityConstants.ACCESS_PERMISSION);
88 }
89 }
90
91 /**
92 * Convenience method to set the {@code accessible} flag for an
93 * array of reflected objects with a single security check (for efficiency).
94 *
95 * <p> This method may be used to enable access to all reflected objects in
96 * the array when access to each reflected object can be enabled as
97 * specified by {@link #setAccessible(boolean) setAccessible(boolean)}. </p>
98 *
99 * <p>If there is a security manager, its
100 * {@code checkPermission} method is first called with a
101 * {@code ReflectPermission("suppressAccessChecks")} permission.
102 *
103 * <p>A {@code SecurityException} is also thrown if any of the elements of
104 * the input {@code array} is a {@link java.lang.reflect.Constructor}
105 * object for the class {@code java.lang.Class} and {@code flag} is true.
106 *
107 * @param array the array of AccessibleObjects
108 * @param flag the new value for the {@code accessible} flag
109 * in each object
110 * @throws InaccessibleObjectException if access cannot be enabled for all
111 * objects in the array
112 * @throws SecurityException if the request is denied by the security manager
113 * or an element in the array is a constructor for {@code
114 * java.lang.Class}
115 * @see SecurityManager#checkPermission
116 * @see ReflectPermission
117 * @revised 9
118 * @spec JPMS
119 */
120 @CallerSensitive
121 public static void setAccessible(AccessibleObject[] array, boolean flag) {
122 checkPermission();
123 if (flag) {
124 Class<?> caller = Reflection.getCallerClass();
125 array = array.clone();
126 for (AccessibleObject ao : array) {
127 ao.checkCanSetAccessible(caller);
128 }
129 }
130 for (AccessibleObject ao : array) {
131 ao.setAccessible0(flag);
132 }
133 }
134
135 /**
136 * Set the {@code accessible} flag for this reflected object to
137 * the indicated boolean value. A value of {@code true} indicates that
138 * the reflected object should suppress checks for Java language access
139 * control when it is used. A value of {@code false} indicates that
140 * the reflected object should enforce checks for Java language access
141 * control when it is used, with the variation noted in the class description.
142 *
143 * <p> This method may be used by a caller in class {@code C} to enable
144 * access to a {@link Member member} of {@link Member#getDeclaringClass()
145 * declaring class} {@code D} if any of the following hold: </p>
146 *
147 * <ul>
148 * <li> {@code C} and {@code D} are in the same module. </li>
149 *
150 * <li> The member is {@code public} and {@code D} is {@code public} in
151 * a package that the module containing {@code D} {@link
152 * Module#isExported(String,Module) exports} to at least the module
153 * containing {@code C}. </li>
154 *
155 * <li> The member is {@code protected} {@code static}, {@code D} is
156 * {@code public} in a package that the module containing {@code D}
157 * exports to at least the module containing {@code C}, and {@code C}
158 * is a subclass of {@code D}. </li>
159 *
160 * <li> {@code D} is in a package that the module containing {@code D}
161 * {@link Module#isOpen(String,Module) opens} to at least the module
162 * containing {@code C}.
163 * All packages in unnamed and open modules are open to all modules and
164 * so this method always succeeds when {@code D} is in an unnamed or
165 * open module. </li>
166 * </ul>
167 *
168 * <p> This method cannot be used to enable access to private members,
169 * members with default (package) access, protected instance members, or
170 * protected constructors when the declaring class is in a different module
171 * to the caller and the package containing the declaring class is not open
172 * to the caller's module. </p>
173 *
174 * <p> If there is a security manager, its
175 * {@code checkPermission} method is first called with a
176 * {@code ReflectPermission("suppressAccessChecks")} permission.
177 *
178 * @param flag the new value for the {@code accessible} flag
179 * @throws InaccessibleObjectException if access cannot be enabled
180 * @throws SecurityException if the request is denied by the security manager
181 * @see #trySetAccessible
182 * @see java.lang.invoke.MethodHandles#privateLookupIn
183 * @revised 9
184 * @spec JPMS
185 */
186 @CallerSensitive // overrides in Method/Field/Constructor are @CS
187 public void setAccessible(boolean flag) {
188 AccessibleObject.checkPermission();
189 setAccessible0(flag);
190 }
191
192 /**
193 * Sets the accessible flag and returns the new value
194 */
195 boolean setAccessible0(boolean flag) {
196 this.override = flag;
197 return flag;
198 }
199
200 /**
201 * Set the {@code accessible} flag for this reflected object to {@code true}
202 * if possible. This method sets the {@code accessible} flag, as if by
203 * invoking {@link #setAccessible(boolean) setAccessible(true)}, and returns
204 * the possibly-updated value for the {@code accessible} flag. If access
205 * cannot be enabled, i.e. the checks or Java language access control cannot
206 * be suppressed, this method returns {@code false} (as opposed to {@code
207 * setAccessible(true)} throwing {@code InaccessibleObjectException} when
208 * it fails).
209 *
210 * <p> This method is a no-op if the {@code accessible} flag for
211 * this reflected object is {@code true}.
212 *
213 * <p> For example, a caller can invoke {@code trySetAccessible}
214 * on a {@code Method} object for a private instance method
215 * {@code p.T::privateMethod} to suppress the checks for Java language access
216 * control when the {@code Method} is invoked.
217 * If {@code p.T} class is in a different module to the caller and
218 * package {@code p} is open to at least the caller's module,
219 * the code below successfully sets the {@code accessible} flag
220 * to {@code true}.
221 *
222 * <pre>
223 * {@code
224 * p.T obj = ....; // instance of p.T
225 * :
226 * Method m = p.T.class.getDeclaredMethod("privateMethod");
227 * if (m.trySetAccessible()) {
228 * m.invoke(obj);
229 * } else {
230 * // package p is not opened to the caller to access private member of T
231 * ...
232 * }
233 * }</pre>
234 *
235 * <p> If there is a security manager, its {@code checkPermission} method
236 * is first called with a {@code ReflectPermission("suppressAccessChecks")}
237 * permission. </p>
238 *
239 * @return {@code true} if the {@code accessible} flag is set to {@code true};
240 * {@code false} if access cannot be enabled.
241 * @throws SecurityException if the request is denied by the security manager
242 *
243 * @since 9
244 * @spec JPMS
245 * @see java.lang.invoke.MethodHandles#privateLookupIn
246 */
247 @CallerSensitive
248 public final boolean trySetAccessible() {
249 AccessibleObject.checkPermission();
250
251 if (override == true) return true;
252
253 // if it's not a Constructor, Method, Field then no access check
254 if (!Member.class.isInstance(this)) {
255 return setAccessible0(true);
256 }
257
258 // does not allow to suppress access check for Class's constructor
259 Class<?> declaringClass = ((Member) this).getDeclaringClass();
260 if (declaringClass == Class.class && this instanceof Constructor) {
261 return false;
262 }
263
264 if (checkCanSetAccessible(Reflection.getCallerClass(),
265 declaringClass,
266 false)) {
267 return setAccessible0(true);
268 } else {
269 return false;
270 }
271 }
272
273
274 /**
275 * If the given AccessibleObject is a {@code Constructor}, {@code Method}
276 * or {@code Field} then checks that its declaring class is in a package
277 * that can be accessed by the given caller of setAccessible.
278 */
279 void checkCanSetAccessible(Class<?> caller) {
280 // do nothing, needs to be overridden by Constructor, Method, Field
281 }
282
283 final void checkCanSetAccessible(Class<?> caller, Class<?> declaringClass) {
284 checkCanSetAccessible(caller, declaringClass, true);
285 }
286
287 private boolean checkCanSetAccessible(Class<?> caller,
288 Class<?> declaringClass,
289 boolean throwExceptionIfDenied) {
290 if (caller == MethodHandle.class) {
291 throw new IllegalCallerException(); // should not happen
292 }
293
294 int modifiers;
295 if (this instanceof Executable) {
296 modifiers = ((Executable) this).getModifiers();
297 } else {
298 modifiers = ((Field) this).getModifiers();
299 }
300
301 // does not allow to suppress access check for Value class's
302 // constructor or field
303 if (declaringClass.isInlineClass()) {
304 if (this instanceof Constructor) return false;
305 if (this instanceof Field && Modifier.isFinal(modifiers)) return false;
306 }
307
308 Module callerModule = caller.getModule();
309 Module declaringModule = declaringClass.getModule();
310
311 if (callerModule == declaringModule) return true;
312 if (callerModule == Object.class.getModule()) return true;
313 if (!declaringModule.isNamed()) return true;
314
315 // class is public and package is exported to caller
316 boolean isClassPublic = Modifier.isPublic(declaringClass.getModifiers());
317 String pn = declaringClass.getPackageName();
318 if (isClassPublic && declaringModule.isExported(pn, callerModule)) {
319 // member is public
320 if (Modifier.isPublic(modifiers)) {
321 logIfExportedForIllegalAccess(caller, declaringClass);
322 return true;
323 }
324
325 // member is protected-static
326 if (Modifier.isProtected(modifiers)
327 && Modifier.isStatic(modifiers)
328 && isSubclassOf(caller, declaringClass)) {
329 logIfExportedForIllegalAccess(caller, declaringClass);
330 return true;
331 }
332 }
333
334 // package is open to caller
335 if (declaringModule.isOpen(pn, callerModule)) {
336 logIfOpenedForIllegalAccess(caller, declaringClass);
337 return true;
338 }
339
340 if (throwExceptionIfDenied) {
341 // not accessible
342 String msg = "Unable to make ";
343 if (this instanceof Field)
344 msg += "field ";
345 msg += this + " accessible: " + declaringModule + " does not \"";
346 if (isClassPublic && Modifier.isPublic(modifiers))
347 msg += "exports";
348 else
349 msg += "opens";
350 msg += " " + pn + "\" to " + callerModule;
351 InaccessibleObjectException e = new InaccessibleObjectException(msg);
352 if (printStackTraceWhenAccessFails()) {
353 e.printStackTrace(System.err);
354 }
355 throw e;
356 }
357 return false;
358 }
359
360 private boolean isSubclassOf(Class<?> queryClass, Class<?> ofClass) {
361 while (queryClass != null) {
362 if (queryClass == ofClass) {
363 return true;
364 }
365 queryClass = queryClass.getSuperclass();
366 }
367 return false;
368 }
369
370 private void logIfOpenedForIllegalAccess(Class<?> caller, Class<?> declaringClass) {
371 Module callerModule = caller.getModule();
372 Module targetModule = declaringClass.getModule();
373 // callerModule is null during early startup
374 if (callerModule != null && !callerModule.isNamed() && targetModule.isNamed()) {
375 IllegalAccessLogger logger = IllegalAccessLogger.illegalAccessLogger();
376 if (logger != null) {
377 logger.logIfOpenedForIllegalAccess(caller, declaringClass, this::toShortString);
378 }
379 }
380 }
381
382 private void logIfExportedForIllegalAccess(Class<?> caller, Class<?> declaringClass) {
383 Module callerModule = caller.getModule();
384 Module targetModule = declaringClass.getModule();
385 // callerModule is null during early startup
386 if (callerModule != null && !callerModule.isNamed() && targetModule.isNamed()) {
387 IllegalAccessLogger logger = IllegalAccessLogger.illegalAccessLogger();
388 if (logger != null) {
389 logger.logIfExportedForIllegalAccess(caller, declaringClass, this::toShortString);
390 }
391 }
392 }
393
394 /**
395 * Returns a short descriptive string to describe this object in log messages.
396 */
397 String toShortString() {
398 return toString();
399 }
400
401 /**
402 * Get the value of the {@code accessible} flag for this reflected object.
403 *
404 * @return the value of the object's {@code accessible} flag
405 *
406 * @deprecated
407 * This method is deprecated because its name hints that it checks
408 * if the reflected object is accessible when it actually indicates
409 * if the checks for Java language access control are suppressed.
410 * This method may return {@code false} on a reflected object that is
411 * accessible to the caller. To test if this reflected object is accessible,
412 * it should use {@link #canAccess(Object)}.
413 *
414 * @revised 9
415 * @spec JPMS
416 */
417 @Deprecated(since="9")
418 public boolean isAccessible() {
419 return override;
420 }
421
422 /**
423 * Test if the caller can access this reflected object. If this reflected
424 * object corresponds to an instance method or field then this method tests
425 * if the caller can access the given {@code obj} with the reflected object.
426 * For instance methods or fields then the {@code obj} argument must be an
427 * instance of the {@link Member#getDeclaringClass() declaring class}. For
428 * static members and constructors then {@code obj} must be {@code null}.
429 *
430 * <p> This method returns {@code true} if the {@code accessible} flag
431 * is set to {@code true}, i.e. the checks for Java language access control
432 * are suppressed, or if the caller can access the member as
433 * specified in <cite>The Java™ Language Specification</cite>,
434 * with the variation noted in the class description. </p>
435 *
436 * @param obj an instance object of the declaring class of this reflected
437 * object if it is an instance method or field
438 *
439 * @return {@code true} if the caller can access this reflected object.
440 *
441 * @throws IllegalArgumentException
442 * <ul>
443 * <li> if this reflected object is a static member or constructor and
444 * the given {@code obj} is non-{@code null}, or </li>
445 * <li> if this reflected object is an instance method or field
446 * and the given {@code obj} is {@code null} or of type
447 * that is not a subclass of the {@link Member#getDeclaringClass()
448 * declaring class} of the member.</li>
449 * </ul>
450 *
451 * @since 9
452 * @spec JPMS
453 * @jls 6.6 Access Control
454 * @see #trySetAccessible
455 * @see #setAccessible(boolean)
456 */
457 @CallerSensitive
458 public final boolean canAccess(Object obj) {
459 if (!Member.class.isInstance(this)) {
460 return override;
461 }
462
463 Class<?> declaringClass = ((Member) this).getDeclaringClass();
464 int modifiers = ((Member) this).getModifiers();
465 if (!Modifier.isStatic(modifiers) &&
466 (this instanceof Method || this instanceof Field)) {
467 if (obj == null) {
468 throw new IllegalArgumentException("null object for " + this);
469 }
470 // if this object is an instance member, the given object
471 // must be a subclass of the declaring class of this reflected object
472 if (!declaringClass.isAssignableFrom(obj.getClass())) {
473 throw new IllegalArgumentException("object is not an instance of "
474 + declaringClass.getName());
475 }
476 } else if (obj != null) {
477 throw new IllegalArgumentException("non-null object for " + this);
478 }
479
480 // access check is suppressed
481 if (override) return true;
482
483 Class<?> caller = Reflection.getCallerClass();
484 Class<?> targetClass;
485 if (this instanceof Constructor) {
486 targetClass = declaringClass;
487 } else {
488 targetClass = Modifier.isStatic(modifiers) ? null : obj.getClass();
489 }
490 return verifyAccess(caller, declaringClass, targetClass, modifiers);
491 }
492
493 /**
494 * Constructor: only used by the Java Virtual Machine.
495 */
496 protected AccessibleObject() {}
497
498 // Indicates whether language-level access checks are overridden
499 // by this object. Initializes to "false". This field is used by
500 // Field, Method, and Constructor.
501 //
502 // NOTE: for security purposes, this field must not be visible
503 // outside this package.
504 boolean override;
505
506 // Reflection factory used by subclasses for creating field,
507 // method, and constructor accessors. Note that this is called
508 // very early in the bootstrapping process.
509 static final ReflectionFactory reflectionFactory =
510 AccessController.doPrivileged(
511 new ReflectionFactory.GetReflectionFactoryAction());
512
513 /**
514 * @throws NullPointerException {@inheritDoc}
515 * @since 1.5
516 */
517 public <T extends Annotation> T getAnnotation(Class<T> annotationClass) {
518 throw new AssertionError("All subclasses should override this method");
519 }
520
521 /**
522 * {@inheritDoc}
523 * @throws NullPointerException {@inheritDoc}
524 * @since 1.5
525 */
526 @Override
527 public boolean isAnnotationPresent(Class<? extends Annotation> annotationClass) {
528 return AnnotatedElement.super.isAnnotationPresent(annotationClass);
529 }
530
531 /**
532 * @throws NullPointerException {@inheritDoc}
533 * @since 1.8
534 */
535 @Override
536 public <T extends Annotation> T[] getAnnotationsByType(Class<T> annotationClass) {
537 throw new AssertionError("All subclasses should override this method");
538 }
539
540 /**
541 * @since 1.5
542 */
543 public Annotation[] getAnnotations() {
544 return getDeclaredAnnotations();
545 }
546
547 /**
548 * @throws NullPointerException {@inheritDoc}
549 * @since 1.8
550 */
551 @Override
552 public <T extends Annotation> T getDeclaredAnnotation(Class<T> annotationClass) {
553 // Only annotations on classes are inherited, for all other
554 // objects getDeclaredAnnotation is the same as
555 // getAnnotation.
556 return getAnnotation(annotationClass);
557 }
558
559 /**
560 * @throws NullPointerException {@inheritDoc}
561 * @since 1.8
562 */
563 @Override
564 public <T extends Annotation> T[] getDeclaredAnnotationsByType(Class<T> annotationClass) {
565 // Only annotations on classes are inherited, for all other
566 // objects getDeclaredAnnotationsByType is the same as
567 // getAnnotationsByType.
568 return getAnnotationsByType(annotationClass);
569 }
570
571 /**
572 * @since 1.5
573 */
574 public Annotation[] getDeclaredAnnotations() {
575 throw new AssertionError("All subclasses should override this method");
576 }
577
578 // Shared access checking logic.
579
580 // For non-public members or members in package-private classes,
581 // it is necessary to perform somewhat expensive access checks.
582 // If the access check succeeds for a given class, it will
583 // always succeed (it is not affected by the granting or revoking
584 // of permissions); we speed up the check in the common case by
585 // remembering the last Class for which the check succeeded.
586 //
587 // The simple access check for Constructor is to see if
588 // the caller has already been seen, verified, and cached.
589 //
590 // A more complicated access check cache is needed for Method and Field
591 // The cache can be either null (empty cache), {caller,targetClass} pair,
592 // or a caller (with targetClass implicitly equal to memberClass).
593 // In the {caller,targetClass} case, the targetClass is always different
594 // from the memberClass.
595 volatile Object accessCheckCache;
596
597 private static class Cache {
598 final WeakReference<Class<?>> callerRef;
599 final WeakReference<Class<?>> targetRef;
600
601 Cache(Class<?> caller, Class<?> target) {
602 this.callerRef = new WeakReference<>(caller);
603 this.targetRef = new WeakReference<>(target);
604 }
605
606 boolean isCacheFor(Class<?> caller, Class<?> refc) {
607 return callerRef.get() == caller && targetRef.get() == refc;
608 }
609
610 static Object protectedMemberCallerCache(Class<?> caller, Class<?> refc) {
611 return new Cache(caller, refc);
612 }
613 }
614
615 /*
616 * Returns true if the previous access check was verified for the
617 * given caller accessing a protected member with an instance of
618 * the given targetClass where the target class is different than
619 * the declaring member class.
620 */
621 private boolean isAccessChecked(Class<?> caller, Class<?> targetClass) {
622 Object cache = accessCheckCache; // read volatile
623 if (cache instanceof Cache) {
624 return ((Cache) cache).isCacheFor(caller, targetClass);
625 }
626 return false;
627 }
628
629 /*
630 * Returns true if the previous access check was verified for the
631 * given caller accessing a static member or an instance member of
632 * the target class that is the same as the declaring member class.
633 */
634 private boolean isAccessChecked(Class<?> caller) {
635 Object cache = accessCheckCache; // read volatile
636 if (cache instanceof WeakReference) {
637 @SuppressWarnings("unchecked")
638 WeakReference<Class<?>> ref = (WeakReference<Class<?>>) cache;
639 return ref.get() == caller;
640 }
641 return false;
642 }
643
644 final void checkAccess(Class<?> caller, Class<?> memberClass,
645 Class<?> targetClass, int modifiers)
646 throws IllegalAccessException
647 {
648 if (!verifyAccess(caller, memberClass, targetClass, modifiers)) {
649 IllegalAccessException e = Reflection.newIllegalAccessException(
650 caller, memberClass, targetClass, modifiers);
651 if (printStackTraceWhenAccessFails()) {
652 e.printStackTrace(System.err);
653 }
654 throw e;
655 }
656 }
657
658 final boolean verifyAccess(Class<?> caller, Class<?> memberClass,
659 Class<?> targetClass, int modifiers)
660 {
661 if (caller == memberClass) { // quick check
662 return true; // ACCESS IS OK
663 }
664 if (targetClass != null // instance member or constructor
665 && Modifier.isProtected(modifiers)
666 && targetClass != memberClass) {
667 if (isAccessChecked(caller, targetClass)) {
668 return true; // ACCESS IS OK
669 }
670 } else if (isAccessChecked(caller)) {
671 // Non-protected case (or targetClass == memberClass or static member).
672 return true; // ACCESS IS OK
673 }
674
675 // If no return, fall through to the slow path.
676 return slowVerifyAccess(caller, memberClass, targetClass, modifiers);
677 }
678
679 // Keep all this slow stuff out of line:
680 private boolean slowVerifyAccess(Class<?> caller, Class<?> memberClass,
681 Class<?> targetClass, int modifiers)
682 {
683
684 if (caller == null) {
685 // No caller frame when a native thread attaches to the VM
686 // only allow access to a public accessible member
687 return Reflection.verifyPublicMemberAccess(memberClass, modifiers);
688 }
689
690 if (!Reflection.verifyMemberAccess(caller, memberClass, targetClass, modifiers)) {
691 // access denied
692 return false;
693 }
694
695 // access okay
696 logIfExportedForIllegalAccess(caller, memberClass);
697
698 // Success: Update the cache.
699 Object cache = (targetClass != null
700 && Modifier.isProtected(modifiers)
701 && targetClass != memberClass)
702 ? Cache.protectedMemberCallerCache(caller, targetClass)
703 : new WeakReference<>(caller);
704 accessCheckCache = cache; // write volatile
705 return true;
706 }
707
708 // true to print a stack trace when access fails
709 private static volatile boolean printStackWhenAccessFails;
710
711 // true if printStack* values are initialized
712 private static volatile boolean printStackPropertiesSet;
713
714 /**
715 * Returns true if a stack trace should be printed when access fails.
716 */
717 private static boolean printStackTraceWhenAccessFails() {
718 if (!printStackPropertiesSet && VM.initLevel() >= 1) {
719 String s = GetPropertyAction.privilegedGetProperty(
720 "sun.reflect.debugModuleAccessChecks");
721 if (s != null) {
722 printStackWhenAccessFails = !s.equalsIgnoreCase("false");
723 }
724 printStackPropertiesSet = true;
725 }
726 return printStackWhenAccessFails;
727 }
728
729 /**
730 * Returns the root AccessibleObject; or null if this object is the root.
731 *
732 * All subclasses override this method.
733 */
734 AccessibleObject getRoot() {
735 throw new InternalError();
736 }
737 }