Tue, 20 Jul 2010 08:41:42 -0700
6964170: Verifier crashes
Summary: Check if klassOop != NULL rather than klass_part != NULL
Reviewed-by: kamg, never
duke@435 | 1 | /* |
trims@1907 | 2 | * Copyright (c) 2003, 2006, Oracle and/or its affiliates. All rights reserved. |
duke@435 | 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
duke@435 | 4 | * |
duke@435 | 5 | * This code is free software; you can redistribute it and/or modify it |
duke@435 | 6 | * under the terms of the GNU General Public License version 2 only, as |
duke@435 | 7 | * published by the Free Software Foundation. |
duke@435 | 8 | * |
duke@435 | 9 | * This code is distributed in the hope that it will be useful, but WITHOUT |
duke@435 | 10 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
duke@435 | 11 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
duke@435 | 12 | * version 2 for more details (a copy is included in the LICENSE file that |
duke@435 | 13 | * accompanied this code). |
duke@435 | 14 | * |
duke@435 | 15 | * You should have received a copy of the GNU General Public License version |
duke@435 | 16 | * 2 along with this work; if not, write to the Free Software Foundation, |
duke@435 | 17 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
duke@435 | 18 | * |
trims@1907 | 19 | * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
trims@1907 | 20 | * or visit www.oracle.com if you need additional information or have any |
trims@1907 | 21 | * questions. |
duke@435 | 22 | * |
duke@435 | 23 | */ |
duke@435 | 24 | |
duke@435 | 25 | class StackMapReader; |
duke@435 | 26 | |
duke@435 | 27 | // StackMapTable class is the StackMap table used by type checker |
duke@435 | 28 | class StackMapTable : public StackObj { |
duke@435 | 29 | private: |
duke@435 | 30 | // Logically, the _frame_count (as well as many fields in the StackFrame) |
duke@435 | 31 | // should be a u2, but if we defined the variable as that type it will |
duke@435 | 32 | // be difficult to detect/recover from overflow or underflow conditions. |
duke@435 | 33 | // Widening the type and making it signed will help detect these. |
duke@435 | 34 | int32_t _code_length; |
duke@435 | 35 | int32_t _frame_count; // Stackmap frame count |
duke@435 | 36 | StackMapFrame** _frame_array; |
duke@435 | 37 | |
duke@435 | 38 | public: |
duke@435 | 39 | StackMapTable(StackMapReader* reader, StackMapFrame* init_frame, |
duke@435 | 40 | u2 max_locals, u2 max_stack, |
duke@435 | 41 | char* code_data, int code_len, TRAPS); |
duke@435 | 42 | |
duke@435 | 43 | inline int32_t get_frame_count() const { return _frame_count; } |
duke@435 | 44 | inline int get_offset(int index) const { |
duke@435 | 45 | return _frame_array[index]->offset(); |
duke@435 | 46 | } |
duke@435 | 47 | |
duke@435 | 48 | // Match and/or update current_frame to the frame in stackmap table with |
duke@435 | 49 | // specified offset. Return true if the two frames match. |
duke@435 | 50 | bool match_stackmap( |
duke@435 | 51 | StackMapFrame* current_frame, int32_t offset, |
duke@435 | 52 | bool match, bool update, TRAPS) const; |
duke@435 | 53 | // Match and/or update current_frame to the frame in stackmap table with |
duke@435 | 54 | // specified offset and frame index. Return true if the two frames match. |
duke@435 | 55 | bool match_stackmap( |
duke@435 | 56 | StackMapFrame* current_frame, int32_t offset, int32_t frame_index, |
duke@435 | 57 | bool match, bool update, TRAPS) const; |
duke@435 | 58 | |
duke@435 | 59 | // Check jump instructions. Make sure there are no uninitialized |
duke@435 | 60 | // instances on backward branch. |
duke@435 | 61 | void check_jump_target(StackMapFrame* frame, int32_t target, TRAPS) const; |
duke@435 | 62 | |
duke@435 | 63 | // The following methods are only used inside this class. |
duke@435 | 64 | |
duke@435 | 65 | // Returns the frame array index where the frame with offset is stored. |
duke@435 | 66 | int get_index_from_offset(int32_t offset) const; |
duke@435 | 67 | |
duke@435 | 68 | // Make sure that there's no uninitialized object exist on backward branch. |
duke@435 | 69 | void check_new_object( |
duke@435 | 70 | const StackMapFrame* frame, int32_t target, TRAPS) const; |
duke@435 | 71 | |
duke@435 | 72 | // Debugging |
duke@435 | 73 | void print() const PRODUCT_RETURN; |
duke@435 | 74 | }; |
duke@435 | 75 | |
duke@435 | 76 | class StackMapStream : StackObj { |
duke@435 | 77 | private: |
duke@435 | 78 | typeArrayHandle _data; |
duke@435 | 79 | int _index; |
duke@435 | 80 | public: |
duke@435 | 81 | StackMapStream(typeArrayHandle ah) |
duke@435 | 82 | : _data(ah), _index(0) { |
duke@435 | 83 | } |
duke@435 | 84 | u1 get_u1(TRAPS) { |
duke@435 | 85 | if (_data == NULL || _index >= _data->length()) { |
duke@435 | 86 | stackmap_format_error("access beyond the end of attribute", CHECK_0); |
duke@435 | 87 | } |
duke@435 | 88 | return _data->byte_at(_index++); |
duke@435 | 89 | } |
duke@435 | 90 | u2 get_u2(TRAPS) { |
duke@435 | 91 | if (_data == NULL || _index >= _data->length() - 1) { |
duke@435 | 92 | stackmap_format_error("access beyond the end of attribute", CHECK_0); |
duke@435 | 93 | } |
duke@435 | 94 | u2 res = Bytes::get_Java_u2((u1*)_data->byte_at_addr(_index)); |
duke@435 | 95 | _index += 2; |
duke@435 | 96 | return res; |
duke@435 | 97 | } |
duke@435 | 98 | bool at_end() { |
duke@435 | 99 | return (_data == NULL) || (_index == _data->length()); |
duke@435 | 100 | } |
duke@435 | 101 | static void stackmap_format_error(const char* msg, TRAPS); |
duke@435 | 102 | }; |
duke@435 | 103 | |
duke@435 | 104 | class StackMapReader : StackObj { |
duke@435 | 105 | private: |
duke@435 | 106 | // information about the class and method |
duke@435 | 107 | constantPoolHandle _cp; |
duke@435 | 108 | ClassVerifier* _verifier; |
duke@435 | 109 | StackMapStream* _stream; |
duke@435 | 110 | char* _code_data; |
duke@435 | 111 | int32_t _code_length; |
duke@435 | 112 | |
duke@435 | 113 | // information get from the attribute |
duke@435 | 114 | int32_t _frame_count; // frame count |
duke@435 | 115 | |
duke@435 | 116 | int32_t chop(VerificationType* locals, int32_t length, int32_t chops); |
duke@435 | 117 | VerificationType parse_verification_type(u1* flags, TRAPS); |
duke@435 | 118 | void check_verification_type_array_size( |
duke@435 | 119 | int32_t size, int32_t max_size, TRAPS) { |
duke@435 | 120 | if (size < 0 || size > max_size) { |
duke@435 | 121 | // Since this error could be caused someone rewriting the method |
duke@435 | 122 | // but not knowing to update the stackmap data, we call the the |
duke@435 | 123 | // verifier's error method, which may not throw an exception and |
duke@435 | 124 | // failover to the old verifier instead. |
duke@435 | 125 | _verifier->class_format_error( |
duke@435 | 126 | "StackMapTable format error: bad type array size"); |
duke@435 | 127 | } |
duke@435 | 128 | } |
duke@435 | 129 | |
duke@435 | 130 | enum { |
duke@435 | 131 | SAME_LOCALS_1_STACK_ITEM_EXTENDED = 247, |
duke@435 | 132 | SAME_EXTENDED = 251, |
duke@435 | 133 | FULL = 255 |
duke@435 | 134 | }; |
duke@435 | 135 | |
duke@435 | 136 | public: |
duke@435 | 137 | // Constructor |
duke@435 | 138 | StackMapReader(ClassVerifier* v, StackMapStream* stream, char* code_data, |
duke@435 | 139 | int32_t code_len, TRAPS) : |
duke@435 | 140 | _verifier(v), _stream(stream), |
duke@435 | 141 | _code_data(code_data), _code_length(code_len) { |
duke@435 | 142 | methodHandle m = v->method(); |
duke@435 | 143 | if (m->has_stackmap_table()) { |
duke@435 | 144 | _cp = constantPoolHandle(THREAD, m->constants()); |
duke@435 | 145 | _frame_count = _stream->get_u2(CHECK); |
duke@435 | 146 | } else { |
duke@435 | 147 | // There's no stackmap table present. Frame count and size are 0. |
duke@435 | 148 | _frame_count = 0; |
duke@435 | 149 | } |
duke@435 | 150 | } |
duke@435 | 151 | |
duke@435 | 152 | inline int32_t get_frame_count() const { return _frame_count; } |
duke@435 | 153 | StackMapFrame* next(StackMapFrame* pre_frame, bool first, |
duke@435 | 154 | u2 max_locals, u2 max_stack, TRAPS); |
duke@435 | 155 | |
duke@435 | 156 | void check_end(TRAPS) { |
duke@435 | 157 | if (!_stream->at_end()) { |
duke@435 | 158 | StackMapStream::stackmap_format_error("wrong attribute size", CHECK); |
duke@435 | 159 | } |
duke@435 | 160 | } |
duke@435 | 161 | }; |