Tue, 07 Dec 2010 03:15:45 -0800
6539281: -Xcheck:jni should validate char* argument to ReleaseStringUTFChars
Summary: Tag allocated memory with a magic value and verify when releasing.
Reviewed-by: phh, stefank
1 /*
2 * Copyright (c) 1998, 2010, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 *
23 */
25 #include "precompiled.hpp"
26 #include "classfile/classFileStream.hpp"
27 #include "classfile/javaClasses.hpp"
28 #include "classfile/stackMapTable.hpp"
29 #include "classfile/systemDictionary.hpp"
30 #include "classfile/verifier.hpp"
31 #include "classfile/vmSymbols.hpp"
32 #include "interpreter/bytecodeStream.hpp"
33 #include "memory/oopFactory.hpp"
34 #include "memory/resourceArea.hpp"
35 #include "oops/instanceKlass.hpp"
36 #include "oops/oop.inline.hpp"
37 #include "oops/typeArrayOop.hpp"
38 #include "prims/jvm.h"
39 #include "runtime/fieldDescriptor.hpp"
40 #include "runtime/handles.inline.hpp"
41 #include "runtime/interfaceSupport.hpp"
42 #include "runtime/javaCalls.hpp"
43 #include "runtime/orderAccess.hpp"
44 #include "runtime/os.hpp"
45 #ifdef TARGET_ARCH_x86
46 # include "bytes_x86.hpp"
47 #endif
48 #ifdef TARGET_ARCH_sparc
49 # include "bytes_sparc.hpp"
50 #endif
51 #ifdef TARGET_ARCH_zero
52 # include "bytes_zero.hpp"
53 #endif
55 #define NOFAILOVER_MAJOR_VERSION 51
57 // Access to external entry for VerifyClassCodes - old byte code verifier
59 extern "C" {
60 typedef jboolean (*verify_byte_codes_fn_t)(JNIEnv *, jclass, char *, jint);
61 typedef jboolean (*verify_byte_codes_fn_new_t)(JNIEnv *, jclass, char *, jint, jint);
62 }
64 static void* volatile _verify_byte_codes_fn = NULL;
66 static volatile jint _is_new_verify_byte_codes_fn = (jint) true;
68 static void* verify_byte_codes_fn() {
69 if (_verify_byte_codes_fn == NULL) {
70 void *lib_handle = os::native_java_library();
71 void *func = os::dll_lookup(lib_handle, "VerifyClassCodesForMajorVersion");
72 OrderAccess::release_store_ptr(&_verify_byte_codes_fn, func);
73 if (func == NULL) {
74 OrderAccess::release_store(&_is_new_verify_byte_codes_fn, false);
75 func = os::dll_lookup(lib_handle, "VerifyClassCodes");
76 OrderAccess::release_store_ptr(&_verify_byte_codes_fn, func);
77 }
78 }
79 return (void*)_verify_byte_codes_fn;
80 }
83 // Methods in Verifier
85 bool Verifier::should_verify_for(oop class_loader, bool should_verify_class) {
86 return (class_loader == NULL || !should_verify_class) ?
87 BytecodeVerificationLocal : BytecodeVerificationRemote;
88 }
90 bool Verifier::relax_verify_for(oop loader) {
91 bool trusted = java_lang_ClassLoader::is_trusted_loader(loader);
92 bool need_verify =
93 // verifyAll
94 (BytecodeVerificationLocal && BytecodeVerificationRemote) ||
95 // verifyRemote
96 (!BytecodeVerificationLocal && BytecodeVerificationRemote && !trusted);
97 return !need_verify;
98 }
100 bool Verifier::verify(instanceKlassHandle klass, Verifier::Mode mode, bool should_verify_class, TRAPS) {
101 ResourceMark rm(THREAD);
102 HandleMark hm;
104 symbolHandle exception_name;
105 const size_t message_buffer_len = klass->name()->utf8_length() + 1024;
106 char* message_buffer = NEW_RESOURCE_ARRAY(char, message_buffer_len);
108 const char* klassName = klass->external_name();
110 // If the class should be verified, first see if we can use the split
111 // verifier. If not, or if verification fails and FailOverToOldVerifier
112 // is set, then call the inference verifier.
113 if (is_eligible_for_verification(klass, should_verify_class)) {
114 if (TraceClassInitialization) {
115 tty->print_cr("Start class verification for: %s", klassName);
116 }
117 if (UseSplitVerifier &&
118 klass->major_version() >= STACKMAP_ATTRIBUTE_MAJOR_VERSION) {
119 ClassVerifier split_verifier(
120 klass, message_buffer, message_buffer_len, THREAD);
121 split_verifier.verify_class(THREAD);
122 exception_name = split_verifier.result();
123 if (klass->major_version() < NOFAILOVER_MAJOR_VERSION &&
124 FailOverToOldVerifier && !HAS_PENDING_EXCEPTION &&
125 (exception_name == vmSymbols::java_lang_VerifyError() ||
126 exception_name == vmSymbols::java_lang_ClassFormatError())) {
127 if (TraceClassInitialization) {
128 tty->print_cr(
129 "Fail over class verification to old verifier for: %s", klassName);
130 }
131 exception_name = inference_verify(
132 klass, message_buffer, message_buffer_len, THREAD);
133 }
134 } else {
135 exception_name = inference_verify(
136 klass, message_buffer, message_buffer_len, THREAD);
137 }
139 if (TraceClassInitialization) {
140 if (HAS_PENDING_EXCEPTION) {
141 tty->print("Verification for %s has", klassName);
142 tty->print_cr(" exception pending %s ",
143 instanceKlass::cast(PENDING_EXCEPTION->klass())->external_name());
144 } else if (!exception_name.is_null()) {
145 tty->print_cr("Verification for %s failed", klassName);
146 }
147 tty->print_cr("End class verification for: %s", klassName);
148 }
149 }
151 if (HAS_PENDING_EXCEPTION) {
152 return false; // use the existing exception
153 } else if (exception_name.is_null()) {
154 return true; // verifcation succeeded
155 } else { // VerifyError or ClassFormatError to be created and thrown
156 ResourceMark rm(THREAD);
157 instanceKlassHandle kls =
158 SystemDictionary::resolve_or_fail(exception_name, true, CHECK_false);
159 while (!kls.is_null()) {
160 if (kls == klass) {
161 // If the class being verified is the exception we're creating
162 // or one of it's superclasses, we're in trouble and are going
163 // to infinitely recurse when we try to initialize the exception.
164 // So bail out here by throwing the preallocated VM error.
165 THROW_OOP_(Universe::virtual_machine_error_instance(), false);
166 }
167 kls = kls->super();
168 }
169 message_buffer[message_buffer_len - 1] = '\0'; // just to be sure
170 THROW_MSG_(exception_name, message_buffer, false);
171 }
172 }
174 bool Verifier::is_eligible_for_verification(instanceKlassHandle klass, bool should_verify_class) {
175 symbolOop name = klass->name();
176 klassOop refl_magic_klass = SystemDictionary::reflect_MagicAccessorImpl_klass();
178 return (should_verify_for(klass->class_loader(), should_verify_class) &&
179 // return if the class is a bootstrapping class
180 // or defineClass specified not to verify by default (flags override passed arg)
181 // We need to skip the following four for bootstraping
182 name != vmSymbols::java_lang_Object() &&
183 name != vmSymbols::java_lang_Class() &&
184 name != vmSymbols::java_lang_String() &&
185 name != vmSymbols::java_lang_Throwable() &&
187 // Can not verify the bytecodes for shared classes because they have
188 // already been rewritten to contain constant pool cache indices,
189 // which the verifier can't understand.
190 // Shared classes shouldn't have stackmaps either.
191 !klass()->is_shared() &&
193 // As of the fix for 4486457 we disable verification for all of the
194 // dynamically-generated bytecodes associated with the 1.4
195 // reflection implementation, not just those associated with
196 // sun/reflect/SerializationConstructorAccessor.
197 // NOTE: this is called too early in the bootstrapping process to be
198 // guarded by Universe::is_gte_jdk14x_version()/UseNewReflection.
199 (refl_magic_klass == NULL ||
200 !klass->is_subtype_of(refl_magic_klass) ||
201 VerifyReflectionBytecodes)
202 );
203 }
205 symbolHandle Verifier::inference_verify(
206 instanceKlassHandle klass, char* message, size_t message_len, TRAPS) {
207 JavaThread* thread = (JavaThread*)THREAD;
208 JNIEnv *env = thread->jni_environment();
210 void* verify_func = verify_byte_codes_fn();
212 if (verify_func == NULL) {
213 jio_snprintf(message, message_len, "Could not link verifier");
214 return vmSymbols::java_lang_VerifyError();
215 }
217 ResourceMark rm(THREAD);
218 if (ClassVerifier::_verify_verbose) {
219 tty->print_cr("Verifying class %s with old format", klass->external_name());
220 }
222 jclass cls = (jclass) JNIHandles::make_local(env, klass->java_mirror());
223 jint result;
225 {
226 HandleMark hm(thread);
227 ThreadToNativeFromVM ttn(thread);
228 // ThreadToNativeFromVM takes care of changing thread_state, so safepoint
229 // code knows that we have left the VM
231 if (_is_new_verify_byte_codes_fn) {
232 verify_byte_codes_fn_new_t func =
233 CAST_TO_FN_PTR(verify_byte_codes_fn_new_t, verify_func);
234 result = (*func)(env, cls, message, (int)message_len,
235 klass->major_version());
236 } else {
237 verify_byte_codes_fn_t func =
238 CAST_TO_FN_PTR(verify_byte_codes_fn_t, verify_func);
239 result = (*func)(env, cls, message, (int)message_len);
240 }
241 }
243 JNIHandles::destroy_local(cls);
245 // These numbers are chosen so that VerifyClassCodes interface doesn't need
246 // to be changed (still return jboolean (unsigned char)), and result is
247 // 1 when verification is passed.
248 symbolHandle nh(NULL);
249 if (result == 0) {
250 return vmSymbols::java_lang_VerifyError();
251 } else if (result == 1) {
252 return nh; // verified.
253 } else if (result == 2) {
254 THROW_MSG_(vmSymbols::java_lang_OutOfMemoryError(), message, nh);
255 } else if (result == 3) {
256 return vmSymbols::java_lang_ClassFormatError();
257 } else {
258 ShouldNotReachHere();
259 return nh;
260 }
261 }
263 // Methods in ClassVerifier
265 bool ClassVerifier::_verify_verbose = false;
267 ClassVerifier::ClassVerifier(
268 instanceKlassHandle klass, char* msg, size_t msg_len, TRAPS)
269 : _thread(THREAD), _exception_type(symbolHandle()), _message(msg),
270 _message_buffer_len(msg_len), _klass(klass) {
271 _this_type = VerificationType::reference_type(klass->name());
272 }
274 ClassVerifier::~ClassVerifier() {
275 }
277 VerificationType ClassVerifier::object_type() const {
278 return VerificationType::reference_type(vmSymbols::java_lang_Object());
279 }
281 void ClassVerifier::verify_class(TRAPS) {
282 if (_verify_verbose) {
283 tty->print_cr("Verifying class %s with new format",
284 _klass->external_name());
285 }
287 objArrayHandle methods(THREAD, _klass->methods());
288 int num_methods = methods->length();
290 for (int index = 0; index < num_methods; index++) {
291 // Check for recursive re-verification before each method.
292 if (was_recursively_verified()) return;
294 methodOop m = (methodOop)methods->obj_at(index);
295 if (m->is_native() || m->is_abstract()) {
296 // If m is native or abstract, skip it. It is checked in class file
297 // parser that methods do not override a final method.
298 continue;
299 }
300 verify_method(methodHandle(THREAD, m), CHECK_VERIFY(this));
301 }
303 if (_verify_verbose || TraceClassInitialization) {
304 if (was_recursively_verified())
305 tty->print_cr("Recursive verification detected for: %s",
306 _klass->external_name());
307 }
308 }
310 void ClassVerifier::verify_method(methodHandle m, TRAPS) {
311 ResourceMark rm(THREAD);
312 _method = m; // initialize _method
313 if (_verify_verbose) {
314 tty->print_cr("Verifying method %s", m->name_and_sig_as_C_string());
315 }
317 const char* bad_type_msg = "Bad type on operand stack in %s";
319 int32_t max_stack = m->max_stack();
320 int32_t max_locals = m->max_locals();
321 constantPoolHandle cp(THREAD, m->constants());
323 if (!SignatureVerifier::is_valid_method_signature(m->signature())) {
324 class_format_error("Invalid method signature");
325 return;
326 }
328 // Initial stack map frame: offset is 0, stack is initially empty.
329 StackMapFrame current_frame(max_locals, max_stack, this);
330 // Set initial locals
331 VerificationType return_type = current_frame.set_locals_from_arg(
332 m, current_type(), CHECK_VERIFY(this));
334 int32_t stackmap_index = 0; // index to the stackmap array
336 u4 code_length = m->code_size();
338 // Scan the bytecode and map each instruction's start offset to a number.
339 char* code_data = generate_code_data(m, code_length, CHECK_VERIFY(this));
341 int ex_min = code_length;
342 int ex_max = -1;
343 // Look through each item on the exception table. Each of the fields must refer
344 // to a legal instruction.
345 verify_exception_handler_table(
346 code_length, code_data, ex_min, ex_max, CHECK_VERIFY(this));
348 // Look through each entry on the local variable table and make sure
349 // its range of code array offsets is valid. (4169817)
350 if (m->has_localvariable_table()) {
351 verify_local_variable_table(code_length, code_data, CHECK_VERIFY(this));
352 }
354 typeArrayHandle stackmap_data(THREAD, m->stackmap_data());
355 StackMapStream stream(stackmap_data);
356 StackMapReader reader(this, &stream, code_data, code_length, THREAD);
357 StackMapTable stackmap_table(&reader, ¤t_frame, max_locals, max_stack,
358 code_data, code_length, CHECK_VERIFY(this));
360 if (_verify_verbose) {
361 stackmap_table.print();
362 }
364 RawBytecodeStream bcs(m);
366 // Scan the byte code linearly from the start to the end
367 bool no_control_flow = false; // Set to true when there is no direct control
368 // flow from current instruction to the next
369 // instruction in sequence
370 Bytecodes::Code opcode;
371 while (!bcs.is_last_bytecode()) {
372 // Check for recursive re-verification before each bytecode.
373 if (was_recursively_verified()) return;
375 opcode = bcs.raw_next();
376 u2 bci = bcs.bci();
378 // Set current frame's offset to bci
379 current_frame.set_offset(bci);
381 // Make sure every offset in stackmap table point to the beginning to
382 // an instruction. Match current_frame to stackmap_table entry with
383 // the same offset if exists.
384 stackmap_index = verify_stackmap_table(
385 stackmap_index, bci, ¤t_frame, &stackmap_table,
386 no_control_flow, CHECK_VERIFY(this));
388 bool this_uninit = false; // Set to true when invokespecial <init> initialized 'this'
390 // Merge with the next instruction
391 {
392 u2 index;
393 int target;
394 VerificationType type, type2;
395 VerificationType atype;
397 #ifndef PRODUCT
398 if (_verify_verbose) {
399 current_frame.print();
400 tty->print_cr("offset = %d, opcode = %s", bci, Bytecodes::name(opcode));
401 }
402 #endif
404 // Make sure wide instruction is in correct format
405 if (bcs.is_wide()) {
406 if (opcode != Bytecodes::_iinc && opcode != Bytecodes::_iload &&
407 opcode != Bytecodes::_aload && opcode != Bytecodes::_lload &&
408 opcode != Bytecodes::_istore && opcode != Bytecodes::_astore &&
409 opcode != Bytecodes::_lstore && opcode != Bytecodes::_fload &&
410 opcode != Bytecodes::_dload && opcode != Bytecodes::_fstore &&
411 opcode != Bytecodes::_dstore) {
412 verify_error(bci, "Bad wide instruction");
413 return;
414 }
415 }
417 switch (opcode) {
418 case Bytecodes::_nop :
419 no_control_flow = false; break;
420 case Bytecodes::_aconst_null :
421 current_frame.push_stack(
422 VerificationType::null_type(), CHECK_VERIFY(this));
423 no_control_flow = false; break;
424 case Bytecodes::_iconst_m1 :
425 case Bytecodes::_iconst_0 :
426 case Bytecodes::_iconst_1 :
427 case Bytecodes::_iconst_2 :
428 case Bytecodes::_iconst_3 :
429 case Bytecodes::_iconst_4 :
430 case Bytecodes::_iconst_5 :
431 current_frame.push_stack(
432 VerificationType::integer_type(), CHECK_VERIFY(this));
433 no_control_flow = false; break;
434 case Bytecodes::_lconst_0 :
435 case Bytecodes::_lconst_1 :
436 current_frame.push_stack_2(
437 VerificationType::long_type(),
438 VerificationType::long2_type(), CHECK_VERIFY(this));
439 no_control_flow = false; break;
440 case Bytecodes::_fconst_0 :
441 case Bytecodes::_fconst_1 :
442 case Bytecodes::_fconst_2 :
443 current_frame.push_stack(
444 VerificationType::float_type(), CHECK_VERIFY(this));
445 no_control_flow = false; break;
446 case Bytecodes::_dconst_0 :
447 case Bytecodes::_dconst_1 :
448 current_frame.push_stack_2(
449 VerificationType::double_type(),
450 VerificationType::double2_type(), CHECK_VERIFY(this));
451 no_control_flow = false; break;
452 case Bytecodes::_sipush :
453 case Bytecodes::_bipush :
454 current_frame.push_stack(
455 VerificationType::integer_type(), CHECK_VERIFY(this));
456 no_control_flow = false; break;
457 case Bytecodes::_ldc :
458 verify_ldc(
459 opcode, bcs.get_index_u1(), ¤t_frame,
460 cp, bci, CHECK_VERIFY(this));
461 no_control_flow = false; break;
462 case Bytecodes::_ldc_w :
463 case Bytecodes::_ldc2_w :
464 verify_ldc(
465 opcode, bcs.get_index_u2(), ¤t_frame,
466 cp, bci, CHECK_VERIFY(this));
467 no_control_flow = false; break;
468 case Bytecodes::_iload :
469 verify_iload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
470 no_control_flow = false; break;
471 case Bytecodes::_iload_0 :
472 case Bytecodes::_iload_1 :
473 case Bytecodes::_iload_2 :
474 case Bytecodes::_iload_3 :
475 index = opcode - Bytecodes::_iload_0;
476 verify_iload(index, ¤t_frame, CHECK_VERIFY(this));
477 no_control_flow = false; break;
478 case Bytecodes::_lload :
479 verify_lload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
480 no_control_flow = false; break;
481 case Bytecodes::_lload_0 :
482 case Bytecodes::_lload_1 :
483 case Bytecodes::_lload_2 :
484 case Bytecodes::_lload_3 :
485 index = opcode - Bytecodes::_lload_0;
486 verify_lload(index, ¤t_frame, CHECK_VERIFY(this));
487 no_control_flow = false; break;
488 case Bytecodes::_fload :
489 verify_fload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
490 no_control_flow = false; break;
491 case Bytecodes::_fload_0 :
492 case Bytecodes::_fload_1 :
493 case Bytecodes::_fload_2 :
494 case Bytecodes::_fload_3 :
495 index = opcode - Bytecodes::_fload_0;
496 verify_fload(index, ¤t_frame, CHECK_VERIFY(this));
497 no_control_flow = false; break;
498 case Bytecodes::_dload :
499 verify_dload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
500 no_control_flow = false; break;
501 case Bytecodes::_dload_0 :
502 case Bytecodes::_dload_1 :
503 case Bytecodes::_dload_2 :
504 case Bytecodes::_dload_3 :
505 index = opcode - Bytecodes::_dload_0;
506 verify_dload(index, ¤t_frame, CHECK_VERIFY(this));
507 no_control_flow = false; break;
508 case Bytecodes::_aload :
509 verify_aload(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
510 no_control_flow = false; break;
511 case Bytecodes::_aload_0 :
512 case Bytecodes::_aload_1 :
513 case Bytecodes::_aload_2 :
514 case Bytecodes::_aload_3 :
515 index = opcode - Bytecodes::_aload_0;
516 verify_aload(index, ¤t_frame, CHECK_VERIFY(this));
517 no_control_flow = false; break;
518 case Bytecodes::_iaload :
519 type = current_frame.pop_stack(
520 VerificationType::integer_type(), CHECK_VERIFY(this));
521 atype = current_frame.pop_stack(
522 VerificationType::reference_check(), CHECK_VERIFY(this));
523 if (!atype.is_int_array()) {
524 verify_error(bci, bad_type_msg, "iaload");
525 return;
526 }
527 current_frame.push_stack(
528 VerificationType::integer_type(), CHECK_VERIFY(this));
529 no_control_flow = false; break;
530 case Bytecodes::_baload :
531 type = current_frame.pop_stack(
532 VerificationType::integer_type(), CHECK_VERIFY(this));
533 atype = current_frame.pop_stack(
534 VerificationType::reference_check(), CHECK_VERIFY(this));
535 if (!atype.is_bool_array() && !atype.is_byte_array()) {
536 verify_error(bci, bad_type_msg, "baload");
537 return;
538 }
539 current_frame.push_stack(
540 VerificationType::integer_type(), CHECK_VERIFY(this));
541 no_control_flow = false; break;
542 case Bytecodes::_caload :
543 type = current_frame.pop_stack(
544 VerificationType::integer_type(), CHECK_VERIFY(this));
545 atype = current_frame.pop_stack(
546 VerificationType::reference_check(), CHECK_VERIFY(this));
547 if (!atype.is_char_array()) {
548 verify_error(bci, bad_type_msg, "caload");
549 return;
550 }
551 current_frame.push_stack(
552 VerificationType::integer_type(), CHECK_VERIFY(this));
553 no_control_flow = false; break;
554 case Bytecodes::_saload :
555 type = current_frame.pop_stack(
556 VerificationType::integer_type(), CHECK_VERIFY(this));
557 atype = current_frame.pop_stack(
558 VerificationType::reference_check(), CHECK_VERIFY(this));
559 if (!atype.is_short_array()) {
560 verify_error(bci, bad_type_msg, "saload");
561 return;
562 }
563 current_frame.push_stack(
564 VerificationType::integer_type(), CHECK_VERIFY(this));
565 no_control_flow = false; break;
566 case Bytecodes::_laload :
567 type = current_frame.pop_stack(
568 VerificationType::integer_type(), CHECK_VERIFY(this));
569 atype = current_frame.pop_stack(
570 VerificationType::reference_check(), CHECK_VERIFY(this));
571 if (!atype.is_long_array()) {
572 verify_error(bci, bad_type_msg, "laload");
573 return;
574 }
575 current_frame.push_stack_2(
576 VerificationType::long_type(),
577 VerificationType::long2_type(), CHECK_VERIFY(this));
578 no_control_flow = false; break;
579 case Bytecodes::_faload :
580 type = current_frame.pop_stack(
581 VerificationType::integer_type(), CHECK_VERIFY(this));
582 atype = current_frame.pop_stack(
583 VerificationType::reference_check(), CHECK_VERIFY(this));
584 if (!atype.is_float_array()) {
585 verify_error(bci, bad_type_msg, "faload");
586 return;
587 }
588 current_frame.push_stack(
589 VerificationType::float_type(), CHECK_VERIFY(this));
590 no_control_flow = false; break;
591 case Bytecodes::_daload :
592 type = current_frame.pop_stack(
593 VerificationType::integer_type(), CHECK_VERIFY(this));
594 atype = current_frame.pop_stack(
595 VerificationType::reference_check(), CHECK_VERIFY(this));
596 if (!atype.is_double_array()) {
597 verify_error(bci, bad_type_msg, "daload");
598 return;
599 }
600 current_frame.push_stack_2(
601 VerificationType::double_type(),
602 VerificationType::double2_type(), CHECK_VERIFY(this));
603 no_control_flow = false; break;
604 case Bytecodes::_aaload : {
605 type = current_frame.pop_stack(
606 VerificationType::integer_type(), CHECK_VERIFY(this));
607 atype = current_frame.pop_stack(
608 VerificationType::reference_check(), CHECK_VERIFY(this));
609 if (!atype.is_reference_array()) {
610 verify_error(bci, bad_type_msg, "aaload");
611 return;
612 }
613 if (atype.is_null()) {
614 current_frame.push_stack(
615 VerificationType::null_type(), CHECK_VERIFY(this));
616 } else {
617 VerificationType component =
618 atype.get_component(CHECK_VERIFY(this));
619 current_frame.push_stack(component, CHECK_VERIFY(this));
620 }
621 no_control_flow = false; break;
622 }
623 case Bytecodes::_istore :
624 verify_istore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
625 no_control_flow = false; break;
626 case Bytecodes::_istore_0 :
627 case Bytecodes::_istore_1 :
628 case Bytecodes::_istore_2 :
629 case Bytecodes::_istore_3 :
630 index = opcode - Bytecodes::_istore_0;
631 verify_istore(index, ¤t_frame, CHECK_VERIFY(this));
632 no_control_flow = false; break;
633 case Bytecodes::_lstore :
634 verify_lstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
635 no_control_flow = false; break;
636 case Bytecodes::_lstore_0 :
637 case Bytecodes::_lstore_1 :
638 case Bytecodes::_lstore_2 :
639 case Bytecodes::_lstore_3 :
640 index = opcode - Bytecodes::_lstore_0;
641 verify_lstore(index, ¤t_frame, CHECK_VERIFY(this));
642 no_control_flow = false; break;
643 case Bytecodes::_fstore :
644 verify_fstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
645 no_control_flow = false; break;
646 case Bytecodes::_fstore_0 :
647 case Bytecodes::_fstore_1 :
648 case Bytecodes::_fstore_2 :
649 case Bytecodes::_fstore_3 :
650 index = opcode - Bytecodes::_fstore_0;
651 verify_fstore(index, ¤t_frame, CHECK_VERIFY(this));
652 no_control_flow = false; break;
653 case Bytecodes::_dstore :
654 verify_dstore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
655 no_control_flow = false; break;
656 case Bytecodes::_dstore_0 :
657 case Bytecodes::_dstore_1 :
658 case Bytecodes::_dstore_2 :
659 case Bytecodes::_dstore_3 :
660 index = opcode - Bytecodes::_dstore_0;
661 verify_dstore(index, ¤t_frame, CHECK_VERIFY(this));
662 no_control_flow = false; break;
663 case Bytecodes::_astore :
664 verify_astore(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
665 no_control_flow = false; break;
666 case Bytecodes::_astore_0 :
667 case Bytecodes::_astore_1 :
668 case Bytecodes::_astore_2 :
669 case Bytecodes::_astore_3 :
670 index = opcode - Bytecodes::_astore_0;
671 verify_astore(index, ¤t_frame, CHECK_VERIFY(this));
672 no_control_flow = false; break;
673 case Bytecodes::_iastore :
674 type = current_frame.pop_stack(
675 VerificationType::integer_type(), CHECK_VERIFY(this));
676 type2 = current_frame.pop_stack(
677 VerificationType::integer_type(), CHECK_VERIFY(this));
678 atype = current_frame.pop_stack(
679 VerificationType::reference_check(), CHECK_VERIFY(this));
680 if (!atype.is_int_array()) {
681 verify_error(bci, bad_type_msg, "iastore");
682 return;
683 }
684 no_control_flow = false; break;
685 case Bytecodes::_bastore :
686 type = current_frame.pop_stack(
687 VerificationType::integer_type(), CHECK_VERIFY(this));
688 type2 = current_frame.pop_stack(
689 VerificationType::integer_type(), CHECK_VERIFY(this));
690 atype = current_frame.pop_stack(
691 VerificationType::reference_check(), CHECK_VERIFY(this));
692 if (!atype.is_bool_array() && !atype.is_byte_array()) {
693 verify_error(bci, bad_type_msg, "bastore");
694 return;
695 }
696 no_control_flow = false; break;
697 case Bytecodes::_castore :
698 current_frame.pop_stack(
699 VerificationType::integer_type(), CHECK_VERIFY(this));
700 current_frame.pop_stack(
701 VerificationType::integer_type(), CHECK_VERIFY(this));
702 atype = current_frame.pop_stack(
703 VerificationType::reference_check(), CHECK_VERIFY(this));
704 if (!atype.is_char_array()) {
705 verify_error(bci, bad_type_msg, "castore");
706 return;
707 }
708 no_control_flow = false; break;
709 case Bytecodes::_sastore :
710 current_frame.pop_stack(
711 VerificationType::integer_type(), CHECK_VERIFY(this));
712 current_frame.pop_stack(
713 VerificationType::integer_type(), CHECK_VERIFY(this));
714 atype = current_frame.pop_stack(
715 VerificationType::reference_check(), CHECK_VERIFY(this));
716 if (!atype.is_short_array()) {
717 verify_error(bci, bad_type_msg, "sastore");
718 return;
719 }
720 no_control_flow = false; break;
721 case Bytecodes::_lastore :
722 current_frame.pop_stack_2(
723 VerificationType::long2_type(),
724 VerificationType::long_type(), CHECK_VERIFY(this));
725 current_frame.pop_stack(
726 VerificationType::integer_type(), CHECK_VERIFY(this));
727 atype = current_frame.pop_stack(
728 VerificationType::reference_check(), CHECK_VERIFY(this));
729 if (!atype.is_long_array()) {
730 verify_error(bci, bad_type_msg, "lastore");
731 return;
732 }
733 no_control_flow = false; break;
734 case Bytecodes::_fastore :
735 current_frame.pop_stack(
736 VerificationType::float_type(), CHECK_VERIFY(this));
737 current_frame.pop_stack
738 (VerificationType::integer_type(), CHECK_VERIFY(this));
739 atype = current_frame.pop_stack(
740 VerificationType::reference_check(), CHECK_VERIFY(this));
741 if (!atype.is_float_array()) {
742 verify_error(bci, bad_type_msg, "fastore");
743 return;
744 }
745 no_control_flow = false; break;
746 case Bytecodes::_dastore :
747 current_frame.pop_stack_2(
748 VerificationType::double2_type(),
749 VerificationType::double_type(), CHECK_VERIFY(this));
750 current_frame.pop_stack(
751 VerificationType::integer_type(), CHECK_VERIFY(this));
752 atype = current_frame.pop_stack(
753 VerificationType::reference_check(), CHECK_VERIFY(this));
754 if (!atype.is_double_array()) {
755 verify_error(bci, bad_type_msg, "dastore");
756 return;
757 }
758 no_control_flow = false; break;
759 case Bytecodes::_aastore :
760 type = current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
761 type2 = current_frame.pop_stack(
762 VerificationType::integer_type(), CHECK_VERIFY(this));
763 atype = current_frame.pop_stack(
764 VerificationType::reference_check(), CHECK_VERIFY(this));
765 // more type-checking is done at runtime
766 if (!atype.is_reference_array()) {
767 verify_error(bci, bad_type_msg, "aastore");
768 return;
769 }
770 // 4938384: relaxed constraint in JVMS 3nd edition.
771 no_control_flow = false; break;
772 case Bytecodes::_pop :
773 current_frame.pop_stack(
774 VerificationType::category1_check(), CHECK_VERIFY(this));
775 no_control_flow = false; break;
776 case Bytecodes::_pop2 :
777 type = current_frame.pop_stack(CHECK_VERIFY(this));
778 if (type.is_category1()) {
779 current_frame.pop_stack(
780 VerificationType::category1_check(), CHECK_VERIFY(this));
781 } else if (type.is_category2_2nd()) {
782 current_frame.pop_stack(
783 VerificationType::category2_check(), CHECK_VERIFY(this));
784 } else {
785 verify_error(bci, bad_type_msg, "pop2");
786 return;
787 }
788 no_control_flow = false; break;
789 case Bytecodes::_dup :
790 type = current_frame.pop_stack(
791 VerificationType::category1_check(), CHECK_VERIFY(this));
792 current_frame.push_stack(type, CHECK_VERIFY(this));
793 current_frame.push_stack(type, CHECK_VERIFY(this));
794 no_control_flow = false; break;
795 case Bytecodes::_dup_x1 :
796 type = current_frame.pop_stack(
797 VerificationType::category1_check(), CHECK_VERIFY(this));
798 type2 = current_frame.pop_stack(
799 VerificationType::category1_check(), CHECK_VERIFY(this));
800 current_frame.push_stack(type, CHECK_VERIFY(this));
801 current_frame.push_stack(type2, CHECK_VERIFY(this));
802 current_frame.push_stack(type, CHECK_VERIFY(this));
803 no_control_flow = false; break;
804 case Bytecodes::_dup_x2 :
805 {
806 VerificationType type3;
807 type = current_frame.pop_stack(
808 VerificationType::category1_check(), CHECK_VERIFY(this));
809 type2 = current_frame.pop_stack(CHECK_VERIFY(this));
810 if (type2.is_category1()) {
811 type3 = current_frame.pop_stack(
812 VerificationType::category1_check(), CHECK_VERIFY(this));
813 } else if (type2.is_category2_2nd()) {
814 type3 = current_frame.pop_stack(
815 VerificationType::category2_check(), CHECK_VERIFY(this));
816 } else {
817 verify_error(bci, bad_type_msg, "dup_x2");
818 return;
819 }
820 current_frame.push_stack(type, CHECK_VERIFY(this));
821 current_frame.push_stack(type3, CHECK_VERIFY(this));
822 current_frame.push_stack(type2, CHECK_VERIFY(this));
823 current_frame.push_stack(type, CHECK_VERIFY(this));
824 no_control_flow = false; break;
825 }
826 case Bytecodes::_dup2 :
827 type = current_frame.pop_stack(CHECK_VERIFY(this));
828 if (type.is_category1()) {
829 type2 = current_frame.pop_stack(
830 VerificationType::category1_check(), CHECK_VERIFY(this));
831 } else if (type.is_category2_2nd()) {
832 type2 = current_frame.pop_stack(
833 VerificationType::category2_check(), CHECK_VERIFY(this));
834 } else {
835 verify_error(bci, bad_type_msg, "dup2");
836 return;
837 }
838 current_frame.push_stack(type2, CHECK_VERIFY(this));
839 current_frame.push_stack(type, CHECK_VERIFY(this));
840 current_frame.push_stack(type2, CHECK_VERIFY(this));
841 current_frame.push_stack(type, CHECK_VERIFY(this));
842 no_control_flow = false; break;
843 case Bytecodes::_dup2_x1 :
844 {
845 VerificationType type3;
846 type = current_frame.pop_stack(CHECK_VERIFY(this));
847 if (type.is_category1()) {
848 type2 = current_frame.pop_stack(
849 VerificationType::category1_check(), CHECK_VERIFY(this));
850 } else if(type.is_category2_2nd()) {
851 type2 = current_frame.pop_stack
852 (VerificationType::category2_check(), CHECK_VERIFY(this));
853 } else {
854 verify_error(bci, bad_type_msg, "dup2_x1");
855 return;
856 }
857 type3 = current_frame.pop_stack(
858 VerificationType::category1_check(), CHECK_VERIFY(this));
859 current_frame.push_stack(type2, CHECK_VERIFY(this));
860 current_frame.push_stack(type, CHECK_VERIFY(this));
861 current_frame.push_stack(type3, CHECK_VERIFY(this));
862 current_frame.push_stack(type2, CHECK_VERIFY(this));
863 current_frame.push_stack(type, CHECK_VERIFY(this));
864 no_control_flow = false; break;
865 }
866 case Bytecodes::_dup2_x2 :
867 {
868 VerificationType type3, type4;
869 type = current_frame.pop_stack(CHECK_VERIFY(this));
870 if (type.is_category1()) {
871 type2 = current_frame.pop_stack(
872 VerificationType::category1_check(), CHECK_VERIFY(this));
873 } else if (type.is_category2_2nd()) {
874 type2 = current_frame.pop_stack(
875 VerificationType::category2_check(), CHECK_VERIFY(this));
876 } else {
877 verify_error(bci, bad_type_msg, "dup2_x2");
878 return;
879 }
880 type3 = current_frame.pop_stack(CHECK_VERIFY(this));
881 if (type3.is_category1()) {
882 type4 = current_frame.pop_stack(
883 VerificationType::category1_check(), CHECK_VERIFY(this));
884 } else if (type3.is_category2_2nd()) {
885 type4 = current_frame.pop_stack(
886 VerificationType::category2_check(), CHECK_VERIFY(this));
887 } else {
888 verify_error(bci, bad_type_msg, "dup2_x2");
889 return;
890 }
891 current_frame.push_stack(type2, CHECK_VERIFY(this));
892 current_frame.push_stack(type, CHECK_VERIFY(this));
893 current_frame.push_stack(type4, CHECK_VERIFY(this));
894 current_frame.push_stack(type3, CHECK_VERIFY(this));
895 current_frame.push_stack(type2, CHECK_VERIFY(this));
896 current_frame.push_stack(type, CHECK_VERIFY(this));
897 no_control_flow = false; break;
898 }
899 case Bytecodes::_swap :
900 type = current_frame.pop_stack(
901 VerificationType::category1_check(), CHECK_VERIFY(this));
902 type2 = current_frame.pop_stack(
903 VerificationType::category1_check(), CHECK_VERIFY(this));
904 current_frame.push_stack(type, CHECK_VERIFY(this));
905 current_frame.push_stack(type2, CHECK_VERIFY(this));
906 no_control_flow = false; break;
907 case Bytecodes::_iadd :
908 case Bytecodes::_isub :
909 case Bytecodes::_imul :
910 case Bytecodes::_idiv :
911 case Bytecodes::_irem :
912 case Bytecodes::_ishl :
913 case Bytecodes::_ishr :
914 case Bytecodes::_iushr :
915 case Bytecodes::_ior :
916 case Bytecodes::_ixor :
917 case Bytecodes::_iand :
918 current_frame.pop_stack(
919 VerificationType::integer_type(), CHECK_VERIFY(this));
920 // fall through
921 case Bytecodes::_ineg :
922 current_frame.pop_stack(
923 VerificationType::integer_type(), CHECK_VERIFY(this));
924 current_frame.push_stack(
925 VerificationType::integer_type(), CHECK_VERIFY(this));
926 no_control_flow = false; break;
927 case Bytecodes::_ladd :
928 case Bytecodes::_lsub :
929 case Bytecodes::_lmul :
930 case Bytecodes::_ldiv :
931 case Bytecodes::_lrem :
932 case Bytecodes::_land :
933 case Bytecodes::_lor :
934 case Bytecodes::_lxor :
935 current_frame.pop_stack_2(
936 VerificationType::long2_type(),
937 VerificationType::long_type(), CHECK_VERIFY(this));
938 // fall through
939 case Bytecodes::_lneg :
940 current_frame.pop_stack_2(
941 VerificationType::long2_type(),
942 VerificationType::long_type(), CHECK_VERIFY(this));
943 current_frame.push_stack_2(
944 VerificationType::long_type(),
945 VerificationType::long2_type(), CHECK_VERIFY(this));
946 no_control_flow = false; break;
947 case Bytecodes::_lshl :
948 case Bytecodes::_lshr :
949 case Bytecodes::_lushr :
950 current_frame.pop_stack(
951 VerificationType::integer_type(), CHECK_VERIFY(this));
952 current_frame.pop_stack_2(
953 VerificationType::long2_type(),
954 VerificationType::long_type(), CHECK_VERIFY(this));
955 current_frame.push_stack_2(
956 VerificationType::long_type(),
957 VerificationType::long2_type(), CHECK_VERIFY(this));
958 no_control_flow = false; break;
959 case Bytecodes::_fadd :
960 case Bytecodes::_fsub :
961 case Bytecodes::_fmul :
962 case Bytecodes::_fdiv :
963 case Bytecodes::_frem :
964 current_frame.pop_stack(
965 VerificationType::float_type(), CHECK_VERIFY(this));
966 // fall through
967 case Bytecodes::_fneg :
968 current_frame.pop_stack(
969 VerificationType::float_type(), CHECK_VERIFY(this));
970 current_frame.push_stack(
971 VerificationType::float_type(), CHECK_VERIFY(this));
972 no_control_flow = false; break;
973 case Bytecodes::_dadd :
974 case Bytecodes::_dsub :
975 case Bytecodes::_dmul :
976 case Bytecodes::_ddiv :
977 case Bytecodes::_drem :
978 current_frame.pop_stack_2(
979 VerificationType::double2_type(),
980 VerificationType::double_type(), CHECK_VERIFY(this));
981 // fall through
982 case Bytecodes::_dneg :
983 current_frame.pop_stack_2(
984 VerificationType::double2_type(),
985 VerificationType::double_type(), CHECK_VERIFY(this));
986 current_frame.push_stack_2(
987 VerificationType::double_type(),
988 VerificationType::double2_type(), CHECK_VERIFY(this));
989 no_control_flow = false; break;
990 case Bytecodes::_iinc :
991 verify_iinc(bcs.get_index(), ¤t_frame, CHECK_VERIFY(this));
992 no_control_flow = false; break;
993 case Bytecodes::_i2l :
994 type = current_frame.pop_stack(
995 VerificationType::integer_type(), CHECK_VERIFY(this));
996 current_frame.push_stack_2(
997 VerificationType::long_type(),
998 VerificationType::long2_type(), CHECK_VERIFY(this));
999 no_control_flow = false; break;
1000 case Bytecodes::_l2i :
1001 current_frame.pop_stack_2(
1002 VerificationType::long2_type(),
1003 VerificationType::long_type(), CHECK_VERIFY(this));
1004 current_frame.push_stack(
1005 VerificationType::integer_type(), CHECK_VERIFY(this));
1006 no_control_flow = false; break;
1007 case Bytecodes::_i2f :
1008 current_frame.pop_stack(
1009 VerificationType::integer_type(), CHECK_VERIFY(this));
1010 current_frame.push_stack(
1011 VerificationType::float_type(), CHECK_VERIFY(this));
1012 no_control_flow = false; break;
1013 case Bytecodes::_i2d :
1014 current_frame.pop_stack(
1015 VerificationType::integer_type(), CHECK_VERIFY(this));
1016 current_frame.push_stack_2(
1017 VerificationType::double_type(),
1018 VerificationType::double2_type(), CHECK_VERIFY(this));
1019 no_control_flow = false; break;
1020 case Bytecodes::_l2f :
1021 current_frame.pop_stack_2(
1022 VerificationType::long2_type(),
1023 VerificationType::long_type(), CHECK_VERIFY(this));
1024 current_frame.push_stack(
1025 VerificationType::float_type(), CHECK_VERIFY(this));
1026 no_control_flow = false; break;
1027 case Bytecodes::_l2d :
1028 current_frame.pop_stack_2(
1029 VerificationType::long2_type(),
1030 VerificationType::long_type(), CHECK_VERIFY(this));
1031 current_frame.push_stack_2(
1032 VerificationType::double_type(),
1033 VerificationType::double2_type(), CHECK_VERIFY(this));
1034 no_control_flow = false; break;
1035 case Bytecodes::_f2i :
1036 current_frame.pop_stack(
1037 VerificationType::float_type(), CHECK_VERIFY(this));
1038 current_frame.push_stack(
1039 VerificationType::integer_type(), CHECK_VERIFY(this));
1040 no_control_flow = false; break;
1041 case Bytecodes::_f2l :
1042 current_frame.pop_stack(
1043 VerificationType::float_type(), CHECK_VERIFY(this));
1044 current_frame.push_stack_2(
1045 VerificationType::long_type(),
1046 VerificationType::long2_type(), CHECK_VERIFY(this));
1047 no_control_flow = false; break;
1048 case Bytecodes::_f2d :
1049 current_frame.pop_stack(
1050 VerificationType::float_type(), CHECK_VERIFY(this));
1051 current_frame.push_stack_2(
1052 VerificationType::double_type(),
1053 VerificationType::double2_type(), CHECK_VERIFY(this));
1054 no_control_flow = false; break;
1055 case Bytecodes::_d2i :
1056 current_frame.pop_stack_2(
1057 VerificationType::double2_type(),
1058 VerificationType::double_type(), CHECK_VERIFY(this));
1059 current_frame.push_stack(
1060 VerificationType::integer_type(), CHECK_VERIFY(this));
1061 no_control_flow = false; break;
1062 case Bytecodes::_d2l :
1063 current_frame.pop_stack_2(
1064 VerificationType::double2_type(),
1065 VerificationType::double_type(), CHECK_VERIFY(this));
1066 current_frame.push_stack_2(
1067 VerificationType::long_type(),
1068 VerificationType::long2_type(), CHECK_VERIFY(this));
1069 no_control_flow = false; break;
1070 case Bytecodes::_d2f :
1071 current_frame.pop_stack_2(
1072 VerificationType::double2_type(),
1073 VerificationType::double_type(), CHECK_VERIFY(this));
1074 current_frame.push_stack(
1075 VerificationType::float_type(), CHECK_VERIFY(this));
1076 no_control_flow = false; break;
1077 case Bytecodes::_i2b :
1078 case Bytecodes::_i2c :
1079 case Bytecodes::_i2s :
1080 current_frame.pop_stack(
1081 VerificationType::integer_type(), CHECK_VERIFY(this));
1082 current_frame.push_stack(
1083 VerificationType::integer_type(), CHECK_VERIFY(this));
1084 no_control_flow = false; break;
1085 case Bytecodes::_lcmp :
1086 current_frame.pop_stack_2(
1087 VerificationType::long2_type(),
1088 VerificationType::long_type(), CHECK_VERIFY(this));
1089 current_frame.pop_stack_2(
1090 VerificationType::long2_type(),
1091 VerificationType::long_type(), CHECK_VERIFY(this));
1092 current_frame.push_stack(
1093 VerificationType::integer_type(), CHECK_VERIFY(this));
1094 no_control_flow = false; break;
1095 case Bytecodes::_fcmpl :
1096 case Bytecodes::_fcmpg :
1097 current_frame.pop_stack(
1098 VerificationType::float_type(), CHECK_VERIFY(this));
1099 current_frame.pop_stack(
1100 VerificationType::float_type(), CHECK_VERIFY(this));
1101 current_frame.push_stack(
1102 VerificationType::integer_type(), CHECK_VERIFY(this));
1103 no_control_flow = false; break;
1104 case Bytecodes::_dcmpl :
1105 case Bytecodes::_dcmpg :
1106 current_frame.pop_stack_2(
1107 VerificationType::double2_type(),
1108 VerificationType::double_type(), CHECK_VERIFY(this));
1109 current_frame.pop_stack_2(
1110 VerificationType::double2_type(),
1111 VerificationType::double_type(), CHECK_VERIFY(this));
1112 current_frame.push_stack(
1113 VerificationType::integer_type(), CHECK_VERIFY(this));
1114 no_control_flow = false; break;
1115 case Bytecodes::_if_icmpeq:
1116 case Bytecodes::_if_icmpne:
1117 case Bytecodes::_if_icmplt:
1118 case Bytecodes::_if_icmpge:
1119 case Bytecodes::_if_icmpgt:
1120 case Bytecodes::_if_icmple:
1121 current_frame.pop_stack(
1122 VerificationType::integer_type(), CHECK_VERIFY(this));
1123 // fall through
1124 case Bytecodes::_ifeq:
1125 case Bytecodes::_ifne:
1126 case Bytecodes::_iflt:
1127 case Bytecodes::_ifge:
1128 case Bytecodes::_ifgt:
1129 case Bytecodes::_ifle:
1130 current_frame.pop_stack(
1131 VerificationType::integer_type(), CHECK_VERIFY(this));
1132 target = bcs.dest();
1133 stackmap_table.check_jump_target(
1134 ¤t_frame, target, CHECK_VERIFY(this));
1135 no_control_flow = false; break;
1136 case Bytecodes::_if_acmpeq :
1137 case Bytecodes::_if_acmpne :
1138 current_frame.pop_stack(
1139 VerificationType::reference_check(), CHECK_VERIFY(this));
1140 // fall through
1141 case Bytecodes::_ifnull :
1142 case Bytecodes::_ifnonnull :
1143 current_frame.pop_stack(
1144 VerificationType::reference_check(), CHECK_VERIFY(this));
1145 target = bcs.dest();
1146 stackmap_table.check_jump_target
1147 (¤t_frame, target, CHECK_VERIFY(this));
1148 no_control_flow = false; break;
1149 case Bytecodes::_goto :
1150 target = bcs.dest();
1151 stackmap_table.check_jump_target(
1152 ¤t_frame, target, CHECK_VERIFY(this));
1153 no_control_flow = true; break;
1154 case Bytecodes::_goto_w :
1155 target = bcs.dest_w();
1156 stackmap_table.check_jump_target(
1157 ¤t_frame, target, CHECK_VERIFY(this));
1158 no_control_flow = true; break;
1159 case Bytecodes::_tableswitch :
1160 case Bytecodes::_lookupswitch :
1161 verify_switch(
1162 &bcs, code_length, code_data, ¤t_frame,
1163 &stackmap_table, CHECK_VERIFY(this));
1164 no_control_flow = true; break;
1165 case Bytecodes::_ireturn :
1166 type = current_frame.pop_stack(
1167 VerificationType::integer_type(), CHECK_VERIFY(this));
1168 verify_return_value(return_type, type, bci, CHECK_VERIFY(this));
1169 no_control_flow = true; break;
1170 case Bytecodes::_lreturn :
1171 type2 = current_frame.pop_stack(
1172 VerificationType::long2_type(), CHECK_VERIFY(this));
1173 type = current_frame.pop_stack(
1174 VerificationType::long_type(), CHECK_VERIFY(this));
1175 verify_return_value(return_type, type, bci, CHECK_VERIFY(this));
1176 no_control_flow = true; break;
1177 case Bytecodes::_freturn :
1178 type = current_frame.pop_stack(
1179 VerificationType::float_type(), CHECK_VERIFY(this));
1180 verify_return_value(return_type, type, bci, CHECK_VERIFY(this));
1181 no_control_flow = true; break;
1182 case Bytecodes::_dreturn :
1183 type2 = current_frame.pop_stack(
1184 VerificationType::double2_type(), CHECK_VERIFY(this));
1185 type = current_frame.pop_stack(
1186 VerificationType::double_type(), CHECK_VERIFY(this));
1187 verify_return_value(return_type, type, bci, CHECK_VERIFY(this));
1188 no_control_flow = true; break;
1189 case Bytecodes::_areturn :
1190 type = current_frame.pop_stack(
1191 VerificationType::reference_check(), CHECK_VERIFY(this));
1192 verify_return_value(return_type, type, bci, CHECK_VERIFY(this));
1193 no_control_flow = true; break;
1194 case Bytecodes::_return :
1195 if (return_type != VerificationType::bogus_type()) {
1196 verify_error(bci, "Method expects no return value");
1197 return;
1198 }
1199 // Make sure "this" has been initialized if current method is an
1200 // <init>
1201 if (_method->name() == vmSymbols::object_initializer_name() &&
1202 current_frame.flag_this_uninit()) {
1203 verify_error(bci,
1204 "Constructor must call super() or this() before return");
1205 return;
1206 }
1207 no_control_flow = true; break;
1208 case Bytecodes::_getstatic :
1209 case Bytecodes::_putstatic :
1210 case Bytecodes::_getfield :
1211 case Bytecodes::_putfield :
1212 verify_field_instructions(
1213 &bcs, ¤t_frame, cp, CHECK_VERIFY(this));
1214 no_control_flow = false; break;
1215 case Bytecodes::_invokevirtual :
1216 case Bytecodes::_invokespecial :
1217 case Bytecodes::_invokestatic :
1218 verify_invoke_instructions(
1219 &bcs, code_length, ¤t_frame,
1220 &this_uninit, return_type, cp, CHECK_VERIFY(this));
1221 no_control_flow = false; break;
1222 case Bytecodes::_invokeinterface :
1223 case Bytecodes::_invokedynamic :
1224 verify_invoke_instructions(
1225 &bcs, code_length, ¤t_frame,
1226 &this_uninit, return_type, cp, CHECK_VERIFY(this));
1227 no_control_flow = false; break;
1228 case Bytecodes::_new :
1229 {
1230 index = bcs.get_index_u2();
1231 verify_cp_class_type(index, cp, CHECK_VERIFY(this));
1232 VerificationType new_class_type =
1233 cp_index_to_type(index, cp, CHECK_VERIFY(this));
1234 if (!new_class_type.is_object()) {
1235 verify_error(bci, "Illegal new instruction");
1236 return;
1237 }
1238 type = VerificationType::uninitialized_type(bci);
1239 current_frame.push_stack(type, CHECK_VERIFY(this));
1240 no_control_flow = false; break;
1241 }
1242 case Bytecodes::_newarray :
1243 type = get_newarray_type(bcs.get_index(), bci, CHECK_VERIFY(this));
1244 current_frame.pop_stack(
1245 VerificationType::integer_type(), CHECK_VERIFY(this));
1246 current_frame.push_stack(type, CHECK_VERIFY(this));
1247 no_control_flow = false; break;
1248 case Bytecodes::_anewarray :
1249 verify_anewarray(
1250 bcs.get_index_u2(), cp, ¤t_frame, CHECK_VERIFY(this));
1251 no_control_flow = false; break;
1252 case Bytecodes::_arraylength :
1253 type = current_frame.pop_stack(
1254 VerificationType::reference_check(), CHECK_VERIFY(this));
1255 if (!(type.is_null() || type.is_array())) {
1256 verify_error(bci, bad_type_msg, "arraylength");
1257 }
1258 current_frame.push_stack(
1259 VerificationType::integer_type(), CHECK_VERIFY(this));
1260 no_control_flow = false; break;
1261 case Bytecodes::_checkcast :
1262 {
1263 index = bcs.get_index_u2();
1264 verify_cp_class_type(index, cp, CHECK_VERIFY(this));
1265 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1266 VerificationType klass_type = cp_index_to_type(
1267 index, cp, CHECK_VERIFY(this));
1268 current_frame.push_stack(klass_type, CHECK_VERIFY(this));
1269 no_control_flow = false; break;
1270 }
1271 case Bytecodes::_instanceof : {
1272 index = bcs.get_index_u2();
1273 verify_cp_class_type(index, cp, CHECK_VERIFY(this));
1274 current_frame.pop_stack(object_type(), CHECK_VERIFY(this));
1275 current_frame.push_stack(
1276 VerificationType::integer_type(), CHECK_VERIFY(this));
1277 no_control_flow = false; break;
1278 }
1279 case Bytecodes::_monitorenter :
1280 case Bytecodes::_monitorexit :
1281 current_frame.pop_stack(
1282 VerificationType::reference_check(), CHECK_VERIFY(this));
1283 no_control_flow = false; break;
1284 case Bytecodes::_multianewarray :
1285 {
1286 index = bcs.get_index_u2();
1287 u2 dim = *(bcs.bcp()+3);
1288 verify_cp_class_type(index, cp, CHECK_VERIFY(this));
1289 VerificationType new_array_type =
1290 cp_index_to_type(index, cp, CHECK_VERIFY(this));
1291 if (!new_array_type.is_array()) {
1292 verify_error(bci,
1293 "Illegal constant pool index in multianewarray instruction");
1294 return;
1295 }
1296 if (dim < 1 || new_array_type.dimensions() < dim) {
1297 verify_error(bci,
1298 "Illegal dimension in multianewarray instruction");
1299 return;
1300 }
1301 for (int i = 0; i < dim; i++) {
1302 current_frame.pop_stack(
1303 VerificationType::integer_type(), CHECK_VERIFY(this));
1304 }
1305 current_frame.push_stack(new_array_type, CHECK_VERIFY(this));
1306 no_control_flow = false; break;
1307 }
1308 case Bytecodes::_athrow :
1309 type = VerificationType::reference_type(
1310 vmSymbols::java_lang_Throwable());
1311 current_frame.pop_stack(type, CHECK_VERIFY(this));
1312 no_control_flow = true; break;
1313 default:
1314 // We only need to check the valid bytecodes in class file.
1315 // And jsr and ret are not in the new class file format in JDK1.5.
1316 verify_error(bci, "Bad instruction");
1317 no_control_flow = false;
1318 return;
1319 } // end switch
1320 } // end Merge with the next instruction
1322 // Look for possible jump target in exception handlers and see if it
1323 // matches current_frame
1324 if (bci >= ex_min && bci < ex_max) {
1325 verify_exception_handler_targets(
1326 bci, this_uninit, ¤t_frame, &stackmap_table, CHECK_VERIFY(this));
1327 }
1328 } // end while
1330 // Make sure that control flow does not fall through end of the method
1331 if (!no_control_flow) {
1332 verify_error(code_length, "Control flow falls through code end");
1333 return;
1334 }
1335 }
1337 char* ClassVerifier::generate_code_data(methodHandle m, u4 code_length, TRAPS) {
1338 char* code_data = NEW_RESOURCE_ARRAY(char, code_length);
1339 memset(code_data, 0, sizeof(char) * code_length);
1340 RawBytecodeStream bcs(m);
1342 while (!bcs.is_last_bytecode()) {
1343 if (bcs.raw_next() != Bytecodes::_illegal) {
1344 int bci = bcs.bci();
1345 if (bcs.raw_code() == Bytecodes::_new) {
1346 code_data[bci] = NEW_OFFSET;
1347 } else {
1348 code_data[bci] = BYTECODE_OFFSET;
1349 }
1350 } else {
1351 verify_error(bcs.bci(), "Bad instruction");
1352 return NULL;
1353 }
1354 }
1356 return code_data;
1357 }
1359 void ClassVerifier::verify_exception_handler_table(u4 code_length, char* code_data, int& min, int& max, TRAPS) {
1360 typeArrayHandle exhandlers (THREAD, _method->exception_table());
1361 constantPoolHandle cp (THREAD, _method->constants());
1363 if (exhandlers() != NULL) {
1364 for(int i = 0; i < exhandlers->length();) {
1365 u2 start_pc = exhandlers->int_at(i++);
1366 u2 end_pc = exhandlers->int_at(i++);
1367 u2 handler_pc = exhandlers->int_at(i++);
1368 if (start_pc >= code_length || code_data[start_pc] == 0) {
1369 class_format_error("Illegal exception table start_pc %d", start_pc);
1370 return;
1371 }
1372 if (end_pc != code_length) { // special case: end_pc == code_length
1373 if (end_pc > code_length || code_data[end_pc] == 0) {
1374 class_format_error("Illegal exception table end_pc %d", end_pc);
1375 return;
1376 }
1377 }
1378 if (handler_pc >= code_length || code_data[handler_pc] == 0) {
1379 class_format_error("Illegal exception table handler_pc %d", handler_pc);
1380 return;
1381 }
1382 int catch_type_index = exhandlers->int_at(i++);
1383 if (catch_type_index != 0) {
1384 VerificationType catch_type = cp_index_to_type(
1385 catch_type_index, cp, CHECK_VERIFY(this));
1386 VerificationType throwable =
1387 VerificationType::reference_type(vmSymbols::java_lang_Throwable());
1388 bool is_subclass = throwable.is_assignable_from(
1389 catch_type, current_class(), CHECK_VERIFY(this));
1390 if (!is_subclass) {
1391 // 4286534: should throw VerifyError according to recent spec change
1392 verify_error(
1393 "Catch type is not a subclass of Throwable in handler %d",
1394 handler_pc);
1395 return;
1396 }
1397 }
1398 if (start_pc < min) min = start_pc;
1399 if (end_pc > max) max = end_pc;
1400 }
1401 }
1402 }
1404 void ClassVerifier::verify_local_variable_table(u4 code_length, char* code_data, TRAPS) {
1405 int localvariable_table_length = _method()->localvariable_table_length();
1406 if (localvariable_table_length > 0) {
1407 LocalVariableTableElement* table = _method()->localvariable_table_start();
1408 for (int i = 0; i < localvariable_table_length; i++) {
1409 u2 start_bci = table[i].start_bci;
1410 u2 length = table[i].length;
1412 if (start_bci >= code_length || code_data[start_bci] == 0) {
1413 class_format_error(
1414 "Illegal local variable table start_pc %d", start_bci);
1415 return;
1416 }
1417 u4 end_bci = (u4)(start_bci + length);
1418 if (end_bci != code_length) {
1419 if (end_bci >= code_length || code_data[end_bci] == 0) {
1420 class_format_error( "Illegal local variable table length %d", length);
1421 return;
1422 }
1423 }
1424 }
1425 }
1426 }
1428 u2 ClassVerifier::verify_stackmap_table(u2 stackmap_index, u2 bci,
1429 StackMapFrame* current_frame,
1430 StackMapTable* stackmap_table,
1431 bool no_control_flow, TRAPS) {
1432 if (stackmap_index < stackmap_table->get_frame_count()) {
1433 u2 this_offset = stackmap_table->get_offset(stackmap_index);
1434 if (no_control_flow && this_offset > bci) {
1435 verify_error(bci, "Expecting a stack map frame");
1436 return 0;
1437 }
1438 if (this_offset == bci) {
1439 // See if current stack map can be assigned to the frame in table.
1440 // current_frame is the stackmap frame got from the last instruction.
1441 // If matched, current_frame will be updated by this method.
1442 bool match = stackmap_table->match_stackmap(
1443 current_frame, this_offset, stackmap_index,
1444 !no_control_flow, true, CHECK_VERIFY_(this, 0));
1445 if (!match) {
1446 // report type error
1447 verify_error(bci, "Instruction type does not match stack map");
1448 return 0;
1449 }
1450 stackmap_index++;
1451 } else if (this_offset < bci) {
1452 // current_offset should have met this_offset.
1453 class_format_error("Bad stack map offset %d", this_offset);
1454 return 0;
1455 }
1456 } else if (no_control_flow) {
1457 verify_error(bci, "Expecting a stack map frame");
1458 return 0;
1459 }
1460 return stackmap_index;
1461 }
1463 void ClassVerifier::verify_exception_handler_targets(u2 bci, bool this_uninit, StackMapFrame* current_frame,
1464 StackMapTable* stackmap_table, TRAPS) {
1465 constantPoolHandle cp (THREAD, _method->constants());
1466 typeArrayHandle exhandlers (THREAD, _method->exception_table());
1467 if (exhandlers() != NULL) {
1468 for(int i = 0; i < exhandlers->length();) {
1469 u2 start_pc = exhandlers->int_at(i++);
1470 u2 end_pc = exhandlers->int_at(i++);
1471 u2 handler_pc = exhandlers->int_at(i++);
1472 int catch_type_index = exhandlers->int_at(i++);
1473 if(bci >= start_pc && bci < end_pc) {
1474 u1 flags = current_frame->flags();
1475 if (this_uninit) { flags |= FLAG_THIS_UNINIT; }
1477 ResourceMark rm(THREAD);
1478 StackMapFrame* new_frame = current_frame->frame_in_exception_handler(flags);
1479 if (catch_type_index != 0) {
1480 // We know that this index refers to a subclass of Throwable
1481 VerificationType catch_type = cp_index_to_type(
1482 catch_type_index, cp, CHECK_VERIFY(this));
1483 new_frame->push_stack(catch_type, CHECK_VERIFY(this));
1484 } else {
1485 VerificationType throwable =
1486 VerificationType::reference_type(vmSymbols::java_lang_Throwable());
1487 new_frame->push_stack(throwable, CHECK_VERIFY(this));
1488 }
1489 bool match = stackmap_table->match_stackmap(
1490 new_frame, handler_pc, true, false, CHECK_VERIFY(this));
1491 if (!match) {
1492 verify_error(bci,
1493 "Stack map does not match the one at exception handler %d",
1494 handler_pc);
1495 return;
1496 }
1497 }
1498 }
1499 }
1500 }
1502 void ClassVerifier::verify_cp_index(constantPoolHandle cp, int index, TRAPS) {
1503 int nconstants = cp->length();
1504 if ((index <= 0) || (index >= nconstants)) {
1505 verify_error("Illegal constant pool index %d in class %s",
1506 index, instanceKlass::cast(cp->pool_holder())->external_name());
1507 return;
1508 }
1509 }
1511 void ClassVerifier::verify_cp_type(
1512 int index, constantPoolHandle cp, unsigned int types, TRAPS) {
1514 // In some situations, bytecode rewriting may occur while we're verifying.
1515 // In this case, a constant pool cache exists and some indices refer to that
1516 // instead. Be sure we don't pick up such indices by accident.
1517 // We must check was_recursively_verified() before we get here.
1518 guarantee(cp->cache() == NULL, "not rewritten yet");
1520 verify_cp_index(cp, index, CHECK_VERIFY(this));
1521 unsigned int tag = cp->tag_at(index).value();
1522 if ((types & (1 << tag)) == 0) {
1523 verify_error(
1524 "Illegal type at constant pool entry %d in class %s",
1525 index, instanceKlass::cast(cp->pool_holder())->external_name());
1526 return;
1527 }
1528 }
1530 void ClassVerifier::verify_cp_class_type(
1531 int index, constantPoolHandle cp, TRAPS) {
1532 verify_cp_index(cp, index, CHECK_VERIFY(this));
1533 constantTag tag = cp->tag_at(index);
1534 if (!tag.is_klass() && !tag.is_unresolved_klass()) {
1535 verify_error("Illegal type at constant pool entry %d in class %s",
1536 index, instanceKlass::cast(cp->pool_holder())->external_name());
1537 return;
1538 }
1539 }
1541 void ClassVerifier::format_error_message(
1542 const char* fmt, int offset, va_list va) {
1543 ResourceMark rm(_thread);
1544 stringStream message(_message, _message_buffer_len);
1545 message.vprint(fmt, va);
1546 if (!_method.is_null()) {
1547 message.print(" in method %s", _method->name_and_sig_as_C_string());
1548 }
1549 if (offset != -1) {
1550 message.print(" at offset %d", offset);
1551 }
1552 }
1554 void ClassVerifier::verify_error(u2 offset, const char* fmt, ...) {
1555 _exception_type = vmSymbols::java_lang_VerifyError();
1556 va_list va;
1557 va_start(va, fmt);
1558 format_error_message(fmt, offset, va);
1559 va_end(va);
1560 }
1562 void ClassVerifier::verify_error(const char* fmt, ...) {
1563 _exception_type = vmSymbols::java_lang_VerifyError();
1564 va_list va;
1565 va_start(va, fmt);
1566 format_error_message(fmt, -1, va);
1567 va_end(va);
1568 }
1570 void ClassVerifier::class_format_error(const char* msg, ...) {
1571 _exception_type = vmSymbols::java_lang_ClassFormatError();
1572 va_list va;
1573 va_start(va, msg);
1574 format_error_message(msg, -1, va);
1575 va_end(va);
1576 }
1578 klassOop ClassVerifier::load_class(symbolHandle name, TRAPS) {
1579 // Get current loader and protection domain first.
1580 oop loader = current_class()->class_loader();
1581 oop protection_domain = current_class()->protection_domain();
1583 return SystemDictionary::resolve_or_fail(
1584 name, Handle(THREAD, loader), Handle(THREAD, protection_domain),
1585 true, CHECK_NULL);
1586 }
1588 bool ClassVerifier::is_protected_access(instanceKlassHandle this_class,
1589 klassOop target_class,
1590 symbolOop field_name,
1591 symbolOop field_sig,
1592 bool is_method) {
1593 No_Safepoint_Verifier nosafepoint;
1595 // If target class isn't a super class of this class, we don't worry about this case
1596 if (!this_class->is_subclass_of(target_class)) {
1597 return false;
1598 }
1599 // Check if the specified method or field is protected
1600 instanceKlass* target_instance = instanceKlass::cast(target_class);
1601 fieldDescriptor fd;
1602 if (is_method) {
1603 methodOop m = target_instance->uncached_lookup_method(field_name, field_sig);
1604 if (m != NULL && m->is_protected()) {
1605 if (!this_class->is_same_class_package(m->method_holder())) {
1606 return true;
1607 }
1608 }
1609 } else {
1610 klassOop member_klass = target_instance->find_field(field_name, field_sig, &fd);
1611 if(member_klass != NULL && fd.is_protected()) {
1612 if (!this_class->is_same_class_package(member_klass)) {
1613 return true;
1614 }
1615 }
1616 }
1617 return false;
1618 }
1620 void ClassVerifier::verify_ldc(
1621 int opcode, u2 index, StackMapFrame *current_frame,
1622 constantPoolHandle cp, u2 bci, TRAPS) {
1623 verify_cp_index(cp, index, CHECK_VERIFY(this));
1624 constantTag tag = cp->tag_at(index);
1625 unsigned int types;
1626 if (opcode == Bytecodes::_ldc || opcode == Bytecodes::_ldc_w) {
1627 if (!tag.is_unresolved_string() && !tag.is_unresolved_klass()) {
1628 types = (1 << JVM_CONSTANT_Integer) | (1 << JVM_CONSTANT_Float)
1629 | (1 << JVM_CONSTANT_String) | (1 << JVM_CONSTANT_Class)
1630 | (1 << JVM_CONSTANT_MethodHandle) | (1 << JVM_CONSTANT_MethodType);
1631 // Note: The class file parser already verified the legality of
1632 // MethodHandle and MethodType constants.
1633 verify_cp_type(index, cp, types, CHECK_VERIFY(this));
1634 }
1635 } else {
1636 assert(opcode == Bytecodes::_ldc2_w, "must be ldc2_w");
1637 types = (1 << JVM_CONSTANT_Double) | (1 << JVM_CONSTANT_Long);
1638 verify_cp_type(index, cp, types, CHECK_VERIFY(this));
1639 }
1640 if (tag.is_string() && cp->is_pseudo_string_at(index)) {
1641 current_frame->push_stack(object_type(), CHECK_VERIFY(this));
1642 } else if (tag.is_string() || tag.is_unresolved_string()) {
1643 current_frame->push_stack(
1644 VerificationType::reference_type(
1645 vmSymbols::java_lang_String()), CHECK_VERIFY(this));
1646 } else if (tag.is_klass() || tag.is_unresolved_klass()) {
1647 current_frame->push_stack(
1648 VerificationType::reference_type(
1649 vmSymbols::java_lang_Class()), CHECK_VERIFY(this));
1650 } else if (tag.is_int()) {
1651 current_frame->push_stack(
1652 VerificationType::integer_type(), CHECK_VERIFY(this));
1653 } else if (tag.is_float()) {
1654 current_frame->push_stack(
1655 VerificationType::float_type(), CHECK_VERIFY(this));
1656 } else if (tag.is_double()) {
1657 current_frame->push_stack_2(
1658 VerificationType::double_type(),
1659 VerificationType::double2_type(), CHECK_VERIFY(this));
1660 } else if (tag.is_long()) {
1661 current_frame->push_stack_2(
1662 VerificationType::long_type(),
1663 VerificationType::long2_type(), CHECK_VERIFY(this));
1664 } else if (tag.is_method_handle()) {
1665 current_frame->push_stack(
1666 VerificationType::reference_type(
1667 vmSymbols::java_dyn_MethodHandle()), CHECK_VERIFY(this));
1668 } else if (tag.is_method_type()) {
1669 current_frame->push_stack(
1670 VerificationType::reference_type(
1671 vmSymbols::java_dyn_MethodType()), CHECK_VERIFY(this));
1672 } else {
1673 verify_error(bci, "Invalid index in ldc");
1674 return;
1675 }
1676 }
1678 void ClassVerifier::verify_switch(
1679 RawBytecodeStream* bcs, u4 code_length, char* code_data,
1680 StackMapFrame* current_frame, StackMapTable* stackmap_table, TRAPS) {
1681 int bci = bcs->bci();
1682 address bcp = bcs->bcp();
1683 address aligned_bcp = (address) round_to((intptr_t)(bcp + 1), jintSize);
1685 // 4639449 & 4647081: padding bytes must be 0
1686 u2 padding_offset = 1;
1687 while ((bcp + padding_offset) < aligned_bcp) {
1688 if(*(bcp + padding_offset) != 0) {
1689 verify_error(bci, "Nonzero padding byte in lookswitch or tableswitch");
1690 return;
1691 }
1692 padding_offset++;
1693 }
1694 int default_offset = (int) Bytes::get_Java_u4(aligned_bcp);
1695 int keys, delta;
1696 current_frame->pop_stack(
1697 VerificationType::integer_type(), CHECK_VERIFY(this));
1698 if (bcs->raw_code() == Bytecodes::_tableswitch) {
1699 jint low = (jint)Bytes::get_Java_u4(aligned_bcp + jintSize);
1700 jint high = (jint)Bytes::get_Java_u4(aligned_bcp + 2*jintSize);
1701 if (low > high) {
1702 verify_error(bci,
1703 "low must be less than or equal to high in tableswitch");
1704 return;
1705 }
1706 keys = high - low + 1;
1707 if (keys < 0) {
1708 verify_error(bci, "too many keys in tableswitch");
1709 return;
1710 }
1711 delta = 1;
1712 } else {
1713 keys = (int)Bytes::get_Java_u4(aligned_bcp + jintSize);
1714 if (keys < 0) {
1715 verify_error(bci, "number of keys in lookupswitch less than 0");
1716 return;
1717 }
1718 delta = 2;
1719 // Make sure that the lookupswitch items are sorted
1720 for (int i = 0; i < (keys - 1); i++) {
1721 jint this_key = Bytes::get_Java_u4(aligned_bcp + (2+2*i)*jintSize);
1722 jint next_key = Bytes::get_Java_u4(aligned_bcp + (2+2*i+2)*jintSize);
1723 if (this_key >= next_key) {
1724 verify_error(bci, "Bad lookupswitch instruction");
1725 return;
1726 }
1727 }
1728 }
1729 int target = bci + default_offset;
1730 stackmap_table->check_jump_target(current_frame, target, CHECK_VERIFY(this));
1731 for (int i = 0; i < keys; i++) {
1732 target = bci + (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize);
1733 stackmap_table->check_jump_target(
1734 current_frame, target, CHECK_VERIFY(this));
1735 }
1736 }
1738 bool ClassVerifier::name_in_supers(
1739 symbolOop ref_name, instanceKlassHandle current) {
1740 klassOop super = current->super();
1741 while (super != NULL) {
1742 if (super->klass_part()->name() == ref_name) {
1743 return true;
1744 }
1745 super = super->klass_part()->super();
1746 }
1747 return false;
1748 }
1750 void ClassVerifier::verify_field_instructions(RawBytecodeStream* bcs,
1751 StackMapFrame* current_frame,
1752 constantPoolHandle cp,
1753 TRAPS) {
1754 u2 index = bcs->get_index_u2();
1755 verify_cp_type(index, cp, 1 << JVM_CONSTANT_Fieldref, CHECK_VERIFY(this));
1757 // Get field name and signature
1758 symbolHandle field_name = symbolHandle(THREAD, cp->name_ref_at(index));
1759 symbolHandle field_sig = symbolHandle(THREAD, cp->signature_ref_at(index));
1761 if (!SignatureVerifier::is_valid_type_signature(field_sig)) {
1762 class_format_error(
1763 "Invalid signature for field in class %s referenced "
1764 "from constant pool index %d", _klass->external_name(), index);
1765 return;
1766 }
1768 // Get referenced class type
1769 VerificationType ref_class_type = cp_ref_index_to_type(
1770 index, cp, CHECK_VERIFY(this));
1771 if (!ref_class_type.is_object()) {
1772 verify_error(
1773 "Expecting reference to class in class %s at constant pool index %d",
1774 _klass->external_name(), index);
1775 return;
1776 }
1777 VerificationType target_class_type = ref_class_type;
1779 assert(sizeof(VerificationType) == sizeof(uintptr_t),
1780 "buffer type must match VerificationType size");
1781 uintptr_t field_type_buffer[2];
1782 VerificationType* field_type = (VerificationType*)field_type_buffer;
1783 // If we make a VerificationType[2] array directly, the compiler calls
1784 // to the c-runtime library to do the allocation instead of just
1785 // stack allocating it. Plus it would run constructors. This shows up
1786 // in performance profiles.
1788 SignatureStream sig_stream(field_sig, false);
1789 VerificationType stack_object_type;
1790 int n = change_sig_to_verificationType(
1791 &sig_stream, field_type, CHECK_VERIFY(this));
1792 u2 bci = bcs->bci();
1793 bool is_assignable;
1794 switch (bcs->raw_code()) {
1795 case Bytecodes::_getstatic: {
1796 for (int i = 0; i < n; i++) {
1797 current_frame->push_stack(field_type[i], CHECK_VERIFY(this));
1798 }
1799 break;
1800 }
1801 case Bytecodes::_putstatic: {
1802 for (int i = n - 1; i >= 0; i--) {
1803 current_frame->pop_stack(field_type[i], CHECK_VERIFY(this));
1804 }
1805 break;
1806 }
1807 case Bytecodes::_getfield: {
1808 stack_object_type = current_frame->pop_stack(
1809 target_class_type, CHECK_VERIFY(this));
1810 for (int i = 0; i < n; i++) {
1811 current_frame->push_stack(field_type[i], CHECK_VERIFY(this));
1812 }
1813 goto check_protected;
1814 }
1815 case Bytecodes::_putfield: {
1816 for (int i = n - 1; i >= 0; i--) {
1817 current_frame->pop_stack(field_type[i], CHECK_VERIFY(this));
1818 }
1819 stack_object_type = current_frame->pop_stack(CHECK_VERIFY(this));
1821 // The JVMS 2nd edition allows field initialization before the superclass
1822 // initializer, if the field is defined within the current class.
1823 fieldDescriptor fd;
1824 if (stack_object_type == VerificationType::uninitialized_this_type() &&
1825 target_class_type.equals(current_type()) &&
1826 _klass->find_local_field(field_name(), field_sig(), &fd)) {
1827 stack_object_type = current_type();
1828 }
1829 is_assignable = target_class_type.is_assignable_from(
1830 stack_object_type, current_class(), CHECK_VERIFY(this));
1831 if (!is_assignable) {
1832 verify_error(bci, "Bad type on operand stack in putfield");
1833 return;
1834 }
1835 }
1836 check_protected: {
1837 if (_this_type == stack_object_type)
1838 break; // stack_object_type must be assignable to _current_class_type
1839 symbolHandle ref_class_name = symbolHandle(THREAD,
1840 cp->klass_name_at(cp->klass_ref_index_at(index)));
1841 if (!name_in_supers(ref_class_name(), current_class()))
1842 // stack_object_type must be assignable to _current_class_type since:
1843 // 1. stack_object_type must be assignable to ref_class.
1844 // 2. ref_class must be _current_class or a subclass of it. It can't
1845 // be a superclass of it. See revised JVMS 5.4.4.
1846 break;
1848 klassOop ref_class_oop = load_class(ref_class_name, CHECK);
1849 if (is_protected_access(current_class(), ref_class_oop, field_name(),
1850 field_sig(), false)) {
1851 // It's protected access, check if stack object is assignable to
1852 // current class.
1853 is_assignable = current_type().is_assignable_from(
1854 stack_object_type, current_class(), CHECK_VERIFY(this));
1855 if (!is_assignable) {
1856 verify_error(bci, "Bad access to protected data in getfield");
1857 return;
1858 }
1859 }
1860 break;
1861 }
1862 default: ShouldNotReachHere();
1863 }
1864 }
1866 void ClassVerifier::verify_invoke_init(
1867 RawBytecodeStream* bcs, VerificationType ref_class_type,
1868 StackMapFrame* current_frame, u4 code_length, bool *this_uninit,
1869 constantPoolHandle cp, TRAPS) {
1870 u2 bci = bcs->bci();
1871 VerificationType type = current_frame->pop_stack(
1872 VerificationType::reference_check(), CHECK_VERIFY(this));
1873 if (type == VerificationType::uninitialized_this_type()) {
1874 // The method must be an <init> method of either this class, or one of its
1875 // superclasses
1876 if (ref_class_type.name() != current_class()->name() &&
1877 !name_in_supers(ref_class_type.name(), current_class())) {
1878 verify_error(bci, "Bad <init> method call");
1879 return;
1880 }
1881 current_frame->initialize_object(type, current_type());
1882 *this_uninit = true;
1883 } else if (type.is_uninitialized()) {
1884 u2 new_offset = type.bci();
1885 address new_bcp = bcs->bcp() - bci + new_offset;
1886 if (new_offset > (code_length - 3) || (*new_bcp) != Bytecodes::_new) {
1887 verify_error(new_offset, "Expecting new instruction");
1888 return;
1889 }
1890 u2 new_class_index = Bytes::get_Java_u2(new_bcp + 1);
1891 verify_cp_class_type(new_class_index, cp, CHECK_VERIFY(this));
1893 // The method must be an <init> method of the indicated class
1894 VerificationType new_class_type = cp_index_to_type(
1895 new_class_index, cp, CHECK_VERIFY(this));
1896 if (!new_class_type.equals(ref_class_type)) {
1897 verify_error(bci, "Call to wrong <init> method");
1898 return;
1899 }
1900 // According to the VM spec, if the referent class is a superclass of the
1901 // current class, and is in a different runtime package, and the method is
1902 // protected, then the objectref must be the current class or a subclass
1903 // of the current class.
1904 VerificationType objectref_type = new_class_type;
1905 if (name_in_supers(ref_class_type.name(), current_class())) {
1906 klassOop ref_klass = load_class(
1907 ref_class_type.name(), CHECK_VERIFY(this));
1908 methodOop m = instanceKlass::cast(ref_klass)->uncached_lookup_method(
1909 vmSymbols::object_initializer_name(),
1910 cp->signature_ref_at(bcs->get_index_u2()));
1911 instanceKlassHandle mh(THREAD, m->method_holder());
1912 if (m->is_protected() && !mh->is_same_class_package(_klass())) {
1913 bool assignable = current_type().is_assignable_from(
1914 objectref_type, current_class(), CHECK_VERIFY(this));
1915 if (!assignable) {
1916 verify_error(bci, "Bad access to protected <init> method");
1917 return;
1918 }
1919 }
1920 }
1921 current_frame->initialize_object(type, new_class_type);
1922 } else {
1923 verify_error(bci, "Bad operand type when invoking <init>");
1924 return;
1925 }
1926 }
1928 void ClassVerifier::verify_invoke_instructions(
1929 RawBytecodeStream* bcs, u4 code_length, StackMapFrame* current_frame,
1930 bool *this_uninit, VerificationType return_type,
1931 constantPoolHandle cp, TRAPS) {
1932 // Make sure the constant pool item is the right type
1933 u2 index = bcs->get_index_u2();
1934 Bytecodes::Code opcode = bcs->raw_code();
1935 unsigned int types = (opcode == Bytecodes::_invokeinterface
1936 ? 1 << JVM_CONSTANT_InterfaceMethodref
1937 : opcode == Bytecodes::_invokedynamic
1938 ? ((AllowTransitionalJSR292 ? 1 << JVM_CONSTANT_NameAndType : 0)
1939 |1 << JVM_CONSTANT_InvokeDynamic)
1940 : 1 << JVM_CONSTANT_Methodref);
1941 verify_cp_type(index, cp, types, CHECK_VERIFY(this));
1943 // Get method name and signature
1944 symbolHandle method_name(THREAD, cp->name_ref_at(index));
1945 symbolHandle method_sig(THREAD, cp->signature_ref_at(index));
1947 if (!SignatureVerifier::is_valid_method_signature(method_sig)) {
1948 class_format_error(
1949 "Invalid method signature in class %s referenced "
1950 "from constant pool index %d", _klass->external_name(), index);
1951 return;
1952 }
1954 // Get referenced class type
1955 VerificationType ref_class_type;
1956 if (opcode == Bytecodes::_invokedynamic) {
1957 if (!EnableInvokeDynamic ||
1958 _klass->major_version() < Verifier::INVOKEDYNAMIC_MAJOR_VERSION) {
1959 class_format_error(
1960 (!EnableInvokeDynamic ?
1961 "invokedynamic instructions not enabled in this JVM" :
1962 "invokedynamic instructions not supported by this class file version"),
1963 _klass->external_name());
1964 return;
1965 }
1966 } else {
1967 ref_class_type = cp_ref_index_to_type(index, cp, CHECK_VERIFY(this));
1968 }
1970 // For a small signature length, we just allocate 128 bytes instead
1971 // of parsing the signature once to find its size.
1972 // -3 is for '(', ')' and return descriptor; multiply by 2 is for
1973 // longs/doubles to be consertive.
1974 assert(sizeof(VerificationType) == sizeof(uintptr_t),
1975 "buffer type must match VerificationType size");
1976 uintptr_t on_stack_sig_types_buffer[128];
1977 // If we make a VerificationType[128] array directly, the compiler calls
1978 // to the c-runtime library to do the allocation instead of just
1979 // stack allocating it. Plus it would run constructors. This shows up
1980 // in performance profiles.
1982 VerificationType* sig_types;
1983 int size = (method_sig->utf8_length() - 3) * 2;
1984 if (size > 128) {
1985 // Long and double occupies two slots here.
1986 ArgumentSizeComputer size_it(method_sig);
1987 size = size_it.size();
1988 sig_types = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, VerificationType, size);
1989 } else{
1990 sig_types = (VerificationType*)on_stack_sig_types_buffer;
1991 }
1992 SignatureStream sig_stream(method_sig);
1993 int sig_i = 0;
1994 while (!sig_stream.at_return_type()) {
1995 sig_i += change_sig_to_verificationType(
1996 &sig_stream, &sig_types[sig_i], CHECK_VERIFY(this));
1997 sig_stream.next();
1998 }
1999 int nargs = sig_i;
2001 #ifdef ASSERT
2002 {
2003 ArgumentSizeComputer size_it(method_sig);
2004 assert(nargs == size_it.size(), "Argument sizes do not match");
2005 assert(nargs <= (method_sig->utf8_length() - 3) * 2, "estimate of max size isn't conservative enough");
2006 }
2007 #endif
2009 // Check instruction operands
2010 u2 bci = bcs->bci();
2011 if (opcode == Bytecodes::_invokeinterface) {
2012 address bcp = bcs->bcp();
2013 // 4905268: count operand in invokeinterface should be nargs+1, not nargs.
2014 // JSR202 spec: The count operand of an invokeinterface instruction is valid if it is
2015 // the difference between the size of the operand stack before and after the instruction
2016 // executes.
2017 if (*(bcp+3) != (nargs+1)) {
2018 verify_error(bci, "Inconsistent args count operand in invokeinterface");
2019 return;
2020 }
2021 if (*(bcp+4) != 0) {
2022 verify_error(bci, "Fourth operand byte of invokeinterface must be zero");
2023 return;
2024 }
2025 }
2027 if (opcode == Bytecodes::_invokedynamic) {
2028 address bcp = bcs->bcp();
2029 if (*(bcp+3) != 0 || *(bcp+4) != 0) {
2030 verify_error(bci, "Third and fourth operand bytes of invokedynamic must be zero");
2031 return;
2032 }
2033 }
2035 if (method_name->byte_at(0) == '<') {
2036 // Make sure <init> can only be invoked by invokespecial
2037 if (opcode != Bytecodes::_invokespecial ||
2038 method_name() != vmSymbols::object_initializer_name()) {
2039 verify_error(bci, "Illegal call to internal method");
2040 return;
2041 }
2042 } else if (opcode == Bytecodes::_invokespecial
2043 && !ref_class_type.equals(current_type())
2044 && !ref_class_type.equals(VerificationType::reference_type(
2045 current_class()->super()->klass_part()->name()))) {
2046 bool subtype = ref_class_type.is_assignable_from(
2047 current_type(), current_class(), CHECK_VERIFY(this));
2048 if (!subtype) {
2049 verify_error(bci, "Bad invokespecial instruction: "
2050 "current class isn't assignable to reference class.");
2051 return;
2052 }
2053 }
2054 // Match method descriptor with operand stack
2055 for (int i = nargs - 1; i >= 0; i--) { // Run backwards
2056 current_frame->pop_stack(sig_types[i], CHECK_VERIFY(this));
2057 }
2058 // Check objectref on operand stack
2059 if (opcode != Bytecodes::_invokestatic &&
2060 opcode != Bytecodes::_invokedynamic) {
2061 if (method_name() == vmSymbols::object_initializer_name()) { // <init> method
2062 verify_invoke_init(bcs, ref_class_type, current_frame,
2063 code_length, this_uninit, cp, CHECK_VERIFY(this));
2064 } else { // other methods
2065 // Ensures that target class is assignable to method class.
2066 if (opcode == Bytecodes::_invokespecial) {
2067 current_frame->pop_stack(current_type(), CHECK_VERIFY(this));
2068 } else if (opcode == Bytecodes::_invokevirtual) {
2069 VerificationType stack_object_type =
2070 current_frame->pop_stack(ref_class_type, CHECK_VERIFY(this));
2071 if (current_type() != stack_object_type) {
2072 assert(cp->cache() == NULL, "not rewritten yet");
2073 symbolHandle ref_class_name = symbolHandle(THREAD,
2074 cp->klass_name_at(cp->klass_ref_index_at(index)));
2075 // See the comments in verify_field_instructions() for
2076 // the rationale behind this.
2077 if (name_in_supers(ref_class_name(), current_class())) {
2078 klassOop ref_class = load_class(ref_class_name, CHECK);
2079 if (is_protected_access(
2080 _klass, ref_class, method_name(), method_sig(), true)) {
2081 // It's protected access, check if stack object is
2082 // assignable to current class.
2083 bool is_assignable = current_type().is_assignable_from(
2084 stack_object_type, current_class(), CHECK_VERIFY(this));
2085 if (!is_assignable) {
2086 if (ref_class_type.name() == vmSymbols::java_lang_Object()
2087 && stack_object_type.is_array()
2088 && method_name() == vmSymbols::clone_name()) {
2089 // Special case: arrays pretend to implement public Object
2090 // clone().
2091 } else {
2092 verify_error(bci,
2093 "Bad access to protected data in invokevirtual");
2094 return;
2095 }
2096 }
2097 }
2098 }
2099 }
2100 } else {
2101 assert(opcode == Bytecodes::_invokeinterface, "Unexpected opcode encountered");
2102 current_frame->pop_stack(ref_class_type, CHECK_VERIFY(this));
2103 }
2104 }
2105 }
2106 // Push the result type.
2107 if (sig_stream.type() != T_VOID) {
2108 if (method_name() == vmSymbols::object_initializer_name()) {
2109 // <init> method must have a void return type
2110 verify_error(bci, "Return type must be void in <init> method");
2111 return;
2112 }
2113 VerificationType return_type[2];
2114 int n = change_sig_to_verificationType(
2115 &sig_stream, return_type, CHECK_VERIFY(this));
2116 for (int i = 0; i < n; i++) {
2117 current_frame->push_stack(return_type[i], CHECK_VERIFY(this)); // push types backwards
2118 }
2119 }
2120 }
2122 VerificationType ClassVerifier::get_newarray_type(
2123 u2 index, u2 bci, TRAPS) {
2124 const char* from_bt[] = {
2125 NULL, NULL, NULL, NULL, "[Z", "[C", "[F", "[D", "[B", "[S", "[I", "[J",
2126 };
2127 if (index < T_BOOLEAN || index > T_LONG) {
2128 verify_error(bci, "Illegal newarray instruction");
2129 return VerificationType::bogus_type();
2130 }
2132 // from_bt[index] contains the array signature which has a length of 2
2133 symbolHandle sig = oopFactory::new_symbol_handle(
2134 from_bt[index], 2, CHECK_(VerificationType::bogus_type()));
2135 return VerificationType::reference_type(sig);
2136 }
2138 void ClassVerifier::verify_anewarray(
2139 u2 index, constantPoolHandle cp, StackMapFrame* current_frame, TRAPS) {
2140 verify_cp_class_type(index, cp, CHECK_VERIFY(this));
2141 current_frame->pop_stack(
2142 VerificationType::integer_type(), CHECK_VERIFY(this));
2144 VerificationType component_type =
2145 cp_index_to_type(index, cp, CHECK_VERIFY(this));
2146 ResourceMark rm(THREAD);
2147 int length;
2148 char* arr_sig_str;
2149 if (component_type.is_array()) { // it's an array
2150 const char* component_name = component_type.name()->as_utf8();
2151 // add one dimension to component
2152 length = (int)strlen(component_name) + 1;
2153 arr_sig_str = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, char, length);
2154 arr_sig_str[0] = '[';
2155 strncpy(&arr_sig_str[1], component_name, length - 1);
2156 } else { // it's an object or interface
2157 const char* component_name = component_type.name()->as_utf8();
2158 // add one dimension to component with 'L' prepended and ';' postpended.
2159 length = (int)strlen(component_name) + 3;
2160 arr_sig_str = NEW_RESOURCE_ARRAY_IN_THREAD(THREAD, char, length);
2161 arr_sig_str[0] = '[';
2162 arr_sig_str[1] = 'L';
2163 strncpy(&arr_sig_str[2], component_name, length - 2);
2164 arr_sig_str[length - 1] = ';';
2165 }
2166 symbolHandle arr_sig = oopFactory::new_symbol_handle(
2167 arr_sig_str, length, CHECK_VERIFY(this));
2168 VerificationType new_array_type = VerificationType::reference_type(arr_sig);
2169 current_frame->push_stack(new_array_type, CHECK_VERIFY(this));
2170 }
2172 void ClassVerifier::verify_iload(u2 index, StackMapFrame* current_frame, TRAPS) {
2173 current_frame->get_local(
2174 index, VerificationType::integer_type(), CHECK_VERIFY(this));
2175 current_frame->push_stack(
2176 VerificationType::integer_type(), CHECK_VERIFY(this));
2177 }
2179 void ClassVerifier::verify_lload(u2 index, StackMapFrame* current_frame, TRAPS) {
2180 current_frame->get_local_2(
2181 index, VerificationType::long_type(),
2182 VerificationType::long2_type(), CHECK_VERIFY(this));
2183 current_frame->push_stack_2(
2184 VerificationType::long_type(),
2185 VerificationType::long2_type(), CHECK_VERIFY(this));
2186 }
2188 void ClassVerifier::verify_fload(u2 index, StackMapFrame* current_frame, TRAPS) {
2189 current_frame->get_local(
2190 index, VerificationType::float_type(), CHECK_VERIFY(this));
2191 current_frame->push_stack(
2192 VerificationType::float_type(), CHECK_VERIFY(this));
2193 }
2195 void ClassVerifier::verify_dload(u2 index, StackMapFrame* current_frame, TRAPS) {
2196 current_frame->get_local_2(
2197 index, VerificationType::double_type(),
2198 VerificationType::double2_type(), CHECK_VERIFY(this));
2199 current_frame->push_stack_2(
2200 VerificationType::double_type(),
2201 VerificationType::double2_type(), CHECK_VERIFY(this));
2202 }
2204 void ClassVerifier::verify_aload(u2 index, StackMapFrame* current_frame, TRAPS) {
2205 VerificationType type = current_frame->get_local(
2206 index, VerificationType::reference_check(), CHECK_VERIFY(this));
2207 current_frame->push_stack(type, CHECK_VERIFY(this));
2208 }
2210 void ClassVerifier::verify_istore(u2 index, StackMapFrame* current_frame, TRAPS) {
2211 current_frame->pop_stack(
2212 VerificationType::integer_type(), CHECK_VERIFY(this));
2213 current_frame->set_local(
2214 index, VerificationType::integer_type(), CHECK_VERIFY(this));
2215 }
2217 void ClassVerifier::verify_lstore(u2 index, StackMapFrame* current_frame, TRAPS) {
2218 current_frame->pop_stack_2(
2219 VerificationType::long2_type(),
2220 VerificationType::long_type(), CHECK_VERIFY(this));
2221 current_frame->set_local_2(
2222 index, VerificationType::long_type(),
2223 VerificationType::long2_type(), CHECK_VERIFY(this));
2224 }
2226 void ClassVerifier::verify_fstore(u2 index, StackMapFrame* current_frame, TRAPS) {
2227 current_frame->pop_stack(VerificationType::float_type(), CHECK_VERIFY(this));
2228 current_frame->set_local(
2229 index, VerificationType::float_type(), CHECK_VERIFY(this));
2230 }
2232 void ClassVerifier::verify_dstore(u2 index, StackMapFrame* current_frame, TRAPS) {
2233 current_frame->pop_stack_2(
2234 VerificationType::double2_type(),
2235 VerificationType::double_type(), CHECK_VERIFY(this));
2236 current_frame->set_local_2(
2237 index, VerificationType::double_type(),
2238 VerificationType::double2_type(), CHECK_VERIFY(this));
2239 }
2241 void ClassVerifier::verify_astore(u2 index, StackMapFrame* current_frame, TRAPS) {
2242 VerificationType type = current_frame->pop_stack(
2243 VerificationType::reference_check(), CHECK_VERIFY(this));
2244 current_frame->set_local(index, type, CHECK_VERIFY(this));
2245 }
2247 void ClassVerifier::verify_iinc(u2 index, StackMapFrame* current_frame, TRAPS) {
2248 VerificationType type = current_frame->get_local(
2249 index, VerificationType::integer_type(), CHECK_VERIFY(this));
2250 current_frame->set_local(index, type, CHECK_VERIFY(this));
2251 }
2253 void ClassVerifier::verify_return_value(
2254 VerificationType return_type, VerificationType type, u2 bci, TRAPS) {
2255 if (return_type == VerificationType::bogus_type()) {
2256 verify_error(bci, "Method expects a return value");
2257 return;
2258 }
2259 bool match = return_type.is_assignable_from(type, _klass, CHECK_VERIFY(this));
2260 if (!match) {
2261 verify_error(bci, "Bad return type");
2262 return;
2263 }
2264 }