Path: blob/aarch64-shenandoah-jdk8u272-b10/jdk/src/share/native/common/check_code.c
38825 views
/*1* Copyright (c) 1994, 2014, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425/*-26* Verify that the code within a method block doesn't exploit any27* security holes.28*/29/*30Exported function:3132jboolean33VerifyClass(JNIEnv *env, jclass cb, char *message_buffer,34jint buffer_length)35jboolean36VerifyClassForMajorVersion(JNIEnv *env, jclass cb, char *message_buffer,37jint buffer_length, jint major_version)3839This file now only uses the standard JNI and the following VM functions40exported in jvm.h:4142JVM_FindClassFromClass43JVM_IsInterface44JVM_GetClassNameUTF45JVM_GetClassCPEntriesCount46JVM_GetClassCPTypes47JVM_GetClassFieldsCount48JVM_GetClassMethodsCount4950JVM_GetFieldIxModifiers5152JVM_GetMethodIxModifiers53JVM_GetMethodIxExceptionTableLength54JVM_GetMethodIxLocalsCount55JVM_GetMethodIxArgsSize56JVM_GetMethodIxMaxStack57JVM_GetMethodIxNameUTF58JVM_GetMethodIxSignatureUTF59JVM_GetMethodIxExceptionsCount60JVM_GetMethodIxExceptionIndexes61JVM_GetMethodIxByteCodeLength62JVM_GetMethodIxByteCode63JVM_GetMethodIxExceptionTableEntry64JVM_IsConstructorIx6566JVM_GetCPClassNameUTF67JVM_GetCPFieldNameUTF68JVM_GetCPMethodNameUTF69JVM_GetCPFieldSignatureUTF70JVM_GetCPMethodSignatureUTF71JVM_GetCPFieldClassNameUTF72JVM_GetCPMethodClassNameUTF73JVM_GetCPFieldModifiers74JVM_GetCPMethodModifiers7576JVM_ReleaseUTF77JVM_IsSameClassPackage7879*/8081#include <string.h>82#include <setjmp.h>83#include <assert.h>84#include <limits.h>85#include <stdlib.h>8687#include "jni.h"88#include "jvm.h"89#include "classfile_constants.h"90#include "opcodes.in_out"9192/* On AIX malloc(0) and calloc(0, ...) return a NULL pointer, which is legal,93* but the code here does not handles it. So we wrap the methods and return non-NULL94* pointers even if we allocate 0 bytes.95*/96#ifdef _AIX97static int aix_dummy;98static void* aix_malloc(size_t len) {99if (len == 0) {100return &aix_dummy;101}102return malloc(len);103}104105static void* aix_calloc(size_t n, size_t size) {106if (n == 0) {107return &aix_dummy;108}109return calloc(n, size);110}111112static void aix_free(void* p) {113if (p == &aix_dummy) {114return;115}116free(p);117}118119#undef malloc120#undef calloc121#undef free122#define malloc aix_malloc123#define calloc aix_calloc124#define free aix_free125#endif126127#ifdef __APPLE__128/* use setjmp/longjmp versions that do not save/restore the signal mask */129#define setjmp _setjmp130#define longjmp _longjmp131#endif132133#define MAX_ARRAY_DIMENSIONS 255134/* align byte code */135#ifndef ALIGN_UP136#define ALIGN_UP(n,align_grain) (((n) + ((align_grain) - 1)) & ~((align_grain)-1))137#endif /* ALIGN_UP */138#define UCALIGN(n) ((unsigned char *)ALIGN_UP((uintptr_t)(n),sizeof(int)))139140#ifdef DEBUG141142int verify_verbose = 0;143static struct context_type *GlobalContext;144#endif145146enum {147ITEM_Bogus,148ITEM_Void, /* only as a function return value */149ITEM_Integer,150ITEM_Float,151ITEM_Double,152ITEM_Double_2, /* 2nd word of double in register */153ITEM_Long,154ITEM_Long_2, /* 2nd word of long in register */155ITEM_Array,156ITEM_Object, /* Extra info field gives name. */157ITEM_NewObject, /* Like object, but uninitialized. */158ITEM_InitObject, /* "this" is init method, before call159to super() */160ITEM_ReturnAddress, /* Extra info gives instr # of start pc */161/* The following three are only used within array types.162* Normally, we use ITEM_Integer, instead. */163ITEM_Byte,164ITEM_Short,165ITEM_Char166};167168169#define UNKNOWN_STACK_SIZE -1170#define UNKNOWN_REGISTER_COUNT -1171#define UNKNOWN_RET_INSTRUCTION -1172173#undef MAX174#undef MIN175#define MAX(a, b) ((a) > (b) ? (a) : (b))176#define MIN(a, b) ((a) < (b) ? (a) : (b))177178#define BITS_PER_INT (CHAR_BIT * sizeof(int)/sizeof(char))179#define SET_BIT(flags, i) (flags[(i)/BITS_PER_INT] |= \180((unsigned)1 << ((i) % BITS_PER_INT)))181#define IS_BIT_SET(flags, i) (flags[(i)/BITS_PER_INT] & \182((unsigned)1 << ((i) % BITS_PER_INT)))183184typedef unsigned int fullinfo_type;185typedef unsigned int *bitvector;186187#define GET_ITEM_TYPE(thing) ((thing) & 0x1F)188#define GET_INDIRECTION(thing) (((thing) & 0xFFFF) >> 5)189#define GET_EXTRA_INFO(thing) ((thing) >> 16)190#define WITH_ZERO_INDIRECTION(thing) ((thing) & ~(0xFFE0))191#define WITH_ZERO_EXTRA_INFO(thing) ((thing) & 0xFFFF)192193#define MAKE_FULLINFO(type, indirect, extra) \194((type) + ((indirect) << 5) + ((extra) << 16))195196#define MAKE_Object_ARRAY(indirect) \197(context->object_info + ((indirect) << 5))198199#define NULL_FULLINFO MAKE_FULLINFO(ITEM_Object, 0, 0)200201/* JVM_OPC_invokespecial calls to <init> need to be treated special */202#define JVM_OPC_invokeinit 0x100203204/* A hash mechanism used by the verifier.205* Maps class names to unique 16 bit integers.206*/207208#define HASH_TABLE_SIZE 503209210/* The buckets are managed as a 256 by 256 matrix. We allocate an entire211* row (256 buckets) at a time to minimize fragmentation. Rows are212* allocated on demand so that we don't waste too much space.213*/214215#define MAX_HASH_ENTRIES 65536216#define HASH_ROW_SIZE 256217218typedef struct hash_bucket_type {219char *name;220unsigned int hash;221jclass class;222unsigned short ID;223unsigned short next;224unsigned loadable:1; /* from context->class loader */225} hash_bucket_type;226227typedef struct {228hash_bucket_type **buckets;229unsigned short *table;230int entries_used;231} hash_table_type;232233#define GET_BUCKET(class_hash, ID)\234(class_hash->buckets[ID / HASH_ROW_SIZE] + ID % HASH_ROW_SIZE)235236/*237* There are currently two types of resources that we need to keep238* track of (in addition to the CCalloc pool).239*/240enum {241VM_STRING_UTF, /* VM-allocated UTF strings */242VM_MALLOC_BLK /* malloc'ed blocks */243};244245#define LDC_CLASS_MAJOR_VERSION 49246247#define LDC_METHOD_HANDLE_MAJOR_VERSION 51248249#define NONZERO_PADDING_BYTES_IN_SWITCH_MAJOR_VERSION 51250251#define STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION 52252253#define ALLOC_STACK_SIZE 16 /* big enough */254255typedef struct alloc_stack_type {256void *ptr;257int kind;258struct alloc_stack_type *next;259} alloc_stack_type;260261/* The context type encapsulates the current invocation of the byte262* code verifier.263*/264struct context_type {265266JNIEnv *env; /* current JNIEnv */267268/* buffers etc. */269char *message;270jint message_buf_len;271jboolean err_code;272273alloc_stack_type *allocated_memory; /* all memory blocks that we have not274had a chance to free */275/* Store up to ALLOC_STACK_SIZE number of handles to allocated memory276blocks here, to save mallocs. */277alloc_stack_type alloc_stack[ALLOC_STACK_SIZE];278int alloc_stack_top;279280/* these fields are per class */281jclass class; /* current class */282jint major_version;283jint nconstants;284unsigned char *constant_types;285hash_table_type class_hash;286287fullinfo_type object_info; /* fullinfo for java/lang/Object */288fullinfo_type string_info; /* fullinfo for java/lang/String */289fullinfo_type throwable_info; /* fullinfo for java/lang/Throwable */290fullinfo_type cloneable_info; /* fullinfo for java/lang/Cloneable */291fullinfo_type serializable_info; /* fullinfo for java/io/Serializable */292293fullinfo_type currentclass_info; /* fullinfo for context->class */294fullinfo_type superclass_info; /* fullinfo for superclass */295296/* these fields are per method */297int method_index; /* current method */298unsigned short *exceptions; /* exceptions */299unsigned char *code; /* current code object */300jint code_length;301int *code_data; /* offset to instruction number */302struct instruction_data_type *instruction_data; /* info about each */303struct handler_info_type *handler_info;304fullinfo_type *superclasses; /* null terminated superclasses */305int instruction_count; /* number of instructions */306fullinfo_type return_type; /* function return type */307fullinfo_type swap_table[4]; /* used for passing information */308int bitmask_size; /* words needed to hold bitmap of arguments */309310/* these fields are per field */311int field_index;312313/* Used by the space allocator */314struct CCpool *CCroot, *CCcurrent;315char *CCfree_ptr;316int CCfree_size;317318/* Jump here on any error. */319jmp_buf jump_buffer;320321#ifdef DEBUG322/* keep track of how many global refs are allocated. */323int n_globalrefs;324#endif325};326327struct stack_info_type {328struct stack_item_type *stack;329int stack_size;330};331332struct register_info_type {333int register_count; /* number of registers used */334fullinfo_type *registers;335int mask_count; /* number of masks in the following */336struct mask_type *masks;337};338339struct mask_type {340int entry;341int *modifies;342};343344typedef unsigned short flag_type;345346struct instruction_data_type {347int opcode; /* may turn into "canonical" opcode */348unsigned changed:1; /* has it changed */349unsigned protected:1; /* must accessor be a subclass of "this" */350union {351int i; /* operand to the opcode */352int *ip;353fullinfo_type fi;354} operand, operand2;355fullinfo_type p;356struct stack_info_type stack_info;357struct register_info_type register_info;358#define FLAG_REACHED 0x01 /* instruction reached */359#define FLAG_NEED_CONSTRUCTOR 0x02 /* must call this.<init> or super.<init> */360#define FLAG_NO_RETURN 0x04 /* must throw out of method */361flag_type or_flags; /* true for at least one path to this inst */362#define FLAG_CONSTRUCTED 0x01 /* this.<init> or super.<init> called */363flag_type and_flags; /* true for all paths to this instruction */364};365366struct handler_info_type {367int start, end, handler;368struct stack_info_type stack_info;369};370371struct stack_item_type {372fullinfo_type item;373struct stack_item_type *next;374};375376typedef struct context_type context_type;377typedef struct instruction_data_type instruction_data_type;378typedef struct stack_item_type stack_item_type;379typedef struct register_info_type register_info_type;380typedef struct stack_info_type stack_info_type;381typedef struct mask_type mask_type;382383static void read_all_code(context_type *context, jclass cb, int num_methods,384int** code_lengths, unsigned char*** code);385static void verify_method(context_type *context, jclass cb, int index,386int code_length, unsigned char* code);387static void free_all_code(context_type* context, int num_methods,388unsigned char** code);389static void verify_field(context_type *context, jclass cb, int index);390391static void verify_opcode_operands (context_type *, unsigned int inumber, int offset);392static void set_protected(context_type *, unsigned int inumber, int key, int);393static jboolean is_superclass(context_type *, fullinfo_type);394395static void initialize_exception_table(context_type *);396static int instruction_length(unsigned char *iptr, unsigned char *end);397static jboolean isLegalTarget(context_type *, int offset);398static void verify_constant_pool_type(context_type *, int, unsigned);399400static void initialize_dataflow(context_type *);401static void run_dataflow(context_type *context);402static void check_register_values(context_type *context, unsigned int inumber);403static void check_flags(context_type *context, unsigned int inumber);404static void pop_stack(context_type *, unsigned int inumber, stack_info_type *);405static void update_registers(context_type *, unsigned int inumber, register_info_type *);406static void update_flags(context_type *, unsigned int inumber,407flag_type *new_and_flags, flag_type *new_or_flags);408static void push_stack(context_type *, unsigned int inumber, stack_info_type *stack);409410static void merge_into_successors(context_type *, unsigned int inumber,411register_info_type *register_info,412stack_info_type *stack_info,413flag_type and_flags, flag_type or_flags);414static void merge_into_one_successor(context_type *context,415unsigned int from_inumber,416unsigned int inumber,417register_info_type *register_info,418stack_info_type *stack_info,419flag_type and_flags, flag_type or_flags,420jboolean isException);421static void merge_stack(context_type *, unsigned int inumber,422unsigned int to_inumber, stack_info_type *);423static void merge_registers(context_type *, unsigned int inumber,424unsigned int to_inumber,425register_info_type *);426static void merge_flags(context_type *context, unsigned int from_inumber,427unsigned int to_inumber,428flag_type new_and_flags, flag_type new_or_flags);429430static stack_item_type *copy_stack(context_type *, stack_item_type *);431static mask_type *copy_masks(context_type *, mask_type *masks, int mask_count);432static mask_type *add_to_masks(context_type *, mask_type *, int , int);433434static fullinfo_type decrement_indirection(fullinfo_type);435436static fullinfo_type merge_fullinfo_types(context_type *context,437fullinfo_type a,438fullinfo_type b,439jboolean assignment);440static jboolean isAssignableTo(context_type *,441fullinfo_type a,442fullinfo_type b);443444static jclass object_fullinfo_to_classclass(context_type *, fullinfo_type);445446447#define NEW(type, count) \448((type *)CCalloc(context, (count)*(sizeof(type)), JNI_FALSE))449#define ZNEW(type, count) \450((type *)CCalloc(context, (count)*(sizeof(type)), JNI_TRUE))451452static void CCinit(context_type *context);453static void CCreinit(context_type *context);454static void CCdestroy(context_type *context);455static void *CCalloc(context_type *context, int size, jboolean zero);456457static fullinfo_type cp_index_to_class_fullinfo(context_type *, int, int);458459static const char* get_result_signature(const char* signature);460461static char signature_to_fieldtype(context_type *context,462const char **signature_p, fullinfo_type *info);463464static void CCerror (context_type *, char *format, ...);465static void CFerror (context_type *, char *format, ...);466static void CCout_of_memory (context_type *);467468/* Because we can longjmp any time, we need to be very careful about469* remembering what needs to be freed. */470471static void check_and_push(context_type *context, const void *ptr, int kind);472static void pop_and_free(context_type *context);473474static int signature_to_args_size(const char *method_signature);475476#ifdef DEBUG477static void print_stack (context_type *, stack_info_type *stack_info);478static void print_registers(context_type *, register_info_type *register_info);479static void print_flags(context_type *, flag_type, flag_type);480static void print_formatted_fieldname(context_type *context, int index);481static void print_formatted_methodname(context_type *context, int index);482#endif483484void initialize_class_hash(context_type *context)485{486hash_table_type *class_hash = &(context->class_hash);487class_hash->buckets = (hash_bucket_type **)488calloc(MAX_HASH_ENTRIES / HASH_ROW_SIZE, sizeof(hash_bucket_type *));489class_hash->table = (unsigned short *)490calloc(HASH_TABLE_SIZE, sizeof(unsigned short));491if (class_hash->buckets == 0 ||492class_hash->table == 0)493CCout_of_memory(context);494class_hash->entries_used = 0;495}496497static void finalize_class_hash(context_type *context)498{499hash_table_type *class_hash = &(context->class_hash);500JNIEnv *env = context->env;501int i;502/* 4296677: bucket index starts from 1. */503for (i=1;i<=class_hash->entries_used;i++) {504hash_bucket_type *bucket = GET_BUCKET(class_hash, i);505assert(bucket != NULL);506free(bucket->name);507if (bucket->class) {508(*env)->DeleteGlobalRef(env, bucket->class);509#ifdef DEBUG510context->n_globalrefs--;511#endif512}513}514if (class_hash->buckets) {515for (i=0;i<MAX_HASH_ENTRIES / HASH_ROW_SIZE; i++) {516if (class_hash->buckets[i] == 0)517break;518free(class_hash->buckets[i]);519}520}521free(class_hash->buckets);522free(class_hash->table);523}524525static hash_bucket_type *526new_bucket(context_type *context, unsigned short *pID)527{528hash_table_type *class_hash = &(context->class_hash);529int i = *pID = class_hash->entries_used + 1;530int row = i / HASH_ROW_SIZE;531if (i >= MAX_HASH_ENTRIES)532CCerror(context, "Exceeded verifier's limit of 65535 referred classes");533if (class_hash->buckets[row] == 0) {534class_hash->buckets[row] = (hash_bucket_type*)535calloc(HASH_ROW_SIZE, sizeof(hash_bucket_type));536if (class_hash->buckets[row] == 0)537CCout_of_memory(context);538}539class_hash->entries_used++; /* only increment when we are sure there540is no overflow. */541return GET_BUCKET(class_hash, i);542}543544static unsigned int545class_hash_fun(const char *s)546{547int i;548unsigned raw_hash;549for (raw_hash = 0; (i = *s) != '\0'; ++s)550raw_hash = raw_hash * 37 + i;551return raw_hash;552}553554/*555* Find a class using the defining loader of the current class556* and return a local reference to it.557*/558static jclass load_class_local(context_type *context,const char *classname)559{560jclass cb = JVM_FindClassFromClass(context->env, classname,561JNI_FALSE, context->class);562if (cb == 0)563CCerror(context, "Cannot find class %s", classname);564return cb;565}566567/*568* Find a class using the defining loader of the current class569* and return a global reference to it.570*/571static jclass load_class_global(context_type *context, const char *classname)572{573JNIEnv *env = context->env;574jclass local, global;575576local = load_class_local(context, classname);577global = (*env)->NewGlobalRef(env, local);578if (global == 0)579CCout_of_memory(context);580#ifdef DEBUG581context->n_globalrefs++;582#endif583(*env)->DeleteLocalRef(env, local);584return global;585}586587/*588* Return a unique ID given a local class reference. The loadable589* flag is true if the defining class loader of context->class590* is known to be capable of loading the class.591*/592static unsigned short593class_to_ID(context_type *context, jclass cb, jboolean loadable)594{595JNIEnv *env = context->env;596hash_table_type *class_hash = &(context->class_hash);597unsigned int hash;598hash_bucket_type *bucket;599unsigned short *pID;600const char *name = JVM_GetClassNameUTF(env, cb);601602check_and_push(context, name, VM_STRING_UTF);603hash = class_hash_fun(name);604pID = &(class_hash->table[hash % HASH_TABLE_SIZE]);605while (*pID) {606bucket = GET_BUCKET(class_hash, *pID);607if (bucket->hash == hash && strcmp(name, bucket->name) == 0) {608/*609* There is an unresolved entry with our name610* so we're forced to load it in case it matches us.611*/612if (bucket->class == 0) {613assert(bucket->loadable == JNI_TRUE);614bucket->class = load_class_global(context, name);615}616617/*618* It's already in the table. Update the loadable619* state if it's known and then we're done.620*/621if ((*env)->IsSameObject(env, cb, bucket->class)) {622if (loadable && !bucket->loadable)623bucket->loadable = JNI_TRUE;624goto done;625}626}627pID = &bucket->next;628}629bucket = new_bucket(context, pID);630bucket->next = 0;631bucket->hash = hash;632bucket->name = malloc(strlen(name) + 1);633if (bucket->name == 0)634CCout_of_memory(context);635strcpy(bucket->name, name);636bucket->loadable = loadable;637bucket->class = (*env)->NewGlobalRef(env, cb);638if (bucket->class == 0)639CCout_of_memory(context);640#ifdef DEBUG641context->n_globalrefs++;642#endif643644done:645pop_and_free(context);646return *pID;647}648649/*650* Return a unique ID given a class name from the constant pool.651* All classes are lazily loaded from the defining loader of652* context->class.653*/654static unsigned short655class_name_to_ID(context_type *context, const char *name)656{657hash_table_type *class_hash = &(context->class_hash);658unsigned int hash = class_hash_fun(name);659hash_bucket_type *bucket;660unsigned short *pID;661jboolean force_load = JNI_FALSE;662663pID = &(class_hash->table[hash % HASH_TABLE_SIZE]);664while (*pID) {665bucket = GET_BUCKET(class_hash, *pID);666if (bucket->hash == hash && strcmp(name, bucket->name) == 0) {667if (bucket->loadable)668goto done;669force_load = JNI_TRUE;670}671pID = &bucket->next;672}673674if (force_load) {675/*676* We found at least one matching named entry for a class that677* was not known to be loadable through the defining class loader678* of context->class. We must load our named class and update679* the hash table in case one these entries matches our class.680*/681JNIEnv *env = context->env;682jclass cb = load_class_local(context, name);683unsigned short id = class_to_ID(context, cb, JNI_TRUE);684(*env)->DeleteLocalRef(env, cb);685return id;686}687688bucket = new_bucket(context, pID);689bucket->next = 0;690bucket->class = 0;691bucket->loadable = JNI_TRUE; /* name-only IDs are implicitly loadable */692bucket->hash = hash;693bucket->name = malloc(strlen(name) + 1);694if (bucket->name == 0)695CCout_of_memory(context);696strcpy(bucket->name, name);697698done:699return *pID;700}701702static const char *703ID_to_class_name(context_type *context, unsigned short ID)704{705hash_table_type *class_hash = &(context->class_hash);706hash_bucket_type *bucket = GET_BUCKET(class_hash, ID);707return bucket->name;708}709710static jclass711ID_to_class(context_type *context, unsigned short ID)712{713hash_table_type *class_hash = &(context->class_hash);714hash_bucket_type *bucket = GET_BUCKET(class_hash, ID);715if (bucket->class == 0) {716assert(bucket->loadable == JNI_TRUE);717bucket->class = load_class_global(context, bucket->name);718}719return bucket->class;720}721722static fullinfo_type723make_loadable_class_info(context_type *context, jclass cb)724{725return MAKE_FULLINFO(ITEM_Object, 0,726class_to_ID(context, cb, JNI_TRUE));727}728729static fullinfo_type730make_class_info(context_type *context, jclass cb)731{732return MAKE_FULLINFO(ITEM_Object, 0,733class_to_ID(context, cb, JNI_FALSE));734}735736static fullinfo_type737make_class_info_from_name(context_type *context, const char *name)738{739return MAKE_FULLINFO(ITEM_Object, 0,740class_name_to_ID(context, name));741}742743/* RETURNS744* 1: on success chosen to be consistent with previous VerifyClass745* 0: verify error746* 2: out of memory747* 3: class format error748*749* Called by verify_class. Verify the code of each of the methods750* in a class. Note that this function apparently can't be JNICALL,751* because if it is the dynamic linker doesn't appear to be able to752* find it on Win32.753*/754755#define CC_OK 1756#define CC_VerifyError 0757#define CC_OutOfMemory 2758#define CC_ClassFormatError 3759760JNIEXPORT jboolean761VerifyClassForMajorVersion(JNIEnv *env, jclass cb, char *buffer, jint len,762jint major_version)763{764context_type context_structure;765context_type *context = &context_structure;766jboolean result = CC_OK;767int i;768int num_methods;769int* code_lengths;770unsigned char** code;771772#ifdef DEBUG773GlobalContext = context;774#endif775776memset(context, 0, sizeof(context_type));777context->message = buffer;778context->message_buf_len = len;779780context->env = env;781context->class = cb;782783/* Set invalid method/field index of the context, in case anyone784calls CCerror */785context->method_index = -1;786context->field_index = -1;787788/* Don't call CCerror or anything that can call it above the setjmp! */789if (!setjmp(context->jump_buffer)) {790jclass super;791792CCinit(context); /* initialize heap; may throw */793794initialize_class_hash(context);795796context->major_version = major_version;797context->nconstants = JVM_GetClassCPEntriesCount(env, cb);798context->constant_types = (unsigned char *)799malloc(sizeof(unsigned char) * context->nconstants + 1);800801if (context->constant_types == 0)802CCout_of_memory(context);803804JVM_GetClassCPTypes(env, cb, context->constant_types);805806if (context->constant_types == 0)807CCout_of_memory(context);808809context->object_info =810make_class_info_from_name(context, "java/lang/Object");811context->string_info =812make_class_info_from_name(context, "java/lang/String");813context->throwable_info =814make_class_info_from_name(context, "java/lang/Throwable");815context->cloneable_info =816make_class_info_from_name(context, "java/lang/Cloneable");817context->serializable_info =818make_class_info_from_name(context, "java/io/Serializable");819820context->currentclass_info = make_loadable_class_info(context, cb);821822super = (*env)->GetSuperclass(env, cb);823824if (super != 0) {825fullinfo_type *gptr;826int i = 0;827828context->superclass_info = make_loadable_class_info(context, super);829830while(super != 0) {831jclass tmp_cb = (*env)->GetSuperclass(env, super);832(*env)->DeleteLocalRef(env, super);833super = tmp_cb;834i++;835}836(*env)->DeleteLocalRef(env, super);837super = 0;838839/* Can't go on context heap since it survives more than840one method */841context->superclasses = gptr =842malloc(sizeof(fullinfo_type)*(i + 1));843if (gptr == 0) {844CCout_of_memory(context);845}846847super = (*env)->GetSuperclass(env, context->class);848while(super != 0) {849jclass tmp_cb;850*gptr++ = make_class_info(context, super);851tmp_cb = (*env)->GetSuperclass(env, super);852(*env)->DeleteLocalRef(env, super);853super = tmp_cb;854}855*gptr = 0;856} else {857context->superclass_info = 0;858}859860(*env)->DeleteLocalRef(env, super);861862/* Look at each method */863for (i = JVM_GetClassFieldsCount(env, cb); --i >= 0;)864verify_field(context, cb, i);865num_methods = JVM_GetClassMethodsCount(env, cb);866read_all_code(context, cb, num_methods, &code_lengths, &code);867for (i = num_methods - 1; i >= 0; --i)868verify_method(context, cb, i, code_lengths[i], code[i]);869free_all_code(context, num_methods, code);870result = CC_OK;871} else {872result = context->err_code;873}874875/* Cleanup */876finalize_class_hash(context);877878while(context->allocated_memory)879pop_and_free(context);880881#ifdef DEBUG882GlobalContext = 0;883#endif884885if (context->exceptions)886free(context->exceptions);887888if (context->constant_types)889free(context->constant_types);890891if (context->superclasses)892free(context->superclasses);893894#ifdef DEBUG895/* Make sure all global refs created in the verifier are freed */896assert(context->n_globalrefs == 0);897#endif898899CCdestroy(context); /* destroy heap */900return result;901}902903#define OLD_FORMAT_MAX_MAJOR_VERSION 48904905JNIEXPORT jboolean906VerifyClass(JNIEnv *env, jclass cb, char *buffer, jint len)907{908static int warned = 0;909if (!warned) {910jio_fprintf(stdout, "Warning! An old version of jvm is used. This is not supported.\n");911warned = 1;912}913return VerifyClassForMajorVersion(env, cb, buffer, len,914OLD_FORMAT_MAX_MAJOR_VERSION);915}916917static void918verify_field(context_type *context, jclass cb, int field_index)919{920JNIEnv *env = context->env;921int access_bits = JVM_GetFieldIxModifiers(env, cb, field_index);922context->field_index = field_index;923924if ( ((access_bits & JVM_ACC_PUBLIC) != 0) &&925((access_bits & (JVM_ACC_PRIVATE | JVM_ACC_PROTECTED)) != 0)) {926CCerror(context, "Inconsistent access bits.");927}928context->field_index = -1;929}930931932/**933* We read all of the class's methods' code because it is possible that934* the verification of one method could resulting in linking further935* down the stack (due to class loading), which could end up rewriting936* some of the bytecode of methods we haven't verified yet. Since we937* don't want to see the rewritten bytecode, cache all the code and938* operate only on that.939*/940static void941read_all_code(context_type* context, jclass cb, int num_methods,942int** lengths_addr, unsigned char*** code_addr)943{944int* lengths;945unsigned char** code;946int i;947948lengths = malloc(sizeof(int) * num_methods);949check_and_push(context, lengths, VM_MALLOC_BLK);950951code = malloc(sizeof(unsigned char*) * num_methods);952check_and_push(context, code, VM_MALLOC_BLK);953954*(lengths_addr) = lengths;955*(code_addr) = code;956957for (i = 0; i < num_methods; ++i) {958lengths[i] = JVM_GetMethodIxByteCodeLength(context->env, cb, i);959if (lengths[i] > 0) {960code[i] = malloc(sizeof(unsigned char) * (lengths[i] + 1));961check_and_push(context, code[i], VM_MALLOC_BLK);962JVM_GetMethodIxByteCode(context->env, cb, i, code[i]);963} else {964code[i] = NULL;965}966}967}968969static void970free_all_code(context_type* context, int num_methods, unsigned char** code)971{972int i;973for (i = 0; i < num_methods; ++i) {974if (code[i] != NULL) {975pop_and_free(context);976}977}978pop_and_free(context); /* code */979pop_and_free(context); /* lengths */980}981982/* Verify the code of one method */983static void984verify_method(context_type *context, jclass cb, int method_index,985int code_length, unsigned char* code)986{987JNIEnv *env = context->env;988int access_bits = JVM_GetMethodIxModifiers(env, cb, method_index);989int *code_data;990instruction_data_type *idata = 0;991int instruction_count;992int i, offset;993unsigned int inumber;994jint nexceptions;995996if ((access_bits & (JVM_ACC_NATIVE | JVM_ACC_ABSTRACT)) != 0) {997/* not much to do for abstract and native methods */998return;999}10001001context->code_length = code_length;1002context->code = code;10031004/* CCerror can give method-specific info once this is set */1005context->method_index = method_index;10061007CCreinit(context); /* initial heap */1008code_data = NEW(int, code_length);10091010#ifdef DEBUG1011if (verify_verbose) {1012const char *classname = JVM_GetClassNameUTF(env, cb);1013const char *methodname =1014JVM_GetMethodIxNameUTF(env, cb, method_index);1015const char *signature =1016JVM_GetMethodIxSignatureUTF(env, cb, method_index);1017jio_fprintf(stdout, "Looking at %s.%s%s\n",1018(classname ? classname : ""),1019(methodname ? methodname : ""),1020(signature ? signature : ""));1021JVM_ReleaseUTF(classname);1022JVM_ReleaseUTF(methodname);1023JVM_ReleaseUTF(signature);1024}1025#endif10261027if (((access_bits & JVM_ACC_PUBLIC) != 0) &&1028((access_bits & (JVM_ACC_PRIVATE | JVM_ACC_PROTECTED)) != 0)) {1029CCerror(context, "Inconsistent access bits.");1030}10311032// If this method is an overpass method, which is generated by the VM,1033// we trust the code and no check needs to be done.1034if (JVM_IsVMGeneratedMethodIx(env, cb, method_index)) {1035return;1036}10371038/* Run through the code. Mark the start of each instruction, and give1039* the instruction a number */1040for (i = 0, offset = 0; offset < code_length; i++) {1041int length = instruction_length(&code[offset], code + code_length);1042int next_offset = offset + length;1043if (length <= 0)1044CCerror(context, "Illegal instruction found at offset %d", offset);1045if (next_offset > code_length)1046CCerror(context, "Code stops in the middle of instruction "1047" starting at offset %d", offset);1048code_data[offset] = i;1049while (++offset < next_offset)1050code_data[offset] = -1; /* illegal location */1051}1052instruction_count = i; /* number of instructions in code */10531054/* Allocate a structure to hold info about each instruction. */1055idata = NEW(instruction_data_type, instruction_count);10561057/* Initialize the heap, and other info in the context structure. */1058context->code = code;1059context->instruction_data = idata;1060context->code_data = code_data;1061context->instruction_count = instruction_count;1062context->handler_info =1063NEW(struct handler_info_type,1064JVM_GetMethodIxExceptionTableLength(env, cb, method_index));1065context->bitmask_size =1066(JVM_GetMethodIxLocalsCount(env, cb, method_index)1067+ (BITS_PER_INT - 1))/BITS_PER_INT;10681069if (instruction_count == 0)1070CCerror(context, "Empty code");10711072for (inumber = 0, offset = 0; offset < code_length; inumber++) {1073int length = instruction_length(&code[offset], code + code_length);1074instruction_data_type *this_idata = &idata[inumber];1075this_idata->opcode = code[offset];1076this_idata->stack_info.stack = NULL;1077this_idata->stack_info.stack_size = UNKNOWN_STACK_SIZE;1078this_idata->register_info.register_count = UNKNOWN_REGISTER_COUNT;1079this_idata->changed = JNI_FALSE; /* no need to look at it yet. */1080this_idata->protected = JNI_FALSE; /* no need to look at it yet. */1081this_idata->and_flags = (flag_type) -1; /* "bottom" and value */1082this_idata->or_flags = 0; /* "bottom" or value*/1083/* This also sets up this_data->operand. It also makes the1084* xload_x and xstore_x instructions look like the generic form. */1085verify_opcode_operands(context, inumber, offset);1086offset += length;1087}108810891090/* make sure exception table is reasonable. */1091initialize_exception_table(context);1092/* Set up first instruction, and start of exception handlers. */1093initialize_dataflow(context);1094/* Run data flow analysis on the instructions. */1095run_dataflow(context);10961097/* verify checked exceptions, if any */1098nexceptions = JVM_GetMethodIxExceptionsCount(env, cb, method_index);1099context->exceptions = (unsigned short *)1100malloc(sizeof(unsigned short) * nexceptions + 1);1101if (context->exceptions == 0)1102CCout_of_memory(context);1103JVM_GetMethodIxExceptionIndexes(env, cb, method_index,1104context->exceptions);1105for (i = 0; i < nexceptions; i++) {1106/* Make sure the constant pool item is JVM_CONSTANT_Class */1107verify_constant_pool_type(context, (int)context->exceptions[i],11081 << JVM_CONSTANT_Class);1109}1110free(context->exceptions);1111context->exceptions = 0;1112context->code = 0;1113context->method_index = -1;1114}111511161117/* Look at a single instruction, and verify its operands. Also, for1118* simplicity, move the operand into the ->operand field.1119* Make sure that branches don't go into the middle of nowhere.1120*/11211122static jint _ck_ntohl(jint n)1123{1124unsigned char *p = (unsigned char *)&n;1125return (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];1126}11271128static void1129verify_opcode_operands(context_type *context, unsigned int inumber, int offset)1130{1131JNIEnv *env = context->env;1132instruction_data_type *idata = context->instruction_data;1133instruction_data_type *this_idata = &idata[inumber];1134int *code_data = context->code_data;1135int mi = context->method_index;1136unsigned char *code = context->code;1137int opcode = this_idata->opcode;1138int var;11391140/*1141* Set the ip fields to 0 not the i fields because the ip fields1142* are 64 bits on 64 bit architectures, the i field is only 321143*/1144this_idata->operand.ip = 0;1145this_idata->operand2.ip = 0;11461147switch (opcode) {11481149case JVM_OPC_jsr:1150/* instruction of ret statement */1151this_idata->operand2.i = UNKNOWN_RET_INSTRUCTION;1152/* FALLTHROUGH */1153case JVM_OPC_ifeq: case JVM_OPC_ifne: case JVM_OPC_iflt:1154case JVM_OPC_ifge: case JVM_OPC_ifgt: case JVM_OPC_ifle:1155case JVM_OPC_ifnull: case JVM_OPC_ifnonnull:1156case JVM_OPC_if_icmpeq: case JVM_OPC_if_icmpne: case JVM_OPC_if_icmplt:1157case JVM_OPC_if_icmpge: case JVM_OPC_if_icmpgt: case JVM_OPC_if_icmple:1158case JVM_OPC_if_acmpeq: case JVM_OPC_if_acmpne:1159case JVM_OPC_goto: {1160/* Set the ->operand to be the instruction number of the target. */1161int jump = (((signed char)(code[offset+1])) << 8) + code[offset+2];1162int target = offset + jump;1163if (!isLegalTarget(context, target))1164CCerror(context, "Illegal target of jump or branch");1165this_idata->operand.i = code_data[target];1166break;1167}11681169case JVM_OPC_jsr_w:1170/* instruction of ret statement */1171this_idata->operand2.i = UNKNOWN_RET_INSTRUCTION;1172/* FALLTHROUGH */1173case JVM_OPC_goto_w: {1174/* Set the ->operand to be the instruction number of the target. */1175int jump = (((signed char)(code[offset+1])) << 24) +1176(code[offset+2] << 16) + (code[offset+3] << 8) +1177(code[offset + 4]);1178int target = offset + jump;1179if (!isLegalTarget(context, target))1180CCerror(context, "Illegal target of jump or branch");1181this_idata->operand.i = code_data[target];1182break;1183}11841185case JVM_OPC_tableswitch:1186case JVM_OPC_lookupswitch: {1187/* Set the ->operand to be a table of possible instruction targets. */1188int *lpc = (int *) UCALIGN(code + offset + 1);1189int *lptr;1190int *saved_operand;1191int keys;1192int k, delta;11931194if (context->major_version < NONZERO_PADDING_BYTES_IN_SWITCH_MAJOR_VERSION) {1195/* 4639449, 4647081: Padding bytes must be zero. */1196unsigned char* bptr = (unsigned char*) (code + offset + 1);1197for (; bptr < (unsigned char*)lpc; bptr++) {1198if (*bptr != 0) {1199CCerror(context, "Non zero padding bytes in switch");1200}1201}1202}1203if (opcode == JVM_OPC_tableswitch) {1204keys = _ck_ntohl(lpc[2]) - _ck_ntohl(lpc[1]) + 1;1205delta = 1;1206} else {1207keys = _ck_ntohl(lpc[1]); /* number of pairs */1208delta = 2;1209/* Make sure that the tableswitch items are sorted */1210for (k = keys - 1, lptr = &lpc[2]; --k >= 0; lptr += 2) {1211int this_key = _ck_ntohl(lptr[0]); /* NB: ntohl may be unsigned */1212int next_key = _ck_ntohl(lptr[2]);1213if (this_key >= next_key) {1214CCerror(context, "Unsorted lookup switch");1215}1216}1217}1218saved_operand = NEW(int, keys + 2);1219if (!isLegalTarget(context, offset + _ck_ntohl(lpc[0])))1220CCerror(context, "Illegal default target in switch");1221saved_operand[keys + 1] = code_data[offset + _ck_ntohl(lpc[0])];1222for (k = keys, lptr = &lpc[3]; --k >= 0; lptr += delta) {1223int target = offset + _ck_ntohl(lptr[0]);1224if (!isLegalTarget(context, target))1225CCerror(context, "Illegal branch in tableswitch");1226saved_operand[k + 1] = code_data[target];1227}1228saved_operand[0] = keys + 1; /* number of successors */1229this_idata->operand.ip = saved_operand;1230break;1231}12321233case JVM_OPC_ldc: {1234/* Make sure the constant pool item is the right type. */1235int key = code[offset + 1];1236int types = (1 << JVM_CONSTANT_Integer) | (1 << JVM_CONSTANT_Float) |1237(1 << JVM_CONSTANT_String);1238if (context->major_version >= LDC_CLASS_MAJOR_VERSION) {1239types |= 1 << JVM_CONSTANT_Class;1240}1241if (context->major_version >= LDC_METHOD_HANDLE_MAJOR_VERSION) {1242types |= (1 << JVM_CONSTANT_MethodHandle) |1243(1 << JVM_CONSTANT_MethodType);1244}1245this_idata->operand.i = key;1246verify_constant_pool_type(context, key, types);1247break;1248}12491250case JVM_OPC_ldc_w: {1251/* Make sure the constant pool item is the right type. */1252int key = (code[offset + 1] << 8) + code[offset + 2];1253int types = (1 << JVM_CONSTANT_Integer) | (1 << JVM_CONSTANT_Float) |1254(1 << JVM_CONSTANT_String);1255if (context->major_version >= LDC_CLASS_MAJOR_VERSION) {1256types |= 1 << JVM_CONSTANT_Class;1257}1258if (context->major_version >= LDC_METHOD_HANDLE_MAJOR_VERSION) {1259types |= (1 << JVM_CONSTANT_MethodHandle) |1260(1 << JVM_CONSTANT_MethodType);1261}1262this_idata->operand.i = key;1263verify_constant_pool_type(context, key, types);1264break;1265}12661267case JVM_OPC_ldc2_w: {1268/* Make sure the constant pool item is the right type. */1269int key = (code[offset + 1] << 8) + code[offset + 2];1270int types = (1 << JVM_CONSTANT_Double) | (1 << JVM_CONSTANT_Long);1271this_idata->operand.i = key;1272verify_constant_pool_type(context, key, types);1273break;1274}12751276case JVM_OPC_getfield: case JVM_OPC_putfield:1277case JVM_OPC_getstatic: case JVM_OPC_putstatic: {1278/* Make sure the constant pool item is the right type. */1279int key = (code[offset + 1] << 8) + code[offset + 2];1280this_idata->operand.i = key;1281verify_constant_pool_type(context, key, 1 << JVM_CONSTANT_Fieldref);1282if (opcode == JVM_OPC_getfield || opcode == JVM_OPC_putfield)1283set_protected(context, inumber, key, opcode);1284break;1285}12861287case JVM_OPC_invokevirtual:1288case JVM_OPC_invokespecial:1289case JVM_OPC_invokestatic:1290case JVM_OPC_invokeinterface: {1291/* Make sure the constant pool item is the right type. */1292int key = (code[offset + 1] << 8) + code[offset + 2];1293const char *methodname;1294jclass cb = context->class;1295fullinfo_type clazz_info;1296int is_constructor, is_internal;1297int kind;12981299switch (opcode ) {1300case JVM_OPC_invokestatic:1301kind = ((context->major_version < STATIC_METHOD_IN_INTERFACE_MAJOR_VERSION)1302? (1 << JVM_CONSTANT_Methodref)1303: ((1 << JVM_CONSTANT_InterfaceMethodref) | (1 << JVM_CONSTANT_Methodref)));1304break;1305case JVM_OPC_invokeinterface:1306kind = 1 << JVM_CONSTANT_InterfaceMethodref;1307break;1308default:1309kind = 1 << JVM_CONSTANT_Methodref;1310}13111312/* Make sure the constant pool item is the right type. */1313verify_constant_pool_type(context, key, kind);1314methodname = JVM_GetCPMethodNameUTF(env, cb, key);1315check_and_push(context, methodname, VM_STRING_UTF);1316is_constructor = !strcmp(methodname, "<init>");1317is_internal = methodname[0] == '<';1318pop_and_free(context);13191320clazz_info = cp_index_to_class_fullinfo(context, key,1321JVM_CONSTANT_Methodref);1322this_idata->operand.i = key;1323this_idata->operand2.fi = clazz_info;1324if (is_constructor) {1325if (opcode != JVM_OPC_invokespecial) {1326CCerror(context,1327"Must call initializers using invokespecial");1328}1329this_idata->opcode = JVM_OPC_invokeinit;1330} else {1331if (is_internal) {1332CCerror(context, "Illegal call to internal method");1333}1334if (opcode == JVM_OPC_invokespecial1335&& clazz_info != context->currentclass_info1336&& clazz_info != context->superclass_info) {1337int not_found = 1;13381339jclass super = (*env)->GetSuperclass(env, context->class);1340while(super != 0) {1341jclass tmp_cb;1342fullinfo_type new_info = make_class_info(context, super);1343if (clazz_info == new_info) {1344not_found = 0;1345break;1346}1347tmp_cb = (*env)->GetSuperclass(env, super);1348(*env)->DeleteLocalRef(env, super);1349super = tmp_cb;1350}1351(*env)->DeleteLocalRef(env, super);13521353/* The optimizer may cause this to happen on local code */1354if (not_found) {1355CCerror(context, "Illegal use of nonvirtual function call");1356}1357}1358}1359if (opcode == JVM_OPC_invokeinterface) {1360unsigned int args1;1361unsigned int args2;1362const char *signature =1363JVM_GetCPMethodSignatureUTF(env, context->class, key);1364check_and_push(context, signature, VM_STRING_UTF);1365args1 = signature_to_args_size(signature) + 1;1366args2 = code[offset + 3];1367if (args1 != args2) {1368CCerror(context,1369"Inconsistent args_size for invokeinterface");1370}1371if (code[offset + 4] != 0) {1372CCerror(context,1373"Fourth operand byte of invokeinterface must be zero");1374}1375pop_and_free(context);1376} else if (opcode == JVM_OPC_invokevirtual1377|| opcode == JVM_OPC_invokespecial)1378set_protected(context, inumber, key, opcode);1379break;1380}13811382case JVM_OPC_invokedynamic:1383CCerror(context,1384"invokedynamic bytecode is not supported in this class file version");13851386case JVM_OPC_instanceof:1387case JVM_OPC_checkcast:1388case JVM_OPC_new:1389case JVM_OPC_anewarray:1390case JVM_OPC_multianewarray: {1391/* Make sure the constant pool item is a class */1392int key = (code[offset + 1] << 8) + code[offset + 2];1393fullinfo_type target;1394verify_constant_pool_type(context, key, 1 << JVM_CONSTANT_Class);1395target = cp_index_to_class_fullinfo(context, key, JVM_CONSTANT_Class);1396if (GET_ITEM_TYPE(target) == ITEM_Bogus)1397CCerror(context, "Illegal type");1398switch(opcode) {1399case JVM_OPC_anewarray:1400if ((GET_INDIRECTION(target)) >= MAX_ARRAY_DIMENSIONS)1401CCerror(context, "Array with too many dimensions");1402this_idata->operand.fi = MAKE_FULLINFO(GET_ITEM_TYPE(target),1403GET_INDIRECTION(target) + 1,1404GET_EXTRA_INFO(target));1405break;1406case JVM_OPC_new:1407if (WITH_ZERO_EXTRA_INFO(target) !=1408MAKE_FULLINFO(ITEM_Object, 0, 0))1409CCerror(context, "Illegal creation of multi-dimensional array");1410/* operand gets set to the "unitialized object". operand2 gets1411* set to what the value will be after it's initialized. */1412this_idata->operand.fi = MAKE_FULLINFO(ITEM_NewObject, 0, inumber);1413this_idata->operand2.fi = target;1414break;1415case JVM_OPC_multianewarray:1416this_idata->operand.fi = target;1417this_idata->operand2.i = code[offset + 3];1418if ( (this_idata->operand2.i > (int)GET_INDIRECTION(target))1419|| (this_idata->operand2.i == 0))1420CCerror(context, "Illegal dimension argument");1421break;1422default:1423this_idata->operand.fi = target;1424}1425break;1426}14271428case JVM_OPC_newarray: {1429/* Cache the result of the JVM_OPC_newarray into the operand slot */1430fullinfo_type full_info;1431switch (code[offset + 1]) {1432case JVM_T_INT:1433full_info = MAKE_FULLINFO(ITEM_Integer, 1, 0); break;1434case JVM_T_LONG:1435full_info = MAKE_FULLINFO(ITEM_Long, 1, 0); break;1436case JVM_T_FLOAT:1437full_info = MAKE_FULLINFO(ITEM_Float, 1, 0); break;1438case JVM_T_DOUBLE:1439full_info = MAKE_FULLINFO(ITEM_Double, 1, 0); break;1440case JVM_T_BYTE: case JVM_T_BOOLEAN:1441full_info = MAKE_FULLINFO(ITEM_Byte, 1, 0); break;1442case JVM_T_CHAR:1443full_info = MAKE_FULLINFO(ITEM_Char, 1, 0); break;1444case JVM_T_SHORT:1445full_info = MAKE_FULLINFO(ITEM_Short, 1, 0); break;1446default:1447full_info = 0; /* Keep lint happy */1448CCerror(context, "Bad type passed to newarray");1449}1450this_idata->operand.fi = full_info;1451break;1452}14531454/* Fudge iload_x, aload_x, etc to look like their generic cousin. */1455case JVM_OPC_iload_0: case JVM_OPC_iload_1: case JVM_OPC_iload_2: case JVM_OPC_iload_3:1456this_idata->opcode = JVM_OPC_iload;1457var = opcode - JVM_OPC_iload_0;1458goto check_local_variable;14591460case JVM_OPC_fload_0: case JVM_OPC_fload_1: case JVM_OPC_fload_2: case JVM_OPC_fload_3:1461this_idata->opcode = JVM_OPC_fload;1462var = opcode - JVM_OPC_fload_0;1463goto check_local_variable;14641465case JVM_OPC_aload_0: case JVM_OPC_aload_1: case JVM_OPC_aload_2: case JVM_OPC_aload_3:1466this_idata->opcode = JVM_OPC_aload;1467var = opcode - JVM_OPC_aload_0;1468goto check_local_variable;14691470case JVM_OPC_lload_0: case JVM_OPC_lload_1: case JVM_OPC_lload_2: case JVM_OPC_lload_3:1471this_idata->opcode = JVM_OPC_lload;1472var = opcode - JVM_OPC_lload_0;1473goto check_local_variable2;14741475case JVM_OPC_dload_0: case JVM_OPC_dload_1: case JVM_OPC_dload_2: case JVM_OPC_dload_3:1476this_idata->opcode = JVM_OPC_dload;1477var = opcode - JVM_OPC_dload_0;1478goto check_local_variable2;14791480case JVM_OPC_istore_0: case JVM_OPC_istore_1: case JVM_OPC_istore_2: case JVM_OPC_istore_3:1481this_idata->opcode = JVM_OPC_istore;1482var = opcode - JVM_OPC_istore_0;1483goto check_local_variable;14841485case JVM_OPC_fstore_0: case JVM_OPC_fstore_1: case JVM_OPC_fstore_2: case JVM_OPC_fstore_3:1486this_idata->opcode = JVM_OPC_fstore;1487var = opcode - JVM_OPC_fstore_0;1488goto check_local_variable;14891490case JVM_OPC_astore_0: case JVM_OPC_astore_1: case JVM_OPC_astore_2: case JVM_OPC_astore_3:1491this_idata->opcode = JVM_OPC_astore;1492var = opcode - JVM_OPC_astore_0;1493goto check_local_variable;14941495case JVM_OPC_lstore_0: case JVM_OPC_lstore_1: case JVM_OPC_lstore_2: case JVM_OPC_lstore_3:1496this_idata->opcode = JVM_OPC_lstore;1497var = opcode - JVM_OPC_lstore_0;1498goto check_local_variable2;14991500case JVM_OPC_dstore_0: case JVM_OPC_dstore_1: case JVM_OPC_dstore_2: case JVM_OPC_dstore_3:1501this_idata->opcode = JVM_OPC_dstore;1502var = opcode - JVM_OPC_dstore_0;1503goto check_local_variable2;15041505case JVM_OPC_wide:1506this_idata->opcode = code[offset + 1];1507var = (code[offset + 2] << 8) + code[offset + 3];1508switch(this_idata->opcode) {1509case JVM_OPC_lload: case JVM_OPC_dload:1510case JVM_OPC_lstore: case JVM_OPC_dstore:1511goto check_local_variable2;1512default:1513goto check_local_variable;1514}15151516case JVM_OPC_iinc: /* the increment amount doesn't matter */1517case JVM_OPC_ret:1518case JVM_OPC_aload: case JVM_OPC_iload: case JVM_OPC_fload:1519case JVM_OPC_astore: case JVM_OPC_istore: case JVM_OPC_fstore:1520var = code[offset + 1];1521check_local_variable:1522/* Make sure that the variable number isn't illegal. */1523this_idata->operand.i = var;1524if (var >= JVM_GetMethodIxLocalsCount(env, context->class, mi))1525CCerror(context, "Illegal local variable number");1526break;15271528case JVM_OPC_lload: case JVM_OPC_dload: case JVM_OPC_lstore: case JVM_OPC_dstore:1529var = code[offset + 1];1530check_local_variable2:1531/* Make sure that the variable number isn't illegal. */1532this_idata->operand.i = var;1533if ((var + 1) >= JVM_GetMethodIxLocalsCount(env, context->class, mi))1534CCerror(context, "Illegal local variable number");1535break;15361537default:1538if (opcode > JVM_OPC_MAX)1539CCerror(context, "Quick instructions shouldn't appear yet.");1540break;1541} /* of switch */1542}154315441545static void1546set_protected(context_type *context, unsigned int inumber, int key, int opcode)1547{1548JNIEnv *env = context->env;1549fullinfo_type clazz_info;1550if (opcode != JVM_OPC_invokevirtual && opcode != JVM_OPC_invokespecial) {1551clazz_info = cp_index_to_class_fullinfo(context, key,1552JVM_CONSTANT_Fieldref);1553} else {1554clazz_info = cp_index_to_class_fullinfo(context, key,1555JVM_CONSTANT_Methodref);1556}1557if (is_superclass(context, clazz_info)) {1558jclass calledClass =1559object_fullinfo_to_classclass(context, clazz_info);1560int access;1561/* 4734966: JVM_GetCPFieldModifiers() or JVM_GetCPMethodModifiers() only1562searches the referenced field or method in calledClass. The following1563while loop is added to search up the superclass chain to make this1564symbolic resolution consistent with the field/method resolution1565specified in VM spec 5.4.3. */1566calledClass = (*env)->NewLocalRef(env, calledClass);1567do {1568jclass tmp_cb;1569if (opcode != JVM_OPC_invokevirtual && opcode != JVM_OPC_invokespecial) {1570access = JVM_GetCPFieldModifiers1571(env, context->class, key, calledClass);1572} else {1573access = JVM_GetCPMethodModifiers1574(env, context->class, key, calledClass);1575}1576if (access != -1) {1577break;1578}1579tmp_cb = (*env)->GetSuperclass(env, calledClass);1580(*env)->DeleteLocalRef(env, calledClass);1581calledClass = tmp_cb;1582} while (calledClass != 0);15831584if (access == -1) {1585/* field/method not found, detected at runtime. */1586} else if (access & JVM_ACC_PROTECTED) {1587if (!JVM_IsSameClassPackage(env, calledClass, context->class))1588context->instruction_data[inumber].protected = JNI_TRUE;1589}1590(*env)->DeleteLocalRef(env, calledClass);1591}1592}159315941595static jboolean1596is_superclass(context_type *context, fullinfo_type clazz_info) {1597fullinfo_type *fptr = context->superclasses;15981599if (fptr == 0)1600return JNI_FALSE;1601for (; *fptr != 0; fptr++) {1602if (*fptr == clazz_info)1603return JNI_TRUE;1604}1605return JNI_FALSE;1606}160716081609/* Look through each item on the exception table. Each of the fields must1610* refer to a legal instruction.1611*/1612static void1613initialize_exception_table(context_type *context)1614{1615JNIEnv *env = context->env;1616int mi = context->method_index;1617struct handler_info_type *handler_info = context->handler_info;1618int *code_data = context->code_data;1619int code_length = context->code_length;1620int max_stack_size = JVM_GetMethodIxMaxStack(env, context->class, mi);1621int i = JVM_GetMethodIxExceptionTableLength(env, context->class, mi);1622if (max_stack_size < 1 && i > 0) {1623// If the method contains exception handlers, it must have room1624// on the expression stack for the exception that the VM could push1625CCerror(context, "Stack size too large");1626}1627for (; --i >= 0; handler_info++) {1628JVM_ExceptionTableEntryType einfo;1629stack_item_type *stack_item = NEW(stack_item_type, 1);16301631JVM_GetMethodIxExceptionTableEntry(env, context->class, mi,1632i, &einfo);16331634if (!(einfo.start_pc < einfo.end_pc &&1635einfo.start_pc >= 0 &&1636isLegalTarget(context, einfo.start_pc) &&1637(einfo.end_pc == code_length ||1638isLegalTarget(context, einfo.end_pc)))) {1639CFerror(context, "Illegal exception table range");1640}1641if (!((einfo.handler_pc > 0) &&1642isLegalTarget(context, einfo.handler_pc))) {1643CFerror(context, "Illegal exception table handler");1644}16451646handler_info->start = code_data[einfo.start_pc];1647/* einfo.end_pc may point to one byte beyond the end of bytecodes. */1648handler_info->end = (einfo.end_pc == context->code_length) ?1649context->instruction_count : code_data[einfo.end_pc];1650handler_info->handler = code_data[einfo.handler_pc];1651handler_info->stack_info.stack = stack_item;1652handler_info->stack_info.stack_size = 1;1653stack_item->next = NULL;1654if (einfo.catchType != 0) {1655const char *classname;1656/* Constant pool entry type has been checked in format checker */1657classname = JVM_GetCPClassNameUTF(env,1658context->class,1659einfo.catchType);1660check_and_push(context, classname, VM_STRING_UTF);1661stack_item->item = make_class_info_from_name(context, classname);1662if (!isAssignableTo(context,1663stack_item->item,1664context->throwable_info))1665CCerror(context, "catch_type not a subclass of Throwable");1666pop_and_free(context);1667} else {1668stack_item->item = context->throwable_info;1669}1670}1671}167216731674/* Given a pointer to an instruction, return its length. Use the table1675* opcode_length[] which is automatically built.1676*/1677static int instruction_length(unsigned char *iptr, unsigned char *end)1678{1679static unsigned char opcode_length[] = JVM_OPCODE_LENGTH_INITIALIZER;1680int instruction = *iptr;1681switch (instruction) {1682case JVM_OPC_tableswitch: {1683int *lpc = (int *)UCALIGN(iptr + 1);1684int index;1685if (lpc + 2 >= (int *)end) {1686return -1; /* do not read pass the end */1687}1688index = _ck_ntohl(lpc[2]) - _ck_ntohl(lpc[1]);1689if ((index < 0) || (index > 65535)) {1690return -1; /* illegal */1691} else {1692return (unsigned char *)(&lpc[index + 4]) - iptr;1693}1694}16951696case JVM_OPC_lookupswitch: {1697int *lpc = (int *) UCALIGN(iptr + 1);1698int npairs;1699if (lpc + 1 >= (int *)end)1700return -1; /* do not read pass the end */1701npairs = _ck_ntohl(lpc[1]);1702/* There can't be more than 64K labels because of the limit1703* on per-method byte code length.1704*/1705if (npairs < 0 || npairs >= 65536)1706return -1;1707else1708return (unsigned char *)(&lpc[2 * (npairs + 1)]) - iptr;1709}17101711case JVM_OPC_wide:1712if (iptr + 1 >= end)1713return -1; /* do not read pass the end */1714switch(iptr[1]) {1715case JVM_OPC_ret:1716case JVM_OPC_iload: case JVM_OPC_istore:1717case JVM_OPC_fload: case JVM_OPC_fstore:1718case JVM_OPC_aload: case JVM_OPC_astore:1719case JVM_OPC_lload: case JVM_OPC_lstore:1720case JVM_OPC_dload: case JVM_OPC_dstore:1721return 4;1722case JVM_OPC_iinc:1723return 6;1724default:1725return -1;1726}17271728default: {1729/* A length of 0 indicates an error. */1730int length = opcode_length[instruction];1731return (length <= 0) ? -1 : length;1732}1733}1734}173517361737/* Given the target of a branch, make sure that it's a legal target. */1738static jboolean1739isLegalTarget(context_type *context, int offset)1740{1741int code_length = context->code_length;1742int *code_data = context->code_data;1743return (offset >= 0 && offset < code_length && code_data[offset] >= 0);1744}174517461747/* Make sure that an element of the constant pool really is of the indicated1748* type.1749*/1750static void1751verify_constant_pool_type(context_type *context, int index, unsigned mask)1752{1753int nconstants = context->nconstants;1754unsigned char *type_table = context->constant_types;1755unsigned type;17561757if ((index <= 0) || (index >= nconstants))1758CCerror(context, "Illegal constant pool index");17591760type = type_table[index];1761if ((mask & (1 << type)) == 0)1762CCerror(context, "Illegal type in constant pool");1763}176417651766static void1767initialize_dataflow(context_type *context)1768{1769JNIEnv *env = context->env;1770instruction_data_type *idata = context->instruction_data;1771int mi = context->method_index;1772jclass cb = context->class;1773int args_size = JVM_GetMethodIxArgsSize(env, cb, mi);1774fullinfo_type *reg_ptr;1775fullinfo_type full_info;1776const char *p;1777const char *signature;17781779/* Initialize the function entry, since we know everything about it. */1780idata[0].stack_info.stack_size = 0;1781idata[0].stack_info.stack = NULL;1782idata[0].register_info.register_count = args_size;1783idata[0].register_info.registers = NEW(fullinfo_type, args_size);1784idata[0].register_info.mask_count = 0;1785idata[0].register_info.masks = NULL;1786idata[0].and_flags = 0; /* nothing needed */1787idata[0].or_flags = FLAG_REACHED; /* instruction reached */1788reg_ptr = idata[0].register_info.registers;17891790if ((JVM_GetMethodIxModifiers(env, cb, mi) & JVM_ACC_STATIC) == 0) {1791/* A non static method. If this is an <init> method, the first1792* argument is an uninitialized object. Otherwise it is an object of1793* the given class type. java.lang.Object.<init> is special since1794* we don't call its superclass <init> method.1795*/1796if (JVM_IsConstructorIx(env, cb, mi)1797&& context->currentclass_info != context->object_info) {1798*reg_ptr++ = MAKE_FULLINFO(ITEM_InitObject, 0, 0);1799idata[0].or_flags |= FLAG_NEED_CONSTRUCTOR;1800} else {1801*reg_ptr++ = context->currentclass_info;1802}1803}1804signature = JVM_GetMethodIxSignatureUTF(env, cb, mi);1805check_and_push(context, signature, VM_STRING_UTF);1806/* Fill in each of the arguments into the registers. */1807for (p = signature + 1; *p != JVM_SIGNATURE_ENDFUNC; ) {1808char fieldchar = signature_to_fieldtype(context, &p, &full_info);1809switch (fieldchar) {1810case 'D': case 'L':1811*reg_ptr++ = full_info;1812*reg_ptr++ = full_info + 1;1813break;1814default:1815*reg_ptr++ = full_info;1816break;1817}1818}1819p++; /* skip over right parenthesis */1820if (*p == 'V') {1821context->return_type = MAKE_FULLINFO(ITEM_Void, 0, 0);1822} else {1823signature_to_fieldtype(context, &p, &full_info);1824context->return_type = full_info;1825}1826pop_and_free(context);1827/* Indicate that we need to look at the first instruction. */1828idata[0].changed = JNI_TRUE;1829}183018311832/* Run the data flow analysis, as long as there are things to change. */1833static void1834run_dataflow(context_type *context) {1835JNIEnv *env = context->env;1836int mi = context->method_index;1837jclass cb = context->class;1838int max_stack_size = JVM_GetMethodIxMaxStack(env, cb, mi);1839instruction_data_type *idata = context->instruction_data;1840unsigned int icount = context->instruction_count;1841jboolean work_to_do = JNI_TRUE;1842unsigned int inumber;18431844/* Run through the loop, until there is nothing left to do. */1845while (work_to_do) {1846work_to_do = JNI_FALSE;1847for (inumber = 0; inumber < icount; inumber++) {1848instruction_data_type *this_idata = &idata[inumber];1849if (this_idata->changed) {1850register_info_type new_register_info;1851stack_info_type new_stack_info;1852flag_type new_and_flags, new_or_flags;18531854this_idata->changed = JNI_FALSE;1855work_to_do = JNI_TRUE;1856#ifdef DEBUG1857if (verify_verbose) {1858int opcode = this_idata->opcode;1859jio_fprintf(stdout, "Instruction %d: ", inumber);1860print_stack(context, &this_idata->stack_info);1861print_registers(context, &this_idata->register_info);1862print_flags(context,1863this_idata->and_flags, this_idata->or_flags);1864fflush(stdout);1865}1866#endif1867/* Make sure the registers and flags are appropriate */1868check_register_values(context, inumber);1869check_flags(context, inumber);18701871/* Make sure the stack can deal with this instruction */1872pop_stack(context, inumber, &new_stack_info);18731874/* Update the registers and flags */1875update_registers(context, inumber, &new_register_info);1876update_flags(context, inumber, &new_and_flags, &new_or_flags);18771878/* Update the stack. */1879push_stack(context, inumber, &new_stack_info);18801881if (new_stack_info.stack_size > max_stack_size)1882CCerror(context, "Stack size too large");1883#ifdef DEBUG1884if (verify_verbose) {1885jio_fprintf(stdout, " ");1886print_stack(context, &new_stack_info);1887print_registers(context, &new_register_info);1888print_flags(context, new_and_flags, new_or_flags);1889fflush(stdout);1890}1891#endif1892/* Add the new stack and register information to any1893* instructions that can follow this instruction. */1894merge_into_successors(context, inumber,1895&new_register_info, &new_stack_info,1896new_and_flags, new_or_flags);1897}1898}1899}1900}190119021903/* Make sure that the registers contain a legitimate value for the given1904* instruction.1905*/19061907static void1908check_register_values(context_type *context, unsigned int inumber)1909{1910instruction_data_type *idata = context->instruction_data;1911instruction_data_type *this_idata = &idata[inumber];1912int opcode = this_idata->opcode;1913int operand = this_idata->operand.i;1914int register_count = this_idata->register_info.register_count;1915fullinfo_type *registers = this_idata->register_info.registers;1916jboolean double_word = JNI_FALSE; /* default value */1917int type;19181919switch (opcode) {1920default:1921return;1922case JVM_OPC_iload: case JVM_OPC_iinc:1923type = ITEM_Integer; break;1924case JVM_OPC_fload:1925type = ITEM_Float; break;1926case JVM_OPC_aload:1927type = ITEM_Object; break;1928case JVM_OPC_ret:1929type = ITEM_ReturnAddress; break;1930case JVM_OPC_lload:1931type = ITEM_Long; double_word = JNI_TRUE; break;1932case JVM_OPC_dload:1933type = ITEM_Double; double_word = JNI_TRUE; break;1934}1935if (!double_word) {1936fullinfo_type reg;1937/* Make sure we don't have an illegal register or one with wrong type */1938if (operand >= register_count) {1939CCerror(context,1940"Accessing value from uninitialized register %d", operand);1941}1942reg = registers[operand];19431944if (WITH_ZERO_EXTRA_INFO(reg) == (unsigned)MAKE_FULLINFO(type, 0, 0)) {1945/* the register is obviously of the given type */1946return;1947} else if (GET_INDIRECTION(reg) > 0 && type == ITEM_Object) {1948/* address type stuff be used on all arrays */1949return;1950} else if (GET_ITEM_TYPE(reg) == ITEM_ReturnAddress) {1951CCerror(context, "Cannot load return address from register %d",1952operand);1953/* alternatively1954(GET_ITEM_TYPE(reg) == ITEM_ReturnAddress)1955&& (opcode == JVM_OPC_iload)1956&& (type == ITEM_Object || type == ITEM_Integer)1957but this never occurs1958*/1959} else if (reg == ITEM_InitObject && type == ITEM_Object) {1960return;1961} else if (WITH_ZERO_EXTRA_INFO(reg) ==1962MAKE_FULLINFO(ITEM_NewObject, 0, 0) &&1963type == ITEM_Object) {1964return;1965} else {1966CCerror(context, "Register %d contains wrong type", operand);1967}1968} else {1969/* Make sure we don't have an illegal register or one with wrong type */1970if ((operand + 1) >= register_count) {1971CCerror(context,1972"Accessing value from uninitialized register pair %d/%d",1973operand, operand+1);1974} else {1975if ((registers[operand] == (unsigned)MAKE_FULLINFO(type, 0, 0)) &&1976(registers[operand + 1] == (unsigned)MAKE_FULLINFO(type + 1, 0, 0))) {1977return;1978} else {1979CCerror(context, "Register pair %d/%d contains wrong type",1980operand, operand+1);1981}1982}1983}1984}198519861987/* Make sure the flags contain legitimate values for this instruction.1988*/19891990static void1991check_flags(context_type *context, unsigned int inumber)1992{1993instruction_data_type *idata = context->instruction_data;1994instruction_data_type *this_idata = &idata[inumber];1995int opcode = this_idata->opcode;1996switch (opcode) {1997case JVM_OPC_return:1998/* We need a constructor, but we aren't guaranteed it's called */1999if ((this_idata->or_flags & FLAG_NEED_CONSTRUCTOR) &&2000!(this_idata->and_flags & FLAG_CONSTRUCTED))2001CCerror(context, "Constructor must call super() or this()");2002/* fall through */2003case JVM_OPC_ireturn: case JVM_OPC_lreturn:2004case JVM_OPC_freturn: case JVM_OPC_dreturn: case JVM_OPC_areturn:2005if (this_idata->or_flags & FLAG_NO_RETURN)2006/* This method cannot exit normally */2007CCerror(context, "Cannot return normally");2008default:2009break; /* nothing to do. */2010}2011}20122013/* Make sure that the top of the stack contains reasonable values for the2014* given instruction. The post-pop values of the stack and its size are2015* returned in *new_stack_info.2016*/20172018static void2019pop_stack(context_type *context, unsigned int inumber, stack_info_type *new_stack_info)2020{2021instruction_data_type *idata = context->instruction_data;2022instruction_data_type *this_idata = &idata[inumber];2023int opcode = this_idata->opcode;2024stack_item_type *stack = this_idata->stack_info.stack;2025int stack_size = this_idata->stack_info.stack_size;2026char *stack_operands, *p;2027char buffer[257]; /* for holding manufactured argument lists */2028fullinfo_type stack_extra_info_buffer[256]; /* save info popped off stack */2029fullinfo_type *stack_extra_info = &stack_extra_info_buffer[256];2030fullinfo_type full_info; /* only used in case of invoke instructions */2031fullinfo_type put_full_info; /* only used in case JVM_OPC_putstatic and JVM_OPC_putfield */20322033switch(opcode) {2034default:2035/* For most instructions, we just use a built-in table */2036stack_operands = opcode_in_out[opcode][0];2037break;20382039case JVM_OPC_putstatic: case JVM_OPC_putfield: {2040/* The top thing on the stack depends on the signature of2041* the object. */2042int operand = this_idata->operand.i;2043const char *signature =2044JVM_GetCPFieldSignatureUTF(context->env,2045context->class,2046operand);2047char *ip = buffer;2048check_and_push(context, signature, VM_STRING_UTF);2049#ifdef DEBUG2050if (verify_verbose) {2051print_formatted_fieldname(context, operand);2052}2053#endif2054if (opcode == JVM_OPC_putfield)2055*ip++ = 'A'; /* object for putfield */2056*ip++ = signature_to_fieldtype(context, &signature, &put_full_info);2057*ip = '\0';2058stack_operands = buffer;2059pop_and_free(context);2060break;2061}20622063case JVM_OPC_invokevirtual: case JVM_OPC_invokespecial:2064case JVM_OPC_invokeinit: /* invokespecial call to <init> */2065case JVM_OPC_invokestatic: case JVM_OPC_invokeinterface: {2066/* The top stuff on the stack depends on the method signature */2067int operand = this_idata->operand.i;2068const char *signature =2069JVM_GetCPMethodSignatureUTF(context->env,2070context->class,2071operand);2072char *ip = buffer;2073const char *p;2074check_and_push(context, signature, VM_STRING_UTF);2075#ifdef DEBUG2076if (verify_verbose) {2077print_formatted_methodname(context, operand);2078}2079#endif2080if (opcode != JVM_OPC_invokestatic)2081/* First, push the object */2082*ip++ = (opcode == JVM_OPC_invokeinit ? '@' : 'A');2083for (p = signature + 1; *p != JVM_SIGNATURE_ENDFUNC; ) {2084*ip++ = signature_to_fieldtype(context, &p, &full_info);2085if (ip >= buffer + sizeof(buffer) - 1)2086CCerror(context, "Signature %s has too many arguments",2087signature);2088}2089*ip = 0;2090stack_operands = buffer;2091pop_and_free(context);2092break;2093}20942095case JVM_OPC_multianewarray: {2096/* Count can't be larger than 255. So can't overflow buffer */2097int count = this_idata->operand2.i; /* number of ints on stack */2098memset(buffer, 'I', count);2099buffer[count] = '\0';2100stack_operands = buffer;2101break;2102}21032104} /* of switch */21052106/* Run through the list of operands >>backwards<< */2107for ( p = stack_operands + strlen(stack_operands);2108p > stack_operands;2109stack = stack->next) {2110int type = *--p;2111fullinfo_type top_type = stack ? stack->item : 0;2112int size = (type == 'D' || type == 'L') ? 2 : 1;2113*--stack_extra_info = top_type;2114if (stack == NULL)2115CCerror(context, "Unable to pop operand off an empty stack");21162117switch (type) {2118case 'I':2119if (top_type != MAKE_FULLINFO(ITEM_Integer, 0, 0))2120CCerror(context, "Expecting to find integer on stack");2121break;21222123case 'F':2124if (top_type != MAKE_FULLINFO(ITEM_Float, 0, 0))2125CCerror(context, "Expecting to find float on stack");2126break;21272128case 'A': /* object or array */2129if ( (GET_ITEM_TYPE(top_type) != ITEM_Object)2130&& (GET_INDIRECTION(top_type) == 0)) {2131/* The thing isn't an object or an array. Let's see if it's2132* one of the special cases */2133if ( (WITH_ZERO_EXTRA_INFO(top_type) ==2134MAKE_FULLINFO(ITEM_ReturnAddress, 0, 0))2135&& (opcode == JVM_OPC_astore))2136break;2137if ( (GET_ITEM_TYPE(top_type) == ITEM_NewObject2138|| (GET_ITEM_TYPE(top_type) == ITEM_InitObject))2139&& ((opcode == JVM_OPC_astore) || (opcode == JVM_OPC_aload)2140|| (opcode == JVM_OPC_ifnull) || (opcode == JVM_OPC_ifnonnull)))2141break;2142/* The 2nd edition VM of the specification allows field2143* initializations before the superclass initializer,2144* if the field is defined within the current class.2145*/2146if ( (GET_ITEM_TYPE(top_type) == ITEM_InitObject)2147&& (opcode == JVM_OPC_putfield)) {2148int operand = this_idata->operand.i;2149int access_bits = JVM_GetCPFieldModifiers(context->env,2150context->class,2151operand,2152context->class);2153/* Note: This relies on the fact that2154* JVM_GetCPFieldModifiers retrieves only local fields,2155* and does not respect inheritance.2156*/2157if (access_bits != -1) {2158if ( cp_index_to_class_fullinfo(context, operand, JVM_CONSTANT_Fieldref) ==2159context->currentclass_info ) {2160top_type = context->currentclass_info;2161*stack_extra_info = top_type;2162break;2163}2164}2165}2166CCerror(context, "Expecting to find object/array on stack");2167}2168break;21692170case '@': { /* unitialized object, for call to <init> */2171int item_type = GET_ITEM_TYPE(top_type);2172if (item_type != ITEM_NewObject && item_type != ITEM_InitObject)2173CCerror(context,2174"Expecting to find unitialized object on stack");2175break;2176}21772178case 'O': /* object, not array */2179if (WITH_ZERO_EXTRA_INFO(top_type) !=2180MAKE_FULLINFO(ITEM_Object, 0, 0))2181CCerror(context, "Expecting to find object on stack");2182break;21832184case 'a': /* integer, object, or array */2185if ( (top_type != MAKE_FULLINFO(ITEM_Integer, 0, 0))2186&& (GET_ITEM_TYPE(top_type) != ITEM_Object)2187&& (GET_INDIRECTION(top_type) == 0))2188CCerror(context,2189"Expecting to find object, array, or int on stack");2190break;21912192case 'D': /* double */2193if (top_type != MAKE_FULLINFO(ITEM_Double, 0, 0))2194CCerror(context, "Expecting to find double on stack");2195break;21962197case 'L': /* long */2198if (top_type != MAKE_FULLINFO(ITEM_Long, 0, 0))2199CCerror(context, "Expecting to find long on stack");2200break;22012202case ']': /* array of some type */2203if (top_type == NULL_FULLINFO) {2204/* do nothing */2205} else switch(p[-1]) {2206case 'I': /* array of integers */2207if (top_type != MAKE_FULLINFO(ITEM_Integer, 1, 0) &&2208top_type != NULL_FULLINFO)2209CCerror(context,2210"Expecting to find array of ints on stack");2211break;22122213case 'L': /* array of longs */2214if (top_type != MAKE_FULLINFO(ITEM_Long, 1, 0))2215CCerror(context,2216"Expecting to find array of longs on stack");2217break;22182219case 'F': /* array of floats */2220if (top_type != MAKE_FULLINFO(ITEM_Float, 1, 0))2221CCerror(context,2222"Expecting to find array of floats on stack");2223break;22242225case 'D': /* array of doubles */2226if (top_type != MAKE_FULLINFO(ITEM_Double, 1, 0))2227CCerror(context,2228"Expecting to find array of doubles on stack");2229break;22302231case 'A': { /* array of addresses (arrays or objects) */2232int indirection = GET_INDIRECTION(top_type);2233if ((indirection == 0) ||2234((indirection == 1) &&2235(GET_ITEM_TYPE(top_type) != ITEM_Object)))2236CCerror(context,2237"Expecting to find array of objects or arrays "2238"on stack");2239break;2240}22412242case 'B': /* array of bytes */2243if (top_type != MAKE_FULLINFO(ITEM_Byte, 1, 0))2244CCerror(context,2245"Expecting to find array of bytes on stack");2246break;22472248case 'C': /* array of characters */2249if (top_type != MAKE_FULLINFO(ITEM_Char, 1, 0))2250CCerror(context,2251"Expecting to find array of chars on stack");2252break;22532254case 'S': /* array of shorts */2255if (top_type != MAKE_FULLINFO(ITEM_Short, 1, 0))2256CCerror(context,2257"Expecting to find array of shorts on stack");2258break;22592260case '?': /* any type of array is okay */2261if (GET_INDIRECTION(top_type) == 0)2262CCerror(context,2263"Expecting to find array on stack");2264break;22652266default:2267CCerror(context, "Internal error #1");2268break;2269}2270p -= 2; /* skip over [ <char> */2271break;22722273case '1': case '2': case '3': case '4': /* stack swapping */2274if (top_type == MAKE_FULLINFO(ITEM_Double, 0, 0)2275|| top_type == MAKE_FULLINFO(ITEM_Long, 0, 0)) {2276if ((p > stack_operands) && (p[-1] == '+')) {2277context->swap_table[type - '1'] = top_type + 1;2278context->swap_table[p[-2] - '1'] = top_type;2279size = 2;2280p -= 2;2281} else {2282CCerror(context,2283"Attempt to split long or double on the stack");2284}2285} else {2286context->swap_table[type - '1'] = stack->item;2287if ((p > stack_operands) && (p[-1] == '+'))2288p--; /* ignore */2289}2290break;2291case '+': /* these should have been caught. */2292default:2293CCerror(context, "Internal error #2");2294}2295stack_size -= size;2296}22972298/* For many of the opcodes that had an "A" in their field, we really2299* need to go back and do a little bit more accurate testing. We can, of2300* course, assume that the minimal type checking has already been done.2301*/2302switch (opcode) {2303default: break;2304case JVM_OPC_aastore: { /* array index object */2305fullinfo_type array_type = stack_extra_info[0];2306fullinfo_type object_type = stack_extra_info[2];2307fullinfo_type target_type = decrement_indirection(array_type);2308if ((GET_ITEM_TYPE(object_type) != ITEM_Object)2309&& (GET_INDIRECTION(object_type) == 0)) {2310CCerror(context, "Expecting reference type on operand stack in aastore");2311}2312if ((GET_ITEM_TYPE(target_type) != ITEM_Object)2313&& (GET_INDIRECTION(target_type) == 0)) {2314CCerror(context, "Component type of the array must be reference type in aastore");2315}2316break;2317}23182319case JVM_OPC_putfield:2320case JVM_OPC_getfield:2321case JVM_OPC_putstatic: {2322int operand = this_idata->operand.i;2323fullinfo_type stack_object = stack_extra_info[0];2324if (opcode == JVM_OPC_putfield || opcode == JVM_OPC_getfield) {2325if (!isAssignableTo2326(context,2327stack_object,2328cp_index_to_class_fullinfo2329(context, operand, JVM_CONSTANT_Fieldref))) {2330CCerror(context,2331"Incompatible type for getting or setting field");2332}2333if (this_idata->protected &&2334!isAssignableTo(context, stack_object,2335context->currentclass_info)) {2336CCerror(context, "Bad access to protected data");2337}2338}2339if (opcode == JVM_OPC_putfield || opcode == JVM_OPC_putstatic) {2340int item = (opcode == JVM_OPC_putfield ? 1 : 0);2341if (!isAssignableTo(context,2342stack_extra_info[item], put_full_info)) {2343CCerror(context, "Bad type in putfield/putstatic");2344}2345}2346break;2347}23482349case JVM_OPC_athrow:2350if (!isAssignableTo(context, stack_extra_info[0],2351context->throwable_info)) {2352CCerror(context, "Can only throw Throwable objects");2353}2354break;23552356case JVM_OPC_aaload: { /* array index */2357/* We need to pass the information to the stack updater */2358fullinfo_type array_type = stack_extra_info[0];2359context->swap_table[0] = decrement_indirection(array_type);2360break;2361}23622363case JVM_OPC_invokevirtual: case JVM_OPC_invokespecial:2364case JVM_OPC_invokeinit:2365case JVM_OPC_invokeinterface: case JVM_OPC_invokestatic: {2366int operand = this_idata->operand.i;2367const char *signature =2368JVM_GetCPMethodSignatureUTF(context->env,2369context->class,2370operand);2371int item;2372const char *p;2373check_and_push(context, signature, VM_STRING_UTF);2374if (opcode == JVM_OPC_invokestatic) {2375item = 0;2376} else if (opcode == JVM_OPC_invokeinit) {2377fullinfo_type init_type = this_idata->operand2.fi;2378fullinfo_type object_type = stack_extra_info[0];2379context->swap_table[0] = object_type; /* save value */2380if (GET_ITEM_TYPE(stack_extra_info[0]) == ITEM_NewObject) {2381/* We better be calling the appropriate init. Find the2382* inumber of the "JVM_OPC_new" instruction", and figure2383* out what the type really is.2384*/2385unsigned int new_inumber = GET_EXTRA_INFO(stack_extra_info[0]);2386fullinfo_type target_type = idata[new_inumber].operand2.fi;2387context->swap_table[1] = target_type;23882389if (target_type != init_type) {2390CCerror(context, "Call to wrong initialization method");2391}2392if (this_idata->protected2393&& context->major_version > LDC_CLASS_MAJOR_VERSION2394&& !isAssignableTo(context, object_type,2395context->currentclass_info)) {2396CCerror(context, "Bad access to protected data");2397}2398} else {2399/* We better be calling super() or this(). */2400if (init_type != context->superclass_info &&2401init_type != context->currentclass_info) {2402CCerror(context, "Call to wrong initialization method");2403}2404context->swap_table[1] = context->currentclass_info;2405}2406item = 1;2407} else {2408fullinfo_type target_type = this_idata->operand2.fi;2409fullinfo_type object_type = stack_extra_info[0];2410if (!isAssignableTo(context, object_type, target_type)){2411CCerror(context,2412"Incompatible object argument for function call");2413}2414if (opcode == JVM_OPC_invokespecial2415&& !isAssignableTo(context, object_type,2416context->currentclass_info)) {2417/* Make sure object argument is assignment compatible to current class */2418CCerror(context,2419"Incompatible object argument for invokespecial");2420}2421if (this_idata->protected2422&& !isAssignableTo(context, object_type,2423context->currentclass_info)) {2424/* This is ugly. Special dispensation. Arrays pretend to2425implement public Object clone() even though they don't */2426const char *utfName =2427JVM_GetCPMethodNameUTF(context->env,2428context->class,2429this_idata->operand.i);2430int is_clone = utfName && (strcmp(utfName, "clone") == 0);2431JVM_ReleaseUTF(utfName);24322433if ((target_type == context->object_info) &&2434(GET_INDIRECTION(object_type) > 0) &&2435is_clone) {2436} else {2437CCerror(context, "Bad access to protected data");2438}2439}2440item = 1;2441}2442for (p = signature + 1; *p != JVM_SIGNATURE_ENDFUNC; item++)2443if (signature_to_fieldtype(context, &p, &full_info) == 'A') {2444if (!isAssignableTo(context,2445stack_extra_info[item], full_info)) {2446CCerror(context, "Incompatible argument to function");2447}2448}24492450pop_and_free(context);2451break;2452}24532454case JVM_OPC_return:2455if (context->return_type != MAKE_FULLINFO(ITEM_Void, 0, 0))2456CCerror(context, "Wrong return type in function");2457break;24582459case JVM_OPC_ireturn: case JVM_OPC_lreturn: case JVM_OPC_freturn:2460case JVM_OPC_dreturn: case JVM_OPC_areturn: {2461fullinfo_type target_type = context->return_type;2462fullinfo_type object_type = stack_extra_info[0];2463if (!isAssignableTo(context, object_type, target_type)) {2464CCerror(context, "Wrong return type in function");2465}2466break;2467}24682469case JVM_OPC_new: {2470/* Make sure that nothing on the stack already looks like what2471* we want to create. I can't image how this could possibly happen2472* but we should test for it anyway, since if it could happen, the2473* result would be an unitialized object being able to masquerade2474* as an initialized one.2475*/2476stack_item_type *item;2477for (item = stack; item != NULL; item = item->next) {2478if (item->item == this_idata->operand.fi) {2479CCerror(context,2480"Uninitialized object on stack at creating point");2481}2482}2483/* Info for update_registers */2484context->swap_table[0] = this_idata->operand.fi;2485context->swap_table[1] = MAKE_FULLINFO(ITEM_Bogus, 0, 0);24862487break;2488}2489}2490new_stack_info->stack = stack;2491new_stack_info->stack_size = stack_size;2492}249324942495/* We've already determined that the instruction is legal. Perform the2496* operation on the registers, and return the updated results in2497* new_register_count_p and new_registers.2498*/24992500static void2501update_registers(context_type *context, unsigned int inumber,2502register_info_type *new_register_info)2503{2504instruction_data_type *idata = context->instruction_data;2505instruction_data_type *this_idata = &idata[inumber];2506int opcode = this_idata->opcode;2507int operand = this_idata->operand.i;2508int register_count = this_idata->register_info.register_count;2509fullinfo_type *registers = this_idata->register_info.registers;2510stack_item_type *stack = this_idata->stack_info.stack;2511int mask_count = this_idata->register_info.mask_count;2512mask_type *masks = this_idata->register_info.masks;25132514/* Use these as default new values. */2515int new_register_count = register_count;2516int new_mask_count = mask_count;2517fullinfo_type *new_registers = registers;2518mask_type *new_masks = masks;25192520enum { ACCESS_NONE, ACCESS_SINGLE, ACCESS_DOUBLE } access = ACCESS_NONE;2521int i;25222523/* Remember, we've already verified the type at the top of the stack. */2524switch (opcode) {2525default: break;2526case JVM_OPC_istore: case JVM_OPC_fstore: case JVM_OPC_astore:2527access = ACCESS_SINGLE;2528goto continue_store;25292530case JVM_OPC_lstore: case JVM_OPC_dstore:2531access = ACCESS_DOUBLE;2532goto continue_store;25332534continue_store: {2535/* We have a modification to the registers. Copy them if needed. */2536fullinfo_type stack_top_type = stack->item;2537int max_operand = operand + ((access == ACCESS_DOUBLE) ? 1 : 0);25382539if ( max_operand < register_count2540&& registers[operand] == stack_top_type2541&& ((access == ACCESS_SINGLE) ||2542(registers[operand + 1]== stack_top_type + 1)))2543/* No changes have been made to the registers. */2544break;2545new_register_count = MAX(max_operand + 1, register_count);2546new_registers = NEW(fullinfo_type, new_register_count);2547for (i = 0; i < register_count; i++)2548new_registers[i] = registers[i];2549for (i = register_count; i < new_register_count; i++)2550new_registers[i] = MAKE_FULLINFO(ITEM_Bogus, 0, 0);2551new_registers[operand] = stack_top_type;2552if (access == ACCESS_DOUBLE)2553new_registers[operand + 1] = stack_top_type + 1;2554break;2555}25562557case JVM_OPC_iload: case JVM_OPC_fload: case JVM_OPC_aload:2558case JVM_OPC_iinc: case JVM_OPC_ret:2559access = ACCESS_SINGLE;2560break;25612562case JVM_OPC_lload: case JVM_OPC_dload:2563access = ACCESS_DOUBLE;2564break;25652566case JVM_OPC_jsr: case JVM_OPC_jsr_w:2567for (i = 0; i < new_mask_count; i++)2568if (new_masks[i].entry == operand)2569CCerror(context, "Recursive call to jsr entry");2570new_masks = add_to_masks(context, masks, mask_count, operand);2571new_mask_count++;2572break;25732574case JVM_OPC_invokeinit:2575case JVM_OPC_new: {2576/* For invokeinit, an uninitialized object has been initialized.2577* For new, all previous occurrences of an uninitialized object2578* from the same instruction must be made bogus.2579* We find all occurrences of swap_table[0] in the registers, and2580* replace them with swap_table[1];2581*/2582fullinfo_type from = context->swap_table[0];2583fullinfo_type to = context->swap_table[1];25842585int i;2586for (i = 0; i < register_count; i++) {2587if (new_registers[i] == from) {2588/* Found a match */2589break;2590}2591}2592if (i < register_count) { /* We broke out loop for match */2593/* We have to change registers, and possibly a mask */2594jboolean copied_mask = JNI_FALSE;2595int k;2596new_registers = NEW(fullinfo_type, register_count);2597memcpy(new_registers, registers,2598register_count * sizeof(registers[0]));2599for ( ; i < register_count; i++) {2600if (new_registers[i] == from) {2601new_registers[i] = to;2602for (k = 0; k < new_mask_count; k++) {2603if (!IS_BIT_SET(new_masks[k].modifies, i)) {2604if (!copied_mask) {2605new_masks = copy_masks(context, new_masks,2606mask_count);2607copied_mask = JNI_TRUE;2608}2609SET_BIT(new_masks[k].modifies, i);2610}2611}2612}2613}2614}2615break;2616}2617} /* of switch */26182619if ((access != ACCESS_NONE) && (new_mask_count > 0)) {2620int i, j;2621for (i = 0; i < new_mask_count; i++) {2622int *mask = new_masks[i].modifies;2623if ((!IS_BIT_SET(mask, operand)) ||2624((access == ACCESS_DOUBLE) &&2625!IS_BIT_SET(mask, operand + 1))) {2626new_masks = copy_masks(context, new_masks, mask_count);2627for (j = i; j < new_mask_count; j++) {2628SET_BIT(new_masks[j].modifies, operand);2629if (access == ACCESS_DOUBLE)2630SET_BIT(new_masks[j].modifies, operand + 1);2631}2632break;2633}2634}2635}26362637new_register_info->register_count = new_register_count;2638new_register_info->registers = new_registers;2639new_register_info->masks = new_masks;2640new_register_info->mask_count = new_mask_count;2641}2642264326442645/* We've already determined that the instruction is legal, and have updated2646* the registers. Update the flags, too.2647*/264826492650static void2651update_flags(context_type *context, unsigned int inumber,2652flag_type *new_and_flags, flag_type *new_or_flags)26532654{2655instruction_data_type *idata = context->instruction_data;2656instruction_data_type *this_idata = &idata[inumber];2657flag_type and_flags = this_idata->and_flags;2658flag_type or_flags = this_idata->or_flags;26592660/* Set the "we've done a constructor" flag */2661if (this_idata->opcode == JVM_OPC_invokeinit) {2662fullinfo_type from = context->swap_table[0];2663if (from == MAKE_FULLINFO(ITEM_InitObject, 0, 0))2664and_flags |= FLAG_CONSTRUCTED;2665}2666*new_and_flags = and_flags;2667*new_or_flags = or_flags;2668}2669267026712672/* We've already determined that the instruction is legal. Perform the2673* operation on the stack;2674*2675* new_stack_size_p and new_stack_p point to the results after the pops have2676* already been done. Do the pushes, and then put the results back there.2677*/26782679static void2680push_stack(context_type *context, unsigned int inumber, stack_info_type *new_stack_info)2681{2682instruction_data_type *idata = context->instruction_data;2683instruction_data_type *this_idata = &idata[inumber];2684int opcode = this_idata->opcode;2685int operand = this_idata->operand.i;26862687int stack_size = new_stack_info->stack_size;2688stack_item_type *stack = new_stack_info->stack;2689char *stack_results;26902691fullinfo_type full_info = 0;2692char buffer[5], *p; /* actually [2] is big enough */26932694/* We need to look at all those opcodes in which either we can't tell the2695* value pushed onto the stack from the opcode, or in which the value2696* pushed onto the stack is an object or array. For the latter, we need2697* to make sure that full_info is set to the right value.2698*/2699switch(opcode) {2700default:2701stack_results = opcode_in_out[opcode][1];2702break;27032704case JVM_OPC_ldc: case JVM_OPC_ldc_w: case JVM_OPC_ldc2_w: {2705/* Look to constant pool to determine correct result. */2706unsigned char *type_table = context->constant_types;2707switch (type_table[operand]) {2708case JVM_CONSTANT_Integer:2709stack_results = "I"; break;2710case JVM_CONSTANT_Float:2711stack_results = "F"; break;2712case JVM_CONSTANT_Double:2713stack_results = "D"; break;2714case JVM_CONSTANT_Long:2715stack_results = "L"; break;2716case JVM_CONSTANT_String:2717stack_results = "A";2718full_info = context->string_info;2719break;2720case JVM_CONSTANT_Class:2721if (context->major_version < LDC_CLASS_MAJOR_VERSION)2722CCerror(context, "Internal error #3");2723stack_results = "A";2724full_info = make_class_info_from_name(context,2725"java/lang/Class");2726break;2727case JVM_CONSTANT_MethodHandle:2728case JVM_CONSTANT_MethodType:2729if (context->major_version < LDC_METHOD_HANDLE_MAJOR_VERSION)2730CCerror(context, "Internal error #3");2731stack_results = "A";2732switch (type_table[operand]) {2733case JVM_CONSTANT_MethodType:2734full_info = make_class_info_from_name(context,2735"java/lang/invoke/MethodType");2736break;2737default: //JVM_CONSTANT_MethodHandle2738full_info = make_class_info_from_name(context,2739"java/lang/invoke/MethodHandle");2740break;2741}2742break;2743default:2744CCerror(context, "Internal error #3");2745stack_results = ""; /* Never reached: keep lint happy */2746}2747break;2748}27492750case JVM_OPC_getstatic: case JVM_OPC_getfield: {2751/* Look to signature to determine correct result. */2752int operand = this_idata->operand.i;2753const char *signature = JVM_GetCPFieldSignatureUTF(context->env,2754context->class,2755operand);2756check_and_push(context, signature, VM_STRING_UTF);2757#ifdef DEBUG2758if (verify_verbose) {2759print_formatted_fieldname(context, operand);2760}2761#endif2762buffer[0] = signature_to_fieldtype(context, &signature, &full_info);2763buffer[1] = '\0';2764stack_results = buffer;2765pop_and_free(context);2766break;2767}27682769case JVM_OPC_invokevirtual: case JVM_OPC_invokespecial:2770case JVM_OPC_invokeinit:2771case JVM_OPC_invokestatic: case JVM_OPC_invokeinterface: {2772/* Look to signature to determine correct result. */2773int operand = this_idata->operand.i;2774const char *signature = JVM_GetCPMethodSignatureUTF(context->env,2775context->class,2776operand);2777const char *result_signature;2778check_and_push(context, signature, VM_STRING_UTF);2779result_signature = get_result_signature(signature);2780if (result_signature++ == NULL) {2781CCerror(context, "Illegal signature %s", signature);2782}2783if (result_signature[0] == JVM_SIGNATURE_VOID) {2784stack_results = "";2785} else {2786buffer[0] = signature_to_fieldtype(context, &result_signature,2787&full_info);2788buffer[1] = '\0';2789stack_results = buffer;2790}2791pop_and_free(context);2792break;2793}27942795case JVM_OPC_aconst_null:2796stack_results = opcode_in_out[opcode][1];2797full_info = NULL_FULLINFO; /* special NULL */2798break;27992800case JVM_OPC_new:2801case JVM_OPC_checkcast:2802case JVM_OPC_newarray:2803case JVM_OPC_anewarray:2804case JVM_OPC_multianewarray:2805stack_results = opcode_in_out[opcode][1];2806/* Conveniently, this result type is stored here */2807full_info = this_idata->operand.fi;2808break;28092810case JVM_OPC_aaload:2811stack_results = opcode_in_out[opcode][1];2812/* pop_stack() saved value for us. */2813full_info = context->swap_table[0];2814break;28152816case JVM_OPC_aload:2817stack_results = opcode_in_out[opcode][1];2818/* The register hasn't been modified, so we can use its value. */2819full_info = this_idata->register_info.registers[operand];2820break;2821} /* of switch */28222823for (p = stack_results; *p != 0; p++) {2824int type = *p;2825stack_item_type *new_item = NEW(stack_item_type, 1);2826new_item->next = stack;2827stack = new_item;2828switch (type) {2829case 'I':2830stack->item = MAKE_FULLINFO(ITEM_Integer, 0, 0); break;2831case 'F':2832stack->item = MAKE_FULLINFO(ITEM_Float, 0, 0); break;2833case 'D':2834stack->item = MAKE_FULLINFO(ITEM_Double, 0, 0);2835stack_size++; break;2836case 'L':2837stack->item = MAKE_FULLINFO(ITEM_Long, 0, 0);2838stack_size++; break;2839case 'R':2840stack->item = MAKE_FULLINFO(ITEM_ReturnAddress, 0, operand);2841break;2842case '1': case '2': case '3': case '4': {2843/* Get the info saved in the swap_table */2844fullinfo_type stype = context->swap_table[type - '1'];2845stack->item = stype;2846if (stype == MAKE_FULLINFO(ITEM_Long, 0, 0) ||2847stype == MAKE_FULLINFO(ITEM_Double, 0, 0)) {2848stack_size++; p++;2849}2850break;2851}2852case 'A':2853/* full_info should have the appropriate value. */2854assert(full_info != 0);2855stack->item = full_info;2856break;2857default:2858CCerror(context, "Internal error #4");28592860} /* switch type */2861stack_size++;2862} /* outer for loop */28632864if (opcode == JVM_OPC_invokeinit) {2865/* If there are any instances of "from" on the stack, we need to2866* replace it with "to", since calling <init> initializes all versions2867* of the object, obviously. */2868fullinfo_type from = context->swap_table[0];2869stack_item_type *ptr;2870for (ptr = stack; ptr != NULL; ptr = ptr->next) {2871if (ptr->item == from) {2872fullinfo_type to = context->swap_table[1];2873stack = copy_stack(context, stack);2874for (ptr = stack; ptr != NULL; ptr = ptr->next)2875if (ptr->item == from) ptr->item = to;2876break;2877}2878}2879}28802881new_stack_info->stack_size = stack_size;2882new_stack_info->stack = stack;2883}288428852886/* We've performed an instruction, and determined the new registers and stack2887* value. Look at all of the possibly subsequent instructions, and merge2888* this stack value into theirs.2889*/28902891static void2892merge_into_successors(context_type *context, unsigned int inumber,2893register_info_type *register_info,2894stack_info_type *stack_info,2895flag_type and_flags, flag_type or_flags)2896{2897instruction_data_type *idata = context->instruction_data;2898instruction_data_type *this_idata = &idata[inumber];2899int opcode = this_idata->opcode;2900int operand = this_idata->operand.i;2901struct handler_info_type *handler_info = context->handler_info;2902int handler_info_length =2903JVM_GetMethodIxExceptionTableLength(context->env,2904context->class,2905context->method_index);290629072908int buffer[2]; /* default value for successors */2909int *successors = buffer; /* table of successors */2910int successors_count;2911int i;29122913switch (opcode) {2914default:2915successors_count = 1;2916buffer[0] = inumber + 1;2917break;29182919case JVM_OPC_ifeq: case JVM_OPC_ifne: case JVM_OPC_ifgt:2920case JVM_OPC_ifge: case JVM_OPC_iflt: case JVM_OPC_ifle:2921case JVM_OPC_ifnull: case JVM_OPC_ifnonnull:2922case JVM_OPC_if_icmpeq: case JVM_OPC_if_icmpne: case JVM_OPC_if_icmpgt:2923case JVM_OPC_if_icmpge: case JVM_OPC_if_icmplt: case JVM_OPC_if_icmple:2924case JVM_OPC_if_acmpeq: case JVM_OPC_if_acmpne:2925successors_count = 2;2926buffer[0] = inumber + 1;2927buffer[1] = operand;2928break;29292930case JVM_OPC_jsr: case JVM_OPC_jsr_w:2931if (this_idata->operand2.i != UNKNOWN_RET_INSTRUCTION)2932idata[this_idata->operand2.i].changed = JNI_TRUE;2933/* FALLTHROUGH */2934case JVM_OPC_goto: case JVM_OPC_goto_w:2935successors_count = 1;2936buffer[0] = operand;2937break;293829392940case JVM_OPC_ireturn: case JVM_OPC_lreturn: case JVM_OPC_return:2941case JVM_OPC_freturn: case JVM_OPC_dreturn: case JVM_OPC_areturn:2942case JVM_OPC_athrow:2943/* The testing for the returns is handled in pop_stack() */2944successors_count = 0;2945break;29462947case JVM_OPC_ret: {2948/* This is slightly slow, but good enough for a seldom used instruction.2949* The EXTRA_ITEM_INFO of the ITEM_ReturnAddress indicates the2950* address of the first instruction of the subroutine. We can return2951* to 1 after any instruction that jsr's to that instruction.2952*/2953if (this_idata->operand2.ip == NULL) {2954fullinfo_type *registers = this_idata->register_info.registers;2955int called_instruction = GET_EXTRA_INFO(registers[operand]);2956int i, count, *ptr;;2957for (i = context->instruction_count, count = 0; --i >= 0; ) {2958if (((idata[i].opcode == JVM_OPC_jsr) ||2959(idata[i].opcode == JVM_OPC_jsr_w)) &&2960(idata[i].operand.i == called_instruction))2961count++;2962}2963this_idata->operand2.ip = ptr = NEW(int, count + 1);2964*ptr++ = count;2965for (i = context->instruction_count, count = 0; --i >= 0; ) {2966if (((idata[i].opcode == JVM_OPC_jsr) ||2967(idata[i].opcode == JVM_OPC_jsr_w)) &&2968(idata[i].operand.i == called_instruction))2969*ptr++ = i + 1;2970}2971}2972successors = this_idata->operand2.ip; /* use this instead */2973successors_count = *successors++;2974break;29752976}29772978case JVM_OPC_tableswitch:2979case JVM_OPC_lookupswitch:2980successors = this_idata->operand.ip; /* use this instead */2981successors_count = *successors++;2982break;2983}29842985#ifdef DEBUG2986if (verify_verbose) {2987jio_fprintf(stdout, " [");2988for (i = handler_info_length; --i >= 0; handler_info++)2989if (handler_info->start <= (int)inumber && handler_info->end > (int)inumber)2990jio_fprintf(stdout, "%d* ", handler_info->handler);2991for (i = 0; i < successors_count; i++)2992jio_fprintf(stdout, "%d ", successors[i]);2993jio_fprintf(stdout, "]\n");2994}2995#endif29962997handler_info = context->handler_info;2998for (i = handler_info_length; --i >= 0; handler_info++) {2999if (handler_info->start <= (int)inumber && handler_info->end > (int)inumber) {3000int handler = handler_info->handler;3001if (opcode != JVM_OPC_invokeinit) {3002merge_into_one_successor(context, inumber, handler,3003&this_idata->register_info, /* old */3004&handler_info->stack_info,3005(flag_type) (and_flags3006& this_idata->and_flags),3007(flag_type) (or_flags3008| this_idata->or_flags),3009JNI_TRUE);3010} else {3011/* We need to be a little bit more careful with this3012* instruction. Things could either be in the state before3013* the instruction or in the state afterwards */3014fullinfo_type from = context->swap_table[0];3015flag_type temp_or_flags = or_flags;3016if (from == MAKE_FULLINFO(ITEM_InitObject, 0, 0))3017temp_or_flags |= FLAG_NO_RETURN;3018merge_into_one_successor(context, inumber, handler,3019&this_idata->register_info, /* old */3020&handler_info->stack_info,3021this_idata->and_flags,3022this_idata->or_flags,3023JNI_TRUE);3024merge_into_one_successor(context, inumber, handler,3025register_info,3026&handler_info->stack_info,3027and_flags, temp_or_flags, JNI_TRUE);3028}3029}3030}3031for (i = 0; i < successors_count; i++) {3032int target = successors[i];3033if (target >= context->instruction_count)3034CCerror(context, "Falling off the end of the code");3035merge_into_one_successor(context, inumber, target,3036register_info, stack_info, and_flags, or_flags,3037JNI_FALSE);3038}3039}30403041/* We have a new set of registers and stack values for a given instruction.3042* Merge this new set into the values that are already there.3043*/30443045static void3046merge_into_one_successor(context_type *context,3047unsigned int from_inumber, unsigned int to_inumber,3048register_info_type *new_register_info,3049stack_info_type *new_stack_info,3050flag_type new_and_flags, flag_type new_or_flags,3051jboolean isException)3052{3053instruction_data_type *idata = context->instruction_data;3054register_info_type register_info_buf;3055stack_info_type stack_info_buf;3056#ifdef DEBUG3057instruction_data_type *this_idata = &idata[to_inumber];3058register_info_type old_reg_info;3059stack_info_type old_stack_info;3060flag_type old_and_flags = 0;3061flag_type old_or_flags = 0;3062#endif30633064#ifdef DEBUG3065if (verify_verbose) {3066old_reg_info = this_idata->register_info;3067old_stack_info = this_idata->stack_info;3068old_and_flags = this_idata->and_flags;3069old_or_flags = this_idata->or_flags;3070}3071#endif30723073/* All uninitialized objects are set to "bogus" when jsr and3074* ret are executed. Thus uninitialized objects can't propagate3075* into or out of a subroutine.3076*/3077if (idata[from_inumber].opcode == JVM_OPC_ret ||3078idata[from_inumber].opcode == JVM_OPC_jsr ||3079idata[from_inumber].opcode == JVM_OPC_jsr_w) {3080int new_register_count = new_register_info->register_count;3081fullinfo_type *new_registers = new_register_info->registers;3082int i;3083stack_item_type *item;30843085for (item = new_stack_info->stack; item != NULL; item = item->next) {3086if (GET_ITEM_TYPE(item->item) == ITEM_NewObject) {3087/* This check only succeeds for hand-contrived code.3088* Efficiency is not an issue.3089*/3090stack_info_buf.stack = copy_stack(context,3091new_stack_info->stack);3092stack_info_buf.stack_size = new_stack_info->stack_size;3093new_stack_info = &stack_info_buf;3094for (item = new_stack_info->stack; item != NULL;3095item = item->next) {3096if (GET_ITEM_TYPE(item->item) == ITEM_NewObject) {3097item->item = MAKE_FULLINFO(ITEM_Bogus, 0, 0);3098}3099}3100break;3101}3102}3103for (i = 0; i < new_register_count; i++) {3104if (GET_ITEM_TYPE(new_registers[i]) == ITEM_NewObject) {3105/* This check only succeeds for hand-contrived code.3106* Efficiency is not an issue.3107*/3108fullinfo_type *new_set = NEW(fullinfo_type,3109new_register_count);3110for (i = 0; i < new_register_count; i++) {3111fullinfo_type t = new_registers[i];3112new_set[i] = GET_ITEM_TYPE(t) != ITEM_NewObject ?3113t : MAKE_FULLINFO(ITEM_Bogus, 0, 0);3114}3115register_info_buf.register_count = new_register_count;3116register_info_buf.registers = new_set;3117register_info_buf.mask_count = new_register_info->mask_count;3118register_info_buf.masks = new_register_info->masks;3119new_register_info = ®ister_info_buf;3120break;3121}3122}3123}31243125/* Returning from a subroutine is somewhat ugly. The actual thing3126* that needs to get merged into the new instruction is a joining3127* of info from the ret instruction with stuff in the jsr instruction3128*/3129if (idata[from_inumber].opcode == JVM_OPC_ret && !isException) {3130int new_register_count = new_register_info->register_count;3131fullinfo_type *new_registers = new_register_info->registers;3132int new_mask_count = new_register_info->mask_count;3133mask_type *new_masks = new_register_info->masks;3134int operand = idata[from_inumber].operand.i;3135int called_instruction = GET_EXTRA_INFO(new_registers[operand]);3136instruction_data_type *jsr_idata = &idata[to_inumber - 1];3137register_info_type *jsr_reginfo = &jsr_idata->register_info;3138if (jsr_idata->operand2.i != (int)from_inumber) {3139if (jsr_idata->operand2.i != UNKNOWN_RET_INSTRUCTION)3140CCerror(context, "Multiple returns to single jsr");3141jsr_idata->operand2.i = from_inumber;3142}3143if (jsr_reginfo->register_count == UNKNOWN_REGISTER_COUNT) {3144/* We don't want to handle the returned-to instruction until3145* we've dealt with the jsr instruction. When we get to the3146* jsr instruction (if ever), we'll re-mark the ret instruction3147*/3148;3149} else {3150int register_count = jsr_reginfo->register_count;3151fullinfo_type *registers = jsr_reginfo->registers;3152int max_registers = MAX(register_count, new_register_count);3153fullinfo_type *new_set = NEW(fullinfo_type, max_registers);3154int *return_mask;3155struct register_info_type new_new_register_info;3156int i;3157/* Make sure the place we're returning from is legal! */3158for (i = new_mask_count; --i >= 0; )3159if (new_masks[i].entry == called_instruction)3160break;3161if (i < 0)3162CCerror(context, "Illegal return from subroutine");3163/* pop the masks down to the indicated one. Remember the mask3164* we're popping off. */3165return_mask = new_masks[i].modifies;3166new_mask_count = i;3167for (i = 0; i < max_registers; i++) {3168if (IS_BIT_SET(return_mask, i))3169new_set[i] = i < new_register_count ?3170new_registers[i] : MAKE_FULLINFO(ITEM_Bogus, 0, 0);3171else3172new_set[i] = i < register_count ?3173registers[i] : MAKE_FULLINFO(ITEM_Bogus, 0, 0);3174}3175new_new_register_info.register_count = max_registers;3176new_new_register_info.registers = new_set;3177new_new_register_info.mask_count = new_mask_count;3178new_new_register_info.masks = new_masks;317931803181merge_stack(context, from_inumber, to_inumber, new_stack_info);3182merge_registers(context, to_inumber - 1, to_inumber,3183&new_new_register_info);3184merge_flags(context, from_inumber, to_inumber, new_and_flags, new_or_flags);3185}3186} else {3187merge_stack(context, from_inumber, to_inumber, new_stack_info);3188merge_registers(context, from_inumber, to_inumber, new_register_info);3189merge_flags(context, from_inumber, to_inumber,3190new_and_flags, new_or_flags);3191}31923193#ifdef DEBUG3194if (verify_verbose && idata[to_inumber].changed) {3195register_info_type *register_info = &this_idata->register_info;3196stack_info_type *stack_info = &this_idata->stack_info;3197if (memcmp(&old_reg_info, register_info, sizeof(old_reg_info)) ||3198memcmp(&old_stack_info, stack_info, sizeof(old_stack_info)) ||3199(old_and_flags != this_idata->and_flags) ||3200(old_or_flags != this_idata->or_flags)) {3201jio_fprintf(stdout, " %2d:", to_inumber);3202print_stack(context, &old_stack_info);3203print_registers(context, &old_reg_info);3204print_flags(context, old_and_flags, old_or_flags);3205jio_fprintf(stdout, " => ");3206print_stack(context, &this_idata->stack_info);3207print_registers(context, &this_idata->register_info);3208print_flags(context, this_idata->and_flags, this_idata->or_flags);3209jio_fprintf(stdout, "\n");3210}3211}3212#endif32133214}32153216static void3217merge_stack(context_type *context, unsigned int from_inumber,3218unsigned int to_inumber, stack_info_type *new_stack_info)3219{3220instruction_data_type *idata = context->instruction_data;3221instruction_data_type *this_idata = &idata[to_inumber];32223223int new_stack_size = new_stack_info->stack_size;3224stack_item_type *new_stack = new_stack_info->stack;32253226int stack_size = this_idata->stack_info.stack_size;32273228if (stack_size == UNKNOWN_STACK_SIZE) {3229/* First time at this instruction. Just copy. */3230this_idata->stack_info.stack_size = new_stack_size;3231this_idata->stack_info.stack = new_stack;3232this_idata->changed = JNI_TRUE;3233} else if (new_stack_size != stack_size) {3234CCerror(context, "Inconsistent stack height %d != %d",3235new_stack_size, stack_size);3236} else {3237stack_item_type *stack = this_idata->stack_info.stack;3238stack_item_type *old, *new;3239jboolean change = JNI_FALSE;3240for (old = stack, new = new_stack; old != NULL;3241old = old->next, new = new->next) {3242if (!isAssignableTo(context, new->item, old->item)) {3243change = JNI_TRUE;3244break;3245}3246}3247if (change) {3248stack = copy_stack(context, stack);3249for (old = stack, new = new_stack; old != NULL;3250old = old->next, new = new->next) {3251if (new == NULL) {3252break;3253}3254old->item = merge_fullinfo_types(context, old->item, new->item,3255JNI_FALSE);3256if (GET_ITEM_TYPE(old->item) == ITEM_Bogus) {3257CCerror(context, "Mismatched stack types");3258}3259}3260if (old != NULL || new != NULL) {3261CCerror(context, "Mismatched stack types");3262}3263this_idata->stack_info.stack = stack;3264this_idata->changed = JNI_TRUE;3265}3266}3267}32683269static void3270merge_registers(context_type *context, unsigned int from_inumber,3271unsigned int to_inumber, register_info_type *new_register_info)3272{3273instruction_data_type *idata = context->instruction_data;3274instruction_data_type *this_idata = &idata[to_inumber];3275register_info_type *this_reginfo = &this_idata->register_info;32763277int new_register_count = new_register_info->register_count;3278fullinfo_type *new_registers = new_register_info->registers;3279int new_mask_count = new_register_info->mask_count;3280mask_type *new_masks = new_register_info->masks;328132823283if (this_reginfo->register_count == UNKNOWN_REGISTER_COUNT) {3284this_reginfo->register_count = new_register_count;3285this_reginfo->registers = new_registers;3286this_reginfo->mask_count = new_mask_count;3287this_reginfo->masks = new_masks;3288this_idata->changed = JNI_TRUE;3289} else {3290/* See if we've got new information on the register set. */3291int register_count = this_reginfo->register_count;3292fullinfo_type *registers = this_reginfo->registers;3293int mask_count = this_reginfo->mask_count;3294mask_type *masks = this_reginfo->masks;32953296jboolean copy = JNI_FALSE;3297int i, j;3298if (register_count > new_register_count) {3299/* Any register larger than new_register_count is now bogus */3300this_reginfo->register_count = new_register_count;3301register_count = new_register_count;3302this_idata->changed = JNI_TRUE;3303}3304for (i = 0; i < register_count; i++) {3305fullinfo_type prev_value = registers[i];3306if ((i < new_register_count)3307? (!isAssignableTo(context, new_registers[i], prev_value))3308: (prev_value != MAKE_FULLINFO(ITEM_Bogus, 0, 0))) {3309copy = JNI_TRUE;3310break;3311}3312}33133314if (copy) {3315/* We need a copy. So do it. */3316fullinfo_type *new_set = NEW(fullinfo_type, register_count);3317for (j = 0; j < i; j++)3318new_set[j] = registers[j];3319for (j = i; j < register_count; j++) {3320if (i >= new_register_count)3321new_set[j] = MAKE_FULLINFO(ITEM_Bogus, 0, 0);3322else3323new_set[j] = merge_fullinfo_types(context,3324new_registers[j],3325registers[j], JNI_FALSE);3326}3327/* Some of the end items might now be bogus. This step isn't3328* necessary, but it may save work later. */3329while ( register_count > 03330&& GET_ITEM_TYPE(new_set[register_count-1]) == ITEM_Bogus)3331register_count--;3332this_reginfo->register_count = register_count;3333this_reginfo->registers = new_set;3334this_idata->changed = JNI_TRUE;3335}3336if (mask_count > 0) {3337/* If the target instruction already has a sequence of masks, then3338* we need to merge new_masks into it. We want the entries on3339* the mask to be the longest common substring of the two.3340* (e.g. a->b->d merged with a->c->d should give a->d)3341* The bits set in the mask should be the or of the corresponding3342* entries in each of the original masks.3343*/3344int i, j, k;3345int matches = 0;3346int last_match = -1;3347jboolean copy_needed = JNI_FALSE;3348for (i = 0; i < mask_count; i++) {3349int entry = masks[i].entry;3350for (j = last_match + 1; j < new_mask_count; j++) {3351if (new_masks[j].entry == entry) {3352/* We have a match */3353int *prev = masks[i].modifies;3354int *new = new_masks[j].modifies;3355matches++;3356/* See if new_mask has bits set for "entry" that3357* weren't set for mask. If so, need to copy. */3358for (k = context->bitmask_size - 1;3359!copy_needed && k >= 0;3360k--)3361if (~prev[k] & new[k])3362copy_needed = JNI_TRUE;3363last_match = j;3364break;3365}3366}3367}3368if ((matches < mask_count) || copy_needed) {3369/* We need to make a copy for the new item, since either the3370* size has decreased, or new bits are set. */3371mask_type *copy = NEW(mask_type, matches);3372for (i = 0; i < matches; i++) {3373copy[i].modifies = NEW(int, context->bitmask_size);3374}3375this_reginfo->masks = copy;3376this_reginfo->mask_count = matches;3377this_idata->changed = JNI_TRUE;3378matches = 0;3379last_match = -1;3380for (i = 0; i < mask_count; i++) {3381int entry = masks[i].entry;3382for (j = last_match + 1; j < new_mask_count; j++) {3383if (new_masks[j].entry == entry) {3384int *prev1 = masks[i].modifies;3385int *prev2 = new_masks[j].modifies;3386int *new = copy[matches].modifies;3387copy[matches].entry = entry;3388for (k = context->bitmask_size - 1; k >= 0; k--)3389new[k] = prev1[k] | prev2[k];3390matches++;3391last_match = j;3392break;3393}3394}3395}3396}3397}3398}3399}340034013402static void3403merge_flags(context_type *context, unsigned int from_inumber,3404unsigned int to_inumber,3405flag_type new_and_flags, flag_type new_or_flags)3406{3407/* Set this_idata->and_flags &= new_and_flags3408this_idata->or_flags |= new_or_flags3409*/3410instruction_data_type *idata = context->instruction_data;3411instruction_data_type *this_idata = &idata[to_inumber];3412flag_type this_and_flags = this_idata->and_flags;3413flag_type this_or_flags = this_idata->or_flags;3414flag_type merged_and = this_and_flags & new_and_flags;3415flag_type merged_or = this_or_flags | new_or_flags;34163417if ((merged_and != this_and_flags) || (merged_or != this_or_flags)) {3418this_idata->and_flags = merged_and;3419this_idata->or_flags = merged_or;3420this_idata->changed = JNI_TRUE;3421}3422}342334243425/* Make a copy of a stack */34263427static stack_item_type *3428copy_stack(context_type *context, stack_item_type *stack)3429{3430int length;3431stack_item_type *ptr;34323433/* Find the length */3434for (ptr = stack, length = 0; ptr != NULL; ptr = ptr->next, length++);34353436if (length > 0) {3437stack_item_type *new_stack = NEW(stack_item_type, length);3438stack_item_type *new_ptr;3439for ( ptr = stack, new_ptr = new_stack;3440ptr != NULL;3441ptr = ptr->next, new_ptr++) {3442new_ptr->item = ptr->item;3443new_ptr->next = new_ptr + 1;3444}3445new_stack[length - 1].next = NULL;3446return new_stack;3447} else {3448return NULL;3449}3450}345134523453static mask_type *3454copy_masks(context_type *context, mask_type *masks, int mask_count)3455{3456mask_type *result = NEW(mask_type, mask_count);3457int bitmask_size = context->bitmask_size;3458int *bitmaps = NEW(int, mask_count * bitmask_size);3459int i;3460for (i = 0; i < mask_count; i++) {3461result[i].entry = masks[i].entry;3462result[i].modifies = &bitmaps[i * bitmask_size];3463memcpy(result[i].modifies, masks[i].modifies, bitmask_size * sizeof(int));3464}3465return result;3466}346734683469static mask_type *3470add_to_masks(context_type *context, mask_type *masks, int mask_count, int d)3471{3472mask_type *result = NEW(mask_type, mask_count + 1);3473int bitmask_size = context->bitmask_size;3474int *bitmaps = NEW(int, (mask_count + 1) * bitmask_size);3475int i;3476for (i = 0; i < mask_count; i++) {3477result[i].entry = masks[i].entry;3478result[i].modifies = &bitmaps[i * bitmask_size];3479memcpy(result[i].modifies, masks[i].modifies, bitmask_size * sizeof(int));3480}3481result[mask_count].entry = d;3482result[mask_count].modifies = &bitmaps[mask_count * bitmask_size];3483memset(result[mask_count].modifies, 0, bitmask_size * sizeof(int));3484return result;3485}3486348734883489/* We create our own storage manager, since we malloc lots of little items,3490* and I don't want to keep trace of when they become free. I sure wish that3491* we had heaps, and I could just free the heap when done.3492*/34933494#define CCSegSize 200034953496struct CCpool { /* a segment of allocated memory in the pool */3497struct CCpool *next;3498int segSize; /* almost always CCSegSize */3499int poolPad;3500char space[CCSegSize];3501};35023503/* Initialize the context's heap. */3504static void CCinit(context_type *context)3505{3506struct CCpool *new = (struct CCpool *) malloc(sizeof(struct CCpool));3507/* Set context->CCroot to 0 if new == 0 to tell CCdestroy to lay off */3508context->CCroot = context->CCcurrent = new;3509if (new == 0) {3510CCout_of_memory(context);3511}3512new->next = NULL;3513new->segSize = CCSegSize;3514context->CCfree_size = CCSegSize;3515context->CCfree_ptr = &new->space[0];3516}351735183519/* Reuse all the space that we have in the context's heap. */3520static void CCreinit(context_type *context)3521{3522struct CCpool *first = context->CCroot;3523context->CCcurrent = first;3524context->CCfree_size = CCSegSize;3525context->CCfree_ptr = &first->space[0];3526}35273528/* Destroy the context's heap. */3529static void CCdestroy(context_type *context)3530{3531struct CCpool *this = context->CCroot;3532while (this) {3533struct CCpool *next = this->next;3534free(this);3535this = next;3536}3537/* These two aren't necessary. But can't hurt either */3538context->CCroot = context->CCcurrent = NULL;3539context->CCfree_ptr = 0;3540}35413542/* Allocate an object of the given size from the context's heap. */3543static void *3544CCalloc(context_type *context, int size, jboolean zero)3545{35463547register char *p;3548/* Round CC to the size of a pointer */3549size = (size + (sizeof(void *) - 1)) & ~(sizeof(void *) - 1);35503551if (context->CCfree_size < size) {3552struct CCpool *current = context->CCcurrent;3553struct CCpool *new;3554if (size > CCSegSize) { /* we need to allocate a special block */3555new = (struct CCpool *)malloc(sizeof(struct CCpool) +3556(size - CCSegSize));3557if (new == 0) {3558CCout_of_memory(context);3559}3560new->next = current->next;3561new->segSize = size;3562current->next = new;3563} else {3564new = current->next;3565if (new == NULL) {3566new = (struct CCpool *) malloc(sizeof(struct CCpool));3567if (new == 0) {3568CCout_of_memory(context);3569}3570current->next = new;3571new->next = NULL;3572new->segSize = CCSegSize;3573}3574}3575context->CCcurrent = new;3576context->CCfree_ptr = &new->space[0];3577context->CCfree_size = new->segSize;3578}3579p = context->CCfree_ptr;3580context->CCfree_ptr += size;3581context->CCfree_size -= size;3582if (zero)3583memset(p, 0, size);3584return p;3585}35863587/* Get the class associated with a particular field or method or class in the3588* constant pool. If is_field is true, we've got a field or method. If3589* false, we've got a class.3590*/3591static fullinfo_type3592cp_index_to_class_fullinfo(context_type *context, int cp_index, int kind)3593{3594JNIEnv *env = context->env;3595fullinfo_type result;3596const char *classname;3597switch (kind) {3598case JVM_CONSTANT_Class:3599classname = JVM_GetCPClassNameUTF(env,3600context->class,3601cp_index);3602break;3603case JVM_CONSTANT_Methodref:3604classname = JVM_GetCPMethodClassNameUTF(env,3605context->class,3606cp_index);3607break;3608case JVM_CONSTANT_Fieldref:3609classname = JVM_GetCPFieldClassNameUTF(env,3610context->class,3611cp_index);3612break;3613default:3614classname = NULL;3615CCerror(context, "Internal error #5");3616}36173618check_and_push(context, classname, VM_STRING_UTF);3619if (classname[0] == JVM_SIGNATURE_ARRAY) {3620/* This make recursively call us, in case of a class array */3621signature_to_fieldtype(context, &classname, &result);3622} else {3623result = make_class_info_from_name(context, classname);3624}3625pop_and_free(context);3626return result;3627}362836293630static int3631print_CCerror_info(context_type *context)3632{3633JNIEnv *env = context->env;3634jclass cb = context->class;3635const char *classname = JVM_GetClassNameUTF(env, cb);3636const char *name = 0;3637const char *signature = 0;3638int n = 0;3639if (context->method_index != -1) {3640name = JVM_GetMethodIxNameUTF(env, cb, context->method_index);3641signature =3642JVM_GetMethodIxSignatureUTF(env, cb, context->method_index);3643n += jio_snprintf(context->message, context->message_buf_len,3644"(class: %s, method: %s signature: %s) ",3645(classname ? classname : ""),3646(name ? name : ""),3647(signature ? signature : ""));3648} else if (context->field_index != -1 ) {3649name = JVM_GetMethodIxNameUTF(env, cb, context->field_index);3650n += jio_snprintf(context->message, context->message_buf_len,3651"(class: %s, field: %s) ",3652(classname ? classname : 0),3653(name ? name : 0));3654} else {3655n += jio_snprintf(context->message, context->message_buf_len,3656"(class: %s) ", classname ? classname : "");3657}3658JVM_ReleaseUTF(classname);3659JVM_ReleaseUTF(name);3660JVM_ReleaseUTF(signature);3661return n;3662}36633664static void3665CCerror (context_type *context, char *format, ...)3666{3667int n = print_CCerror_info(context);3668va_list args;3669if (n >= 0 && n < context->message_buf_len) {3670va_start(args, format);3671jio_vsnprintf(context->message + n, context->message_buf_len - n,3672format, args);3673va_end(args);3674}3675context->err_code = CC_VerifyError;3676longjmp(context->jump_buffer, 1);3677}36783679static void3680CCout_of_memory(context_type *context)3681{3682int n = print_CCerror_info(context);3683context->err_code = CC_OutOfMemory;3684longjmp(context->jump_buffer, 1);3685}36863687static void3688CFerror(context_type *context, char *format, ...)3689{3690int n = print_CCerror_info(context);3691va_list args;3692if (n >= 0 && n < context->message_buf_len) {3693va_start(args, format);3694jio_vsnprintf(context->message + n, context->message_buf_len - n,3695format, args);3696va_end(args);3697}3698context->err_code = CC_ClassFormatError;3699longjmp(context->jump_buffer, 1);3700}37013702/*3703* Need to scan the entire signature to find the result type because3704* types in the arg list and the result type could contain embedded ')'s.3705*/3706static const char* get_result_signature(const char* signature) {3707const char *p;3708for (p = signature; *p != JVM_SIGNATURE_ENDFUNC; p++) {3709switch (*p) {3710case JVM_SIGNATURE_BOOLEAN:3711case JVM_SIGNATURE_BYTE:3712case JVM_SIGNATURE_CHAR:3713case JVM_SIGNATURE_SHORT:3714case JVM_SIGNATURE_INT:3715case JVM_SIGNATURE_FLOAT:3716case JVM_SIGNATURE_DOUBLE:3717case JVM_SIGNATURE_LONG:3718case JVM_SIGNATURE_FUNC: /* ignore initial (, if given */3719break;3720case JVM_SIGNATURE_CLASS:3721while (*p != JVM_SIGNATURE_ENDCLASS) p++;3722break;3723case JVM_SIGNATURE_ARRAY:3724while (*p == JVM_SIGNATURE_ARRAY) p++;3725/* If an array of classes, skip over class name, too. */3726if (*p == JVM_SIGNATURE_CLASS) {3727while (*p != JVM_SIGNATURE_ENDCLASS) p++;3728}3729break;3730default:3731/* Indicate an error. */3732return NULL;3733}3734}3735return p++; /* skip over ')'. */3736}37373738static char3739signature_to_fieldtype(context_type *context,3740const char **signature_p, fullinfo_type *full_info_p)3741{3742const char *p = *signature_p;3743fullinfo_type full_info = MAKE_FULLINFO(ITEM_Bogus, 0, 0);3744char result;3745int array_depth = 0;37463747for (;;) {3748switch(*p++) {3749default:3750result = 0;3751break;37523753case JVM_SIGNATURE_BOOLEAN: case JVM_SIGNATURE_BYTE:3754full_info = (array_depth > 0)3755? MAKE_FULLINFO(ITEM_Byte, 0, 0)3756: MAKE_FULLINFO(ITEM_Integer, 0, 0);3757result = 'I';3758break;37593760case JVM_SIGNATURE_CHAR:3761full_info = (array_depth > 0)3762? MAKE_FULLINFO(ITEM_Char, 0, 0)3763: MAKE_FULLINFO(ITEM_Integer, 0, 0);3764result = 'I';3765break;37663767case JVM_SIGNATURE_SHORT:3768full_info = (array_depth > 0)3769? MAKE_FULLINFO(ITEM_Short, 0, 0)3770: MAKE_FULLINFO(ITEM_Integer, 0, 0);3771result = 'I';3772break;37733774case JVM_SIGNATURE_INT:3775full_info = MAKE_FULLINFO(ITEM_Integer, 0, 0);3776result = 'I';3777break;37783779case JVM_SIGNATURE_FLOAT:3780full_info = MAKE_FULLINFO(ITEM_Float, 0, 0);3781result = 'F';3782break;37833784case JVM_SIGNATURE_DOUBLE:3785full_info = MAKE_FULLINFO(ITEM_Double, 0, 0);3786result = 'D';3787break;37883789case JVM_SIGNATURE_LONG:3790full_info = MAKE_FULLINFO(ITEM_Long, 0, 0);3791result = 'L';3792break;37933794case JVM_SIGNATURE_ARRAY:3795array_depth++;3796continue; /* only time we ever do the loop > 1 */37973798case JVM_SIGNATURE_CLASS: {3799char buffer_space[256];3800char *buffer = buffer_space;3801char *finish = strchr(p, JVM_SIGNATURE_ENDCLASS);3802int length;3803if (finish == NULL) {3804/* Signature must have ';' after the class name.3805* If it does not, return 0 and ITEM_Bogus in full_info. */3806result = 0;3807break;3808}3809length = finish - p;3810if (length + 1 > (int)sizeof(buffer_space)) {3811buffer = malloc(length + 1);3812check_and_push(context, buffer, VM_MALLOC_BLK);3813}3814memcpy(buffer, p, length);3815buffer[length] = '\0';3816full_info = make_class_info_from_name(context, buffer);3817result = 'A';3818p = finish + 1;3819if (buffer != buffer_space)3820pop_and_free(context);3821break;3822}3823} /* end of switch */3824break;3825}3826*signature_p = p;3827if (array_depth == 0 || result == 0) {3828/* either not an array, or result is bogus */3829*full_info_p = full_info;3830return result;3831} else {3832if (array_depth > MAX_ARRAY_DIMENSIONS)3833CCerror(context, "Array with too many dimensions");3834*full_info_p = MAKE_FULLINFO(GET_ITEM_TYPE(full_info),3835array_depth,3836GET_EXTRA_INFO(full_info));3837return 'A';3838}3839}384038413842/* Given an array type, create the type that has one less level of3843* indirection.3844*/38453846static fullinfo_type3847decrement_indirection(fullinfo_type array_info)3848{3849if (array_info == NULL_FULLINFO) {3850return NULL_FULLINFO;3851} else {3852int type = GET_ITEM_TYPE(array_info);3853int indirection = GET_INDIRECTION(array_info) - 1;3854int extra_info = GET_EXTRA_INFO(array_info);3855if ( (indirection == 0)3856&& ((type == ITEM_Short || type == ITEM_Byte || type == ITEM_Char)))3857type = ITEM_Integer;3858return MAKE_FULLINFO(type, indirection, extra_info);3859}3860}386138623863/* See if we can assign an object of the "from" type to an object3864* of the "to" type.3865*/38663867static jboolean isAssignableTo(context_type *context,3868fullinfo_type from, fullinfo_type to)3869{3870return (merge_fullinfo_types(context, from, to, JNI_TRUE) == to);3871}38723873/* Given two fullinfo_type's, find their lowest common denominator. If3874* the assignable_p argument is non-null, we're really just calling to find3875* out if "<target> := <value>" is a legitimate assignment.3876*3877* We treat all interfaces as if they were of type java/lang/Object, since the3878* runtime will do the full checking.3879*/3880static fullinfo_type3881merge_fullinfo_types(context_type *context,3882fullinfo_type value, fullinfo_type target,3883jboolean for_assignment)3884{3885JNIEnv *env = context->env;3886if (value == target) {3887/* If they're identical, clearly just return what we've got */3888return value;3889}38903891/* Both must be either arrays or objects to go further */3892if (GET_INDIRECTION(value) == 0 && GET_ITEM_TYPE(value) != ITEM_Object)3893return MAKE_FULLINFO(ITEM_Bogus, 0, 0);3894if (GET_INDIRECTION(target) == 0 && GET_ITEM_TYPE(target) != ITEM_Object)3895return MAKE_FULLINFO(ITEM_Bogus, 0, 0);38963897/* If either is NULL, return the other. */3898if (value == NULL_FULLINFO)3899return target;3900else if (target == NULL_FULLINFO)3901return value;39023903/* If either is java/lang/Object, that's the result. */3904if (target == context->object_info)3905return target;3906else if (value == context->object_info) {3907/* Minor hack. For assignments, Interface := Object, return Interface3908* rather than Object, so that isAssignableTo() will get the right3909* result. */3910if (for_assignment && (WITH_ZERO_EXTRA_INFO(target) ==3911MAKE_FULLINFO(ITEM_Object, 0, 0))) {3912jclass cb = object_fullinfo_to_classclass(context,3913target);3914int is_interface = cb && JVM_IsInterface(env, cb);3915if (is_interface)3916return target;3917}3918return value;3919}3920if (GET_INDIRECTION(value) > 0 || GET_INDIRECTION(target) > 0) {3921/* At least one is an array. Neither is java/lang/Object or NULL.3922* Moreover, the types are not identical.3923* The result must either be Object, or an array of some object type.3924*/3925fullinfo_type value_base, target_base;3926int dimen_value = GET_INDIRECTION(value);3927int dimen_target = GET_INDIRECTION(target);39283929if (target == context->cloneable_info ||3930target == context->serializable_info) {3931return target;3932}39333934if (value == context->cloneable_info ||3935value == context->serializable_info) {3936return value;3937}39383939/* First, if either item's base type isn't ITEM_Object, promote it up3940* to an object or array of object. If either is elemental, we can3941* punt.3942*/3943if (GET_ITEM_TYPE(value) != ITEM_Object) {3944if (dimen_value == 0)3945return MAKE_FULLINFO(ITEM_Bogus, 0, 0);3946dimen_value--;3947value = MAKE_Object_ARRAY(dimen_value);39483949}3950if (GET_ITEM_TYPE(target) != ITEM_Object) {3951if (dimen_target == 0)3952return MAKE_FULLINFO(ITEM_Bogus, 0, 0);3953dimen_target--;3954target = MAKE_Object_ARRAY(dimen_target);3955}3956/* Both are now objects or arrays of some sort of object type */3957value_base = WITH_ZERO_INDIRECTION(value);3958target_base = WITH_ZERO_INDIRECTION(target);3959if (dimen_value == dimen_target) {3960/* Arrays of the same dimension. Merge their base types. */3961fullinfo_type result_base =3962merge_fullinfo_types(context, value_base, target_base,3963for_assignment);3964if (result_base == MAKE_FULLINFO(ITEM_Bogus, 0, 0))3965/* bogus in, bogus out */3966return result_base;3967return MAKE_FULLINFO(ITEM_Object, dimen_value,3968GET_EXTRA_INFO(result_base));3969} else {3970/* Arrays of different sizes. If the smaller dimension array's base3971* type is java/lang/Cloneable or java/io/Serializable, return it.3972* Otherwise return java/lang/Object with a dimension of the smaller3973* of the two */3974if (dimen_value < dimen_target) {3975if (value_base == context->cloneable_info ||3976value_base == context ->serializable_info) {3977return value;3978}3979return MAKE_Object_ARRAY(dimen_value);3980} else {3981if (target_base == context->cloneable_info ||3982target_base == context->serializable_info) {3983return target;3984}3985return MAKE_Object_ARRAY(dimen_target);3986}3987}3988} else {3989/* Both are non-array objects. Neither is java/lang/Object or NULL */3990jclass cb_value, cb_target, cb_super_value, cb_super_target;3991fullinfo_type result_info;39923993/* Let's get the classes corresponding to each of these. Treat3994* interfaces as if they were java/lang/Object. See hack note above. */3995cb_target = object_fullinfo_to_classclass(context, target);3996if (cb_target == 0)3997return MAKE_FULLINFO(ITEM_Bogus, 0, 0);3998if (JVM_IsInterface(env, cb_target))3999return for_assignment ? target : context->object_info;4000cb_value = object_fullinfo_to_classclass(context, value);4001if (cb_value == 0)4002return MAKE_FULLINFO(ITEM_Bogus, 0, 0);4003if (JVM_IsInterface(env, cb_value))4004return context->object_info;40054006/* If this is for assignment of target := value, we just need to see if4007* cb_target is a superclass of cb_value. Save ourselves a lot of4008* work.4009*/4010if (for_assignment) {4011cb_super_value = (*env)->GetSuperclass(env, cb_value);4012while (cb_super_value != 0) {4013jclass tmp_cb;4014if ((*env)->IsSameObject(env, cb_super_value, cb_target)) {4015(*env)->DeleteLocalRef(env, cb_super_value);4016return target;4017}4018tmp_cb = (*env)->GetSuperclass(env, cb_super_value);4019(*env)->DeleteLocalRef(env, cb_super_value);4020cb_super_value = tmp_cb;4021}4022(*env)->DeleteLocalRef(env, cb_super_value);4023return context->object_info;4024}40254026/* Find out whether cb_value or cb_target is deeper in the class4027* tree by moving both toward the root, and seeing who gets there4028* first. */4029cb_super_value = (*env)->GetSuperclass(env, cb_value);4030cb_super_target = (*env)->GetSuperclass(env, cb_target);4031while((cb_super_value != 0) &&4032(cb_super_target != 0)) {4033jclass tmp_cb;4034/* Optimization. If either hits the other when going up looking4035* for a parent, then might as well return the parent immediately */4036if ((*env)->IsSameObject(env, cb_super_value, cb_target)) {4037(*env)->DeleteLocalRef(env, cb_super_value);4038(*env)->DeleteLocalRef(env, cb_super_target);4039return target;4040}4041if ((*env)->IsSameObject(env, cb_super_target, cb_value)) {4042(*env)->DeleteLocalRef(env, cb_super_value);4043(*env)->DeleteLocalRef(env, cb_super_target);4044return value;4045}4046tmp_cb = (*env)->GetSuperclass(env, cb_super_value);4047(*env)->DeleteLocalRef(env, cb_super_value);4048cb_super_value = tmp_cb;40494050tmp_cb = (*env)->GetSuperclass(env, cb_super_target);4051(*env)->DeleteLocalRef(env, cb_super_target);4052cb_super_target = tmp_cb;4053}4054cb_value = (*env)->NewLocalRef(env, cb_value);4055cb_target = (*env)->NewLocalRef(env, cb_target);4056/* At most one of the following two while clauses will be executed.4057* Bring the deeper of cb_target and cb_value to the depth of the4058* shallower one.4059*/4060while (cb_super_value != 0) {4061/* cb_value is deeper */4062jclass cb_tmp;40634064cb_tmp = (*env)->GetSuperclass(env, cb_super_value);4065(*env)->DeleteLocalRef(env, cb_super_value);4066cb_super_value = cb_tmp;40674068cb_tmp = (*env)->GetSuperclass(env, cb_value);4069(*env)->DeleteLocalRef(env, cb_value);4070cb_value = cb_tmp;4071}4072while (cb_super_target != 0) {4073/* cb_target is deeper */4074jclass cb_tmp;40754076cb_tmp = (*env)->GetSuperclass(env, cb_super_target);4077(*env)->DeleteLocalRef(env, cb_super_target);4078cb_super_target = cb_tmp;40794080cb_tmp = (*env)->GetSuperclass(env, cb_target);4081(*env)->DeleteLocalRef(env, cb_target);4082cb_target = cb_tmp;4083}40844085/* Walk both up, maintaining equal depth, until a join is found. We4086* know that we will find one. */4087while (!(*env)->IsSameObject(env, cb_value, cb_target)) {4088jclass cb_tmp;4089cb_tmp = (*env)->GetSuperclass(env, cb_value);4090(*env)->DeleteLocalRef(env, cb_value);4091cb_value = cb_tmp;4092cb_tmp = (*env)->GetSuperclass(env, cb_target);4093(*env)->DeleteLocalRef(env, cb_target);4094cb_target = cb_tmp;4095}4096result_info = make_class_info(context, cb_value);4097(*env)->DeleteLocalRef(env, cb_value);4098(*env)->DeleteLocalRef(env, cb_super_value);4099(*env)->DeleteLocalRef(env, cb_target);4100(*env)->DeleteLocalRef(env, cb_super_target);4101return result_info;4102} /* both items are classes */4103}410441054106/* Given a fullinfo_type corresponding to an Object, return the jclass4107* of that type.4108*4109* This function always returns a global reference!4110*/41114112static jclass4113object_fullinfo_to_classclass(context_type *context, fullinfo_type classinfo)4114{4115unsigned short info = GET_EXTRA_INFO(classinfo);4116return ID_to_class(context, info);4117}41184119static void free_block(void *ptr, int kind)4120{4121switch (kind) {4122case VM_STRING_UTF:4123JVM_ReleaseUTF(ptr);4124break;4125case VM_MALLOC_BLK:4126free(ptr);4127break;4128}4129}41304131static void check_and_push(context_type *context, const void *ptr, int kind)4132{4133alloc_stack_type *p;4134if (ptr == 0)4135CCout_of_memory(context);4136if (context->alloc_stack_top < ALLOC_STACK_SIZE)4137p = &(context->alloc_stack[context->alloc_stack_top++]);4138else {4139/* Otherwise we have to malloc */4140p = malloc(sizeof(alloc_stack_type));4141if (p == 0) {4142/* Make sure we clean up. */4143free_block((void *)ptr, kind);4144CCout_of_memory(context);4145}4146}4147p->kind = kind;4148p->ptr = (void *)ptr;4149p->next = context->allocated_memory;4150context->allocated_memory = p;4151}41524153static void pop_and_free(context_type *context)4154{4155alloc_stack_type *p = context->allocated_memory;4156context->allocated_memory = p->next;4157free_block(p->ptr, p->kind);4158if (p < context->alloc_stack + ALLOC_STACK_SIZE &&4159p >= context->alloc_stack)4160context->alloc_stack_top--;4161else4162free(p);4163}41644165static int signature_to_args_size(const char *method_signature)4166{4167const char *p;4168int args_size = 0;4169for (p = method_signature; *p != JVM_SIGNATURE_ENDFUNC; p++) {4170switch (*p) {4171case JVM_SIGNATURE_BOOLEAN:4172case JVM_SIGNATURE_BYTE:4173case JVM_SIGNATURE_CHAR:4174case JVM_SIGNATURE_SHORT:4175case JVM_SIGNATURE_INT:4176case JVM_SIGNATURE_FLOAT:4177args_size += 1;4178break;4179case JVM_SIGNATURE_CLASS:4180args_size += 1;4181while (*p != JVM_SIGNATURE_ENDCLASS) p++;4182break;4183case JVM_SIGNATURE_ARRAY:4184args_size += 1;4185while ((*p == JVM_SIGNATURE_ARRAY)) p++;4186/* If an array of classes, skip over class name, too. */4187if (*p == JVM_SIGNATURE_CLASS) {4188while (*p != JVM_SIGNATURE_ENDCLASS)4189p++;4190}4191break;4192case JVM_SIGNATURE_DOUBLE:4193case JVM_SIGNATURE_LONG:4194args_size += 2;4195break;4196case JVM_SIGNATURE_FUNC: /* ignore initial (, if given */4197break;4198default:4199/* Indicate an error. */4200return 0;4201}4202}4203return args_size;4204}42054206#ifdef DEBUG42074208/* Below are for debugging. */42094210static void print_fullinfo_type(context_type *, fullinfo_type, jboolean);42114212static void4213print_stack(context_type *context, stack_info_type *stack_info)4214{4215stack_item_type *stack = stack_info->stack;4216if (stack_info->stack_size == UNKNOWN_STACK_SIZE) {4217jio_fprintf(stdout, "x");4218} else {4219jio_fprintf(stdout, "(");4220for ( ; stack != 0; stack = stack->next)4221print_fullinfo_type(context, stack->item,4222(jboolean)(verify_verbose > 1 ? JNI_TRUE : JNI_FALSE));4223jio_fprintf(stdout, ")");4224}4225}42264227static void4228print_registers(context_type *context, register_info_type *register_info)4229{4230int register_count = register_info->register_count;4231if (register_count == UNKNOWN_REGISTER_COUNT) {4232jio_fprintf(stdout, "x");4233} else {4234fullinfo_type *registers = register_info->registers;4235int mask_count = register_info->mask_count;4236mask_type *masks = register_info->masks;4237int i, j;42384239jio_fprintf(stdout, "{");4240for (i = 0; i < register_count; i++)4241print_fullinfo_type(context, registers[i],4242(jboolean)(verify_verbose > 1 ? JNI_TRUE : JNI_FALSE));4243jio_fprintf(stdout, "}");4244for (i = 0; i < mask_count; i++) {4245char *separator = "";4246int *modifies = masks[i].modifies;4247jio_fprintf(stdout, "<%d: ", masks[i].entry);4248for (j = 0;4249j < JVM_GetMethodIxLocalsCount(context->env,4250context->class,4251context->method_index);4252j++)4253if (IS_BIT_SET(modifies, j)) {4254jio_fprintf(stdout, "%s%d", separator, j);4255separator = ",";4256}4257jio_fprintf(stdout, ">");4258}4259}4260}426142624263static void4264print_flags(context_type *context, flag_type and_flags, flag_type or_flags)4265{4266if (and_flags != ((flag_type)-1) || or_flags != 0) {4267jio_fprintf(stdout, "<%x %x>", and_flags, or_flags);4268}4269}42704271static void4272print_fullinfo_type(context_type *context, fullinfo_type type, jboolean verbose)4273{4274int i;4275int indirection = GET_INDIRECTION(type);4276for (i = indirection; i-- > 0; )4277jio_fprintf(stdout, "[");4278switch (GET_ITEM_TYPE(type)) {4279case ITEM_Integer:4280jio_fprintf(stdout, "I"); break;4281case ITEM_Float:4282jio_fprintf(stdout, "F"); break;4283case ITEM_Double:4284jio_fprintf(stdout, "D"); break;4285case ITEM_Double_2:4286jio_fprintf(stdout, "d"); break;4287case ITEM_Long:4288jio_fprintf(stdout, "L"); break;4289case ITEM_Long_2:4290jio_fprintf(stdout, "l"); break;4291case ITEM_ReturnAddress:4292jio_fprintf(stdout, "a"); break;4293case ITEM_Object:4294if (!verbose) {4295jio_fprintf(stdout, "A");4296} else {4297unsigned short extra = GET_EXTRA_INFO(type);4298if (extra == 0) {4299jio_fprintf(stdout, "/Null/");4300} else {4301const char *name = ID_to_class_name(context, extra);4302const char *name2 = strrchr(name, '/');4303jio_fprintf(stdout, "/%s/", name2 ? name2 + 1 : name);4304}4305}4306break;4307case ITEM_Char:4308jio_fprintf(stdout, "C"); break;4309case ITEM_Short:4310jio_fprintf(stdout, "S"); break;4311case ITEM_Byte:4312jio_fprintf(stdout, "B"); break;4313case ITEM_NewObject:4314if (!verbose) {4315jio_fprintf(stdout, "@");4316} else {4317int inum = GET_EXTRA_INFO(type);4318fullinfo_type real_type =4319context->instruction_data[inum].operand2.fi;4320jio_fprintf(stdout, ">");4321print_fullinfo_type(context, real_type, JNI_TRUE);4322jio_fprintf(stdout, "<");4323}4324break;4325case ITEM_InitObject:4326jio_fprintf(stdout, verbose ? ">/this/<" : "@");4327break;43284329default:4330jio_fprintf(stdout, "?"); break;4331}4332for (i = indirection; i-- > 0; )4333jio_fprintf(stdout, "]");4334}433543364337static void4338print_formatted_fieldname(context_type *context, int index)4339{4340JNIEnv *env = context->env;4341jclass cb = context->class;4342const char *classname = JVM_GetCPFieldClassNameUTF(env, cb, index);4343const char *fieldname = JVM_GetCPFieldNameUTF(env, cb, index);4344jio_fprintf(stdout, " <%s.%s>",4345classname ? classname : "", fieldname ? fieldname : "");4346JVM_ReleaseUTF(classname);4347JVM_ReleaseUTF(fieldname);4348}43494350static void4351print_formatted_methodname(context_type *context, int index)4352{4353JNIEnv *env = context->env;4354jclass cb = context->class;4355const char *classname = JVM_GetCPMethodClassNameUTF(env, cb, index);4356const char *methodname = JVM_GetCPMethodNameUTF(env, cb, index);4357jio_fprintf(stdout, " <%s.%s>",4358classname ? classname : "", methodname ? methodname : "");4359JVM_ReleaseUTF(classname);4360JVM_ReleaseUTF(methodname);4361}43624363#endif /*DEBUG*/436443654366