1 // defineclass.cc - defining a class from .class format.
3 /* Copyright (C) 2001 Free Software Foundation
5 This file is part of libgcj.
7 This software is copyrighted work licensed under the terms of the
8 Libgcj License. Please consult the file "LIBGCJ_LICENSE" for
11 // Writte by Tom Tromey <tromey@redhat.com>
17 #include <java-insns.h>
18 #include <java-interp.h>
22 #include <java/lang/Class.h>
23 #include <java/lang/VerifyError.h>
24 #include <java/lang/Throwable.h>
25 #include <java/lang/reflect/Modifier.h>
29 // * read more about when classes must be loaded
30 // * there are bugs with boolean arrays?
31 // * class loader madness
32 // * Lots and lots of debugging and testing
33 // * type representation is still ugly. look for the big switches
34 // * at least one GC problem :-(
37 // This is global because __attribute__ doesn't seem to work on static
39 static void verify_fail (char *s) __attribute__ ((__noreturn__));
41 class _Jv_BytecodeVerifier
45 static const int FLAG_INSN_START = 1;
46 static const int FLAG_BRANCH_TARGET = 2;
47 static const int FLAG_JSR_TARGET = 4;
55 // The PC corresponding to the start of the current instruction.
58 // The current state of the stack, locals, etc.
61 // We store the state at branch targets, for merging. This holds
65 // We keep a linked list of all the PCs which we must reverify.
66 // The link is done using the PC values. This is the head of the
70 // We keep some flags for each instruction. The values are the
71 // FLAG_* constants defined above.
74 // We need to keep track of which instructions can call a given
75 // subroutine. FIXME: this is inefficient. We keep a linked list
76 // of all calling `jsr's at at each jsr target.
79 // The current top of the stack, in terms of slots.
81 // The current depth of the stack. This will be larger than
82 // STACKTOP when wide types are on the stack.
85 // The bytecode itself.
86 unsigned char *bytecode;
88 _Jv_InterpException *exception;
93 _Jv_InterpMethod *current_method;
95 // This enum holds a list of tags for all the different types we
96 // need to handle. Reference types are treated specially by the
102 // The values for primitive types are chosen to correspond to values
103 // specified to newarray.
113 // Used when overwriting second word of a double or long in the
114 // local variables. Also used after merging local variable states
115 // to indicate an unusable value.
120 // Everything after `reference_type' must be a reference type.
123 unresolved_reference_type,
124 uninitialized_reference_type,
125 uninitialized_unresolved_reference_type
128 // Return the type_val corresponding to a primitive signature
129 // character. For instance `I' returns `int.class'.
130 static type_val get_type_val_for_signature (jchar sig)
160 verify_fail ("invalid signature");
165 // Return the type_val corresponding to a primitive class.
166 static type_val get_type_val_for_signature (jclass k)
168 return get_type_val_for_signature ((jchar) k->method_count);
171 // This is used to keep track of which `jsr's correspond to a given
175 // PC of the instruction just after the jsr.
181 // The `type' class is used to represent a single type in the
187 // Some associated data.
190 // For a resolved reference type, this is a pointer to the class.
192 // For other reference types, this it the name of the class.
195 // This is used when constructing a new object. It is the PC of the
196 // `new' instruction which created the object. We use the special
197 // value -2 to mean that this is uninitialized, and the special
198 // value -1 for the case where the current method is itself the
202 static const int UNINIT = -2;
203 static const int SELF = -1;
205 // Basic constructor.
208 key = unsuitable_type;
213 // Make a new instance given the type tag. We assume a generic
214 // `reference_type' means Object.
219 if (key == reference_type)
220 data.klass = &java::lang::Object::class$;
224 // Make a new instance given a class.
227 key = reference_type;
232 // Make a new instance given the name of a class.
233 type (_Jv_Utf8Const *n)
235 key = unresolved_reference_type;
248 // These operators are required because libgcj can't link in
250 void *operator new[] (size_t bytes)
252 return _Jv_Malloc (bytes);
255 void operator delete[] (void *mem)
260 type& operator= (type_val k)
268 type& operator= (const type& t)
276 // Promote a numeric type.
279 if (key == boolean_type || key == char_type
280 || key == byte_type || key == short_type)
284 // If *THIS is an unresolved reference type, resolve it.
287 if (key != unresolved_reference_type
288 && key != uninitialized_unresolved_reference_type)
291 // FIXME: class loader
292 using namespace java::lang;
293 // We might see either kind of name. Sigh.
294 if (data.name->data[0] == 'L'
295 && data.name->data[data.name->length - 1] == ';')
296 data.klass = _Jv_FindClassFromSignature (data.name->data, NULL);
298 data.klass = Class::forName (_Jv_NewStringUtf8Const (data.name),
300 key = (key == unresolved_reference_type
302 : uninitialized_reference_type);
305 // Mark this type as the uninitialized result of `new'.
306 void set_uninitialized (int pc)
308 if (key != reference_type && key != unresolved_reference_type)
309 verify_fail ("internal error in type::uninitialized");
310 key = (key == reference_type
311 ? uninitialized_reference_type
312 : uninitialized_unresolved_reference_type);
316 // Mark this type as now initialized.
317 void set_initialized (int npc)
321 key = (key == uninitialized_reference_type
323 : unresolved_reference_type);
329 // Return true if an object of type K can be assigned to a variable
330 // of type *THIS. Handle various special cases too. Might modify
331 // *THIS or K. Note however that this does not perform numeric
333 bool compatible (type &k)
335 // Any type is compatible with the unsuitable type.
336 if (key == unsuitable_type)
339 if (key < reference_type || k.key < reference_type)
342 // The `null' type is convertible to any reference type.
343 // FIXME: is this correct for THIS?
344 if (key == null_type || k.key == null_type)
347 // Any reference type is convertible to Object. This is a special
348 // case so we don't need to unnecessarily resolve a class.
349 if (key == reference_type
350 && data.klass == &java::lang::Object::class$)
353 // An initialized type and an uninitialized type are not
355 if (isinitialized () != k.isinitialized ())
358 // Two uninitialized objects are compatible if either:
359 // * The PCs are identical, or
360 // * One PC is UNINIT.
361 if (! isinitialized ())
363 if (pc != k.pc && pc != UNINIT && k.pc != UNINIT)
367 // Two unresolved types are equal if their names are the same.
370 && _Jv_equalUtf8Consts (data.name, k.data.name))
373 // We must resolve both types and check assignability.
376 return data.klass->isAssignableFrom (k.data.klass);
381 return key == void_type;
386 return key == long_type || key == double_type;
389 // Return number of stack or local variable slots taken by this
393 return iswide () ? 2 : 1;
396 bool isarray () const
398 // We treat null_type as not an array. This is ok based on the
399 // current uses of this method.
400 if (key == reference_type)
401 return data.klass->isArray ();
402 else if (key == unresolved_reference_type)
403 return data.name->data[0] == '[';
410 if (key != reference_type)
412 return data.klass->isInterface ();
418 if (key != reference_type)
420 using namespace java::lang::reflect;
421 return Modifier::isAbstract (data.klass->getModifiers ());
424 // Return the element type of an array.
427 // FIXME: maybe should do string manipulation here.
429 if (key != reference_type)
430 verify_fail ("programmer error in type::element_type()");
432 jclass k = data.klass->getComponentType ();
433 if (k->isPrimitive ())
434 return type (get_type_val_for_signature (k));
438 bool isreference () const
440 return key >= reference_type;
448 bool isinitialized () const
450 return (key == reference_type
452 || key == unresolved_reference_type);
455 bool isresolved () const
457 return (key == reference_type
459 || key == uninitialized_reference_type);
462 void verify_dimensions (int ndims)
464 // The way this is written, we don't need to check isarray().
465 if (key == reference_type)
467 jclass k = data.klass;
468 while (k->isArray () && ndims > 0)
470 k = k->getComponentType ();
476 // We know KEY == unresolved_reference_type.
477 char *p = data.name->data;
478 while (*p++ == '[' && ndims-- > 0)
483 verify_fail ("array type has fewer dimensions than required");
486 // Merge OLD_TYPE into this. On error throw exception.
487 bool merge (type& old_type, bool local_semantics = false)
489 bool changed = false;
490 bool refo = old_type.isreference ();
491 bool refn = isreference ();
494 if (old_type.key == null_type)
496 else if (key == null_type)
501 else if (isinitialized () != old_type.isinitialized ())
502 verify_fail ("merging initialized and uninitialized types");
505 if (! isinitialized ())
509 else if (old_type.pc == UNINIT)
511 else if (pc != old_type.pc)
512 verify_fail ("merging different uninitialized types");
516 && ! old_type.isresolved ()
517 && _Jv_equalUtf8Consts (data.name, old_type.data.name))
519 // Types are identical.
526 jclass k = data.klass;
527 jclass oldk = old_type.data.klass;
530 while (k->isArray () && oldk->isArray ())
533 k = k->getComponentType ();
534 oldk = oldk->getComponentType ();
537 // This loop will end when we hit Object.
540 if (k->isAssignableFrom (oldk))
542 k = k->getSuperclass ();
548 while (arraycount > 0)
550 // FIXME: Class loader.
551 k = _Jv_GetArrayClass (k, NULL);
559 else if (refo || refn || key != old_type.key)
563 key = unsuitable_type;
567 verify_fail ("unmergeable type");
573 // This class holds all the state information we need for a given
577 // Current top of stack.
579 // Current stack depth. This is like the top of stack but it
580 // includes wide variable information.
584 // The local variables.
586 // This is used in subroutines to keep track of which local
587 // variables have been accessed.
589 // If not 0, then we are in a subroutine. The value is the PC of
590 // the subroutine's entry point. We can use 0 as an exceptional
591 // value because PC=0 can never be a subroutine.
593 // This is used to keep a linked list of all the states which
594 // require re-verification. We use the PC to keep track.
597 // INVALID marks a state which is not on the linked list of states
598 // requiring reverification.
599 static const int INVALID = -1;
600 // NO_NEXT marks the state at the end of the reverification list.
601 static const int NO_NEXT = -2;
607 local_changed = NULL;
610 state (int max_stack, int max_locals)
614 stack = new type[max_stack];
615 for (int i = 0; i < max_stack; ++i)
616 stack[i] = unsuitable_type;
617 locals = new type[max_locals];
618 local_changed = (bool *) _Jv_Malloc (sizeof (bool) * max_locals);
619 for (int i = 0; i < max_locals; ++i)
621 locals[i] = unsuitable_type;
622 local_changed[i] = false;
628 state (const state *copy, int max_stack, int max_locals)
630 stack = new type[max_stack];
631 locals = new type[max_locals];
632 local_changed = (bool *) _Jv_Malloc (sizeof (bool) * max_locals);
644 _Jv_Free (local_changed);
647 void *operator new[] (size_t bytes)
649 return _Jv_Malloc (bytes);
652 void operator delete[] (void *mem)
657 void *operator new (size_t bytes)
659 return _Jv_Malloc (bytes);
662 void operator delete (void *mem)
667 void copy (const state *copy, int max_stack, int max_locals)
669 stacktop = copy->stacktop;
670 stackdepth = copy->stackdepth;
671 subroutine = copy->subroutine;
672 for (int i = 0; i < max_stack; ++i)
673 stack[i] = copy->stack[i];
674 for (int i = 0; i < max_locals; ++i)
676 locals[i] = copy->locals[i];
677 local_changed[i] = copy->local_changed[i];
679 // Don't modify `next'.
682 // Modify this state to reflect entry to an exception handler.
683 void set_exception (type t, int max_stack)
688 for (int i = stacktop; i < max_stack; ++i)
689 stack[i] = unsuitable_type;
691 // FIXME: subroutine handling?
694 // Merge STATE into this state. Destructively modifies this state.
695 // Returns true if the new state was in fact changed. Will throw an
696 // exception if the states are not mergeable.
697 bool merge (state *state_old, bool ret_semantics,
700 bool changed = false;
702 // Merge subroutine states. *THIS and *STATE_OLD must be in the
703 // same subroutine. Also, recursive subroutine calls must be
705 if (subroutine == state_old->subroutine)
709 else if (subroutine == 0)
711 subroutine = state_old->subroutine;
715 verify_fail ("subroutines merged");
718 if (state_old->stacktop != stacktop)
719 verify_fail ("stack sizes differ");
720 for (int i = 0; i < state_old->stacktop; ++i)
722 if (stack[i].merge (state_old->stack[i]))
726 // Merge local variables.
727 for (int i = 0; i < max_locals; ++i)
729 if (! ret_semantics || local_changed[i])
731 if (locals[i].merge (state_old->locals[i], true))
738 // If we're in a subroutine, we must compute the union of
739 // all the changed local variables.
740 if (state_old->local_changed[i])
747 // Throw an exception if there is an uninitialized object on the
748 // stack or in a local variable. EXCEPTION_SEMANTICS controls
749 // whether we're using backwards-branch or exception-handing
751 void check_no_uninitialized_objects (int max_locals,
752 bool exception_semantics = false)
754 if (! exception_semantics)
756 for (int i = 0; i < stacktop; ++i)
757 if (stack[i].isreference () && ! stack[i].isinitialized ())
758 verify_fail ("uninitialized object on stack");
761 for (int i = 0; i < max_locals; ++i)
762 if (locals[i].isreference () && ! locals[i].isinitialized ())
763 verify_fail ("uninitialized object in local variable");
766 // Note that a local variable was accessed or modified.
767 void note_variable (int index)
770 local_changed[index] = true;
773 // Mark each `new'd object we know of that was allocated at PC as
775 void set_initialized (int pc, int max_locals)
777 for (int i = 0; i < stacktop; ++i)
778 stack[i].set_initialized (pc);
779 for (int i = 0; i < max_locals; ++i)
780 locals[i].set_initialized (pc);
786 if (current_state->stacktop <= 0)
787 verify_fail ("stack empty");
788 type r = current_state->stack[--current_state->stacktop];
789 current_state->stackdepth -= r.depth ();
790 if (current_state->stackdepth < 0)
791 verify_fail ("stack empty");
799 verify_fail ("narrow pop of wide type");
807 verify_fail ("wide pop of narrow type");
811 type pop_type (type match)
814 if (! match.compatible (t))
815 verify_fail ("incompatible type on stack");
819 void push_type (type t)
821 // If T is a numeric type like short, promote it to int.
824 int depth = t.depth ();
825 if (current_state->stackdepth + depth > current_method->max_stack)
826 verify_fail ("stack overflow");
827 current_state->stack[current_state->stacktop++] = t;
828 current_state->stackdepth += depth;
831 void set_variable (int index, type t)
833 // If T is a numeric type like short, promote it to int.
836 int depth = t.depth ();
837 if (index > current_method->max_locals - depth)
838 verify_fail ("invalid local variable");
839 current_state->locals[index] = t;
840 current_state->note_variable (index);
844 current_state->locals[index + 1] = continuation_type;
845 current_state->note_variable (index + 1);
847 if (index > 0 && current_state->locals[index - 1].iswide ())
849 current_state->locals[index - 1] = unsuitable_type;
850 // There's no need to call note_variable here.
854 type get_variable (int index, type t)
856 int depth = t.depth ();
857 if (index > current_method->max_locals - depth)
858 verify_fail ("invalid local variable");
859 if (! t.compatible (current_state->locals[index]))
860 verify_fail ("incompatible type in local variable");
863 type t (continuation_type);
864 if (! current_state->locals[index + 1].compatible (t))
865 verify_fail ("invalid local variable");
867 current_state->note_variable (index);
868 return current_state->locals[index];
871 // Make sure ARRAY is an array type and that its elements are
872 // compatible with type ELEMENT. Returns the actual element type.
873 type require_array_type (type array, type element)
875 if (! array.isarray ())
876 verify_fail ("array required");
878 type t = array.element_type ();
879 if (! element.compatible (t))
880 verify_fail ("incompatible array element type");
882 // Return T and not ELEMENT, because T might be specialized.
888 if (PC >= current_method->code_length)
889 verify_fail ("premature end of bytecode");
890 return (jint) bytecode[PC++] & 0xff;
895 jbyte b1 = get_byte ();
896 jbyte b2 = get_byte ();
897 return (jint) ((b1 << 8) | b2) & 0xffff;
902 jbyte b1 = get_byte ();
903 jbyte b2 = get_byte ();
904 jshort s = (b1 << 8) | b2;
910 jbyte b1 = get_byte ();
911 jbyte b2 = get_byte ();
912 jbyte b3 = get_byte ();
913 jbyte b4 = get_byte ();
914 return (b1 << 24) | (b2 << 16) | (b3 << 8) | b4;
917 int compute_jump (int offset)
919 int npc = start_PC + offset;
920 if (npc < 0 || npc >= current_method->code_length)
921 verify_fail ("branch out of range");
925 // Merge the indicated state into a new state and schedule a new PC if
926 // there is a change. If RET_SEMANTICS is true, then we are merging
927 // from a `ret' instruction into the instruction after a `jsr'. This
928 // is a special case with its own modified semantics.
929 void push_jump_merge (int npc, state *nstate, bool ret_semantics = false)
932 if (states[npc] == NULL)
934 // FIXME: what if we reach this code from a `ret'?
936 states[npc] = new state (nstate, current_method->max_stack,
937 current_method->max_locals);
940 changed = nstate->merge (states[npc], ret_semantics,
941 current_method->max_stack);
943 if (changed && states[npc]->next == state::INVALID)
945 // The merge changed the state, and the new PC isn't yet on our
946 // list of PCs to re-verify.
947 states[npc]->next = next_verify_pc;
948 next_verify_pc = npc;
952 void push_jump (int offset)
954 int npc = compute_jump (offset);
956 current_state->check_no_uninitialized_objects (current_method->max_stack);
957 push_jump_merge (npc, current_state);
960 void push_exception_jump (type t, int pc)
962 current_state->check_no_uninitialized_objects (current_method->max_stack,
964 state s (current_state, current_method->max_stack,
965 current_method->max_locals);
966 s.set_exception (t, current_method->max_stack);
967 push_jump_merge (pc, &s);
972 int npc = next_verify_pc;
973 if (npc != state::NO_NEXT)
975 next_verify_pc = states[npc]->next;
976 states[npc]->next = state::INVALID;
981 void invalidate_pc ()
986 void note_branch_target (int pc, bool is_jsr_target = false)
988 if (pc <= PC && ! (flags[pc] & FLAG_INSN_START))
989 verify_fail ("branch not to instruction start");
990 flags[pc] |= FLAG_BRANCH_TARGET;
993 // Record the jsr which called this instruction.
994 subr_info *info = (subr_info *) _Jv_Malloc (sizeof (subr_info));
996 info->next = jsr_ptrs[pc];
998 flags[pc] |= FLAG_JSR_TARGET;
1002 void skip_padding ()
1004 while ((PC % 4) > 0)
1005 if (get_byte () != 0)
1006 verify_fail ("found nonzero padding byte");
1009 // Return the subroutine to which the instruction at PC belongs.
1010 int get_subroutine (int pc)
1012 if (states[pc] == NULL)
1014 return states[pc]->subroutine;
1017 // Do the work for a `ret' instruction. INDEX is the index into the
1019 void handle_ret_insn (int index)
1021 get_variable (index, return_address_type);
1023 int csub = current_state->subroutine;
1025 verify_fail ("no subroutine");
1027 for (subr_info *subr = jsr_ptrs[csub]; subr != NULL; subr = subr->next)
1029 // Temporarily modify the current state so it looks like we're
1030 // in the enclosing context.
1031 current_state->subroutine = get_subroutine (subr->pc);
1033 current_state->check_no_uninitialized_objects (current_method->max_stack);
1034 push_jump_merge (subr->pc, current_state, true);
1037 current_state->subroutine = csub;
1041 // We're in the subroutine SUB, calling a subroutine at DEST. Make
1042 // sure this subroutine isn't already on the stack.
1043 void check_nonrecursive_call (int sub, int dest)
1048 verify_fail ("recursive subroutine call");
1049 for (subr_info *info = jsr_ptrs[sub]; info != NULL; info = info->next)
1050 check_nonrecursive_call (get_subroutine (info->pc), dest);
1053 void handle_jsr_insn (int offset)
1055 int npc = compute_jump (offset);
1058 current_state->check_no_uninitialized_objects (current_method->max_stack);
1059 check_nonrecursive_call (current_state->subroutine, npc);
1061 // Temporarily modify the current state so that it looks like we are
1062 // in the subroutine.
1063 push_type (return_address_type);
1064 int save = current_state->subroutine;
1065 current_state->subroutine = npc;
1067 // Merge into the subroutine.
1068 push_jump_merge (npc, current_state);
1070 // Undo our modifications.
1071 current_state->subroutine = save;
1072 pop_type (return_address_type);
1075 jclass construct_primitive_array_type (type_val prim)
1081 k = JvPrimClass (boolean);
1084 k = JvPrimClass (char);
1087 k = JvPrimClass (float);
1090 k = JvPrimClass (double);
1093 k = JvPrimClass (byte);
1096 k = JvPrimClass (short);
1099 k = JvPrimClass (int);
1102 k = JvPrimClass (long);
1105 verify_fail ("unknown type in construct_primitive_array_type");
1107 k = _Jv_GetArrayClass (k, NULL);
1111 // This pass computes the location of branch targets and also
1112 // instruction starts.
1113 void branch_prepass ()
1115 flags = (char *) _Jv_Malloc (current_method->code_length);
1116 jsr_ptrs = (subr_info **) _Jv_Malloc (sizeof (subr_info *)
1117 * current_method->code_length);
1119 for (int i = 0; i < current_method->code_length; ++i)
1125 bool last_was_jsr = false;
1128 while (PC < current_method->code_length)
1130 flags[PC] |= FLAG_INSN_START;
1132 // If the previous instruction was a jsr, then the next
1133 // instruction is a branch target -- the branch being the
1134 // corresponding `ret'.
1136 note_branch_target (PC);
1137 last_was_jsr = false;
1140 unsigned char opcode = bytecode[PC++];
1144 case op_aconst_null:
1281 case op_monitorenter:
1282 case op_monitorexit:
1305 case op_arraylength:
1320 case op_invokespecial:
1321 case op_invokestatic:
1322 case op_invokevirtual:
1326 case op_multianewarray:
1332 last_was_jsr = true;
1351 note_branch_target (compute_jump (get_short ()), last_was_jsr);
1354 case op_tableswitch:
1357 note_branch_target (compute_jump (get_int ()));
1358 jint low = get_int ();
1359 jint hi = get_int ();
1361 verify_fail ("invalid tableswitch");
1362 for (int i = low; i <= hi; ++i)
1363 note_branch_target (compute_jump (get_int ()));
1367 case op_lookupswitch:
1370 note_branch_target (compute_jump (get_int ()));
1371 int npairs = get_int ();
1373 verify_fail ("too few pairs in lookupswitch");
1374 while (npairs-- > 0)
1377 note_branch_target (compute_jump (get_int ()));
1382 case op_invokeinterface:
1390 opcode = get_byte ();
1392 if (opcode == (unsigned char) op_iinc)
1398 last_was_jsr = true;
1401 note_branch_target (compute_jump (get_int ()), last_was_jsr);
1405 verify_fail ("unrecognized instruction");
1408 // See if any previous branch tried to branch to the middle of
1409 // this instruction.
1410 for (int pc = start_PC + 1; pc < PC; ++pc)
1412 if ((flags[pc] & FLAG_BRANCH_TARGET))
1413 verify_fail ("branch not to instruction start");
1417 // Verify exception handlers.
1418 for (int i = 0; i < current_method->exc_count; ++i)
1420 if (! (flags[exception[i].handler_pc] & FLAG_INSN_START))
1421 verify_fail ("exception handler not at instruction start");
1422 if (exception[i].start_pc > exception[i].end_pc)
1423 verify_fail ("exception range inverted");
1424 if (! (flags[exception[i].start_pc] & FLAG_INSN_START)
1425 || ! (flags[exception[i].start_pc] & FLAG_INSN_START))
1426 verify_fail ("exception endpoint not at instruction start");
1428 flags[exception[i].handler_pc] |= FLAG_BRANCH_TARGET;
1432 void check_pool_index (int index)
1434 if (index < 0 || index >= current_class->constants.size)
1435 verify_fail ("constant pool index out of range");
1438 type check_class_constant (int index)
1440 check_pool_index (index);
1441 _Jv_Constants *pool = ¤t_class->constants;
1442 if (pool->tags[index] == JV_CONSTANT_ResolvedClass)
1443 return type (pool->data[index].clazz);
1444 else if (pool->tags[index] == JV_CONSTANT_Class)
1445 return type (pool->data[index].utf8);
1446 verify_fail ("expected class constant");
1449 type check_constant (int index)
1451 check_pool_index (index);
1452 _Jv_Constants *pool = ¤t_class->constants;
1453 if (pool->tags[index] == JV_CONSTANT_ResolvedString
1454 || pool->tags[index] == JV_CONSTANT_String)
1455 return type (&java::lang::String::class$);
1456 else if (pool->tags[index] == JV_CONSTANT_Integer)
1457 return type (int_type);
1458 else if (pool->tags[index] == JV_CONSTANT_Float)
1459 return type (float_type);
1460 verify_fail ("String, int, or float constant expected");
1463 // Helper for both field and method. These are laid out the same in
1464 // the constant pool.
1465 type handle_field_or_method (int index, int expected,
1466 _Jv_Utf8Const **name,
1467 _Jv_Utf8Const **fmtype)
1469 check_pool_index (index);
1470 _Jv_Constants *pool = ¤t_class->constants;
1471 if (pool->tags[index] != expected)
1472 verify_fail ("didn't see expected constant");
1473 // Once we know we have a Fieldref or Methodref we assume that it
1474 // is correctly laid out in the constant pool. I think the code
1475 // in defineclass.cc guarantees this.
1476 _Jv_ushort class_index, name_and_type_index;
1477 _Jv_loadIndexes (&pool->data[index],
1479 name_and_type_index);
1480 _Jv_ushort name_index, desc_index;
1481 _Jv_loadIndexes (&pool->data[name_and_type_index],
1482 name_index, desc_index);
1484 *name = pool->data[name_index].utf8;
1485 *fmtype = pool->data[desc_index].utf8;
1487 return check_class_constant (class_index);
1490 // Return field's type, compute class' type if requested.
1491 type check_field_constant (int index, type *class_type = NULL)
1493 _Jv_Utf8Const *name, *field_type;
1494 type ct = handle_field_or_method (index,
1495 JV_CONSTANT_Fieldref,
1496 &name, &field_type);
1499 return type (field_type);
1502 type check_method_constant (int index, bool is_interface,
1503 _Jv_Utf8Const **method_name,
1504 _Jv_Utf8Const **method_signature)
1506 return handle_field_or_method (index,
1508 ? JV_CONSTANT_InterfaceMethodref
1509 : JV_CONSTANT_Methodref),
1510 method_name, method_signature);
1513 type get_one_type (char *&p)
1531 // FIXME! This will get collected!
1532 _Jv_Utf8Const *name = _Jv_makeUtf8Const (start, p - start);
1536 // Casting to jchar here is ok since we are looking at an ASCII
1538 type_val rt = get_type_val_for_signature (jchar (v));
1540 if (arraycount == 0)
1543 jclass k = construct_primitive_array_type (rt);
1544 while (--arraycount > 0)
1545 k = _Jv_GetArrayClass (k, NULL);
1549 void compute_argument_types (_Jv_Utf8Const *signature,
1552 char *p = signature->data;
1558 types[i++] = get_one_type (p);
1561 type compute_return_type (_Jv_Utf8Const *signature)
1563 char *p = signature->data;
1567 return get_one_type (p);
1570 void check_return_type (type expected)
1572 type rt = compute_return_type (current_method->self->signature);
1573 if (! expected.compatible (rt))
1574 verify_fail ("incompatible return type");
1577 void verify_instructions_0 ()
1579 current_state = new state (current_method->max_stack,
1580 current_method->max_locals);
1587 using namespace java::lang::reflect;
1588 if (! Modifier::isStatic (current_method->self->accflags))
1590 type kurr (current_class);
1591 if (_Jv_equalUtf8Consts (current_method->self->name, gcj::init_name))
1592 kurr.set_uninitialized (type::SELF);
1593 set_variable (0, kurr);
1597 if (var + _Jv_count_arguments (current_method->self->signature)
1598 > current_method->max_locals)
1599 verify_fail ("too many arguments");
1600 compute_argument_types (current_method->self->signature,
1601 ¤t_state->locals[var]);
1604 states = (state **) _Jv_Malloc (sizeof (state *)
1605 * current_method->code_length);
1606 for (int i = 0; i < current_method->code_length; ++i)
1609 next_verify_pc = state::NO_NEXT;
1613 // If the PC was invalidated, get a new one from the work list.
1614 if (PC == state::NO_NEXT)
1617 if (PC == state::INVALID)
1618 verify_fail ("saw state::INVALID");
1619 if (PC == state::NO_NEXT)
1621 // Set up the current state.
1622 *current_state = *states[PC];
1625 // Control can't fall off the end of the bytecode.
1626 if (PC >= current_method->code_length)
1627 verify_fail ("fell off end");
1629 if (states[PC] != NULL)
1631 // We've already visited this instruction. So merge the
1632 // states together. If this yields no change then we don't
1633 // have to re-verify.
1634 if (! current_state->merge (states[PC], false,
1635 current_method->max_stack))
1640 // Save a copy of it for later.
1641 states[PC]->copy (current_state, current_method->max_stack,
1642 current_method->max_locals);
1644 else if ((flags[PC] & FLAG_BRANCH_TARGET))
1646 // We only have to keep saved state at branch targets.
1647 states[PC] = new state (current_state, current_method->max_stack,
1648 current_method->max_locals);
1651 // Update states for all active exception handlers. Ordinarily
1652 // there are not many exception handlers. So we simply run
1653 // through them all.
1654 for (int i = 0; i < current_method->exc_count; ++i)
1656 if (PC >= exception[i].start_pc && PC < exception[i].end_pc)
1658 type handler = reference_type;
1659 if (exception[i].handler_type != 0)
1660 handler = check_class_constant (exception[i].handler_type);
1661 push_exception_jump (handler, exception[i].handler_pc);
1666 unsigned char opcode = bytecode[PC++];
1672 case op_aconst_null:
1673 push_type (null_type);
1683 push_type (int_type);
1688 push_type (long_type);
1694 push_type (float_type);
1699 push_type (double_type);
1704 push_type (int_type);
1709 push_type (int_type);
1713 push_type (check_constant (get_byte ()));
1716 push_type (check_constant (get_ushort ()));
1719 push_type (check_constant (get_ushort ()));
1723 push_type (get_variable (get_byte (), int_type));
1726 push_type (get_variable (get_byte (), long_type));
1729 push_type (get_variable (get_byte (), float_type));
1732 push_type (get_variable (get_byte (), double_type));
1735 push_type (get_variable (get_byte (), reference_type));
1742 push_type (get_variable (opcode - op_iload_0, int_type));
1748 push_type (get_variable (opcode - op_lload_0, long_type));
1754 push_type (get_variable (opcode - op_fload_0, float_type));
1760 push_type (get_variable (opcode - op_dload_0, double_type));
1766 push_type (get_variable (opcode - op_aload_0, reference_type));
1769 pop_type (int_type);
1770 push_type (require_array_type (pop_type (reference_type),
1774 pop_type (int_type);
1775 push_type (require_array_type (pop_type (reference_type),
1779 pop_type (int_type);
1780 push_type (require_array_type (pop_type (reference_type),
1784 pop_type (int_type);
1785 push_type (require_array_type (pop_type (reference_type),
1789 pop_type (int_type);
1790 push_type (require_array_type (pop_type (reference_type),
1794 pop_type (int_type);
1795 require_array_type (pop_type (reference_type), byte_type);
1796 push_type (int_type);
1799 pop_type (int_type);
1800 require_array_type (pop_type (reference_type), char_type);
1801 push_type (int_type);
1804 pop_type (int_type);
1805 require_array_type (pop_type (reference_type), short_type);
1806 push_type (int_type);
1809 set_variable (get_byte (), pop_type (int_type));
1812 set_variable (get_byte (), pop_type (long_type));
1815 set_variable (get_byte (), pop_type (float_type));
1818 set_variable (get_byte (), pop_type (double_type));
1821 set_variable (get_byte (), pop_type (reference_type));
1827 set_variable (opcode - op_istore_0, pop_type (int_type));
1833 set_variable (opcode - op_lstore_0, pop_type (long_type));
1839 set_variable (opcode - op_fstore_0, pop_type (float_type));
1845 set_variable (opcode - op_dstore_0, pop_type (double_type));
1851 set_variable (opcode - op_astore_0, pop_type (reference_type));
1854 pop_type (int_type);
1855 pop_type (int_type);
1856 require_array_type (pop_type (reference_type), int_type);
1859 pop_type (long_type);
1860 pop_type (int_type);
1861 require_array_type (pop_type (reference_type), long_type);
1864 pop_type (float_type);
1865 pop_type (int_type);
1866 require_array_type (pop_type (reference_type), float_type);
1869 pop_type (double_type);
1870 pop_type (int_type);
1871 require_array_type (pop_type (reference_type), double_type);
1874 pop_type (reference_type);
1875 pop_type (int_type);
1876 require_array_type (pop_type (reference_type), reference_type);
1879 pop_type (int_type);
1880 pop_type (int_type);
1881 require_array_type (pop_type (reference_type), byte_type);
1884 pop_type (int_type);
1885 pop_type (int_type);
1886 require_array_type (pop_type (reference_type), char_type);
1889 pop_type (int_type);
1890 pop_type (int_type);
1891 require_array_type (pop_type (reference_type), short_type);
1972 pop_type (int_type);
1973 push_type (pop_type (int_type));
1986 pop_type (long_type);
1987 push_type (pop_type (long_type));
1994 pop_type (float_type);
1995 push_type (pop_type (float_type));
2002 pop_type (double_type);
2003 push_type (pop_type (double_type));
2009 push_type (pop_type (int_type));
2012 push_type (pop_type (long_type));
2015 push_type (pop_type (float_type));
2018 push_type (pop_type (double_type));
2021 get_variable (get_byte (), int_type);
2025 pop_type (int_type);
2026 push_type (long_type);
2029 pop_type (int_type);
2030 push_type (float_type);
2033 pop_type (int_type);
2034 push_type (double_type);
2037 pop_type (long_type);
2038 push_type (int_type);
2041 pop_type (long_type);
2042 push_type (float_type);
2045 pop_type (long_type);
2046 push_type (double_type);
2049 pop_type (float_type);
2050 push_type (int_type);
2053 pop_type (float_type);
2054 push_type (long_type);
2057 pop_type (float_type);
2058 push_type (double_type);
2061 pop_type (double_type);
2062 push_type (int_type);
2065 pop_type (double_type);
2066 push_type (long_type);
2069 pop_type (double_type);
2070 push_type (float_type);
2073 pop_type (long_type);
2074 pop_type (long_type);
2075 push_type (int_type);
2079 pop_type (float_type);
2080 pop_type (float_type);
2081 push_type (int_type);
2085 pop_type (double_type);
2086 pop_type (double_type);
2087 push_type (int_type);
2095 pop_type (int_type);
2096 push_jump (get_short ());
2104 pop_type (int_type);
2105 pop_type (int_type);
2106 push_jump (get_short ());
2110 pop_type (reference_type);
2111 pop_type (reference_type);
2112 push_jump (get_short ());
2115 push_jump (get_short ());
2119 handle_jsr_insn (get_short ());
2122 handle_ret_insn (get_byte ());
2124 case op_tableswitch:
2126 pop_type (int_type);
2128 push_jump (get_int ());
2129 jint low = get_int ();
2130 jint high = get_int ();
2131 // Already checked LOW -vs- HIGH.
2132 for (int i = low; i <= high; ++i)
2133 push_jump (get_int ());
2138 case op_lookupswitch:
2140 pop_type (int_type);
2142 push_jump (get_int ());
2143 jint npairs = get_int ();
2144 // Already checked NPAIRS >= 0.
2146 for (int i = 0; i < npairs; ++i)
2148 jint key = get_int ();
2149 if (i > 0 && key <= lastkey)
2150 verify_fail ("lookupswitch pairs unsorted");
2152 push_jump (get_int ());
2158 check_return_type (pop_type (int_type));
2162 check_return_type (pop_type (long_type));
2166 check_return_type (pop_type (float_type));
2170 check_return_type (pop_type (double_type));
2174 check_return_type (pop_type (reference_type));
2178 check_return_type (void_type);
2182 push_type (check_field_constant (get_ushort ()));
2185 pop_type (check_field_constant (get_ushort ()));
2190 type field = check_field_constant (get_ushort (), &klass);
2198 type field = check_field_constant (get_ushort (), &klass);
2204 case op_invokevirtual:
2205 case op_invokespecial:
2206 case op_invokestatic:
2207 case op_invokeinterface:
2209 _Jv_Utf8Const *method_name, *method_signature;
2211 = check_method_constant (get_ushort (),
2212 opcode == (unsigned char) op_invokeinterface,
2215 int arg_count = _Jv_count_arguments (method_signature);
2216 if (opcode == (unsigned char) op_invokeinterface)
2218 int nargs = get_byte ();
2220 verify_fail ("too few arguments to invokeinterface");
2221 if (get_byte () != 0)
2222 verify_fail ("invokeinterface dummy byte is wrong");
2223 if (nargs - 1 != arg_count)
2224 verify_fail ("wrong argument count for invokeinterface");
2227 bool is_init = false;
2228 if (_Jv_equalUtf8Consts (method_name, gcj::init_name))
2231 if (opcode != (unsigned char) op_invokespecial)
2232 verify_fail ("can't invoke <init>");
2234 else if (method_name->data[0] == '<')
2235 verify_fail ("can't invoke method starting with `<'");
2237 // Pop arguments and check types.
2238 type arg_types[arg_count];
2239 compute_argument_types (method_signature, arg_types);
2240 for (int i = arg_count - 1; i >= 0; --i)
2241 pop_type (arg_types[i]);
2243 if (opcode != (unsigned char) op_invokestatic)
2245 type t = class_type;
2248 // In this case the PC doesn't matter.
2249 t.set_uninitialized (type::UNINIT);
2253 current_state->set_initialized (t.get_pc (),
2254 current_method->max_locals);
2257 type rt = compute_return_type (method_signature);
2265 type t = check_class_constant (get_ushort ());
2266 if (t.isarray () || t.isinterface () || t.isabstract ())
2267 verify_fail ("type is array, interface, or abstract");
2268 t.set_uninitialized (start_PC);
2275 int atype = get_byte ();
2276 // We intentionally have chosen constants to make this
2278 if (atype < boolean_type || atype > long_type)
2279 verify_fail ("type not primitive");
2280 pop_type (int_type);
2281 push_type (construct_primitive_array_type (type_val (atype)));
2285 pop_type (int_type);
2286 push_type (check_class_constant (get_ushort ()));
2288 case op_arraylength:
2290 type t = pop_type (reference_type);
2292 verify_fail ("array type expected");
2293 push_type (int_type);
2297 pop_type (type (&java::lang::Throwable::class$));
2301 pop_type (reference_type);
2302 push_type (check_class_constant (get_ushort ()));
2305 pop_type (reference_type);
2306 check_class_constant (get_ushort ());
2307 push_type (int_type);
2309 case op_monitorenter:
2310 pop_type (reference_type);
2312 case op_monitorexit:
2313 pop_type (reference_type);
2317 switch (get_byte ())
2320 push_type (get_variable (get_ushort (), int_type));
2323 push_type (get_variable (get_ushort (), long_type));
2326 push_type (get_variable (get_ushort (), float_type));
2329 push_type (get_variable (get_ushort (), double_type));
2332 push_type (get_variable (get_ushort (), reference_type));
2335 set_variable (get_ushort (), pop_type (int_type));
2338 set_variable (get_ushort (), pop_type (long_type));
2341 set_variable (get_ushort (), pop_type (float_type));
2344 set_variable (get_ushort (), pop_type (double_type));
2347 set_variable (get_ushort (), pop_type (reference_type));
2350 handle_ret_insn (get_short ());
2353 get_variable (get_ushort (), int_type);
2357 verify_fail ("unrecognized wide instruction");
2361 case op_multianewarray:
2363 type atype = check_class_constant (get_ushort ());
2364 int dim = get_byte ();
2366 verify_fail ("too few dimensions to multianewarray");
2367 atype.verify_dimensions (dim);
2368 for (int i = 0; i < dim; ++i)
2369 pop_type (int_type);
2375 pop_type (reference_type);
2376 push_jump (get_short ());
2379 push_jump (get_int ());
2383 handle_jsr_insn (get_int ());
2387 // Unrecognized opcode.
2388 verify_fail ("unrecognized instruction");
2395 void verify_instructions ()
2398 verify_instructions_0 ();
2401 _Jv_BytecodeVerifier (_Jv_InterpMethod *m)
2404 bytecode = m->bytecode ();
2405 exception = m->exceptions ();
2406 current_class = m->defining_class;
2413 ~_Jv_BytecodeVerifier ()
2420 _Jv_Free (jsr_ptrs);
2425 _Jv_VerifyMethod (_Jv_InterpMethod *meth)
2427 _Jv_BytecodeVerifier v (meth);
2428 v.verify_instructions ();
2431 // FIXME: add more info, like PC, when required.
2433 verify_fail (char *s)
2436 strcpy (buf, "verification failed: ");
2438 throw new java::lang::VerifyError (JvNewStringLatin1 (buf));
2441 #endif /* INTERPRETER */