1 // defineclass.cc - defining a class from .class format.
3 /* Copyright (C) 2001, 2002 Free Software Foundation
5 This file is part of libgcj.
7 This software is copyrighted work licensed under the terms of the
8 Libgcj License. Please consult the file "LIBGCJ_LICENSE" for
11 // Written by Tom Tromey <tromey@redhat.com>
13 // Define VERIFY_DEBUG to enable debugging output.
19 #include <java-insns.h>
20 #include <java-interp.h>
24 #include <java/lang/Class.h>
25 #include <java/lang/VerifyError.h>
26 #include <java/lang/Throwable.h>
27 #include <java/lang/reflect/Modifier.h>
28 #include <java/lang/StringBuffer.h>
32 #endif /* VERIFY_DEBUG */
35 static void debug_print (const char *fmt, ...)
36 __attribute__ ((format (printf, 1, 2)));
39 debug_print (const char *fmt, ...)
44 vfprintf (stderr, fmt, ap);
46 #endif /* VERIFY_DEBUG */
49 class _Jv_BytecodeVerifier
53 static const int FLAG_INSN_START = 1;
54 static const int FLAG_BRANCH_TARGET = 2;
63 // The PC corresponding to the start of the current instruction.
66 // The current state of the stack, locals, etc.
69 // We store the state at branch targets, for merging. This holds
73 // We keep a linked list of all the PCs which we must reverify.
74 // The link is done using the PC values. This is the head of the
78 // We keep some flags for each instruction. The values are the
79 // FLAG_* constants defined above.
82 // We need to keep track of which instructions can call a given
83 // subroutine. FIXME: this is inefficient. We keep a linked list
84 // of all calling `jsr's at at each jsr target.
87 // The current top of the stack, in terms of slots.
89 // The current depth of the stack. This will be larger than
90 // STACKTOP when wide types are on the stack.
93 // The bytecode itself.
94 unsigned char *bytecode;
96 _Jv_InterpException *exception;
101 _Jv_InterpMethod *current_method;
103 // A linked list of utf8 objects we allocate. This is really ugly,
104 // but without this our utf8 objects would be collected.
105 linked_utf8 *utf8_list;
113 _Jv_Utf8Const *make_utf8_const (char *s, int len)
115 _Jv_Utf8Const *val = _Jv_makeUtf8Const (s, len);
116 _Jv_Utf8Const *r = (_Jv_Utf8Const *) _Jv_Malloc (sizeof (_Jv_Utf8Const)
119 r->length = val->length;
121 memcpy (r->data, val->data, val->length + 1);
123 linked_utf8 *lu = (linked_utf8 *) _Jv_Malloc (sizeof (linked_utf8));
125 lu->next = utf8_list;
131 // This enum holds a list of tags for all the different types we
132 // need to handle. Reference types are treated specially by the
138 // The values for primitive types are chosen to correspond to values
139 // specified to newarray.
149 // Used when overwriting second word of a double or long in the
150 // local variables. Also used after merging local variable states
151 // to indicate an unusable value.
156 // There is an obscure special case which requires us to note when
157 // a local variable has not been used by a subroutine. See
158 // push_jump_merge for more information.
159 unused_by_subroutine_type,
161 // Everything after `reference_type' must be a reference type.
164 unresolved_reference_type,
165 uninitialized_reference_type,
166 uninitialized_unresolved_reference_type
169 // Return the type_val corresponding to a primitive signature
170 // character. For instance `I' returns `int.class'.
171 type_val get_type_val_for_signature (jchar sig)
204 verify_fail ("invalid signature");
209 // Return the type_val corresponding to a primitive class.
210 type_val get_type_val_for_signature (jclass k)
212 return get_type_val_for_signature ((jchar) k->method_count);
215 // This is like _Jv_IsAssignableFrom, but it works even if SOURCE or
216 // TARGET haven't been prepared.
217 static bool is_assignable_from_slow (jclass target, jclass source)
219 // This will terminate when SOURCE==Object.
222 if (source == target)
225 if (target->isPrimitive () || source->isPrimitive ())
228 // Check array case first because we can have an array whose
229 // component type is not prepared; _Jv_IsAssignableFrom
230 // doesn't handle this correctly.
231 if (target->isArray ())
233 if (! source->isArray ())
235 target = target->getComponentType ();
236 source = source->getComponentType ();
238 // _Jv_IsAssignableFrom can handle a target which is an
239 // interface even if it hasn't been prepared.
240 else if ((target->state > JV_STATE_LINKED || target->isInterface ())
241 && source->state > JV_STATE_LINKED)
242 return _Jv_IsAssignableFrom (target, source);
243 else if (target->isInterface ())
245 for (int i = 0; i < source->interface_count; ++i)
247 // We use a recursive call because we also need to
248 // check superinterfaces.
249 if (is_assignable_from_slow (target, source->interfaces[i]))
252 source = source->getSuperclass ();
256 else if (target == &java::lang::Object::class$)
258 else if (source->isInterface ()
259 || source == &java::lang::Object::class$)
262 source = source->getSuperclass ();
266 // This is used to keep track of which `jsr's correspond to a given
270 // PC of the instruction just after the jsr.
276 // The `type' class is used to represent a single type in the
282 // Some associated data.
285 // For a resolved reference type, this is a pointer to the class.
287 // For other reference types, this it the name of the class.
290 // This is used when constructing a new object. It is the PC of the
291 // `new' instruction which created the object. We use the special
292 // value -2 to mean that this is uninitialized, and the special
293 // value -1 for the case where the current method is itself the
297 static const int UNINIT = -2;
298 static const int SELF = -1;
300 // Basic constructor.
303 key = unsuitable_type;
308 // Make a new instance given the type tag. We assume a generic
309 // `reference_type' means Object.
314 if (key == reference_type)
315 data.klass = &java::lang::Object::class$;
319 // Make a new instance given a class.
322 key = reference_type;
327 // Make a new instance given the name of a class.
328 type (_Jv_Utf8Const *n)
330 key = unresolved_reference_type;
343 // These operators are required because libgcj can't link in
345 void *operator new[] (size_t bytes)
347 return _Jv_Malloc (bytes);
350 void operator delete[] (void *mem)
355 type& operator= (type_val k)
363 type& operator= (const type& t)
371 // Promote a numeric type.
374 if (key == boolean_type || key == char_type
375 || key == byte_type || key == short_type)
380 // If *THIS is an unresolved reference type, resolve it.
381 void resolve (_Jv_BytecodeVerifier *verifier)
383 if (key != unresolved_reference_type
384 && key != uninitialized_unresolved_reference_type)
387 using namespace java::lang;
388 java::lang::ClassLoader *loader
389 = verifier->current_class->getClassLoader();
390 // We might see either kind of name. Sigh.
391 if (data.name->data[0] == 'L'
392 && data.name->data[data.name->length - 1] == ';')
393 data.klass = _Jv_FindClassFromSignature (data.name->data, loader);
395 data.klass = Class::forName (_Jv_NewStringUtf8Const (data.name),
397 key = (key == unresolved_reference_type
399 : uninitialized_reference_type);
402 // Mark this type as the uninitialized result of `new'.
403 void set_uninitialized (int npc, _Jv_BytecodeVerifier *verifier)
405 if (key == reference_type)
406 key = uninitialized_reference_type;
407 else if (key == unresolved_reference_type)
408 key = uninitialized_unresolved_reference_type;
410 verifier->verify_fail ("internal error in type::uninitialized");
414 // Mark this type as now initialized.
415 void set_initialized (int npc)
417 if (npc != UNINIT && pc == npc
418 && (key == uninitialized_reference_type
419 || key == uninitialized_unresolved_reference_type))
421 key = (key == uninitialized_reference_type
423 : unresolved_reference_type);
429 // Return true if an object of type K can be assigned to a variable
430 // of type *THIS. Handle various special cases too. Might modify
431 // *THIS or K. Note however that this does not perform numeric
433 bool compatible (type &k, _Jv_BytecodeVerifier *verifier)
435 // Any type is compatible with the unsuitable type.
436 if (key == unsuitable_type)
439 if (key < reference_type || k.key < reference_type)
442 // The `null' type is convertible to any reference type.
443 // FIXME: is this correct for THIS?
444 if (key == null_type || k.key == null_type)
447 // Any reference type is convertible to Object. This is a special
448 // case so we don't need to unnecessarily resolve a class.
449 if (key == reference_type
450 && data.klass == &java::lang::Object::class$)
453 // An initialized type and an uninitialized type are not
455 if (isinitialized () != k.isinitialized ())
458 // Two uninitialized objects are compatible if either:
459 // * The PCs are identical, or
460 // * One PC is UNINIT.
461 if (! isinitialized ())
463 if (pc != k.pc && pc != UNINIT && k.pc != UNINIT)
467 // Two unresolved types are equal if their names are the same.
470 && _Jv_equalUtf8Consts (data.name, k.data.name))
473 // We must resolve both types and check assignability.
475 k.resolve (verifier);
476 return is_assignable_from_slow (data.klass, k.data.klass);
481 return key == void_type;
486 return key == long_type || key == double_type;
489 // Return number of stack or local variable slots taken by this
493 return iswide () ? 2 : 1;
496 bool isarray () const
498 // We treat null_type as not an array. This is ok based on the
499 // current uses of this method.
500 if (key == reference_type)
501 return data.klass->isArray ();
502 else if (key == unresolved_reference_type)
503 return data.name->data[0] == '[';
507 bool isinterface (_Jv_BytecodeVerifier *verifier)
510 if (key != reference_type)
512 return data.klass->isInterface ();
515 bool isabstract (_Jv_BytecodeVerifier *verifier)
518 if (key != reference_type)
520 using namespace java::lang::reflect;
521 return Modifier::isAbstract (data.klass->getModifiers ());
524 // Return the element type of an array.
525 type element_type (_Jv_BytecodeVerifier *verifier)
527 // FIXME: maybe should do string manipulation here.
529 if (key != reference_type)
530 verifier->verify_fail ("programmer error in type::element_type()", -1);
532 jclass k = data.klass->getComponentType ();
533 if (k->isPrimitive ())
534 return type (verifier->get_type_val_for_signature (k));
538 // Return the array type corresponding to an initialized
539 // reference. We could expand this to work for other kinds of
540 // types, but currently we don't need to.
541 type to_array (_Jv_BytecodeVerifier *verifier)
543 // Resolving isn't ideal, because it might force us to load
544 // another class, but it's easy. FIXME?
545 if (key == unresolved_reference_type)
548 if (key == reference_type)
549 return type (_Jv_GetArrayClass (data.klass,
550 data.klass->getClassLoader ()));
552 verifier->verify_fail ("internal error in type::to_array()");
555 bool isreference () const
557 return key >= reference_type;
565 bool isinitialized () const
567 return (key == reference_type
569 || key == unresolved_reference_type);
572 bool isresolved () const
574 return (key == reference_type
576 || key == uninitialized_reference_type);
579 void verify_dimensions (int ndims, _Jv_BytecodeVerifier *verifier)
581 // The way this is written, we don't need to check isarray().
582 if (key == reference_type)
584 jclass k = data.klass;
585 while (k->isArray () && ndims > 0)
587 k = k->getComponentType ();
593 // We know KEY == unresolved_reference_type.
594 char *p = data.name->data;
595 while (*p++ == '[' && ndims-- > 0)
600 verifier->verify_fail ("array type has fewer dimensions than required");
603 // Merge OLD_TYPE into this. On error throw exception.
604 bool merge (type& old_type, bool local_semantics,
605 _Jv_BytecodeVerifier *verifier)
607 bool changed = false;
608 bool refo = old_type.isreference ();
609 bool refn = isreference ();
612 if (old_type.key == null_type)
614 else if (key == null_type)
619 else if (isinitialized () != old_type.isinitialized ())
620 verifier->verify_fail ("merging initialized and uninitialized types");
623 if (! isinitialized ())
627 else if (old_type.pc == UNINIT)
629 else if (pc != old_type.pc)
630 verifier->verify_fail ("merging different uninitialized types");
634 && ! old_type.isresolved ()
635 && _Jv_equalUtf8Consts (data.name, old_type.data.name))
637 // Types are identical.
642 old_type.resolve (verifier);
644 jclass k = data.klass;
645 jclass oldk = old_type.data.klass;
648 while (k->isArray () && oldk->isArray ())
651 k = k->getComponentType ();
652 oldk = oldk->getComponentType ();
655 // This loop will end when we hit Object.
658 if (is_assignable_from_slow (k, oldk))
660 k = k->getSuperclass ();
666 while (arraycount > 0)
668 java::lang::ClassLoader *loader
669 = verifier->current_class->getClassLoader();
670 k = _Jv_GetArrayClass (k, loader);
678 else if (refo || refn || key != old_type.key)
682 // If we're merging into an "unused" slot, then we
683 // simply accept whatever we're merging from.
684 if (key == unused_by_subroutine_type)
689 else if (old_type.key == unused_by_subroutine_type)
693 // If we already have an `unsuitable' type, then we
694 // don't need to change again.
695 else if (key != unsuitable_type)
697 key = unsuitable_type;
702 verifier->verify_fail ("unmergeable type");
708 void print (void) const
713 case boolean_type: c = 'Z'; break;
714 case byte_type: c = 'B'; break;
715 case char_type: c = 'C'; break;
716 case short_type: c = 'S'; break;
717 case int_type: c = 'I'; break;
718 case long_type: c = 'J'; break;
719 case float_type: c = 'F'; break;
720 case double_type: c = 'D'; break;
721 case void_type: c = 'V'; break;
722 case unsuitable_type: c = '-'; break;
723 case return_address_type: c = 'r'; break;
724 case continuation_type: c = '+'; break;
725 case unused_by_subroutine_type: c = '_'; break;
726 case reference_type: c = 'L'; break;
727 case null_type: c = '@'; break;
728 case unresolved_reference_type: c = 'l'; break;
729 case uninitialized_reference_type: c = 'U'; break;
730 case uninitialized_unresolved_reference_type: c = 'u'; break;
732 debug_print ("%c", c);
734 #endif /* VERIFY_DEBUG */
737 // This class holds all the state information we need for a given
741 // Current top of stack.
743 // Current stack depth. This is like the top of stack but it
744 // includes wide variable information.
748 // The local variables.
750 // This is used in subroutines to keep track of which local
751 // variables have been accessed.
753 // If not 0, then we are in a subroutine. The value is the PC of
754 // the subroutine's entry point. We can use 0 as an exceptional
755 // value because PC=0 can never be a subroutine.
757 // This is used to keep a linked list of all the states which
758 // require re-verification. We use the PC to keep track.
760 // We keep track of the type of `this' specially. This is used to
761 // ensure that an instance initializer invokes another initializer
762 // on `this' before returning. We must keep track of this
763 // specially because otherwise we might be confused by code which
764 // assigns to locals[0] (overwriting `this') and then returns
765 // without really initializing.
768 // INVALID marks a state which is not on the linked list of states
769 // requiring reverification.
770 static const int INVALID = -1;
771 // NO_NEXT marks the state at the end of the reverification list.
772 static const int NO_NEXT = -2;
779 local_changed = NULL;
782 state (int max_stack, int max_locals)
787 stack = new type[max_stack];
788 for (int i = 0; i < max_stack; ++i)
789 stack[i] = unsuitable_type;
790 locals = new type[max_locals];
791 local_changed = (bool *) _Jv_Malloc (sizeof (bool) * max_locals);
792 for (int i = 0; i < max_locals; ++i)
794 locals[i] = unsuitable_type;
795 local_changed[i] = false;
801 state (const state *orig, int max_stack, int max_locals,
802 bool ret_semantics = false)
804 stack = new type[max_stack];
805 locals = new type[max_locals];
806 local_changed = (bool *) _Jv_Malloc (sizeof (bool) * max_locals);
807 copy (orig, max_stack, max_locals, ret_semantics);
818 _Jv_Free (local_changed);
821 void *operator new[] (size_t bytes)
823 return _Jv_Malloc (bytes);
826 void operator delete[] (void *mem)
831 void *operator new (size_t bytes)
833 return _Jv_Malloc (bytes);
836 void operator delete (void *mem)
841 void copy (const state *copy, int max_stack, int max_locals,
842 bool ret_semantics = false)
844 stacktop = copy->stacktop;
845 stackdepth = copy->stackdepth;
846 subroutine = copy->subroutine;
847 for (int i = 0; i < max_stack; ++i)
848 stack[i] = copy->stack[i];
849 for (int i = 0; i < max_locals; ++i)
851 // See push_jump_merge to understand this case.
853 locals[i] = type (copy->local_changed[i]
855 : unused_by_subroutine_type);
857 locals[i] = copy->locals[i];
858 local_changed[i] = copy->local_changed[i];
860 this_type = copy->this_type;
861 // Don't modify `next'.
864 // Modify this state to reflect entry to an exception handler.
865 void set_exception (type t, int max_stack)
870 for (int i = stacktop; i < max_stack; ++i)
871 stack[i] = unsuitable_type;
873 // FIXME: subroutine handling?
876 // Merge STATE_OLD into this state. Destructively modifies this
877 // state. Returns true if the new state was in fact changed.
878 // Will throw an exception if the states are not mergeable.
879 bool merge (state *state_old, bool ret_semantics,
880 int max_locals, _Jv_BytecodeVerifier *verifier)
882 bool changed = false;
884 // Special handling for `this'. If one or the other is
885 // uninitialized, then the merge is uninitialized.
886 if (this_type.isinitialized ())
887 this_type = state_old->this_type;
889 // Merge subroutine states. *THIS and *STATE_OLD must be in the
890 // same subroutine. Also, recursive subroutine calls must be
892 if (subroutine == state_old->subroutine)
896 else if (subroutine == 0)
898 subroutine = state_old->subroutine;
901 // If we're handling the result of an unmerged `ret', then we
902 // can't trust that it has the correct PC setting. So in this
903 // case we ignore what might otherwise look like a merge error.
904 else if (! state_old->is_unmerged_ret_state (max_locals))
905 verifier->verify_fail ("subroutines merged");
908 if (state_old->stacktop != stacktop)
909 verifier->verify_fail ("stack sizes differ");
910 for (int i = 0; i < state_old->stacktop; ++i)
912 if (stack[i].merge (state_old->stack[i], false, verifier))
916 // Merge local variables.
917 for (int i = 0; i < max_locals; ++i)
919 if (! ret_semantics || local_changed[i])
921 if (locals[i].merge (state_old->locals[i], true, verifier))
928 // If we're in a subroutine, we must compute the union of
929 // all the changed local variables.
930 if (state_old->local_changed[i])
937 // Throw an exception if there is an uninitialized object on the
938 // stack or in a local variable. EXCEPTION_SEMANTICS controls
939 // whether we're using backwards-branch or exception-handing
941 void check_no_uninitialized_objects (int max_locals,
942 _Jv_BytecodeVerifier *verifier,
943 bool exception_semantics = false)
945 if (! exception_semantics)
947 for (int i = 0; i < stacktop; ++i)
948 if (stack[i].isreference () && ! stack[i].isinitialized ())
949 verifier->verify_fail ("uninitialized object on stack");
952 for (int i = 0; i < max_locals; ++i)
953 if (locals[i].isreference () && ! locals[i].isinitialized ())
954 verifier->verify_fail ("uninitialized object in local variable");
956 check_this_initialized (verifier);
959 // Ensure that `this' has been initialized.
960 void check_this_initialized (_Jv_BytecodeVerifier *verifier)
962 if (this_type.isreference () && ! this_type.isinitialized ())
963 verifier->verify_fail ("`this' is uninitialized");
966 // Set type of `this'.
967 void set_this_type (const type &k)
972 // Note that a local variable was modified.
973 void note_variable (int index)
976 local_changed[index] = true;
979 // Mark each `new'd object we know of that was allocated at PC as
981 void set_initialized (int pc, int max_locals)
983 for (int i = 0; i < stacktop; ++i)
984 stack[i].set_initialized (pc);
985 for (int i = 0; i < max_locals; ++i)
986 locals[i].set_initialized (pc);
987 this_type.set_initialized (pc);
990 // Return true if this state is the unmerged result of a `ret'.
991 bool is_unmerged_ret_state (int max_locals) const
993 for (int i = 0; i < max_locals; ++i)
995 if (locals[i].key == unused_by_subroutine_type)
1002 void print (const char *leader, int pc,
1003 int max_stack, int max_locals) const
1005 debug_print ("%s [%4d]: [stack] ", leader, pc);
1007 for (i = 0; i < stacktop; ++i)
1009 for (; i < max_stack; ++i)
1011 debug_print (" [local] ");
1012 for (i = 0; i < max_locals; ++i)
1014 if (subroutine == 0)
1015 debug_print (" | None");
1017 debug_print (" | %4d", subroutine);
1018 debug_print (" | %p\n", this);
1021 inline void print (const char *, int, int, int) const
1024 #endif /* VERIFY_DEBUG */
1029 if (current_state->stacktop <= 0)
1030 verify_fail ("stack empty");
1031 type r = current_state->stack[--current_state->stacktop];
1032 current_state->stackdepth -= r.depth ();
1033 if (current_state->stackdepth < 0)
1034 verify_fail ("stack empty", start_PC);
1040 type r = pop_raw ();
1042 verify_fail ("narrow pop of wide type");
1048 type r = pop_raw ();
1050 verify_fail ("wide pop of narrow type");
1054 type pop_type (type match)
1057 type t = pop_raw ();
1058 if (! match.compatible (t, this))
1059 verify_fail ("incompatible type on stack");
1063 // Pop a reference type or a return address.
1064 type pop_ref_or_return ()
1066 type t = pop_raw ();
1067 if (! t.isreference () && t.key != return_address_type)
1068 verify_fail ("expected reference or return address on stack");
1072 void push_type (type t)
1074 // If T is a numeric type like short, promote it to int.
1077 int depth = t.depth ();
1078 if (current_state->stackdepth + depth > current_method->max_stack)
1079 verify_fail ("stack overflow");
1080 current_state->stack[current_state->stacktop++] = t;
1081 current_state->stackdepth += depth;
1084 void set_variable (int index, type t)
1086 // If T is a numeric type like short, promote it to int.
1089 int depth = t.depth ();
1090 if (index > current_method->max_locals - depth)
1091 verify_fail ("invalid local variable");
1092 current_state->locals[index] = t;
1093 current_state->note_variable (index);
1097 current_state->locals[index + 1] = continuation_type;
1098 current_state->note_variable (index + 1);
1100 if (index > 0 && current_state->locals[index - 1].iswide ())
1102 current_state->locals[index - 1] = unsuitable_type;
1103 // There's no need to call note_variable here.
1107 type get_variable (int index, type t)
1109 int depth = t.depth ();
1110 if (index > current_method->max_locals - depth)
1111 verify_fail ("invalid local variable");
1112 if (! t.compatible (current_state->locals[index], this))
1113 verify_fail ("incompatible type in local variable");
1116 type t (continuation_type);
1117 if (! current_state->locals[index + 1].compatible (t, this))
1118 verify_fail ("invalid local variable");
1120 return current_state->locals[index];
1123 // Make sure ARRAY is an array type and that its elements are
1124 // compatible with type ELEMENT. Returns the actual element type.
1125 type require_array_type (type array, type element)
1127 if (! array.isarray ())
1128 verify_fail ("array required");
1130 type t = array.element_type (this);
1131 if (! element.compatible (t, this))
1133 // Special case for byte arrays, which must also be boolean
1136 if (element.key == byte_type)
1138 type e2 (boolean_type);
1139 ok = e2.compatible (t, this);
1142 verify_fail ("incompatible array element type");
1145 // Return T and not ELEMENT, because T might be specialized.
1151 if (PC >= current_method->code_length)
1152 verify_fail ("premature end of bytecode");
1153 return (jint) bytecode[PC++] & 0xff;
1158 jint b1 = get_byte ();
1159 jint b2 = get_byte ();
1160 return (jint) ((b1 << 8) | b2) & 0xffff;
1165 jint b1 = get_byte ();
1166 jint b2 = get_byte ();
1167 jshort s = (b1 << 8) | b2;
1173 jint b1 = get_byte ();
1174 jint b2 = get_byte ();
1175 jint b3 = get_byte ();
1176 jint b4 = get_byte ();
1177 return (b1 << 24) | (b2 << 16) | (b3 << 8) | b4;
1180 int compute_jump (int offset)
1182 int npc = start_PC + offset;
1183 if (npc < 0 || npc >= current_method->code_length)
1184 verify_fail ("branch out of range", start_PC);
1188 // Merge the indicated state into the state at the branch target and
1189 // schedule a new PC if there is a change. If RET_SEMANTICS is
1190 // true, then we are merging from a `ret' instruction into the
1191 // instruction after a `jsr'. This is a special case with its own
1192 // modified semantics.
1193 void push_jump_merge (int npc, state *nstate, bool ret_semantics = false)
1195 bool changed = true;
1196 if (states[npc] == NULL)
1198 // There's a weird situation here. If are examining the
1199 // branch that results from a `ret', and there is not yet a
1200 // state available at the branch target (the instruction just
1201 // after the `jsr'), then we have to construct a special kind
1202 // of state at that point for future merging. This special
1203 // state has the type `unused_by_subroutine_type' in each slot
1204 // which was not modified by the subroutine.
1205 states[npc] = new state (nstate, current_method->max_stack,
1206 current_method->max_locals, ret_semantics);
1207 debug_print ("== New state in push_jump_merge\n");
1208 states[npc]->print ("New", npc, current_method->max_stack,
1209 current_method->max_locals);
1213 debug_print ("== Merge states in push_jump_merge\n");
1214 nstate->print ("Frm", start_PC, current_method->max_stack,
1215 current_method->max_locals);
1216 states[npc]->print (" To", npc, current_method->max_stack,
1217 current_method->max_locals);
1218 changed = states[npc]->merge (nstate, ret_semantics,
1219 current_method->max_locals, this);
1220 states[npc]->print ("New", npc, current_method->max_stack,
1221 current_method->max_locals);
1224 if (changed && states[npc]->next == state::INVALID)
1226 // The merge changed the state, and the new PC isn't yet on our
1227 // list of PCs to re-verify.
1228 states[npc]->next = next_verify_pc;
1229 next_verify_pc = npc;
1233 void push_jump (int offset)
1235 int npc = compute_jump (offset);
1237 current_state->check_no_uninitialized_objects (current_method->max_locals, this);
1238 push_jump_merge (npc, current_state);
1241 void push_exception_jump (type t, int pc)
1243 current_state->check_no_uninitialized_objects (current_method->max_locals,
1245 state s (current_state, current_method->max_stack,
1246 current_method->max_locals);
1247 s.set_exception (t, current_method->max_stack);
1248 push_jump_merge (pc, &s);
1253 int *prev_loc = &next_verify_pc;
1254 int npc = next_verify_pc;
1255 bool skipped = false;
1257 while (npc != state::NO_NEXT)
1259 // If the next available PC is an unmerged `ret' state, then
1260 // we aren't yet ready to handle it. That's because we would
1261 // need all kind of special cases to do so. So instead we
1262 // defer this jump until after we've processed it via a
1263 // fall-through. This has to happen because the instruction
1264 // before this one must be a `jsr'.
1265 if (! states[npc]->is_unmerged_ret_state (current_method->max_locals))
1267 *prev_loc = states[npc]->next;
1268 states[npc]->next = state::INVALID;
1273 prev_loc = &states[npc]->next;
1274 npc = states[npc]->next;
1277 // If we've skipped states and there is nothing else, that's a
1280 verify_fail ("pop_jump: can't happen");
1281 return state::NO_NEXT;
1284 void invalidate_pc ()
1286 PC = state::NO_NEXT;
1289 void note_branch_target (int pc, bool is_jsr_target = false)
1291 // Don't check `pc <= PC', because we've advanced PC after
1292 // fetching the target and we haven't yet checked the next
1294 if (pc < PC && ! (flags[pc] & FLAG_INSN_START))
1295 verify_fail ("branch not to instruction start", start_PC);
1296 flags[pc] |= FLAG_BRANCH_TARGET;
1299 // Record the jsr which called this instruction.
1300 subr_info *info = (subr_info *) _Jv_Malloc (sizeof (subr_info));
1302 info->next = jsr_ptrs[pc];
1303 jsr_ptrs[pc] = info;
1307 void skip_padding ()
1309 while ((PC % 4) > 0)
1310 if (get_byte () != 0)
1311 verify_fail ("found nonzero padding byte");
1314 // Return the subroutine to which the instruction at PC belongs.
1315 int get_subroutine (int pc)
1317 if (states[pc] == NULL)
1319 return states[pc]->subroutine;
1322 // Do the work for a `ret' instruction. INDEX is the index into the
1324 void handle_ret_insn (int index)
1326 get_variable (index, return_address_type);
1328 int csub = current_state->subroutine;
1330 verify_fail ("no subroutine");
1332 for (subr_info *subr = jsr_ptrs[csub]; subr != NULL; subr = subr->next)
1334 // Temporarily modify the current state so it looks like we're
1335 // in the enclosing context.
1336 current_state->subroutine = get_subroutine (subr->pc);
1338 current_state->check_no_uninitialized_objects (current_method->max_locals, this);
1339 push_jump_merge (subr->pc, current_state, true);
1342 current_state->subroutine = csub;
1346 // We're in the subroutine SUB, calling a subroutine at DEST. Make
1347 // sure this subroutine isn't already on the stack.
1348 void check_nonrecursive_call (int sub, int dest)
1353 verify_fail ("recursive subroutine call");
1354 for (subr_info *info = jsr_ptrs[sub]; info != NULL; info = info->next)
1355 check_nonrecursive_call (get_subroutine (info->pc), dest);
1358 void handle_jsr_insn (int offset)
1360 int npc = compute_jump (offset);
1363 current_state->check_no_uninitialized_objects (current_method->max_locals, this);
1364 check_nonrecursive_call (current_state->subroutine, npc);
1366 // Temporarily modify the current state so that it looks like we are
1367 // in the subroutine.
1368 push_type (return_address_type);
1369 int save = current_state->subroutine;
1370 current_state->subroutine = npc;
1372 // Merge into the subroutine.
1373 push_jump_merge (npc, current_state);
1375 // Undo our modifications.
1376 current_state->subroutine = save;
1377 pop_type (return_address_type);
1380 jclass construct_primitive_array_type (type_val prim)
1386 k = JvPrimClass (boolean);
1389 k = JvPrimClass (char);
1392 k = JvPrimClass (float);
1395 k = JvPrimClass (double);
1398 k = JvPrimClass (byte);
1401 k = JvPrimClass (short);
1404 k = JvPrimClass (int);
1407 k = JvPrimClass (long);
1410 verify_fail ("unknown type in construct_primitive_array_type");
1412 k = _Jv_GetArrayClass (k, NULL);
1416 // This pass computes the location of branch targets and also
1417 // instruction starts.
1418 void branch_prepass ()
1420 flags = (char *) _Jv_Malloc (current_method->code_length);
1421 jsr_ptrs = (subr_info **) _Jv_Malloc (sizeof (subr_info *)
1422 * current_method->code_length);
1424 for (int i = 0; i < current_method->code_length; ++i)
1430 bool last_was_jsr = false;
1433 while (PC < current_method->code_length)
1435 // Set `start_PC' early so that error checking can have the
1438 flags[PC] |= FLAG_INSN_START;
1440 // If the previous instruction was a jsr, then the next
1441 // instruction is a branch target -- the branch being the
1442 // corresponding `ret'.
1444 note_branch_target (PC);
1445 last_was_jsr = false;
1447 java_opcode opcode = (java_opcode) bytecode[PC++];
1451 case op_aconst_null:
1587 case op_monitorenter:
1588 case op_monitorexit:
1596 case op_arraylength:
1628 case op_invokespecial:
1629 case op_invokestatic:
1630 case op_invokevirtual:
1634 case op_multianewarray:
1640 last_was_jsr = true;
1659 note_branch_target (compute_jump (get_short ()), last_was_jsr);
1662 case op_tableswitch:
1665 note_branch_target (compute_jump (get_int ()));
1666 jint low = get_int ();
1667 jint hi = get_int ();
1669 verify_fail ("invalid tableswitch", start_PC);
1670 for (int i = low; i <= hi; ++i)
1671 note_branch_target (compute_jump (get_int ()));
1675 case op_lookupswitch:
1678 note_branch_target (compute_jump (get_int ()));
1679 int npairs = get_int ();
1681 verify_fail ("too few pairs in lookupswitch", start_PC);
1682 while (npairs-- > 0)
1685 note_branch_target (compute_jump (get_int ()));
1690 case op_invokeinterface:
1698 opcode = (java_opcode) get_byte ();
1700 if (opcode == op_iinc)
1706 last_was_jsr = true;
1709 note_branch_target (compute_jump (get_int ()), last_was_jsr);
1713 verify_fail ("unrecognized instruction in branch_prepass",
1717 // See if any previous branch tried to branch to the middle of
1718 // this instruction.
1719 for (int pc = start_PC + 1; pc < PC; ++pc)
1721 if ((flags[pc] & FLAG_BRANCH_TARGET))
1722 verify_fail ("branch to middle of instruction", pc);
1726 // Verify exception handlers.
1727 for (int i = 0; i < current_method->exc_count; ++i)
1729 if (! (flags[exception[i].handler_pc] & FLAG_INSN_START))
1730 verify_fail ("exception handler not at instruction start",
1731 exception[i].handler_pc);
1732 if (! (flags[exception[i].start_pc] & FLAG_INSN_START))
1733 verify_fail ("exception start not at instruction start",
1734 exception[i].start_pc);
1735 if (exception[i].end_pc != current_method->code_length
1736 && ! (flags[exception[i].end_pc] & FLAG_INSN_START))
1737 verify_fail ("exception end not at instruction start",
1738 exception[i].end_pc);
1740 flags[exception[i].handler_pc] |= FLAG_BRANCH_TARGET;
1744 void check_pool_index (int index)
1746 if (index < 0 || index >= current_class->constants.size)
1747 verify_fail ("constant pool index out of range", start_PC);
1750 type check_class_constant (int index)
1752 check_pool_index (index);
1753 _Jv_Constants *pool = ¤t_class->constants;
1754 if (pool->tags[index] == JV_CONSTANT_ResolvedClass)
1755 return type (pool->data[index].clazz);
1756 else if (pool->tags[index] == JV_CONSTANT_Class)
1757 return type (pool->data[index].utf8);
1758 verify_fail ("expected class constant", start_PC);
1761 type check_constant (int index)
1763 check_pool_index (index);
1764 _Jv_Constants *pool = ¤t_class->constants;
1765 if (pool->tags[index] == JV_CONSTANT_ResolvedString
1766 || pool->tags[index] == JV_CONSTANT_String)
1767 return type (&java::lang::String::class$);
1768 else if (pool->tags[index] == JV_CONSTANT_Integer)
1769 return type (int_type);
1770 else if (pool->tags[index] == JV_CONSTANT_Float)
1771 return type (float_type);
1772 verify_fail ("String, int, or float constant expected", start_PC);
1775 type check_wide_constant (int index)
1777 check_pool_index (index);
1778 _Jv_Constants *pool = ¤t_class->constants;
1779 if (pool->tags[index] == JV_CONSTANT_Long)
1780 return type (long_type);
1781 else if (pool->tags[index] == JV_CONSTANT_Double)
1782 return type (double_type);
1783 verify_fail ("long or double constant expected", start_PC);
1786 // Helper for both field and method. These are laid out the same in
1787 // the constant pool.
1788 type handle_field_or_method (int index, int expected,
1789 _Jv_Utf8Const **name,
1790 _Jv_Utf8Const **fmtype)
1792 check_pool_index (index);
1793 _Jv_Constants *pool = ¤t_class->constants;
1794 if (pool->tags[index] != expected)
1795 verify_fail ("didn't see expected constant", start_PC);
1796 // Once we know we have a Fieldref or Methodref we assume that it
1797 // is correctly laid out in the constant pool. I think the code
1798 // in defineclass.cc guarantees this.
1799 _Jv_ushort class_index, name_and_type_index;
1800 _Jv_loadIndexes (&pool->data[index],
1802 name_and_type_index);
1803 _Jv_ushort name_index, desc_index;
1804 _Jv_loadIndexes (&pool->data[name_and_type_index],
1805 name_index, desc_index);
1807 *name = pool->data[name_index].utf8;
1808 *fmtype = pool->data[desc_index].utf8;
1810 return check_class_constant (class_index);
1813 // Return field's type, compute class' type if requested.
1814 type check_field_constant (int index, type *class_type = NULL)
1816 _Jv_Utf8Const *name, *field_type;
1817 type ct = handle_field_or_method (index,
1818 JV_CONSTANT_Fieldref,
1819 &name, &field_type);
1822 if (field_type->data[0] == '[' || field_type->data[0] == 'L')
1823 return type (field_type);
1824 return get_type_val_for_signature (field_type->data[0]);
1827 type check_method_constant (int index, bool is_interface,
1828 _Jv_Utf8Const **method_name,
1829 _Jv_Utf8Const **method_signature)
1831 return handle_field_or_method (index,
1833 ? JV_CONSTANT_InterfaceMethodref
1834 : JV_CONSTANT_Methodref),
1835 method_name, method_signature);
1838 type get_one_type (char *&p)
1856 _Jv_Utf8Const *name = make_utf8_const (start, p - start);
1860 // Casting to jchar here is ok since we are looking at an ASCII
1862 type_val rt = get_type_val_for_signature (jchar (v));
1864 if (arraycount == 0)
1866 // Callers of this function eventually push their arguments on
1867 // the stack. So, promote them here.
1868 return type (rt).promote ();
1871 jclass k = construct_primitive_array_type (rt);
1872 while (--arraycount > 0)
1873 k = _Jv_GetArrayClass (k, NULL);
1877 void compute_argument_types (_Jv_Utf8Const *signature,
1880 char *p = signature->data;
1886 types[i++] = get_one_type (p);
1889 type compute_return_type (_Jv_Utf8Const *signature)
1891 char *p = signature->data;
1895 return get_one_type (p);
1898 void check_return_type (type onstack)
1900 type rt = compute_return_type (current_method->self->signature);
1901 if (! rt.compatible (onstack, this))
1902 verify_fail ("incompatible return type");
1905 // Initialize the stack for the new method. Returns true if this
1906 // method is an instance initializer.
1907 bool initialize_stack ()
1910 bool is_init = false;
1912 using namespace java::lang::reflect;
1913 if (! Modifier::isStatic (current_method->self->accflags))
1915 type kurr (current_class);
1916 if (_Jv_equalUtf8Consts (current_method->self->name, gcj::init_name))
1918 kurr.set_uninitialized (type::SELF, this);
1921 set_variable (0, kurr);
1922 current_state->set_this_type (kurr);
1926 // We have to handle wide arguments specially here.
1927 int arg_count = _Jv_count_arguments (current_method->self->signature);
1928 type arg_types[arg_count];
1929 compute_argument_types (current_method->self->signature, arg_types);
1930 for (int i = 0; i < arg_count; ++i)
1932 set_variable (var, arg_types[i]);
1934 if (arg_types[i].iswide ())
1941 void verify_instructions_0 ()
1943 current_state = new state (current_method->max_stack,
1944 current_method->max_locals);
1949 // True if we are verifying an instance initializer.
1950 bool this_is_init = initialize_stack ();
1952 states = (state **) _Jv_Malloc (sizeof (state *)
1953 * current_method->code_length);
1954 for (int i = 0; i < current_method->code_length; ++i)
1957 next_verify_pc = state::NO_NEXT;
1961 // If the PC was invalidated, get a new one from the work list.
1962 if (PC == state::NO_NEXT)
1965 if (PC == state::INVALID)
1966 verify_fail ("can't happen: saw state::INVALID");
1967 if (PC == state::NO_NEXT)
1969 // Set up the current state.
1970 current_state->copy (states[PC], current_method->max_stack,
1971 current_method->max_locals);
1975 // Control can't fall off the end of the bytecode. We
1976 // only need to check this in the fall-through case,
1977 // because branch bounds are checked when they are
1979 if (PC >= current_method->code_length)
1980 verify_fail ("fell off end");
1982 // We only have to do this checking in the situation where
1983 // control flow falls through from the previous
1984 // instruction. Otherwise merging is done at the time we
1986 if (states[PC] != NULL)
1988 // We've already visited this instruction. So merge
1989 // the states together. If this yields no change then
1990 // we don't have to re-verify. However, if the new
1991 // state is an the result of an unmerged `ret', we
1992 // must continue through it.
1993 debug_print ("== Fall through merge\n");
1994 states[PC]->print ("Old", PC, current_method->max_stack,
1995 current_method->max_locals);
1996 current_state->print ("Cur", PC, current_method->max_stack,
1997 current_method->max_locals);
1998 if (! current_state->merge (states[PC], false,
1999 current_method->max_locals, this)
2000 && ! states[PC]->is_unmerged_ret_state (current_method->max_locals))
2002 debug_print ("== Fall through optimization\n");
2006 // Save a copy of it for later.
2007 states[PC]->copy (current_state, current_method->max_stack,
2008 current_method->max_locals);
2009 current_state->print ("New", PC, current_method->max_stack,
2010 current_method->max_locals);
2014 // We only have to keep saved state at branch targets. If
2015 // we're at a branch target and the state here hasn't been set
2016 // yet, we set it now.
2017 if (states[PC] == NULL && (flags[PC] & FLAG_BRANCH_TARGET))
2019 states[PC] = new state (current_state, current_method->max_stack,
2020 current_method->max_locals);
2023 // Set this before handling exceptions so that debug output is
2027 // Update states for all active exception handlers. Ordinarily
2028 // there are not many exception handlers. So we simply run
2029 // through them all.
2030 for (int i = 0; i < current_method->exc_count; ++i)
2032 if (PC >= exception[i].start_pc && PC < exception[i].end_pc)
2034 type handler (&java::lang::Throwable::class$);
2035 if (exception[i].handler_type != 0)
2036 handler = check_class_constant (exception[i].handler_type);
2037 push_exception_jump (handler, exception[i].handler_pc);
2041 current_state->print (" ", PC, current_method->max_stack,
2042 current_method->max_locals);
2043 java_opcode opcode = (java_opcode) bytecode[PC++];
2049 case op_aconst_null:
2050 push_type (null_type);
2060 push_type (int_type);
2065 push_type (long_type);
2071 push_type (float_type);
2076 push_type (double_type);
2081 push_type (int_type);
2086 push_type (int_type);
2090 push_type (check_constant (get_byte ()));
2093 push_type (check_constant (get_ushort ()));
2096 push_type (check_wide_constant (get_ushort ()));
2100 push_type (get_variable (get_byte (), int_type));
2103 push_type (get_variable (get_byte (), long_type));
2106 push_type (get_variable (get_byte (), float_type));
2109 push_type (get_variable (get_byte (), double_type));
2112 push_type (get_variable (get_byte (), reference_type));
2119 push_type (get_variable (opcode - op_iload_0, int_type));
2125 push_type (get_variable (opcode - op_lload_0, long_type));
2131 push_type (get_variable (opcode - op_fload_0, float_type));
2137 push_type (get_variable (opcode - op_dload_0, double_type));
2143 push_type (get_variable (opcode - op_aload_0, reference_type));
2146 pop_type (int_type);
2147 push_type (require_array_type (pop_type (reference_type),
2151 pop_type (int_type);
2152 push_type (require_array_type (pop_type (reference_type),
2156 pop_type (int_type);
2157 push_type (require_array_type (pop_type (reference_type),
2161 pop_type (int_type);
2162 push_type (require_array_type (pop_type (reference_type),
2166 pop_type (int_type);
2167 push_type (require_array_type (pop_type (reference_type),
2171 pop_type (int_type);
2172 require_array_type (pop_type (reference_type), byte_type);
2173 push_type (int_type);
2176 pop_type (int_type);
2177 require_array_type (pop_type (reference_type), char_type);
2178 push_type (int_type);
2181 pop_type (int_type);
2182 require_array_type (pop_type (reference_type), short_type);
2183 push_type (int_type);
2186 set_variable (get_byte (), pop_type (int_type));
2189 set_variable (get_byte (), pop_type (long_type));
2192 set_variable (get_byte (), pop_type (float_type));
2195 set_variable (get_byte (), pop_type (double_type));
2198 set_variable (get_byte (), pop_ref_or_return ());
2204 set_variable (opcode - op_istore_0, pop_type (int_type));
2210 set_variable (opcode - op_lstore_0, pop_type (long_type));
2216 set_variable (opcode - op_fstore_0, pop_type (float_type));
2222 set_variable (opcode - op_dstore_0, pop_type (double_type));
2228 set_variable (opcode - op_astore_0, pop_ref_or_return ());
2231 pop_type (int_type);
2232 pop_type (int_type);
2233 require_array_type (pop_type (reference_type), int_type);
2236 pop_type (long_type);
2237 pop_type (int_type);
2238 require_array_type (pop_type (reference_type), long_type);
2241 pop_type (float_type);
2242 pop_type (int_type);
2243 require_array_type (pop_type (reference_type), float_type);
2246 pop_type (double_type);
2247 pop_type (int_type);
2248 require_array_type (pop_type (reference_type), double_type);
2251 pop_type (reference_type);
2252 pop_type (int_type);
2253 require_array_type (pop_type (reference_type), reference_type);
2256 pop_type (int_type);
2257 pop_type (int_type);
2258 require_array_type (pop_type (reference_type), byte_type);
2261 pop_type (int_type);
2262 pop_type (int_type);
2263 require_array_type (pop_type (reference_type), char_type);
2266 pop_type (int_type);
2267 pop_type (int_type);
2268 require_array_type (pop_type (reference_type), short_type);
2295 type t2 = pop_raw ();
2310 type t = pop_raw ();
2323 type t1 = pop_raw ();
2340 type t1 = pop_raw ();
2343 type t2 = pop_raw ();
2361 type t3 = pop_raw ();
2399 pop_type (int_type);
2400 push_type (pop_type (int_type));
2410 pop_type (long_type);
2411 push_type (pop_type (long_type));
2416 pop_type (int_type);
2417 push_type (pop_type (long_type));
2424 pop_type (float_type);
2425 push_type (pop_type (float_type));
2432 pop_type (double_type);
2433 push_type (pop_type (double_type));
2439 push_type (pop_type (int_type));
2442 push_type (pop_type (long_type));
2445 push_type (pop_type (float_type));
2448 push_type (pop_type (double_type));
2451 get_variable (get_byte (), int_type);
2455 pop_type (int_type);
2456 push_type (long_type);
2459 pop_type (int_type);
2460 push_type (float_type);
2463 pop_type (int_type);
2464 push_type (double_type);
2467 pop_type (long_type);
2468 push_type (int_type);
2471 pop_type (long_type);
2472 push_type (float_type);
2475 pop_type (long_type);
2476 push_type (double_type);
2479 pop_type (float_type);
2480 push_type (int_type);
2483 pop_type (float_type);
2484 push_type (long_type);
2487 pop_type (float_type);
2488 push_type (double_type);
2491 pop_type (double_type);
2492 push_type (int_type);
2495 pop_type (double_type);
2496 push_type (long_type);
2499 pop_type (double_type);
2500 push_type (float_type);
2503 pop_type (long_type);
2504 pop_type (long_type);
2505 push_type (int_type);
2509 pop_type (float_type);
2510 pop_type (float_type);
2511 push_type (int_type);
2515 pop_type (double_type);
2516 pop_type (double_type);
2517 push_type (int_type);
2525 pop_type (int_type);
2526 push_jump (get_short ());
2534 pop_type (int_type);
2535 pop_type (int_type);
2536 push_jump (get_short ());
2540 pop_type (reference_type);
2541 pop_type (reference_type);
2542 push_jump (get_short ());
2545 push_jump (get_short ());
2549 handle_jsr_insn (get_short ());
2552 handle_ret_insn (get_byte ());
2554 case op_tableswitch:
2556 pop_type (int_type);
2558 push_jump (get_int ());
2559 jint low = get_int ();
2560 jint high = get_int ();
2561 // Already checked LOW -vs- HIGH.
2562 for (int i = low; i <= high; ++i)
2563 push_jump (get_int ());
2568 case op_lookupswitch:
2570 pop_type (int_type);
2572 push_jump (get_int ());
2573 jint npairs = get_int ();
2574 // Already checked NPAIRS >= 0.
2576 for (int i = 0; i < npairs; ++i)
2578 jint key = get_int ();
2579 if (i > 0 && key <= lastkey)
2580 verify_fail ("lookupswitch pairs unsorted", start_PC);
2582 push_jump (get_int ());
2588 check_return_type (pop_type (int_type));
2592 check_return_type (pop_type (long_type));
2596 check_return_type (pop_type (float_type));
2600 check_return_type (pop_type (double_type));
2604 check_return_type (pop_type (reference_type));
2608 // We only need to check this when the return type is
2609 // void, because all instance initializers return void.
2611 current_state->check_this_initialized (this);
2612 check_return_type (void_type);
2616 push_type (check_field_constant (get_ushort ()));
2619 pop_type (check_field_constant (get_ushort ()));
2624 type field = check_field_constant (get_ushort (), &klass);
2632 type field = check_field_constant (get_ushort (), &klass);
2635 // We have an obscure special case here: we can use
2636 // `putfield' on a field declared in this class, even if
2637 // `this' has not yet been initialized.
2638 if (! current_state->this_type.isinitialized ()
2639 && current_state->this_type.pc == type::SELF)
2640 klass.set_uninitialized (type::SELF, this);
2645 case op_invokevirtual:
2646 case op_invokespecial:
2647 case op_invokestatic:
2648 case op_invokeinterface:
2650 _Jv_Utf8Const *method_name, *method_signature;
2652 = check_method_constant (get_ushort (),
2653 opcode == op_invokeinterface,
2656 int arg_count = _Jv_count_arguments (method_signature);
2657 if (opcode == op_invokeinterface)
2659 int nargs = get_byte ();
2661 verify_fail ("too few arguments to invokeinterface");
2662 if (get_byte () != 0)
2663 verify_fail ("invokeinterface dummy byte is wrong");
2664 if (nargs - 1 != arg_count)
2665 verify_fail ("wrong argument count for invokeinterface");
2668 bool is_init = false;
2669 if (_Jv_equalUtf8Consts (method_name, gcj::init_name))
2672 if (opcode != op_invokespecial)
2673 verify_fail ("can't invoke <init>");
2675 else if (method_name->data[0] == '<')
2676 verify_fail ("can't invoke method starting with `<'");
2678 // Pop arguments and check types.
2679 type arg_types[arg_count];
2680 compute_argument_types (method_signature, arg_types);
2681 for (int i = arg_count - 1; i >= 0; --i)
2682 pop_type (arg_types[i]);
2684 if (opcode != op_invokestatic)
2686 type t = class_type;
2689 // In this case the PC doesn't matter.
2690 t.set_uninitialized (type::UNINIT, this);
2694 current_state->set_initialized (t.get_pc (),
2695 current_method->max_locals);
2698 type rt = compute_return_type (method_signature);
2706 type t = check_class_constant (get_ushort ());
2707 if (t.isarray () || t.isinterface (this) || t.isabstract (this))
2708 verify_fail ("type is array, interface, or abstract");
2709 t.set_uninitialized (start_PC, this);
2716 int atype = get_byte ();
2717 // We intentionally have chosen constants to make this
2719 if (atype < boolean_type || atype > long_type)
2720 verify_fail ("type not primitive", start_PC);
2721 pop_type (int_type);
2722 push_type (construct_primitive_array_type (type_val (atype)));
2726 pop_type (int_type);
2727 push_type (check_class_constant (get_ushort ()).to_array (this));
2729 case op_arraylength:
2731 type t = pop_type (reference_type);
2733 verify_fail ("array type expected");
2734 push_type (int_type);
2738 pop_type (type (&java::lang::Throwable::class$));
2742 pop_type (reference_type);
2743 push_type (check_class_constant (get_ushort ()));
2746 pop_type (reference_type);
2747 check_class_constant (get_ushort ());
2748 push_type (int_type);
2750 case op_monitorenter:
2751 pop_type (reference_type);
2753 case op_monitorexit:
2754 pop_type (reference_type);
2758 switch (get_byte ())
2761 push_type (get_variable (get_ushort (), int_type));
2764 push_type (get_variable (get_ushort (), long_type));
2767 push_type (get_variable (get_ushort (), float_type));
2770 push_type (get_variable (get_ushort (), double_type));
2773 push_type (get_variable (get_ushort (), reference_type));
2776 set_variable (get_ushort (), pop_type (int_type));
2779 set_variable (get_ushort (), pop_type (long_type));
2782 set_variable (get_ushort (), pop_type (float_type));
2785 set_variable (get_ushort (), pop_type (double_type));
2788 set_variable (get_ushort (), pop_type (reference_type));
2791 handle_ret_insn (get_short ());
2794 get_variable (get_ushort (), int_type);
2798 verify_fail ("unrecognized wide instruction", start_PC);
2802 case op_multianewarray:
2804 type atype = check_class_constant (get_ushort ());
2805 int dim = get_byte ();
2807 verify_fail ("too few dimensions to multianewarray", start_PC);
2808 atype.verify_dimensions (dim, this);
2809 for (int i = 0; i < dim; ++i)
2810 pop_type (int_type);
2816 pop_type (reference_type);
2817 push_jump (get_short ());
2820 push_jump (get_int ());
2824 handle_jsr_insn (get_int ());
2828 // Unrecognized opcode.
2829 verify_fail ("unrecognized instruction in verify_instructions_0",
2835 __attribute__ ((__noreturn__)) void verify_fail (char *s, jint pc = -1)
2837 using namespace java::lang;
2838 StringBuffer *buf = new StringBuffer ();
2840 buf->append (JvNewStringLatin1 ("verification failed"));
2845 buf->append (JvNewStringLatin1 (" at PC "));
2849 _Jv_InterpMethod *method = current_method;
2850 buf->append (JvNewStringLatin1 (" in "));
2851 buf->append (current_class->getName());
2852 buf->append ((jchar) ':');
2853 buf->append (JvNewStringUTF (method->get_method()->name->data));
2854 buf->append ((jchar) '(');
2855 buf->append (JvNewStringUTF (method->get_method()->signature->data));
2856 buf->append ((jchar) ')');
2858 buf->append (JvNewStringLatin1 (": "));
2859 buf->append (JvNewStringLatin1 (s));
2860 throw new java::lang::VerifyError (buf->toString ());
2865 void verify_instructions ()
2868 verify_instructions_0 ();
2871 _Jv_BytecodeVerifier (_Jv_InterpMethod *m)
2873 // We just print the text as utf-8. This is just for debugging
2875 debug_print ("--------------------------------\n");
2876 debug_print ("-- Verifying method `%s'\n", m->self->name->data);
2879 bytecode = m->bytecode ();
2880 exception = m->exceptions ();
2881 current_class = m->defining_class;
2889 ~_Jv_BytecodeVerifier ()
2896 _Jv_Free (jsr_ptrs);
2897 while (utf8_list != NULL)
2899 linked_utf8 *n = utf8_list->next;
2900 _Jv_Free (utf8_list->val);
2901 _Jv_Free (utf8_list);
2908 _Jv_VerifyMethod (_Jv_InterpMethod *meth)
2910 _Jv_BytecodeVerifier v (meth);
2911 v.verify_instructions ();
2913 #endif /* INTERPRETER */