search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2015-05-05 Yvan Roux <yvan.roux@linaro.org>
[official-gcc.git] / gcc / java / verify-impl.c
blobbbd4097b0377a10127cfad50fc429d41af3027d2
1 /* Copyright (C) 2001-2015 Free Software Foundation, Inc.
2
3 This file is part of libgcj.
4
5 This software is copyrighted work licensed under the terms of the
6 Libgcj License. Please consult the file "LIBGCJ_LICENSE" for
7 details. */
8
9 /* Written by Tom Tromey <tromey@redhat.com> */
10
11 /* Uncomment this to enable debugging output. */
12 /* #define VERIFY_DEBUG */
13
14 #include "config.h"
15 #include "system.h"
16 #include "coretypes.h"
17
18 #include "hash-set.h"
19 #include "machmode.h"
20 #include "vec.h"
21 #include "double-int.h"
22 #include "input.h"
23 #include "alias.h"
24 #include "symtab.h"
25 #include "options.h"
26 #include "wide-int.h"
27 #include "inchash.h"
28 #include "verify.h"
29
30 /* Hack to work around namespace pollution from java-tree.h. */
31 #undef current_class
32
33 /* This is used to mark states which are not scheduled for
34 verification. */
35 #define INVALID_STATE ((state *) -1)
36
37 static void ATTRIBUTE_PRINTF_1
38 debug_print (const char *fmt ATTRIBUTE_UNUSED, ...)
39 {
40 #ifdef VERIFY_DEBUG
41 va_list ap;
42 va_start (ap, fmt);
43 vfprintf (stderr, fmt, ap);
44 va_end (ap);
45 #endif /* VERIFY_DEBUG */
46 }
47
48 /* This started as a fairly ordinary verifier, and for the most part
49 it remains so. It works in the obvious way, by modeling the effect
50 of each opcode as it is encountered. For most opcodes, this is a
51 straightforward operation.
52
53 This verifier does not do type merging. It used to, but this
54 results in difficulty verifying some relatively simple code
55 involving interfaces, and it pushed some verification work into the
56 interpreter.
57
58 Instead of merging reference types, when we reach a point where two
59 flows of control merge, we simply keep the union of reference types
60 from each branch. Then, when we need to verify a fact about a
61 reference on the stack (e.g., that it is compatible with the
62 argument type of a method), we check to ensure that all possible
63 types satisfy the requirement.
64
65 Another area this verifier differs from the norm is in its handling
66 of subroutines. The JVM specification has some confusing things to
67 say about subroutines. For instance, it makes claims about not
68 allowing subroutines to merge and it rejects recursive subroutines.
69 For the most part these are red herrings; we used to try to follow
70 these things but they lead to problems. For example, the notion of
71 "being in a subroutine" is not well-defined: is an exception
72 handler in a subroutine? If you never execute the `ret' but
73 instead `goto 1' do you remain in the subroutine?
74
75 For clarity on what is really required for type safety, read
76 "Simple Verification Technique for Complex Java Bytecode
77 Subroutines" by Alessandro Coglio. Among other things this paper
78 shows that recursive subroutines are not harmful to type safety.
79 We implement something similar to what he proposes. Note that this
80 means that this verifier will accept code that is rejected by some
81 other verifiers.
82
83 For those not wanting to read the paper, the basic observation is
84 that we can maintain split states in subroutines. We maintain one
85 state for each calling `jsr'. In other words, we re-verify a
86 subroutine once for each caller, using the exact types held by the
87 callers (as opposed to the old approach of merging types and
88 keeping a bitmap registering what did or did not change). This
89 approach lets us continue to verify correctly even when a
90 subroutine is exited via `goto' or `athrow' and not `ret'.
91
92 In some other areas the JVM specification is (mildly) incorrect,
93 so we diverge. For instance, you cannot
94 violate type safety by allocating an object with `new' and then
95 failing to initialize it, no matter how one branches or where one
96 stores the uninitialized reference. See "Improving the official
97 specification of Java bytecode verification" by Alessandro Coglio.
98
99 Note that there's no real point in enforcing that padding bytes or
100 the mystery byte of invokeinterface must be 0, but we do that
101 regardless.
102
103 The verifier is currently neither completely lazy nor eager when it
104 comes to loading classes. It tries to represent types by name when
105 possible, and then loads them when it needs to verify a fact about
106 the type. Checking types by name is valid because we only use
107 names which come from the current class' constant pool. Since all
108 such names are looked up using the same class loader, there is no
109 danger that we might be fooled into comparing different types with
110 the same name.
111
112 In the future we plan to allow for a completely lazy mode of
113 operation, where the verifier will construct a list of type
114 assertions to be checked later.
115
116 Some test cases for the verifier live in the "verify" module of the
117 Mauve test suite. However, some of these are presently
118 (2004-01-20) believed to be incorrect. (More precisely the notion
119 of "correct" is not well-defined, and this verifier differs from
120 others while remaining type-safe.) Some other tests live in the
121 libgcj test suite.
122
123 This verifier is also written to be pluggable. This means that it
124 is intended for use in a variety of environments, not just libgcj.
125 As a result the verifier expects a number of type and method
126 declarations to be declared in "verify.h". The intent is that you
127 recompile the verifier for your particular environment. This
128 approach was chosen so that operations could be inlined in verify.h
129 as much as possible.
130
131 See the verify.h that accompanies this copy of the verifier to see
132 what types, preprocessor defines, and functions must be declared.
133 The interface is ad hoc, but was defined so that it could be
134 implemented to connect to a pure C program.
135 */
136
137 #define FLAG_INSN_START 1
138 #define FLAG_BRANCH_TARGET 2
139 #define FLAG_INSN_SEEN 4
140
141 struct state;
142 struct type;
143 struct ref_intersection;
144
145 typedef struct state state;
146 typedef struct type type;
147 typedef struct ref_intersection ref_intersection;
148
149 /*typedef struct state_list state_list;*/
150
151 typedef struct state_list
152 {
153 state *val;
154 struct state_list *next;
155 } state_list;
156
157 typedef struct vfy_string_list
158 {
159 vfy_string val;
160 struct vfy_string_list *next;
161 } vfy_string_list;
162
163 typedef struct verifier_context
164 {
165 /* The current PC. */
166 int PC;
167 /* The PC corresponding to the start of the current instruction. */
168 int start_PC;
169
170 /* The current state of the stack, locals, etc. */
171 state *current_state;
172
173 /* At each branch target we keep a linked list of all the states we
174 can process at that point. We'll only have multiple states at a
175 given PC if they both have different return-address types in the
176 same stack or local slot. This array is indexed by PC and holds
177 the list of all such states. */
178 state_list **states;
179
180 /* We keep a linked list of all the states which we must reverify.
181 This is the head of the list. */
182 state *next_verify_state;
183
184 /* We keep some flags for each instruction. The values are the
185 FLAG_* constants defined above. This is an array indexed by PC. */
186 char *flags;
187
188 /* The bytecode itself. */
189 const unsigned char *bytecode;
190 /* The exceptions. */
191 vfy_exception *exception;
192
193 /* Defining class. */
194 vfy_jclass current_class;
195 /* This method. */
196 vfy_method *current_method;
197
198 /* A linked list of utf8 objects we allocate. */
199 vfy_string_list *utf8_list;
200
201 /* A linked list of all ref_intersection objects we allocate. */
202 ref_intersection *isect_list;
203 } verifier_context;
204
205 /* The current verifier's state data. This is maintained by
206 {push/pop}_verifier_context to provide a shorthand form to access
207 the verification state. */
208 static GTY(()) verifier_context *vfr;
209
210 /* Local function declarations. */
211 bool type_initialized (type *t);
212 int ref_count_dimensions (ref_intersection *ref);
213
214 static void
215 verify_fail_pc (const char *s, int pc)
216 {
217 vfy_fail (s, pc, vfr->current_class, vfr->current_method);
218 }
219
220 static void
221 verify_fail (const char *s)
222 {
223 verify_fail_pc (s, vfr->PC);
224 }
225
226 /* This enum holds a list of tags for all the different types we
227 need to handle. Reference types are treated specially by the
228 type class. */
229 typedef enum type_val
230 {
231 void_type,
232
233 /* The values for primitive types are chosen to correspond to values
234 specified to newarray. */
235 boolean_type = 4,
236 char_type = 5,
237 float_type = 6,
238 double_type = 7,
239 byte_type = 8,
240 short_type = 9,
241 int_type = 10,
242 long_type = 11,
243
244 /* Used when overwriting second word of a double or long in the
245 local variables. Also used after merging local variable states
246 to indicate an unusable value. */
247 unsuitable_type,
248 return_address_type,
249 /* This is the second word of a two-word value, i.e., a double or
250 a long. */
251 continuation_type,
252
253 /* Everything after `reference_type' must be a reference type. */
254 reference_type,
255 null_type,
256 uninitialized_reference_type
257 } type_val;
258
259 /* This represents a merged class type. Some verifiers (including
260 earlier versions of this one) will compute the intersection of
261 two class types when merging states. However, this loses
262 critical information about interfaces implemented by the various
263 classes. So instead we keep track of all the actual classes that
264 have been merged. */
265 struct ref_intersection
266 {
267 /* Whether or not this type has been resolved. */
268 bool is_resolved;
269
270 /* Actual type data. */
271 union
272 {
273 /* For a resolved reference type, this is a pointer to the class. */
274 vfy_jclass klass;
275 /* For other reference types, this it the name of the class. */
276 vfy_string name;
277 } data;
278
279 /* Link to the next reference in the intersection. */
280 ref_intersection *ref_next;
281
282 /* This is used to keep track of all the allocated
283 ref_intersection objects, so we can free them.
284 FIXME: we should allocate these in chunks. */
285 ref_intersection *alloc_next;
286 };
287
288 static ref_intersection *
289 make_ref (void)
290 {
291 ref_intersection *new_ref =
292 (ref_intersection *) vfy_alloc (sizeof (ref_intersection));
293
294 new_ref->alloc_next = vfr->isect_list;
295 vfr->isect_list = new_ref;
296 return new_ref;
297 }
298
299 static ref_intersection *
300 clone_ref (ref_intersection *dup)
301 {
302 ref_intersection *new_ref = make_ref ();
303
304 new_ref->is_resolved = dup->is_resolved;
305 new_ref->data = dup->data;
306 return new_ref;
307 }
308
309 static void
310 resolve_ref (ref_intersection *ref)
311 {
312 if (ref->is_resolved)
313 return;
314 ref->data.klass = vfy_find_class (vfr->current_class, ref->data.name);
315 ref->is_resolved = true;
316 }
317
318 static bool
319 refs_equal (ref_intersection *ref1, ref_intersection *ref2)
320 {
321 if (! ref1->is_resolved && ! ref2->is_resolved
322 && vfy_strings_equal (ref1->data.name, ref2->data.name))
323 return true;
324 if (! ref1->is_resolved)
325 resolve_ref (ref1);
326 if (! ref2->is_resolved)
327 resolve_ref (ref2);
328 return ref1->data.klass == ref2->data.klass;
329 }
330
331 /* Merge REF1 type into REF2, returning the result. This will
332 return REF2 if all the classes in THIS already appear in
333 REF2. */
334 static ref_intersection *
335 merge_refs (ref_intersection *ref1, ref_intersection *ref2)
336 {
337 ref_intersection *tail = ref2;
338 for (; ref1 != NULL; ref1 = ref1->ref_next)
339 {
340 bool add = true;
341 ref_intersection *iter;
342 for (iter = ref2; iter != NULL; iter = iter->ref_next)
343 {
344 if (refs_equal (ref1, iter))
345 {
346 add = false;
347 break;
348 }
349 }
350
351 if (add)
352 {
353 ref_intersection *new_tail = clone_ref (ref1);
354 new_tail->ref_next = tail;
355 tail = new_tail;
356 }
357 }
358 return tail;
359 }
360
361 /* See if an object of type SOURCE can be assigned to an object of
362 type TARGET. This might resolve classes in one chain or the other. */
363 static bool
364 ref_compatible (ref_intersection *target, ref_intersection *source)
365 {
366 for (; target != NULL; target = target->ref_next)
367 {
368 ref_intersection *source_iter = source;
369
370 for (; source_iter != NULL; source_iter = source_iter->ref_next)
371 {
372 /* Avoid resolving if possible. */
373 if (! target->is_resolved
374 && ! source_iter->is_resolved
375 && vfy_strings_equal (target->data.name,
376 source_iter->data.name))
377 continue;
378
379 if (! target->is_resolved)
380 resolve_ref (target);
381 if (! source_iter->is_resolved)
382 resolve_ref (source_iter);
383
384 if (! vfy_is_assignable_from (target->data.klass,
385 source_iter->data.klass))
386 return false;
387 }
388 }
389
390 return true;
391 }
392
393 static bool
394 ref_isarray (ref_intersection *ref)
395 {
396 /* assert (ref_next == NULL); */
397 if (ref->is_resolved)
398 return vfy_is_array (ref->data.klass);
399 else
400 return vfy_string_bytes (ref->data.name)[0] == '[';
401 }
402
403 static bool
404 ref_isinterface (ref_intersection *ref)
405 {
406 /* assert (ref_next == NULL); */
407 if (! ref->is_resolved)
408 resolve_ref (ref);
409 return vfy_is_interface (ref->data.klass);
410 }
411
412 static bool
413 ref_isabstract (ref_intersection *ref)
414 {
415 /* assert (ref_next == NULL); */
416 if (! ref->is_resolved)
417 resolve_ref (ref);
418 return vfy_is_abstract (ref->data.klass);
419 }
420
421 static vfy_jclass
422 ref_getclass (ref_intersection *ref)
423 {
424 if (! ref->is_resolved)
425 resolve_ref (ref);
426 return ref->data.klass;
427 }
428
429 int
430 ref_count_dimensions (ref_intersection *ref)
431 {
432 int ndims = 0;
433 if (ref->is_resolved)
434 {
435 vfy_jclass k = ref->data.klass;
436 while (vfy_is_array (k))
437 {
438 k = vfy_get_component_type (k);
439 ++ndims;
440 }
441 }
442 else
443 {
444 const char *p = vfy_string_bytes (ref->data.name);
445 while (*p++ == '[')
446 ++ndims;
447 }
448 return ndims;
449 }
450
451 /* Return the type_val corresponding to a primitive signature
452 character. For instance `I' returns `int.class'. */
453 static type_val
454 get_type_val_for_signature (char sig)
455 {
456 type_val rt;
457 switch (sig)
458 {
459 case 'Z':
460 rt = boolean_type;
461 break;
462 case 'B':
463 rt = byte_type;
464 break;
465 case 'C':
466 rt = char_type;
467 break;
468 case 'S':
469 rt = short_type;
470 break;
471 case 'I':
472 rt = int_type;
473 break;
474 case 'J':
475 rt = long_type;
476 break;
477 case 'F':
478 rt = float_type;
479 break;
480 case 'D':
481 rt = double_type;
482 break;
483 case 'V':
484 rt = void_type;
485 break;
486 default:
487 verify_fail ("invalid signature");
488 return null_type;
489 }
490 return rt;
491 }
492
493 /* Return the type_val corresponding to a primitive class. */
494 static type_val
495 get_type_val_for_primtype (vfy_jclass k)
496 {
497 return get_type_val_for_signature (vfy_get_primitive_char (k));
498 }
499
500 /* The `type' class is used to represent a single type in the verifier. */
501 struct type
502 {
503 /* The type key. */
504 type_val key;
505
506 /* For reference types, the representation of the type. */
507 ref_intersection *klass;
508
509 /* This is used in two situations.
510
511 First, when constructing a new object, it is the PC of the
512 `new' instruction which created the object. We use the special
513 value UNINIT to mean that this is uninitialized. The special
514 value SELF is used for the case where the current method is
515 itself the <init> method. the special value EITHER is used
516 when we may optionally allow either an uninitialized or
517 initialized reference to match.
518
519 Second, when the key is return_address_type, this holds the PC
520 of the instruction following the `jsr'. */
521 int pc;
522
523 #define UNINIT -2
524 #define SELF -1
525 #define EITHER -3
526 };
527
528 /* Make a new instance given the type tag. We assume a generic
529 `reference_type' means Object. */
530 static void
531 init_type_from_tag (type *t, type_val k)
532 {
533 t->key = k;
534 /* For reference_type, if KLASS==NULL then that means we are
535 looking for a generic object of any kind, including an
536 uninitialized reference. */
537 t->klass = NULL;
538 t->pc = UNINIT;
539 }
540
541 /* Make a type for the given type_val tag K. */
542 static type
543 make_type (type_val k)
544 {
545 type t;
546 init_type_from_tag (&t, k);
547 return t;
548 }
549
550 /* Make a new instance given a class. */
551 static void
552 init_type_from_class (type *t, vfy_jclass k)
553 {
554 t->key = reference_type;
555 t->klass = make_ref ();
556 t->klass->is_resolved = true;
557 t->klass->data.klass = k;
558 t->klass->ref_next = NULL;
559 t->pc = UNINIT;
560 }
561
562 static type
563 make_type_from_class (vfy_jclass k)
564 {
565 type t;
566 init_type_from_class (&t, k);
567 return t;
568 }
569
570 static void
571 init_type_from_string (type *t, vfy_string n)
572 {
573 t->key = reference_type;
574 t->klass = make_ref ();
575 t->klass->is_resolved = false;
576 t->klass->data.name = n;
577 t->klass->ref_next = NULL;
578 t->pc = UNINIT;
579 }
580
581 static type
582 make_type_from_string (vfy_string n)
583 {
584 type t;
585 init_type_from_string (&t, n);
586 return t;
587 }
588
589 /* Promote a numeric type. */
590 static void
591 vfy_promote_type (type *t)
592 {
593 if (t->key == boolean_type || t->key == char_type
594 || t->key == byte_type || t->key == short_type)
595 t->key = int_type;
596 }
597 #define promote_type vfy_promote_type
598
599 /* Mark this type as the uninitialized result of `new'. */
600 static void
601 type_set_uninitialized (type *t, int npc)
602 {
603 if (t->key == reference_type)
604 t->key = uninitialized_reference_type;
605 else
606 verify_fail ("internal error in type::uninitialized");
607 t->pc = npc;
608 }
609
610 /* Mark this type as now initialized. */
611 static void
612 type_set_initialized (type *t, int npc)
613 {
614 if (npc != UNINIT && t->pc == npc && t->key == uninitialized_reference_type)
615 {
616 t->key = reference_type;
617 t->pc = UNINIT;
618 }
619 }
620
621 /* Mark this type as a particular return address. */
622 static void type_set_return_address (type *t, int npc)
623 {
624 t->pc = npc;
625 }
626
627 /* Return true if this type and type OTHER are considered
628 mergeable for the purposes of state merging. This is related
629 to subroutine handling. For this purpose two types are
630 considered unmergeable if they are both return-addresses but
631 have different PCs. */
632 static bool
633 type_state_mergeable_p (type *t1, type *t2)
634 {
635 return (t1->key != return_address_type
636 || t2->key != return_address_type
637 || t1->pc == t2->pc);
638 }
639
640 /* Return true if an object of type K can be assigned to a variable
641 of type T. Handle various special cases too. Might modify
642 T or K. Note however that this does not perform numeric
643 promotion. */
644 static bool
645 types_compatible (type *t, type *k)
646 {
647 /* Any type is compatible with the unsuitable type. */
648 if (k->key == unsuitable_type)
649 return true;
650
651 if (t->key < reference_type || k->key < reference_type)
652 return t->key == k->key;
653
654 /* The `null' type is convertible to any initialized reference
655 type. */
656 if (t->key == null_type)
657 return k->key != uninitialized_reference_type;
658 if (k->key == null_type)
659 return t->key != uninitialized_reference_type;
660
661 /* A special case for a generic reference. */
662 if (t->klass == NULL)
663 return true;
664 if (k->klass == NULL)
665 verify_fail ("programmer error in type::compatible");
666
667 /* Handle the special 'EITHER' case, which is only used in a
668 special case of 'putfield'. Note that we only need to handle
669 this on the LHS of a check. */
670 if (! type_initialized (t) && t->pc == EITHER)
671 {
672 /* If the RHS is uninitialized, it must be an uninitialized
673 'this'. */
674 if (! type_initialized (k) && k->pc != SELF)
675 return false;
676 }
677 else if (type_initialized (t) != type_initialized (k))
678 {
679 /* An initialized type and an uninitialized type are not
680 otherwise compatible. */
681 return false;
682 }
683 else
684 {
685 /* Two uninitialized objects are compatible if either:
686 * The PCs are identical, or
687 * One PC is UNINIT. */
688 if (type_initialized (t))
689 {
690 if (t->pc != k->pc && t->pc != UNINIT && k->pc != UNINIT)
691 return false;
692 }
693 }
694
695 return ref_compatible (t->klass, k->klass);
696 }
697
698 /* Return true if two types are equal. Only valid for reference
699 types. */
700 static bool
701 types_equal (type *t1, type *t2)
702 {
703 if ((t1->key != reference_type && t1->key != uninitialized_reference_type)
704 || (t2->key != reference_type
705 && t2->key != uninitialized_reference_type))
706 return false;
707 /* Only single-ref types are allowed. */
708 if (t1->klass->ref_next || t2->klass->ref_next)
709 return false;
710 return refs_equal (t1->klass, t2->klass);
711 }
712
713 static bool
714 type_isvoid (type *t)
715 {
716 return t->key == void_type;
717 }
718
719 static bool
720 type_iswide (type *t)
721 {
722 return t->key == long_type || t->key == double_type;
723 }
724
725 /* Return number of stack or local variable slots taken by this type. */
726 static int
727 type_depth (type *t)
728 {
729 return type_iswide (t) ? 2 : 1;
730 }
731
732 static bool
733 type_isarray (type *t)
734 {
735 /* We treat null_type as not an array. This is ok based on the
736 current uses of this method. */
737 if (t->key == reference_type)
738 return ref_isarray (t->klass);
739 return false;
740 }
741
742 static bool
743 type_isnull (type *t)
744 {
745 return t->key == null_type;
746 }
747
748 static bool
749 type_isinterface (type *t)
750 {
751 if (t->key != reference_type)
752 return false;
753 return ref_isinterface (t->klass);
754 }
755
756 static bool
757 type_isabstract (type *t)
758 {
759 if (t->key != reference_type)
760 return false;
761 return ref_isabstract (t->klass);
762 }
763
764 /* Return the element type of an array. */
765 static type
766 type_array_element (type *t)
767 {
768 type et;
769 vfy_jclass k;
770
771 if (t->key != reference_type)
772 verify_fail ("programmer error in type::element_type()");
773
774 k = vfy_get_component_type (ref_getclass (t->klass));
775 if (vfy_is_primitive (k))
776 init_type_from_tag (&et, get_type_val_for_primtype (k));
777 else
778 init_type_from_class (&et, k);
779 return et;
780 }
781
782 /* Return the array type corresponding to an initialized
783 reference. We could expand this to work for other kinds of
784 types, but currently we don't need to. */
785 static type
786 type_to_array (type *t)
787 {
788 type at;
789 vfy_jclass k;
790
791 if (t->key != reference_type)
792 verify_fail ("internal error in type::to_array()");
793
794 k = ref_getclass (t->klass);
795 init_type_from_class (&at, vfy_get_array_class (k));
796 return at;
797 }
798
799 static bool
800 type_isreference (type *t)
801 {
802 return t->key >= reference_type;
803 }
804
805 static int
806 type_get_pc (type *t)
807 {
808 return t->pc;
809 }
810
811 bool
812 type_initialized (type *t)
813 {
814 return t->key == reference_type || t->key == null_type;
815 }
816
817 static void
818 type_verify_dimensions (type *t, int ndims)
819 {
820 /* The way this is written, we don't need to check isarray(). */
821 if (t->key != reference_type)
822 verify_fail ("internal error in verify_dimensions:"
823 " not a reference type");
824
825 if (ref_count_dimensions (t->klass) < ndims)
826 verify_fail ("array type has fewer dimensions"
827 " than required");
828 }
829
830 /* Merge OLD_TYPE into this. On error throw exception. Return
831 true if the merge caused a type change. */
832 static bool
833 merge_types (type *t, type *old_type, bool local_semantics)
834 {
835 bool changed = false;
836 bool refo = type_isreference (old_type);
837 bool refn = type_isreference (t);
838 if (refo && refn)
839 {
840 if (old_type->key == null_type)
841 ;
842 else if (t->key == null_type)
843 {
844 *t = *old_type;
845 changed = true;
846 }
847 else if (type_initialized (t) != type_initialized (old_type))
848 verify_fail ("merging initialized and uninitialized types");
849 else
850 {
851 ref_intersection *merged;
852 if (! type_initialized (t))
853 {
854 if (t->pc == UNINIT)
855 t->pc = old_type->pc;
856 else if (old_type->pc == UNINIT)
857 ;
858 else if (t->pc != old_type->pc)
859 verify_fail ("merging different uninitialized types");
860 }
861
862 merged = merge_refs (old_type->klass, t->klass);
863 if (merged != t->klass)
864 {
865 t->klass = merged;
866 changed = true;
867 }
868 }
869 }
870 else if (refo || refn || t->key != old_type->key)
871 {
872 if (local_semantics)
873 {
874 /* If we already have an `unsuitable' type, then we
875 don't need to change again. */
876 if (t->key != unsuitable_type)
877 {
878 t->key = unsuitable_type;
879 changed = true;
880 }
881 }
882 else
883 verify_fail ("unmergeable type");
884 }
885 return changed;
886 }
887
888 #ifdef VERIFY_DEBUG
889 static void
890 type_print (type *t)
891 {
892 char c = '?';
893 switch (t->key)
894 {
895 case boolean_type: c = 'Z'; break;
896 case byte_type: c = 'B'; break;
897 case char_type: c = 'C'; break;
898 case short_type: c = 'S'; break;
899 case int_type: c = 'I'; break;
900 case long_type: c = 'J'; break;
901 case float_type: c = 'F'; break;
902 case double_type: c = 'D'; break;
903 case void_type: c = 'V'; break;
904 case unsuitable_type: c = '-'; break;
905 case return_address_type: c = 'r'; break;
906 case continuation_type: c = '+'; break;
907 case reference_type: c = 'L'; break;
908 case null_type: c = '@'; break;
909 case uninitialized_reference_type: c = 'U'; break;
910 }
911 debug_print ("%c", c);
912 }
913 #endif /* VERIFY_DEBUG */
914
915 /* This class holds all the state information we need for a given
916 location. */
917 struct state
918 {
919 /* The current top of the stack, in terms of slots. */
920 int stacktop;
921 /* The current depth of the stack. This will be larger than
922 STACKTOP when wide types are on the stack. */
923 int stackdepth;
924 /* The stack. */
925 type *stack;
926 /* The local variables. */
927 type *locals;
928 /* We keep track of the type of `this' specially. This is used to
929 ensure that an instance initializer invokes another initializer
930 on `this' before returning. We must keep track of this
931 specially because otherwise we might be confused by code which
932 assigns to locals[0] (overwriting `this') and then returns
933 without really initializing. */
934 type this_type;
935
936 /* The PC for this state. This is only valid on states which are
937 permanently attached to a given PC. For an object like
938 `current_state', which is used transiently, this has no
939 meaning. */
940 int pc;
941 /* We keep a linked list of all states requiring reverification.
942 If this is the special value INVALID_STATE then this state is
943 not on the list. NULL marks the end of the linked list. */
944 state *next;
945 };
946
947 /* NO_NEXT is the PC value meaning that a new state must be
948 acquired from the verification list. */
949 #define NO_NEXT -1
950
951 static void
952 init_state_with_stack (state *s, int max_stack, int max_locals)
953 {
954 int i;
955 s->stacktop = 0;
956 s->stackdepth = 0;
957 s->stack = (type *) vfy_alloc (max_stack * sizeof (type));
958 for (i = 0; i < max_stack; ++i)
959 init_type_from_tag (&s->stack[i], unsuitable_type);
960 s->locals = (type *) vfy_alloc (max_locals * sizeof (type));
961 for (i = 0; i < max_locals; ++i)
962 init_type_from_tag (&s->locals[i], unsuitable_type);
963 init_type_from_tag (&s->this_type, unsuitable_type);
964 s->pc = NO_NEXT;
965 s->next = INVALID_STATE;
966 }
967
968 static void
969 copy_state (state *s, state *copy, int max_stack, int max_locals)
970 {
971 int i;
972 s->stacktop = copy->stacktop;
973 s->stackdepth = copy->stackdepth;
974 for (i = 0; i < max_stack; ++i)
975 s->stack[i] = copy->stack[i];
976 for (i = 0; i < max_locals; ++i)
977 s->locals[i] = copy->locals[i];
978
979 s->this_type = copy->this_type;
980 /* Don't modify `next' or `pc'. */
981 }
982
983 static void
984 copy_state_with_stack (state *s, state *orig, int max_stack, int max_locals)
985 {
986 init_state_with_stack (s, max_stack, max_locals);
987 copy_state (s, orig, max_stack, max_locals);
988 }
989
990 /* Allocate a new state, copying ORIG. */
991 static state *
992 make_state_copy (state *orig, int max_stack, int max_locals)
993 {
994 state *s = (state *) vfy_alloc (sizeof (state));
995 copy_state_with_stack (s, orig, max_stack, max_locals);
996 return s;
997 }
998
999 static state *
1000 make_state (int max_stack, int max_locals)
1001 {
1002 state *s = (state *) vfy_alloc (sizeof (state));
1003 init_state_with_stack (s, max_stack, max_locals);
1004 return s;
1005 }
1006
1007 static void
1008 free_state (state *s)
1009 {
1010 if (s->stack != NULL)
1011 vfy_free (s->stack);
1012 if (s->locals != NULL)
1013 vfy_free (s->locals);
1014 }
1015
1016 /* Modify this state to reflect entry to an exception handler. */
1017 static void
1018 state_set_exception (state *s, type *t, int max_stack)
1019 {
1020 int i;
1021 s->stackdepth = 1;
1022 s->stacktop = 1;
1023 s->stack[0] = *t;
1024 for (i = s->stacktop; i < max_stack; ++i)
1025 init_type_from_tag (&s->stack[i], unsuitable_type);
1026 }
1027
1028 /* Merge STATE_OLD into this state. Destructively modifies this
1029 state. Returns true if the new state was in fact changed.
1030 Will throw an exception if the states are not mergeable. */
1031 static bool
1032 merge_states (state *s, state *state_old, int max_locals)
1033 {
1034 int i;
1035 bool changed = false;
1036
1037 /* Special handling for `this'. If one or the other is
1038 uninitialized, then the merge is uninitialized. */
1039 if (type_initialized (&s->this_type))
1040 s->this_type = state_old->this_type;
1041
1042 /* Merge stacks. */
1043 if (state_old->stacktop != s->stacktop) /* FIXME stackdepth instead? */
1044 verify_fail ("stack sizes differ");
1045 for (i = 0; i < state_old->stacktop; ++i)
1046 {
1047 if (merge_types (&s->stack[i], &state_old->stack[i], false))
1048 changed = true;
1049 }
1050
1051 /* Merge local variables. */
1052 for (i = 0; i < max_locals; ++i)
1053 {
1054 if (merge_types (&s->locals[i], &state_old->locals[i], true))
1055 changed = true;
1056 }
1057
1058 return changed;
1059 }
1060
1061 /* Ensure that `this' has been initialized. */
1062 static void
1063 state_check_this_initialized (state *s)
1064 {
1065 if (type_isreference (&s->this_type) && ! type_initialized (&s->this_type))
1066 verify_fail ("`this' is uninitialized");
1067 }
1068
1069 /* Set type of `this'. */
1070 static void
1071 state_set_this_type (state *s, type *k)
1072 {
1073 s->this_type = *k;
1074 }
1075
1076 /* Mark each `new'd object we know of that was allocated at PC as
1077 initialized. */
1078 static void
1079 state_set_initialized (state *s, int pc, int max_locals)
1080 {
1081 int i;
1082 for (i = 0; i < s->stacktop; ++i)
1083 type_set_initialized (&s->stack[i], pc);
1084 for (i = 0; i < max_locals; ++i)
1085 type_set_initialized (&s->locals[i], pc);
1086 type_set_initialized (&s->this_type, pc);
1087 }
1088
1089 /* This tests to see whether two states can be considered "merge
1090 compatible". If both states have a return-address in the same
1091 slot, and the return addresses are different, then they are not
1092 compatible and we must not try to merge them. */
1093 static bool
1094 state_mergeable_p (state *s, state *other, int max_locals)
1095
1096 {
1097 int i;
1098
1099 /* This is tricky: if the stack sizes differ, then not only are
1100 these not mergeable, but in fact we should give an error, as
1101 we've found two execution paths that reach a branch target
1102 with different stack depths. FIXME stackdepth instead? */
1103 if (s->stacktop != other->stacktop)
1104 verify_fail ("stack sizes differ");
1105
1106 for (i = 0; i < s->stacktop; ++i)
1107 if (! type_state_mergeable_p (&s->stack[i], &other->stack[i]))
1108 return false;
1109 for (i = 0; i < max_locals; ++i)
1110 if (! type_state_mergeable_p (&s->locals[i], &other->locals[i]))
1111 return false;
1112 return true;
1113 }
1114
1115 static void
1116 state_reverify (state *s)
1117 {
1118 if (s->next == INVALID_STATE)
1119 {
1120 s->next = vfr->next_verify_state;
1121 vfr->next_verify_state = s;
1122 }
1123 }
1124
1125 #ifdef VERIFY_DEBUG
1126 static void
1127 debug_print_state (state *s, const char *leader, int pc, int max_stack,
1128 int max_locals)
1129 {
1130 int i;
1131 debug_print ("%s [%4d]: [stack] ", leader, pc);
1132 for (i = 0; i < s->stacktop; ++i)
1133 type_print (&s->stack[i]);
1134 for (; i < max_stack; ++i)
1135 debug_print (".");
1136 debug_print (" [local] ");
1137 for (i = 0; i < max_locals; ++i)
1138 type_print (&s->locals[i]);
1139 debug_print (" | %p\n", s);
1140 }
1141 #else
1142 static void
1143 debug_print_state (state *s ATTRIBUTE_UNUSED,
1144 const char *leader ATTRIBUTE_UNUSED,
1145 int pc ATTRIBUTE_UNUSED, int max_stack ATTRIBUTE_UNUSED,
1146 int max_locals ATTRIBUTE_UNUSED)
1147 {
1148 }
1149 #endif /* VERIFY_DEBUG */
1150
1151 static type
1152 pop_raw (void)
1153 {
1154 type r;
1155 state *s = vfr->current_state;
1156 if (s->stacktop <= 0)
1157 verify_fail ("stack empty");
1158 r = s->stack[--s->stacktop];
1159 s->stackdepth -= type_depth (&r);
1160 if (s->stackdepth < 0)
1161 verify_fail_pc ("stack empty", vfr->start_PC);
1162 return r;
1163 }
1164
1165 static type
1166 pop32 (void)
1167 {
1168 type r = pop_raw ();
1169 if (type_iswide (&r))
1170 verify_fail ("narrow pop of wide type");
1171 return r;
1172 }
1173
1174 static type
1175 vfy_pop_type_t (type match)
1176 {
1177 type t;
1178 vfy_promote_type (&match);
1179 t = pop_raw ();
1180 if (! types_compatible (&match, &t))
1181 verify_fail ("incompatible type on stack");
1182 return t;
1183 }
1184
1185 static type
1186 vfy_pop_type (type_val match)
1187 {
1188 type t = make_type (match);
1189 return vfy_pop_type_t (t);
1190 }
1191
1192 #define pop_type vfy_pop_type
1193 #define pop_type_t vfy_pop_type_t
1194
1195 /* Pop a reference which is guaranteed to be initialized. MATCH
1196 doesn't have to be a reference type; in this case this acts like
1197 pop_type. */
1198 static type
1199 pop_init_ref_t (type match)
1200 {
1201 type t = pop_raw ();
1202 if (type_isreference (&t) && ! type_initialized (&t))
1203 verify_fail ("initialized reference required");
1204 else if (! types_compatible (&match, &t))
1205 verify_fail ("incompatible type on stack");
1206 return t;
1207 }
1208
1209 static type
1210 pop_init_ref (type_val match)
1211 {
1212 type t = make_type (match);
1213 return pop_init_ref_t (t);
1214 }
1215
1216 /* Pop a reference type or a return address. */
1217 static type
1218 pop_ref_or_return (void)
1219 {
1220 type t = pop_raw ();
1221 if (! type_isreference (&t) && t.key != return_address_type)
1222 verify_fail ("expected reference or return address on stack");
1223 return t;
1224 }
1225
1226 static void
1227 vfy_push_type_t (type t)
1228 {
1229 int depth;
1230 state *s = vfr->current_state;
1231 /* If T is a numeric type like short, promote it to int. */
1232 promote_type (&t);
1233
1234 depth = type_depth (&t);
1235
1236 if (s->stackdepth + depth > vfr->current_method->max_stack)
1237 verify_fail ("stack overflow");
1238 s->stack[s->stacktop++] = t;
1239 s->stackdepth += depth;
1240 }
1241
1242 static void
1243 vfy_push_type (type_val tval)
1244 {
1245 type t = make_type (tval);
1246 vfy_push_type_t (t);
1247 }
1248
1249 #define push_type vfy_push_type
1250 #define push_type_t vfy_push_type_t
1251
1252 static void
1253 set_variable (int index, type t)
1254 {
1255 int depth;
1256 state *s = vfr->current_state;
1257 /* If T is a numeric type like short, promote it to int. */
1258 promote_type (&t);
1259
1260 depth = type_depth (&t);
1261 if (index > vfr->current_method->max_locals - depth)
1262 verify_fail ("invalid local variable");
1263 s->locals[index] = t;
1264
1265 if (depth == 2)
1266 init_type_from_tag (&s->locals[index + 1], continuation_type);
1267 if (index > 0 && type_iswide (&s->locals[index - 1]))
1268 init_type_from_tag (&s->locals[index - 1], unsuitable_type);
1269 }
1270
1271 static type
1272 get_variable_t (int index, type *t)
1273 {
1274 state *s = vfr->current_state;
1275 int depth = type_depth (t);
1276 if (index > vfr->current_method->max_locals - depth)
1277 verify_fail ("invalid local variable");
1278 if (! types_compatible (t, &s->locals[index]))
1279 verify_fail ("incompatible type in local variable");
1280 if (depth == 2)
1281 {
1282 type cont = make_type (continuation_type);
1283 if (! types_compatible (&s->locals[index + 1], &cont))
1284 verify_fail ("invalid local variable");
1285 }
1286 return s->locals[index];
1287 }
1288
1289 static type
1290 get_variable (int index, type_val v)
1291 {
1292 type t = make_type (v);
1293 return get_variable_t (index, &t);
1294 }
1295
1296 /* Make sure ARRAY is an array type and that its elements are
1297 compatible with type ELEMENT. Returns the actual element type. */
1298 static type
1299 require_array_type_t (type array, type element)
1300 {
1301 type t;
1302 /* An odd case. Here we just pretend that everything went ok. If
1303 the requested element type is some kind of reference, return
1304 the null type instead. */
1305 if (type_isnull (&array))
1306 return type_isreference (&element) ? make_type (null_type) : element;
1307
1308 if (! type_isarray (&array))
1309 verify_fail ("array required");
1310
1311 t = type_array_element (&array);
1312 if (! types_compatible (&element, &t))
1313 {
1314 /* Special case for byte arrays, which must also be boolean
1315 arrays. */
1316 bool ok = true;
1317 if (element.key == byte_type)
1318 {
1319 type e2 = make_type (boolean_type);
1320 ok = types_compatible (&e2, &t);
1321 }
1322 if (! ok)
1323 verify_fail ("incompatible array element type");
1324 }
1325
1326 /* Return T and not ELEMENT, because T might be specialized. */
1327 return t;
1328 }
1329
1330 static type
1331 require_array_type (type array, type_val element)
1332 {
1333 type t = make_type (element);
1334 return require_array_type_t (array, t);
1335 }
1336
1337 static jint
1338 get_byte (void)
1339 {
1340 if (vfr->PC >= vfr->current_method->code_length)
1341 verify_fail ("premature end of bytecode");
1342 return (jint) vfr->bytecode[vfr->PC++] & 0xff;
1343 }
1344
1345 static jint
1346 get_ushort (void)
1347 {
1348 jint b1 = get_byte ();
1349 jint b2 = get_byte ();
1350 return (jint) ((b1 << 8) | b2) & 0xffff;
1351 }
1352
1353 static jint
1354 get_short (void)
1355 {
1356 signed char b1 = (signed char) get_byte ();
1357 jint b2 = get_byte ();
1358 jshort s = (b1 << 8) | b2;
1359 return (jint) s;
1360 }
1361
1362 static jint
1363 get_int (void)
1364 {
1365 jint b1 = get_byte ();
1366 jint b2 = get_byte ();
1367 jint b3 = get_byte ();
1368 jint b4 = get_byte ();
1369 jword result = (b1 << 24) | (b2 << 16) | (b3 << 8) | b4;
1370 /* In the compiler, 'jint' might have more than 32 bits, so we must
1371 sign extend. */
1372 return WORD_TO_INT (result);
1373 }
1374
1375 static int
1376 compute_jump (int offset)
1377 {
1378 int npc = vfr->start_PC + offset;
1379 if (npc < 0 || npc >= vfr->current_method->code_length)
1380 verify_fail_pc ("branch out of range", vfr->start_PC);
1381 return npc;
1382 }
1383
1384 /* Add a new state to the state list at NPC. */
1385 static state *
1386 add_new_state (int npc, state *old_state)
1387 {
1388 state_list *nlink;
1389 vfy_method *current_method = vfr->current_method;
1390 state *new_state = make_state_copy (old_state, current_method->max_stack,
1391 current_method->max_locals);
1392 debug_print ("== New state in add_new_state\n");
1393 debug_print_state (new_state, "New", npc, current_method->max_stack,
1394 current_method->max_locals);
1395
1396 nlink = (state_list *) vfy_alloc (sizeof (state_list));
1397 nlink->val = new_state;
1398 nlink->next = vfr->states[npc];
1399 vfr->states[npc] = nlink;
1400 new_state->pc = npc;
1401 return new_state;
1402 }
1403
1404 /* Merge the indicated state into the state at the branch target and
1405 schedule a new PC if there is a change. NPC is the PC of the
1406 branch target, and FROM_STATE is the state at the source of the
1407 branch. This method returns true if the destination state
1408 changed and requires reverification, false otherwise. */
1409 static void
1410 merge_into (int npc, state *from_state)
1411 {
1412 /* Iterate over all target states and merge our state into each,
1413 if applicable. FIXME one improvement we could make here is
1414 "state destruction". Merging a new state into an existing one
1415 might cause a return_address_type to be merged to
1416 unsuitable_type. In this case the resulting state may now be
1417 mergeable with other states currently held in parallel at this
1418 location. So in this situation we could pairwise compare and
1419 reduce the number of parallel states. */
1420 state_list *iter;
1421 bool applicable = false;
1422 for (iter = vfr->states[npc]; iter != NULL; iter = iter->next)
1423 {
1424 state *new_state = iter->val;
1425 vfy_method *current_method = vfr->current_method;
1426
1427 if (state_mergeable_p (new_state, from_state,
1428 current_method->max_locals))
1429 {
1430 bool changed;
1431 applicable = true;
1432
1433 debug_print ("== Merge states in merge_into\n");
1434 debug_print_state (from_state, "Frm", vfr->start_PC, current_method->max_stack,
1435 current_method->max_locals);
1436 debug_print_state (new_state, " To", npc, current_method->max_stack,
1437 current_method->max_locals);
1438 changed = merge_states (new_state, from_state,
1439 current_method->max_locals);
1440 debug_print_state (new_state, "New", npc, current_method->max_stack,
1441 current_method->max_locals);
1442
1443 if (changed)
1444 state_reverify (new_state);
1445 }
1446 }
1447
1448 if (! applicable)
1449 {
1450 /* Either we don't yet have a state at NPC, or we have a
1451 return-address type that is in conflict with all existing
1452 state. So, we need to create a new entry. */
1453 state *new_state = add_new_state (npc, from_state);
1454 /* A new state added in this way must always be reverified. */
1455 state_reverify (new_state);
1456 }
1457 }
1458
1459 static void
1460 push_jump (int offset)
1461 {
1462 int npc = compute_jump (offset);
1463 /* According to the JVM Spec, we need to check for uninitialized
1464 objects here. However, this does not actually affect type
1465 safety, and the Eclipse java compiler generates code that
1466 violates this constraint. */
1467 merge_into (npc, vfr->current_state);
1468 }
1469
1470 static void
1471 push_exception_jump (type t, int pc)
1472 {
1473 state s;
1474 /* According to the JVM Spec, we need to check for uninitialized
1475 objects here. However, this does not actually affect type
1476 safety, and the Eclipse java compiler generates code that
1477 violates this constraint. */
1478 copy_state_with_stack (&s, vfr->current_state,
1479 vfr->current_method->max_stack,
1480 vfr->current_method->max_locals);
1481 if (vfr->current_method->max_stack < 1)
1482 verify_fail ("stack overflow at exception handler");
1483 state_set_exception (&s, &t, vfr->current_method->max_stack);
1484 merge_into (pc, &s);
1485 /* FIXME: leak.. need free_state or GC */
1486 }
1487
1488 static state *
1489 pop_jump (void)
1490 {
1491 state *new_state = vfr->next_verify_state;
1492 if (new_state == INVALID_STATE)
1493 verify_fail ("programmer error in pop_jump");
1494 if (new_state != NULL)
1495 {
1496 vfr->next_verify_state = new_state->next;
1497 new_state->next = INVALID_STATE;
1498 }
1499 return new_state;
1500 }
1501
1502 static void
1503 invalidate_pc (void)
1504 {
1505 vfr->PC = NO_NEXT;
1506 }
1507
1508 static void
1509 note_branch_target (int pc)
1510 {
1511 /* Don't check `pc <= PC', because we've advanced PC after
1512 fetching the target and we haven't yet checked the next
1513 instruction. */
1514 if (pc < vfr->PC && ! (vfr->flags[pc] & FLAG_INSN_START))
1515 verify_fail_pc ("branch not to instruction start", vfr->start_PC);
1516 vfr->flags[pc] |= FLAG_BRANCH_TARGET;
1517 }
1518
1519 static void
1520 skip_padding (void)
1521 {
1522 while ((vfr->PC % 4) > 0)
1523 if (get_byte () != 0)
1524 verify_fail ("found nonzero padding byte");
1525 }
1526
1527 /* Do the work for a `ret' instruction. INDEX is the index into the
1528 local variables. */
1529 static void
1530 handle_ret_insn (int index)
1531 {
1532 type ret = make_type (return_address_type);
1533 type ret_addr = get_variable_t (index, &ret);
1534 /* It would be nice if we could do this. However, the JVM Spec
1535 doesn't say that this is what happens. It is implied that
1536 reusing a return address is invalid, but there's no actual
1537 prohibition against it. */
1538 /* set_variable (index, unsuitable_type); */
1539
1540 int npc = type_get_pc (&ret_addr);
1541 /* We might be returning to a `jsr' that is at the end of the
1542 bytecode. This is ok if we never return from the called
1543 subroutine, but if we see this here it is an error. */
1544 if (npc >= vfr->current_method->code_length)
1545 verify_fail ("fell off end");
1546
1547 /* According to the JVM Spec, we need to check for uninitialized
1548 objects here. However, this does not actually affect type
1549 safety, and the Eclipse java compiler generates code that
1550 violates this constraint. */
1551 merge_into (npc, vfr->current_state);
1552 invalidate_pc ();
1553 }
1554
1555 static void handle_jsr_insn (int offset)
1556 {
1557 type ret_addr;
1558 int npc = compute_jump (offset);
1559
1560 /* According to the JVM Spec, we need to check for uninitialized
1561 objects here. However, this does not actually affect type
1562 safety, and the Eclipse java compiler generates code that
1563 violates this constraint. */
1564
1565 /* Modify our state as appropriate for entry into a subroutine. */
1566 ret_addr = make_type (return_address_type);
1567 type_set_return_address (&ret_addr, vfr->PC);
1568 vfy_push_type_t (ret_addr);
1569 merge_into (npc, vfr->current_state);
1570 invalidate_pc ();
1571 }
1572
1573 static vfy_jclass
1574 construct_primitive_array_type (type_val prim)
1575 {
1576 vfy_jclass k = NULL;
1577 switch (prim)
1578 {
1579 case boolean_type:
1580 case char_type:
1581 case float_type:
1582 case double_type:
1583 case byte_type:
1584 case short_type:
1585 case int_type:
1586 case long_type:
1587 k = vfy_get_primitive_type ((int) prim);
1588 break;
1589
1590 /* These aren't used here but we call them out to avoid
1591 warnings. */
1592 case void_type:
1593 case unsuitable_type:
1594 case return_address_type:
1595 case continuation_type:
1596 case reference_type:
1597 case null_type:
1598 case uninitialized_reference_type:
1599 default:
1600 verify_fail ("unknown type in construct_primitive_array_type");
1601 }
1602 k = vfy_get_array_class (k);
1603 return k;
1604 }
1605
1606 /* This pass computes the location of branch targets and also
1607 instruction starts. */
1608 static void
1609 branch_prepass (void)
1610 {
1611 int i, pc;
1612 vfr->flags = (char *) vfy_alloc (vfr->current_method->code_length);
1613
1614 for (i = 0; i < vfr->current_method->code_length; ++i)
1615 vfr->flags[i] = 0;
1616
1617 vfr->PC = 0;
1618 while (vfr->PC < vfr->current_method->code_length)
1619 {
1620 java_opcode opcode;
1621 /* Set `start_PC' early so that error checking can have the
1622 correct value. */
1623 vfr->start_PC = vfr->PC;
1624 vfr->flags[vfr->PC] |= FLAG_INSN_START;
1625
1626 opcode = (java_opcode) vfr->bytecode[vfr->PC++];
1627 switch (opcode)
1628 {
1629 case op_nop:
1630 case op_aconst_null:
1631 case op_iconst_m1:
1632 case op_iconst_0:
1633 case op_iconst_1:
1634 case op_iconst_2:
1635 case op_iconst_3:
1636 case op_iconst_4:
1637 case op_iconst_5:
1638 case op_lconst_0:
1639 case op_lconst_1:
1640 case op_fconst_0:
1641 case op_fconst_1:
1642 case op_fconst_2:
1643 case op_dconst_0:
1644 case op_dconst_1:
1645 case op_iload_0:
1646 case op_iload_1:
1647 case op_iload_2:
1648 case op_iload_3:
1649 case op_lload_0:
1650 case op_lload_1:
1651 case op_lload_2:
1652 case op_lload_3:
1653 case op_fload_0:
1654 case op_fload_1:
1655 case op_fload_2:
1656 case op_fload_3:
1657 case op_dload_0:
1658 case op_dload_1:
1659 case op_dload_2:
1660 case op_dload_3:
1661 case op_aload_0:
1662 case op_aload_1:
1663 case op_aload_2:
1664 case op_aload_3:
1665 case op_iaload:
1666 case op_laload:
1667 case op_faload:
1668 case op_daload:
1669 case op_aaload:
1670 case op_baload:
1671 case op_caload:
1672 case op_saload:
1673 case op_istore_0:
1674 case op_istore_1:
1675 case op_istore_2:
1676 case op_istore_3:
1677 case op_lstore_0:
1678 case op_lstore_1:
1679 case op_lstore_2:
1680 case op_lstore_3:
1681 case op_fstore_0:
1682 case op_fstore_1:
1683 case op_fstore_2:
1684 case op_fstore_3:
1685 case op_dstore_0:
1686 case op_dstore_1:
1687 case op_dstore_2:
1688 case op_dstore_3:
1689 case op_astore_0:
1690 case op_astore_1:
1691 case op_astore_2:
1692 case op_astore_3:
1693 case op_iastore:
1694 case op_lastore:
1695 case op_fastore:
1696 case op_dastore:
1697 case op_aastore:
1698 case op_bastore:
1699 case op_castore:
1700 case op_sastore:
1701 case op_pop:
1702 case op_pop2:
1703 case op_dup:
1704 case op_dup_x1:
1705 case op_dup_x2:
1706 case op_dup2:
1707 case op_dup2_x1:
1708 case op_dup2_x2:
1709 case op_swap:
1710 case op_iadd:
1711 case op_isub:
1712 case op_imul:
1713 case op_idiv:
1714 case op_irem:
1715 case op_ishl:
1716 case op_ishr:
1717 case op_iushr:
1718 case op_iand:
1719 case op_ior:
1720 case op_ixor:
1721 case op_ladd:
1722 case op_lsub:
1723 case op_lmul:
1724 case op_ldiv:
1725 case op_lrem:
1726 case op_lshl:
1727 case op_lshr:
1728 case op_lushr:
1729 case op_land:
1730 case op_lor:
1731 case op_lxor:
1732 case op_fadd:
1733 case op_fsub:
1734 case op_fmul:
1735 case op_fdiv:
1736 case op_frem:
1737 case op_dadd:
1738 case op_dsub:
1739 case op_dmul:
1740 case op_ddiv:
1741 case op_drem:
1742 case op_ineg:
1743 case op_i2b:
1744 case op_i2c:
1745 case op_i2s:
1746 case op_lneg:
1747 case op_fneg:
1748 case op_dneg:
1749 case op_i2l:
1750 case op_i2f:
1751 case op_i2d:
1752 case op_l2i:
1753 case op_l2f:
1754 case op_l2d:
1755 case op_f2i:
1756 case op_f2l:
1757 case op_f2d:
1758 case op_d2i:
1759 case op_d2l:
1760 case op_d2f:
1761 case op_lcmp:
1762 case op_fcmpl:
1763 case op_fcmpg:
1764 case op_dcmpl:
1765 case op_dcmpg:
1766 case op_monitorenter:
1767 case op_monitorexit:
1768 case op_ireturn:
1769 case op_lreturn:
1770 case op_freturn:
1771 case op_dreturn:
1772 case op_areturn:
1773 case op_return:
1774 case op_athrow:
1775 case op_arraylength:
1776 break;
1777
1778 case op_bipush:
1779 case op_ldc:
1780 case op_iload:
1781 case op_lload:
1782 case op_fload:
1783 case op_dload:
1784 case op_aload:
1785 case op_istore:
1786 case op_lstore:
1787 case op_fstore:
1788 case op_dstore:
1789 case op_astore:
1790 case op_ret:
1791 case op_newarray:
1792 get_byte ();
1793 break;
1794
1795 case op_iinc:
1796 case op_sipush:
1797 case op_ldc_w:
1798 case op_ldc2_w:
1799 case op_getstatic:
1800 case op_getfield:
1801 case op_putfield:
1802 case op_putstatic:
1803 case op_new:
1804 case op_anewarray:
1805 case op_instanceof:
1806 case op_checkcast:
1807 case op_invokespecial:
1808 case op_invokestatic:
1809 case op_invokevirtual:
1810 get_short ();
1811 break;
1812
1813 case op_multianewarray:
1814 get_short ();
1815 get_byte ();
1816 break;
1817
1818 case op_jsr:
1819 case op_ifeq:
1820 case op_ifne:
1821 case op_iflt:
1822 case op_ifge:
1823 case op_ifgt:
1824 case op_ifle:
1825 case op_if_icmpeq:
1826 case op_if_icmpne:
1827 case op_if_icmplt:
1828 case op_if_icmpge:
1829 case op_if_icmpgt:
1830 case op_if_icmple:
1831 case op_if_acmpeq:
1832 case op_if_acmpne:
1833 case op_ifnull:
1834 case op_ifnonnull:
1835 case op_goto:
1836 note_branch_target (compute_jump (get_short ()));
1837 break;
1838
1839 case op_tableswitch:
1840 {
1841 jint low, hi;
1842 skip_padding ();
1843 note_branch_target (compute_jump (get_int ()));
1844 low = get_int ();
1845 hi = get_int ();
1846 if (low > hi)
1847 verify_fail_pc ("invalid tableswitch", vfr->start_PC);
1848 for (i = low; i <= hi; ++i)
1849 note_branch_target (compute_jump (get_int ()));
1850 }
1851 break;
1852
1853 case op_lookupswitch:
1854 {
1855 int npairs;
1856 skip_padding ();
1857 note_branch_target (compute_jump (get_int ()));
1858 npairs = get_int ();
1859 if (npairs < 0)
1860 verify_fail_pc ("too few pairs in lookupswitch", vfr->start_PC);
1861 while (npairs-- > 0)
1862 {
1863 get_int ();
1864 note_branch_target (compute_jump (get_int ()));
1865 }
1866 }
1867 break;
1868
1869 case op_invokeinterface:
1870 get_short ();
1871 get_byte ();
1872 get_byte ();
1873 break;
1874
1875 case op_wide:
1876 {
1877 opcode = (java_opcode) get_byte ();
1878 get_short ();
1879 if (opcode == op_iinc)
1880 get_short ();
1881 }
1882 break;
1883
1884 case op_jsr_w:
1885 case op_goto_w:
1886 note_branch_target (compute_jump (get_int ()));
1887 break;
1888
1889 #if 0
1890 /* These are unused here, but we call them out explicitly
1891 so that -Wswitch-enum doesn't complain. */
1892 case op_putfield_1:
1893 case op_putfield_2:
1894 case op_putfield_4:
1895 case op_putfield_8:
1896 case op_putfield_a:
1897 case op_putstatic_1:
1898 case op_putstatic_2:
1899 case op_putstatic_4:
1900 case op_putstatic_8:
1901 case op_putstatic_a:
1902 case op_getfield_1:
1903 case op_getfield_2s:
1904 case op_getfield_2u:
1905 case op_getfield_4:
1906 case op_getfield_8:
1907 case op_getfield_a:
1908 case op_getstatic_1:
1909 case op_getstatic_2s:
1910 case op_getstatic_2u:
1911 case op_getstatic_4:
1912 case op_getstatic_8:
1913 case op_getstatic_a:
1914 #endif /* VFY_FAST_OPCODES */
1915 default:
1916 verify_fail_pc ("unrecognized instruction in branch_prepass",
1917 vfr->start_PC);
1918 }
1919
1920 /* See if any previous branch tried to branch to the middle of
1921 this instruction. */
1922 for (pc = vfr->start_PC + 1; pc < vfr->PC; ++pc)
1923 {
1924 if ((vfr->flags[pc] & FLAG_BRANCH_TARGET))
1925 verify_fail_pc ("branch to middle of instruction", pc);
1926 }
1927 }
1928
1929 /* Verify exception handlers. */
1930 for (i = 0; i < vfr->current_method->exc_count; ++i)
1931 {
1932 int handler, start, end, htype;
1933 vfy_get_exception (vfr->exception, i, &handler, &start, &end, &htype);
1934 if (! (vfr->flags[handler] & FLAG_INSN_START))
1935 verify_fail_pc ("exception handler not at instruction start",
1936 handler);
1937 if (! (vfr->flags[start] & FLAG_INSN_START))
1938 verify_fail_pc ("exception start not at instruction start", start);
1939 if (end != vfr->current_method->code_length
1940 && ! (vfr->flags[end] & FLAG_INSN_START))
1941 verify_fail_pc ("exception end not at instruction start", end);
1942
1943 vfr->flags[handler] |= FLAG_BRANCH_TARGET;
1944 }
1945 }
1946
1947 static void
1948 check_pool_index (int index)
1949 {
1950 if (index < 0 || index >= vfy_get_constants_size (vfr->current_class))
1951 verify_fail_pc ("constant pool index out of range", vfr->start_PC);
1952 }
1953
1954 static type
1955 check_class_constant (int index)
1956 {
1957 type t = { (type_val) 0, 0, 0 };
1958 vfy_constants *pool;
1959
1960 check_pool_index (index);
1961 pool = vfy_get_constants (vfr->current_class);
1962 if (vfy_tag (pool, index) == JV_CONSTANT_ResolvedClass)
1963 init_type_from_class (&t, vfy_get_pool_class (pool, index));
1964 else if (vfy_tag (pool, index) == JV_CONSTANT_Class)
1965 init_type_from_string (&t, vfy_get_pool_string (pool, index));
1966 else
1967 verify_fail_pc ("expected class constant", vfr->start_PC);
1968 return t;
1969 }
1970
1971 static type
1972 check_constant (int index)
1973 {
1974 type t = { (type_val) 0, 0, 0 };
1975 vfy_constants *pool;
1976
1977 check_pool_index (index);
1978 pool = vfy_get_constants (vfr->current_class);
1979 if (vfy_tag (pool, index) == JV_CONSTANT_ResolvedString
1980 || vfy_tag (pool, index) == JV_CONSTANT_String)
1981 init_type_from_class (&t, vfy_string_type ());
1982 else if (vfy_tag (pool, index) == JV_CONSTANT_Integer)
1983 init_type_from_tag (&t, int_type);
1984 else if (vfy_tag (pool, index) == JV_CONSTANT_Float)
1985 init_type_from_tag (&t, float_type);
1986 else if (vfy_tag (pool, index) == JV_CONSTANT_Class
1987 || vfy_tag (pool, index) == JV_CONSTANT_ResolvedClass)
1988 /* FIXME: should only allow this for 1.5 bytecode. */
1989 init_type_from_class (&t, vfy_class_type ());
1990 else
1991 verify_fail_pc ("String, int, or float constant expected", vfr->start_PC);
1992 return t;
1993 }
1994
1995 static type
1996 check_wide_constant (int index)
1997 {
1998 type t = { (type_val) 0, 0, 0 };
1999 vfy_constants *pool;
2000
2001 check_pool_index (index);
2002 pool = vfy_get_constants (vfr->current_class);
2003 if (vfy_tag (pool, index) == JV_CONSTANT_Long)
2004 init_type_from_tag (&t, long_type);
2005 else if (vfy_tag (pool, index) == JV_CONSTANT_Double)
2006 init_type_from_tag (&t, double_type);
2007 else
2008 verify_fail_pc ("long or double constant expected", vfr->start_PC);
2009 return t;
2010 }
2011
2012 /* Helper for both field and method. These are laid out the same in
2013 the constant pool. */
2014 static type
2015 handle_field_or_method (int index, int expected,
2016 vfy_string *name, vfy_string *fmtype)
2017 {
2018 vfy_uint_16 class_index, name_and_type_index;
2019 vfy_uint_16 name_index, desc_index;
2020 vfy_constants *pool;
2021
2022 check_pool_index (index);
2023 pool = vfy_get_constants (vfr->current_class);
2024 if (vfy_tag (pool, index) != expected)
2025 verify_fail_pc ("didn't see expected constant", vfr->start_PC);
2026 /* Once we know we have a Fieldref or Methodref we assume that it
2027 is correctly laid out in the constant pool. I think the code
2028 in defineclass.cc guarantees this. */
2029 vfy_load_indexes (pool, index, &class_index, &name_and_type_index);
2030 vfy_load_indexes (pool, name_and_type_index, &name_index, &desc_index);
2031
2032 *name = vfy_get_pool_string (pool, name_index);
2033 *fmtype = vfy_get_pool_string (pool, desc_index);
2034
2035 return check_class_constant (class_index);
2036 }
2037
2038 /* Return field's type, compute class' type if requested. If
2039 PUTFIELD is true, use the special 'putfield' semantics. */
2040 static type
2041 check_field_constant (int index, type *class_type, bool putfield)
2042 {
2043 vfy_string name, field_type;
2044 const char *typec;
2045 type t;
2046
2047 type ct = handle_field_or_method (index,
2048 JV_CONSTANT_Fieldref,
2049 &name, &field_type);
2050 if (class_type)
2051 *class_type = ct;
2052 typec = vfy_string_bytes (field_type);
2053 if (typec[0] == '[' || typec[0] == 'L')
2054 init_type_from_string (&t, field_type);
2055 else
2056 init_type_from_tag (&t, get_type_val_for_signature (typec[0]));
2057
2058 /* We have an obscure special case here: we can use `putfield' on a
2059 field declared in this class, even if `this' has not yet been
2060 initialized. */
2061 if (putfield
2062 && ! type_initialized (&vfr->current_state->this_type)
2063 && vfr->current_state->this_type.pc == SELF
2064 && types_equal (&vfr->current_state->this_type, &ct)
2065 && vfy_class_has_field (vfr->current_class, name, field_type))
2066 /* Note that we don't actually know whether we're going to match
2067 against 'this' or some other object of the same type. So,
2068 here we set things up so that it doesn't matter. This relies
2069 on knowing what our caller is up to. */
2070 type_set_uninitialized (class_type, EITHER);
2071
2072 return t;
2073 }
2074
2075 static type
2076 check_method_constant (int index, bool is_interface,
2077 vfy_string *method_name,
2078 vfy_string *method_signature)
2079 {
2080 return handle_field_or_method (index,
2081 (is_interface
2082 ? JV_CONSTANT_InterfaceMethodref
2083 : JV_CONSTANT_Methodref),
2084 method_name, method_signature);
2085 }
2086
2087 static const char *
2088 get_one_type (const char *p, type *t)
2089 {
2090 const char *start = p;
2091 vfy_jclass k;
2092 type_val rt;
2093 char v;
2094
2095 int arraycount = 0;
2096 while (*p == '[')
2097 {
2098 ++arraycount;
2099 ++p;
2100 }
2101
2102 v = *p++;
2103
2104 if (v == 'L')
2105 {
2106 vfy_string name;
2107 while (*p != ';')
2108 ++p;
2109 ++p;
2110 name = vfy_get_string (start, p - start);
2111 *t = make_type_from_string (name);
2112 return p;
2113 }
2114
2115 /* Casting to jchar here is ok since we are looking at an ASCII
2116 character. */
2117 rt = get_type_val_for_signature (v);
2118
2119 if (arraycount == 0)
2120 {
2121 /* Callers of this function eventually push their arguments on
2122 the stack. So, promote them here. */
2123 type new_t = make_type (rt);
2124 vfy_promote_type (&new_t);
2125 *t = new_t;
2126 return p;
2127 }
2128
2129 k = construct_primitive_array_type (rt);
2130 while (--arraycount > 0)
2131 k = vfy_get_array_class (k);
2132 *t = make_type_from_class (k);
2133 return p;
2134 }
2135
2136 static void
2137 compute_argument_types (vfy_string signature, type *types)
2138 {
2139 int i;
2140 const char *p = vfy_string_bytes (signature);
2141
2142 /* Skip `('. */
2143 ++p;
2144
2145 i = 0;
2146 while (*p != ')')
2147 p = get_one_type (p, &types[i++]);
2148 }
2149
2150 static type
2151 compute_return_type (vfy_string signature)
2152 {
2153 const char *p = vfy_string_bytes (signature);
2154 type t;
2155 while (*p != ')')
2156 ++p;
2157 ++p;
2158 get_one_type (p, &t);
2159 return t;
2160 }
2161
2162 static void
2163 check_return_type (type onstack)
2164 {
2165 type rt = compute_return_type (vfy_get_signature (vfr->current_method));
2166 if (! types_compatible (&rt, &onstack))
2167 verify_fail ("incompatible return type");
2168 }
2169
2170 /* Initialize the stack for the new method. Returns true if this
2171 method is an instance initializer. */
2172 static bool
2173 initialize_stack (void)
2174 {
2175 int arg_count, i;
2176 int var = 0;
2177 bool is_init = vfy_strings_equal (vfy_get_method_name (vfr->current_method),
2178 vfy_init_name());
2179 bool is_clinit = vfy_strings_equal (vfy_get_method_name (vfr->current_method),
2180 vfy_clinit_name());
2181
2182 if (! vfy_is_static (vfr->current_method))
2183 {
2184 type kurr = make_type_from_class (vfr->current_class);
2185 if (is_init)
2186 {
2187 type_set_uninitialized (&kurr, SELF);
2188 is_init = true;
2189 }
2190 else if (is_clinit)
2191 verify_fail ("<clinit> method must be static");
2192 set_variable (0, kurr);
2193 state_set_this_type (vfr->current_state, &kurr);
2194 ++var;
2195 }
2196 else
2197 {
2198 if (is_init)
2199 verify_fail ("<init> method must be non-static");
2200 }
2201
2202 /* We have to handle wide arguments specially here. */
2203 arg_count = vfy_count_arguments (vfy_get_signature (vfr->current_method));
2204 {
2205 type *arg_types = (type *) vfy_alloc (arg_count * sizeof (type));
2206 compute_argument_types (vfy_get_signature (vfr->current_method), arg_types);
2207 for (i = 0; i < arg_count; ++i)
2208 {
2209 set_variable (var, arg_types[i]);
2210 ++var;
2211 if (type_iswide (&arg_types[i]))
2212 ++var;
2213 }
2214 vfy_free (arg_types);
2215 }
2216
2217 return is_init;
2218 }
2219
2220 static void
2221 verify_instructions_0 (void)
2222 {
2223 int i;
2224 bool this_is_init;
2225
2226 vfr->current_state = make_state (vfr->current_method->max_stack,
2227 vfr->current_method->max_locals);
2228
2229 vfr->PC = 0;
2230 vfr->start_PC = 0;
2231
2232 /* True if we are verifying an instance initializer. */
2233 this_is_init = initialize_stack ();
2234
2235 vfr->states = (state_list **) vfy_alloc (sizeof (state_list *)
2236 * vfr->current_method->code_length);
2237
2238 for (i = 0; i < vfr->current_method->code_length; ++i)
2239 vfr->states[i] = NULL;
2240
2241 vfr->next_verify_state = NULL;
2242
2243 while (true)
2244 {
2245 java_opcode opcode;
2246
2247 /* If the PC was invalidated, get a new one from the work list. */
2248 if (vfr->PC == NO_NEXT)
2249 {
2250 state *new_state = pop_jump ();
2251 /* If it is null, we're done. */
2252 if (new_state == NULL)
2253 break;
2254
2255 vfr->PC = new_state->pc;
2256 debug_print ("== State pop from pending list\n");
2257 /* Set up the current state. */
2258 copy_state (vfr->current_state, new_state,
2259 vfr->current_method->max_stack, vfr->current_method->max_locals);
2260 }
2261 else
2262 {
2263 /* We only have to do this checking in the situation where
2264 control flow falls through from the previous instruction.
2265 Otherwise merging is done at the time we push the branch.
2266 Note that we'll catch the off-the-end problem just
2267 below. */
2268 if (vfr->PC < vfr->current_method->code_length
2269 && vfr->states[vfr->PC] != NULL)
2270 {
2271 /* We've already visited this instruction. So merge
2272 the states together. It is simplest, but not most
2273 efficient, to just always invalidate the PC here. */
2274 merge_into (vfr->PC, vfr->current_state);
2275 invalidate_pc ();
2276 continue;
2277 }
2278 }
2279
2280 /* Control can't fall off the end of the bytecode. We need to
2281 check this in both cases, not just the fall-through case,
2282 because we don't check to see whether a `jsr' appears at
2283 the end of the bytecode until we process a `ret'. */
2284 if (vfr->PC >= vfr->current_method->code_length)
2285 verify_fail ("fell off end");
2286 vfr->flags[vfr->PC] |= FLAG_INSN_SEEN;
2287
2288 /* We only have to keep saved state at branch targets. If
2289 we're at a branch target and the state here hasn't been set
2290 yet, we set it now. You might notice that `ret' targets
2291 won't necessarily have FLAG_BRANCH_TARGET set. This
2292 doesn't matter, since those states will be filled in by
2293 merge_into. */
2294 /* Note that other parts of the compiler assume that there is a
2295 label with a type map at PC=0. */
2296 if (vfr->states[vfr->PC] == NULL
2297 && (vfr->PC == 0 || (vfr->flags[vfr->PC] & FLAG_BRANCH_TARGET) != 0))
2298 add_new_state (vfr->PC, vfr->current_state);
2299
2300 /* Set this before handling exceptions so that debug output is
2301 sane. */
2302 vfr->start_PC = vfr->PC;
2303
2304 /* Update states for all active exception handlers. Ordinarily
2305 there are not many exception handlers. So we simply run
2306 through them all. */
2307 for (i = 0; i < vfr->current_method->exc_count; ++i)
2308 {
2309 int hpc, start, end, htype;
2310 vfy_get_exception (vfr->exception, i, &hpc, &start, &end, &htype);
2311 if (vfr->PC >= start && vfr->PC < end)
2312 {
2313 type handler = make_type_from_class (vfy_throwable_type ());
2314 if (htype != 0)
2315 handler = check_class_constant (htype);
2316 push_exception_jump (handler, hpc);
2317 }
2318 }
2319
2320
2321 debug_print_state (vfr->current_state, " ", vfr->PC,
2322 vfr->current_method->max_stack,
2323 vfr->current_method->max_locals);
2324 opcode = (java_opcode) vfr->bytecode[vfr->PC++];
2325 switch (opcode)
2326 {
2327 case op_nop:
2328 break;
2329
2330 case op_aconst_null:
2331 push_type (null_type);
2332 break;
2333
2334 case op_iconst_m1:
2335 case op_iconst_0:
2336 case op_iconst_1:
2337 case op_iconst_2:
2338 case op_iconst_3:
2339 case op_iconst_4:
2340 case op_iconst_5:
2341 push_type (int_type);
2342 break;
2343
2344 case op_lconst_0:
2345 case op_lconst_1:
2346 push_type (long_type);
2347 break;
2348
2349 case op_fconst_0:
2350 case op_fconst_1:
2351 case op_fconst_2:
2352 push_type (float_type);
2353 break;
2354
2355 case op_dconst_0:
2356 case op_dconst_1:
2357 push_type (double_type);
2358 break;
2359
2360 case op_bipush:
2361 get_byte ();
2362 push_type (int_type);
2363 break;
2364
2365 case op_sipush:
2366 get_short ();
2367 push_type (int_type);
2368 break;
2369
2370 case op_ldc:
2371 push_type_t (check_constant (get_byte ()));
2372 break;
2373 case op_ldc_w:
2374 push_type_t (check_constant (get_ushort ()));
2375 break;
2376 case op_ldc2_w:
2377 push_type_t (check_wide_constant (get_ushort ()));
2378 break;
2379
2380 case op_iload:
2381 push_type_t (get_variable (get_byte (), int_type));
2382 break;
2383 case op_lload:
2384 push_type_t (get_variable (get_byte (), long_type));
2385 break;
2386 case op_fload:
2387 push_type_t (get_variable (get_byte (), float_type));
2388 break;
2389 case op_dload:
2390 push_type_t (get_variable (get_byte (), double_type));
2391 break;
2392 case op_aload:
2393 push_type_t (get_variable (get_byte (), reference_type));
2394 break;
2395
2396 case op_iload_0:
2397 case op_iload_1:
2398 case op_iload_2:
2399 case op_iload_3:
2400 push_type_t (get_variable (opcode - op_iload_0, int_type));
2401 break;
2402 case op_lload_0:
2403 case op_lload_1:
2404 case op_lload_2:
2405 case op_lload_3:
2406 push_type_t (get_variable (opcode - op_lload_0, long_type));
2407 break;
2408 case op_fload_0:
2409 case op_fload_1:
2410 case op_fload_2:
2411 case op_fload_3:
2412 push_type_t (get_variable (opcode - op_fload_0, float_type));
2413 break;
2414 case op_dload_0:
2415 case op_dload_1:
2416 case op_dload_2:
2417 case op_dload_3:
2418 push_type_t (get_variable (opcode - op_dload_0, double_type));
2419 break;
2420 case op_aload_0:
2421 case op_aload_1:
2422 case op_aload_2:
2423 case op_aload_3:
2424 push_type_t (get_variable (opcode - op_aload_0, reference_type));
2425 break;
2426 case op_iaload:
2427 pop_type (int_type);
2428 push_type_t (require_array_type (pop_init_ref (reference_type),
2429 int_type));
2430 break;
2431 case op_laload:
2432 pop_type (int_type);
2433 push_type_t (require_array_type (pop_init_ref (reference_type),
2434 long_type));
2435 break;
2436 case op_faload:
2437 pop_type (int_type);
2438 push_type_t (require_array_type (pop_init_ref (reference_type),
2439 float_type));
2440 break;
2441 case op_daload:
2442 pop_type (int_type);
2443 push_type_t (require_array_type (pop_init_ref (reference_type),
2444 double_type));
2445 break;
2446 case op_aaload:
2447 pop_type (int_type);
2448 push_type_t (require_array_type (pop_init_ref (reference_type),
2449 reference_type));
2450 break;
2451 case op_baload:
2452 pop_type (int_type);
2453 require_array_type (pop_init_ref (reference_type), byte_type);
2454 push_type (int_type);
2455 break;
2456 case op_caload:
2457 pop_type (int_type);
2458 require_array_type (pop_init_ref (reference_type), char_type);
2459 push_type (int_type);
2460 break;
2461 case op_saload:
2462 pop_type (int_type);
2463 require_array_type (pop_init_ref (reference_type), short_type);
2464 push_type (int_type);
2465 break;
2466 case op_istore:
2467 set_variable (get_byte (), pop_type (int_type));
2468 break;
2469 case op_lstore:
2470 set_variable (get_byte (), pop_type (long_type));
2471 break;
2472 case op_fstore:
2473 set_variable (get_byte (), pop_type (float_type));
2474 break;
2475 case op_dstore:
2476 set_variable (get_byte (), pop_type (double_type));
2477 break;
2478 case op_astore:
2479 set_variable (get_byte (), pop_ref_or_return ());
2480 break;
2481 case op_istore_0:
2482 case op_istore_1:
2483 case op_istore_2:
2484 case op_istore_3:
2485 set_variable (opcode - op_istore_0, pop_type (int_type));
2486 break;
2487 case op_lstore_0:
2488 case op_lstore_1:
2489 case op_lstore_2:
2490 case op_lstore_3:
2491 set_variable (opcode - op_lstore_0, pop_type (long_type));
2492 break;
2493 case op_fstore_0:
2494 case op_fstore_1:
2495 case op_fstore_2:
2496 case op_fstore_3:
2497 set_variable (opcode - op_fstore_0, pop_type (float_type));
2498 break;
2499 case op_dstore_0:
2500 case op_dstore_1:
2501 case op_dstore_2:
2502 case op_dstore_3:
2503 set_variable (opcode - op_dstore_0, pop_type (double_type));
2504 break;
2505 case op_astore_0:
2506 case op_astore_1:
2507 case op_astore_2:
2508 case op_astore_3:
2509 set_variable (opcode - op_astore_0, pop_ref_or_return ());
2510 break;
2511 case op_iastore:
2512 pop_type (int_type);
2513 pop_type (int_type);
2514 require_array_type (pop_init_ref (reference_type), int_type);
2515 break;
2516 case op_lastore:
2517 pop_type (long_type);
2518 pop_type (int_type);
2519 require_array_type (pop_init_ref (reference_type), long_type);
2520 break;
2521 case op_fastore:
2522 pop_type (float_type);
2523 pop_type (int_type);
2524 require_array_type (pop_init_ref (reference_type), float_type);
2525 break;
2526 case op_dastore:
2527 pop_type (double_type);
2528 pop_type (int_type);
2529 require_array_type (pop_init_ref (reference_type), double_type);
2530 break;
2531 case op_aastore:
2532 pop_type (reference_type);
2533 pop_type (int_type);
2534 require_array_type (pop_init_ref (reference_type), reference_type);
2535 break;
2536 case op_bastore:
2537 pop_type (int_type);
2538 pop_type (int_type);
2539 require_array_type (pop_init_ref (reference_type), byte_type);
2540 break;
2541 case op_castore:
2542 pop_type (int_type);
2543 pop_type (int_type);
2544 require_array_type (pop_init_ref (reference_type), char_type);
2545 break;
2546 case op_sastore:
2547 pop_type (int_type);
2548 pop_type (int_type);
2549 require_array_type (pop_init_ref (reference_type), short_type);
2550 break;
2551 case op_pop:
2552 pop32 ();
2553 break;
2554 case op_pop2:
2555 {
2556 type t = pop_raw ();
2557 if (! type_iswide (&t))
2558 pop32 ();
2559 }
2560 break;
2561 case op_dup:
2562 {
2563 type t = pop32 ();
2564 push_type_t (t);
2565 push_type_t (t);
2566 }
2567 break;
2568 case op_dup_x1:
2569 {
2570 type t1 = pop32 ();
2571 type t2 = pop32 ();
2572 push_type_t (t1);
2573 push_type_t (t2);
2574 push_type_t (t1);
2575 }
2576 break;
2577 case op_dup_x2:
2578 {
2579 type t1 = pop32 ();
2580 type t2 = pop_raw ();
2581 if (! type_iswide (&t2))
2582 {
2583 type t3 = pop32 ();
2584 push_type_t (t1);
2585 push_type_t (t3);
2586 }
2587 else
2588 push_type_t (t1);
2589 push_type_t (t2);
2590 push_type_t (t1);
2591 }
2592 break;
2593 case op_dup2:
2594 {
2595 type t = pop_raw ();
2596 if (! type_iswide (&t))
2597 {
2598 type t2 = pop32 ();
2599 push_type_t (t2);
2600 push_type_t (t);
2601 push_type_t (t2);
2602 }
2603 else
2604 push_type_t (t);
2605 push_type_t (t);
2606 }
2607 break;
2608 case op_dup2_x1:
2609 {
2610 type t1 = pop_raw ();
2611 type t2 = pop32 ();
2612 if (! type_iswide (&t1))
2613 {
2614 type t3 = pop32 ();
2615 push_type_t (t2);
2616 push_type_t (t1);
2617 push_type_t (t3);
2618 }
2619 else
2620 push_type_t (t1);
2621 push_type_t (t2);
2622 push_type_t (t1);
2623 }
2624 break;
2625 case op_dup2_x2:
2626 {
2627 type t1 = pop_raw ();
2628 if (type_iswide (&t1))
2629 {
2630 type t2 = pop_raw ();
2631 if (type_iswide (&t2))
2632 {
2633 push_type_t (t1);
2634 push_type_t (t2);
2635 }
2636 else
2637 {
2638 type t3 = pop32 ();
2639 push_type_t (t1);
2640 push_type_t (t3);
2641 push_type_t (t2);
2642 }
2643 push_type_t (t1);
2644 }
2645 else
2646 {
2647 type t2 = pop32 ();
2648 type t3 = pop_raw ();
2649 if (type_iswide (&t3))
2650 {
2651 push_type_t (t2);
2652 push_type_t (t1);
2653 }
2654 else
2655 {
2656 type t4 = pop32 ();
2657 push_type_t (t2);
2658 push_type_t (t1);
2659 push_type_t (t4);
2660 }
2661 push_type_t (t3);
2662 push_type_t (t2);
2663 push_type_t (t1);
2664 }
2665 }
2666 break;
2667 case op_swap:
2668 {
2669 type t1 = pop32 ();
2670 type t2 = pop32 ();
2671 push_type_t (t1);
2672 push_type_t (t2);
2673 }
2674 break;
2675 case op_iadd:
2676 case op_isub:
2677 case op_imul:
2678 case op_idiv:
2679 case op_irem:
2680 case op_ishl:
2681 case op_ishr:
2682 case op_iushr:
2683 case op_iand:
2684 case op_ior:
2685 case op_ixor:
2686 pop_type (int_type);
2687 push_type_t (pop_type (int_type));
2688 break;
2689 case op_ladd:
2690 case op_lsub:
2691 case op_lmul:
2692 case op_ldiv:
2693 case op_lrem:
2694 case op_land:
2695 case op_lor:
2696 case op_lxor:
2697 pop_type (long_type);
2698 push_type_t (pop_type (long_type));
2699 break;
2700 case op_lshl:
2701 case op_lshr:
2702 case op_lushr:
2703 pop_type (int_type);
2704 push_type_t (pop_type (long_type));
2705 break;
2706 case op_fadd:
2707 case op_fsub:
2708 case op_fmul:
2709 case op_fdiv:
2710 case op_frem:
2711 pop_type (float_type);
2712 push_type_t (pop_type (float_type));
2713 break;
2714 case op_dadd:
2715 case op_dsub:
2716 case op_dmul:
2717 case op_ddiv:
2718 case op_drem:
2719 pop_type (double_type);
2720 push_type_t (pop_type (double_type));
2721 break;
2722 case op_ineg:
2723 case op_i2b:
2724 case op_i2c:
2725 case op_i2s:
2726 push_type_t (pop_type (int_type));
2727 break;
2728 case op_lneg:
2729 push_type_t (pop_type (long_type));
2730 break;
2731 case op_fneg:
2732 push_type_t (pop_type (float_type));
2733 break;
2734 case op_dneg:
2735 push_type_t (pop_type (double_type));
2736 break;
2737 case op_iinc:
2738 get_variable (get_byte (), int_type);
2739 get_byte ();
2740 break;
2741 case op_i2l:
2742 pop_type (int_type);
2743 push_type (long_type);
2744 break;
2745 case op_i2f:
2746 pop_type (int_type);
2747 push_type (float_type);
2748 break;
2749 case op_i2d:
2750 pop_type (int_type);
2751 push_type (double_type);
2752 break;
2753 case op_l2i:
2754 pop_type (long_type);
2755 push_type (int_type);
2756 break;
2757 case op_l2f:
2758 pop_type (long_type);
2759 push_type (float_type);
2760 break;
2761 case op_l2d:
2762 pop_type (long_type);
2763 push_type (double_type);
2764 break;
2765 case op_f2i:
2766 pop_type (float_type);
2767 push_type (int_type);
2768 break;
2769 case op_f2l:
2770 pop_type (float_type);
2771 push_type (long_type);
2772 break;
2773 case op_f2d:
2774 pop_type (float_type);
2775 push_type (double_type);
2776 break;
2777 case op_d2i:
2778 pop_type (double_type);
2779 push_type (int_type);
2780 break;
2781 case op_d2l:
2782 pop_type (double_type);
2783 push_type (long_type);
2784 break;
2785 case op_d2f:
2786 pop_type (double_type);
2787 push_type (float_type);
2788 break;
2789 case op_lcmp:
2790 pop_type (long_type);
2791 pop_type (long_type);
2792 push_type (int_type);
2793 break;
2794 case op_fcmpl:
2795 case op_fcmpg:
2796 pop_type (float_type);
2797 pop_type (float_type);
2798 push_type (int_type);
2799 break;
2800 case op_dcmpl:
2801 case op_dcmpg:
2802 pop_type (double_type);
2803 pop_type (double_type);
2804 push_type (int_type);
2805 break;
2806 case op_ifeq:
2807 case op_ifne:
2808 case op_iflt:
2809 case op_ifge:
2810 case op_ifgt:
2811 case op_ifle:
2812 pop_type (int_type);
2813 push_jump (get_short ());
2814 break;
2815 case op_if_icmpeq:
2816 case op_if_icmpne:
2817 case op_if_icmplt:
2818 case op_if_icmpge:
2819 case op_if_icmpgt:
2820 case op_if_icmple:
2821 pop_type (int_type);
2822 pop_type (int_type);
2823 push_jump (get_short ());
2824 break;
2825 case op_if_acmpeq:
2826 case op_if_acmpne:
2827 pop_type (reference_type);
2828 pop_type (reference_type);
2829 push_jump (get_short ());
2830 break;
2831 case op_goto:
2832 push_jump (get_short ());
2833 invalidate_pc ();
2834 break;
2835 case op_jsr:
2836 handle_jsr_insn (get_short ());
2837 break;
2838 case op_ret:
2839 handle_ret_insn (get_byte ());
2840 break;
2841 case op_tableswitch:
2842 {
2843 int i;
2844 jint low, high;
2845 pop_type (int_type);
2846 skip_padding ();
2847 push_jump (get_int ());
2848 low = get_int ();
2849 high = get_int ();
2850 /* Already checked LOW -vs- HIGH. */
2851 for (i = low; i <= high; ++i)
2852 push_jump (get_int ());
2853 invalidate_pc ();
2854 }
2855 break;
2856
2857 case op_lookupswitch:
2858 {
2859 int i;
2860 jint npairs, lastkey;
2861
2862 pop_type (int_type);
2863 skip_padding ();
2864 push_jump (get_int ());
2865 npairs = get_int ();
2866 /* Already checked NPAIRS >= 0. */
2867 lastkey = 0;
2868 for (i = 0; i < npairs; ++i)
2869 {
2870 jint key = get_int ();
2871 if (i > 0 && key <= lastkey)
2872 verify_fail_pc ("lookupswitch pairs unsorted", vfr->start_PC);
2873 lastkey = key;
2874 push_jump (get_int ());
2875 }
2876 invalidate_pc ();
2877 }
2878 break;
2879 case op_ireturn:
2880 check_return_type (pop_type (int_type));
2881 invalidate_pc ();
2882 break;
2883 case op_lreturn:
2884 check_return_type (pop_type (long_type));
2885 invalidate_pc ();
2886 break;
2887 case op_freturn:
2888 check_return_type (pop_type (float_type));
2889 invalidate_pc ();
2890 break;
2891 case op_dreturn:
2892 check_return_type (pop_type (double_type));
2893 invalidate_pc ();
2894 break;
2895 case op_areturn:
2896 check_return_type (pop_init_ref (reference_type));
2897 invalidate_pc ();
2898 break;
2899 case op_return:
2900 /* We only need to check this when the return type is void,
2901 because all instance initializers return void. We also
2902 need to special-case Object constructors, as they can't
2903 call a superclass <init>. */
2904 if (this_is_init && vfr->current_class != vfy_object_type ())
2905 state_check_this_initialized (vfr->current_state);
2906 check_return_type (make_type (void_type));
2907 invalidate_pc ();
2908 break;
2909 case op_getstatic:
2910 push_type_t (check_field_constant (get_ushort (), NULL, false));
2911 break;
2912 case op_putstatic:
2913 pop_type_t (check_field_constant (get_ushort (), NULL, false));
2914 break;
2915 case op_getfield:
2916 {
2917 type klass;
2918 type field = check_field_constant (get_ushort (), &klass, false);
2919 pop_type_t (klass);
2920 push_type_t (field);
2921 }
2922 break;
2923 case op_putfield:
2924 {
2925 type klass;
2926 type field = check_field_constant (get_ushort (), &klass, true);
2927 pop_type_t (field);
2928 pop_type_t (klass);
2929 }
2930 break;
2931
2932 case op_invokevirtual:
2933 case op_invokespecial:
2934 case op_invokestatic:
2935 case op_invokeinterface:
2936 {
2937 vfy_string method_name, method_signature;
2938 const char *namec;
2939 int i, arg_count;
2940 type rt;
2941 bool is_init = false;
2942
2943 type class_type
2944 = check_method_constant (get_ushort (),
2945 opcode == op_invokeinterface,
2946 &method_name,
2947 &method_signature);
2948 /* NARGS is only used when we're processing
2949 invokeinterface. It is simplest for us to compute it
2950 here and then verify it later. */
2951 int nargs = 0;
2952 if (opcode == op_invokeinterface)
2953 {
2954 nargs = get_byte ();
2955 if (get_byte () != 0)
2956 verify_fail ("invokeinterface dummy byte is wrong");
2957 }
2958
2959 namec = vfy_string_bytes (method_name);
2960
2961 if (vfy_strings_equal (method_name, vfy_init_name()))
2962 {
2963 is_init = true;
2964 if (opcode != op_invokespecial)
2965 verify_fail ("can't invoke <init>");
2966 }
2967 else if (namec[0] == '<')
2968 verify_fail ("can't invoke method starting with `<'");
2969
2970 arg_count = vfy_count_arguments (method_signature);
2971 {
2972 /* Pop arguments and check types. */
2973 type *arg_types = (type *) vfy_alloc (arg_count * sizeof (type));
2974
2975 compute_argument_types (method_signature, arg_types);
2976 for (i = arg_count - 1; i >= 0; --i)
2977 {
2978 /* This is only used for verifying the byte for
2979 invokeinterface. */
2980 nargs -= type_depth (&arg_types[i]);
2981 pop_init_ref_t (arg_types[i]);
2982 }
2983
2984 vfy_free (arg_types);
2985 }
2986
2987 if (opcode == op_invokeinterface
2988 && nargs != 1)
2989 verify_fail ("wrong argument count for invokeinterface");
2990
2991 if (opcode != op_invokestatic)
2992 {
2993 type raw;
2994 type t = class_type;
2995 if (is_init)
2996 {
2997 /* In this case the PC doesn't matter. */
2998 type_set_uninitialized (&t, UNINIT);
2999 /* FIXME: check to make sure that the <init>
3000 call is to the right class.
3001 It must either be super or an exact class
3002 match. */
3003 }
3004 raw = pop_raw ();
3005 if (! types_compatible (&t, &raw))
3006 verify_fail ("incompatible type on stack");
3007
3008 if (is_init)
3009 state_set_initialized (vfr->current_state,
3010 type_get_pc (&raw), vfr->current_method->max_locals);
3011 }
3012
3013 rt = compute_return_type (method_signature);
3014 if (! type_isvoid (&rt))
3015 push_type_t (rt);
3016 }
3017 break;
3018
3019 case op_new:
3020 {
3021 type t = check_class_constant (get_ushort ());
3022 if (type_isarray (&t) || type_isinterface (&t)
3023 || type_isabstract (&t))
3024 verify_fail ("type is array, interface, or abstract");
3025 type_set_uninitialized (&t, vfr->start_PC);
3026 push_type_t (t);
3027 }
3028 break;
3029
3030 case op_newarray:
3031 {
3032 int atype = get_byte ();
3033 vfy_jclass k;
3034 type t;
3035 /* We intentionally have chosen constants to make this
3036 valid. */
3037 if (atype < boolean_type || atype > long_type)
3038 verify_fail_pc ("type not primitive", vfr->start_PC);
3039 pop_type (int_type);
3040 k = construct_primitive_array_type ((type_val) atype);
3041 init_type_from_class (&t, k);
3042 push_type_t (t);
3043 }
3044 break;
3045 case op_anewarray:
3046 {
3047 type t;
3048 pop_type (int_type);
3049 t = check_class_constant (get_ushort ());
3050 push_type_t (type_to_array (&t));
3051 }
3052 break;
3053 case op_arraylength:
3054 {
3055 type t = pop_init_ref (reference_type);
3056 if (! type_isarray (&t) && ! type_isnull (&t))
3057 verify_fail ("array type expected");
3058 push_type (int_type);
3059 }
3060 break;
3061 case op_athrow:
3062 pop_type_t (make_type_from_class (vfy_throwable_type ()));
3063 invalidate_pc ();
3064 break;
3065 case op_checkcast:
3066 pop_init_ref (reference_type);
3067 push_type_t (check_class_constant (get_ushort ()));
3068 break;
3069 case op_instanceof:
3070 pop_init_ref (reference_type);
3071 check_class_constant (get_ushort ());
3072 push_type (int_type);
3073 break;
3074 case op_monitorenter:
3075 pop_init_ref (reference_type);
3076 break;
3077 case op_monitorexit:
3078 pop_init_ref (reference_type);
3079 break;
3080 case op_wide:
3081 {
3082 switch (get_byte ())
3083 {
3084 case op_iload:
3085 push_type_t (get_variable (get_ushort (), int_type));
3086 break;
3087 case op_lload:
3088 push_type_t (get_variable (get_ushort (), long_type));
3089 break;
3090 case op_fload:
3091 push_type_t (get_variable (get_ushort (), float_type));
3092 break;
3093 case op_dload:
3094 push_type_t (get_variable (get_ushort (), double_type));
3095 break;
3096 case op_aload:
3097 push_type_t (get_variable (get_ushort (), reference_type));
3098 break;
3099 case op_istore:
3100 set_variable (get_ushort (), pop_type (int_type));
3101 break;
3102 case op_lstore:
3103 set_variable (get_ushort (), pop_type (long_type));
3104 break;
3105 case op_fstore:
3106 set_variable (get_ushort (), pop_type (float_type));
3107 break;
3108 case op_dstore:
3109 set_variable (get_ushort (), pop_type (double_type));
3110 break;
3111 case op_astore:
3112 set_variable (get_ushort (), pop_init_ref (reference_type));
3113 break;
3114 case op_ret:
3115 handle_ret_insn (get_short ());
3116 break;
3117 case op_iinc:
3118 get_variable (get_ushort (), int_type);
3119 get_short ();
3120 break;
3121 default:
3122 verify_fail_pc ("unrecognized wide instruction", vfr->start_PC);
3123 }
3124 }
3125 break;
3126 case op_multianewarray:
3127 {
3128 int i;
3129 type atype = check_class_constant (get_ushort ());
3130 int dim = get_byte ();
3131 if (dim < 1)
3132 verify_fail_pc ("too few dimensions to multianewarray", vfr->start_PC);
3133 type_verify_dimensions (&atype, dim);
3134 for (i = 0; i < dim; ++i)
3135 pop_type (int_type);
3136 push_type_t (atype);
3137 }
3138 break;
3139 case op_ifnull:
3140 case op_ifnonnull:
3141 pop_type (reference_type);
3142 push_jump (get_short ());
3143 break;
3144 case op_goto_w:
3145 push_jump (get_int ());
3146 invalidate_pc ();
3147 break;
3148 case op_jsr_w:
3149 handle_jsr_insn (get_int ());
3150 break;
3151
3152 default:
3153 /* Unrecognized opcode. */
3154 verify_fail_pc ("unrecognized instruction in verify_instructions_0",
3155 vfr->start_PC);
3156 }
3157 }
3158 }
3159
3160 /* This turns a `type' into something suitable for use by the type map
3161 in the other parts of the compiler. In particular, reference types
3162 are mapped to Object, primitive types are unchanged, and other
3163 types are mapped using special functions declared in verify.h. */
3164 static vfy_jclass
3165 collapse_type (type *t)
3166 {
3167 switch (t->key)
3168 {
3169 case void_type:
3170 case boolean_type:
3171 case char_type:
3172 case float_type:
3173 case double_type:
3174 case byte_type:
3175 case short_type:
3176 case int_type:
3177 case long_type:
3178 return vfy_get_primitive_type (t->key);
3179
3180 case unsuitable_type:
3181 case continuation_type:
3182 return vfy_unsuitable_type ();
3183
3184 case return_address_type:
3185 return vfy_return_address_type ();
3186
3187 case null_type:
3188 return vfy_null_type ();
3189
3190 case reference_type:
3191 case uninitialized_reference_type:
3192 return vfy_object_type ();
3193 }
3194
3195 gcc_unreachable ();
3196 }
3197
3198 static void
3199 verify_instructions (void)
3200 {
3201 int i;
3202
3203 branch_prepass ();
3204 verify_instructions_0 ();
3205
3206 /* Now tell the rest of the compiler about the types we've found. */
3207 for (i = 0; i < vfr->current_method->code_length; ++i)
3208 {
3209 int j, slot;
3210 struct state *curr;
3211
3212 if ((vfr->flags[i] & FLAG_INSN_SEEN) != 0)
3213 vfy_note_instruction_seen (i);
3214
3215 if (! vfr->states[i])
3216 continue;
3217
3218 curr = vfr->states[i]->val;
3219 vfy_note_stack_depth (vfr->current_method, i, curr->stackdepth);
3220
3221 /* Tell the compiler about each local variable. */
3222 for (j = 0; j < vfr->current_method->max_locals; ++j)
3223 vfy_note_local_type (vfr->current_method, i, j,
3224 collapse_type (&curr->locals[j]));
3225 /* Tell the compiler about each stack slot. */
3226 for (slot = j = 0; j < curr->stacktop; ++j, ++slot)
3227 {
3228 vfy_note_stack_type (vfr->current_method, i, slot,
3229 collapse_type (&curr->stack[j]));
3230 if (type_iswide (&curr->stack[j]))
3231 {
3232 ++slot;
3233 vfy_note_stack_type (vfr->current_method, i, slot,
3234 vfy_unsuitable_type ());
3235 }
3236 }
3237 gcc_assert (slot == curr->stackdepth);
3238 }
3239 }
3240
3241 static void
3242 make_verifier_context (vfy_method *m)
3243 {
3244 vfr = (verifier_context *) vfy_alloc (sizeof (struct verifier_context));
3245
3246 vfr->current_method = m;
3247 vfr->bytecode = vfy_get_bytecode (m);
3248 vfr->exception = vfy_get_exceptions (m);
3249 vfr->current_class = m->defining_class;
3250
3251 vfr->states = NULL;
3252 vfr->flags = NULL;
3253 vfr->utf8_list = NULL;
3254 vfr->isect_list = NULL;
3255 }
3256
3257 static void
3258 free_verifier_context (void)
3259 {
3260 vfy_string_list *utf8_list;
3261 ref_intersection *isect_list;
3262
3263 if (vfr->flags)
3264 vfy_free (vfr->flags);
3265
3266 utf8_list = vfr->utf8_list;
3267 while (utf8_list != NULL)
3268 {
3269 vfy_string_list *n = utf8_list->next;
3270 vfy_free (utf8_list);
3271 utf8_list = n;
3272 }
3273
3274 isect_list = vfr->isect_list;
3275 while (isect_list != NULL)
3276 {
3277 ref_intersection *next = isect_list->alloc_next;
3278 vfy_free (isect_list);
3279 isect_list = next;
3280 }
3281
3282 if (vfr->states != NULL)
3283 {
3284 int i;
3285 for (i = 0; i < vfr->current_method->code_length; ++i)
3286 {
3287 state_list *iter = vfr->states[i];
3288 while (iter != NULL)
3289 {
3290 state_list *next = iter->next;
3291 free_state (iter->val);
3292 vfy_free (iter->val);
3293 vfy_free (iter);
3294 iter = next;
3295 }
3296 }
3297 vfy_free (vfr->states);
3298 }
3299
3300 vfy_free (vfr);
3301 }
3302
3303 int
3304 verify_method (vfy_method *meth)
3305 {
3306 debug_print ("verify_method (%s) %i\n", vfy_string_bytes (meth->name),
3307 meth->code_length);
3308
3309 if (vfr != NULL)
3310 verify_fail ("verifier re-entered");
3311
3312 make_verifier_context (meth);
3313 verify_instructions ();
3314 free_verifier_context ();
3315 vfr = NULL;
3316
3317 return 1;
3318 }
Mirror of the offical gcc git repository hosted at gcc.gnu.org