RFR (S) 7127066: Class verifier accepts an invalid class file

harold seigel harold.seigel at oracle.com
Fri Aug 29 12:41:18 UTC 2014


Resending this RFR with a description of the bug because the bug is not 
accessible to all reviewers.

The bug is that the verifier accepts a class that it should not. 
Verification should fail because, in this case, the stack map at a TRY 
block's astore_2 instruction does have enough locals to satisfy the 
stack map for one of its covering exception handlers.  However, the 
HotSpot VM class verifier does not detect the problem, and loads the class.

The root cause of this issue is that the verifier is using the result 
type state from the astore_2 instruction, instead of correctly using the 
incoming type state, when checking for a compatible type-state for the 
exception handler. This is not-to-spec, as JVMS 8 does indicate that the 
instruction's incoming type state (with expression stack modification) 
should be used for type checking the covering exception handlers.

I hope this compensates for the inaccessibility of the bug.

Thanks, Harold

On 8/28/2014 5:07 PM, harold seigel wrote:
> Hi,
> Please review this small verifier fix for bug JDK-7127066.  The change 
> fixes the problem by doing the exception handler type state 
> verification for byetcodes, such as astore, that modify the type 
> state, before the type state gets modified.
> bug:  https://bugs.openjdk.java.net/browse/JDK-7127066
> Open webrev: http://cr.openjdk.java.net/~hseigel/bug_7127066/
> The fix was tested with JCK lang, vm, and api/java_lang tests, ute 
> quick tests, ute split_verifier tests, hotspot JTREG tests, and the 
> test case provided in the bug.
> Thanks, Harold

More information about the hotspot-runtime-dev mailing list