1 /* src/vm/jit/verify/typecheck.c - typechecking (part of bytecode verification)
3 Copyright (C) 1996-2005, 2006, 2007, 2008
4 CACAOVM - Verein zur Foerderung der freien virtuellen Maschine CACAO
6 This file is part of CACAO.
8 This program is free software; you can redistribute it and/or
9 modify it under the terms of the GNU General Public License as
10 published by the Free Software Foundation; either version 2, or (at
11 your option) any later version.
13 This program is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
27 What's the purpose of the `typechecker`?
28 ----------------------------------------
30 The typechecker analyses (the intermediate repr. of) the bytecode of
31 each method and ensures that for each instruction the values on the
32 stack and in local variables are of the correct type whenever the
33 instruction is executed.
35 type checking is a mandatory part of bytecode verification.
38 How does the typechecker work?
39 ------------------------------
41 The JVM stack and the local variables are not statically typed, so the
42 typechecker has to *infer* the static types of stack slots and local
43 variables at each point of the method. The JVM spec imposes a lot of
44 restrictions on the bytecode in order to guarantee that this is always
47 Basically the typechecker solves the data flow equations of the method.
48 This is done in the usual way for a forward data flow analysis: Starting
49 from the entry point of the method the typechecker follows the CFG and
50 records the type of each stack slot and local variable at each point[1].
51 When two or more control flow paths merge at a point, the union of the
52 types for each slot/variable is taken. The algorithm continues to follow
53 all possible paths[2] until the recorded types do not change anymore (ie.
54 the equations have been solved).
56 If the solution has been reached and the resulting types are valid for
57 all instructions, then type checking terminates with success, otherwise
58 an exception is thrown.
61 Why is this code so damn complicated?
62 -------------------------------------
64 Short answer: The devil's in the details.
66 While the basic operation of the typechecker is no big deal, there are
67 many properties of Java bytecode which make type checking hard. Some of
68 them are not even addressed in the JVM spec. Some problems and their
71 *) Finding a good representation of the union of two reference types is
72 difficult because of multiple inheritance of interfaces.
74 Solution: The typeinfo system can represent such "merged" types by a
75 list of proper subclasses of a class. Example:
77 typeclass=java.lang.Object merged={ InterfaceA, InterfaceB }
79 represents the result of merging two interface types "InterfaceA"
82 *) When the code of a method is verified, there may still be unresolved
83 references to classes/methods/fields in the code, which we may not force
84 to be resolved eagerly. (A similar problem arises because of the special
85 checks for protected members.)
87 Solution: The typeinfo system knows how to deal with unresolved
88 class references. Whenever a check has to be performed for an
89 unresolved type, the type is annotated with constraints representing
90 the check. Later, when the type is resolved, the constraints are
91 checked. (See the constrain_unresolved_... and the resolve_...
94 *) Checks for uninitialized object instances are hard because after the
95 invocation of <init> on an uninitialized object *all* slots/variables
96 referring to this object (and exactly those slots/variables) must be
97 marked as initialized.
99 Solution: The JVM spec describes a solution, which has been
100 implemented in this typechecker.
102 Note that some checks mentioned in the JVM spec are unnecessary[4] and
103 not performed by either the reference implementation, or this implementation.
108 [1] Actually only the types of slots/variables at the start of each
109 basic block are remembered. Within a basic block the algorithm only keeps
110 the types of the slots/variables for the "current" instruction which is
113 [2] Actually the algorithm iterates through the basic block list until
114 there are no more changes. Theoretically it would be wise to sort the
115 basic blocks topologically beforehand, but the number of average/max
116 iterations observed is so low, that this was not deemed necessary.
118 [3] This is similar to a method proposed by: Alessandro Coglio et al., A
119 Formal Specification of Java Class Loading, Technical Report, Kestrel
120 Institute April 2000, revised July 2000
121 http://www.kestrel.edu/home/people/coglio/loading.pdf
122 An important difference is that Coglio's subtype constraints are checked
123 after loading, while our constraints are checked when the field/method
124 is accessed for the first time, so we can guarantee lexically correct
127 [4] Alessandro Coglio
128 Improving the official specification of Java bytecode verification
129 Proceedings of the 3rd ECOOP Workshop on Formal Techniques for Java Programs
131 citeseer.ist.psu.edu/article/coglio03improving.html
140 #include "vm/types.h"
142 #ifdef ENABLE_VERIFIER
144 #include "mm/memory.h"
146 #include "native/native.hpp"
148 #include "toolbox/logging.h"
150 #include "vm/access.h"
151 #include "vm/array.hpp"
152 #include "vm/jit/builtin.hpp"
153 #include "vm/exceptions.hpp"
154 #include "vm/global.h"
155 #include "vm/globals.hpp"
156 #include "vm/loader.hpp"
157 #include "vm/options.h"
158 #include "vm/primitive.hpp"
159 #include "vm/resolve.hpp"
161 #include "vm/jit/jit.hpp"
162 #include "vm/jit/parse.hpp"
163 #include "vm/jit/show.hpp"
165 #include <typecheck-common.h>
168 /****************************************************************************/
169 /* MACROS FOR VARIABLE TYPE CHECKING */
170 /****************************************************************************/
172 #define TYPECHECK_CHECK_TYPE(i,tp,msg) \
174 if (VAR(i)->type != (tp)) { \
175 exceptions_throw_verifyerror(state->m, (msg)); \
180 #define TYPECHECK_INT(i) \
181 TYPECHECK_CHECK_TYPE(i,TYPE_INT,"Expected to find integer value")
182 #define TYPECHECK_LNG(i) \
183 TYPECHECK_CHECK_TYPE(i,TYPE_LNG,"Expected to find long value")
184 #define TYPECHECK_FLT(i) \
185 TYPECHECK_CHECK_TYPE(i,TYPE_FLT,"Expected to find float value")
186 #define TYPECHECK_DBL(i) \
187 TYPECHECK_CHECK_TYPE(i,TYPE_DBL,"Expected to find double value")
188 #define TYPECHECK_ADR(i) \
189 TYPECHECK_CHECK_TYPE(i,TYPE_ADR,"Expected to find object value")
191 #define TYPECHECK_INT_OP(o) TYPECHECK_INT((o).varindex)
192 #define TYPECHECK_LNG_OP(o) TYPECHECK_LNG((o).varindex)
193 #define TYPECHECK_FLT_OP(o) TYPECHECK_FLT((o).varindex)
194 #define TYPECHECK_DBL_OP(o) TYPECHECK_DBL((o).varindex)
195 #define TYPECHECK_ADR_OP(o) TYPECHECK_ADR((o).varindex)
198 /* typestate_save_invars *******************************************************
200 Save the invars of the current basic block in the space reserved by
203 This function must be called before an instruction modifies a variable
204 that is an invar of the current block. In such cases the invars of the
205 block must be saved, and restored at the end of the analysis of this
206 basic block, so that the invars again reflect the *input* to this basic
207 block (and do not randomly contain types that appear within the block).
210 state............current state of the verifier
212 *******************************************************************************/
215 typestate_save_invars(verifier_state *state)
220 LOG("saving invars");
222 if (!state->savedindices) {
223 LOG("allocating savedindices buffer");
224 pindex = DMNEW(s4, state->m->maxstack);
225 state->savedindices = pindex;
226 index = state->numlocals + VERIFIER_EXTRA_VARS;
227 for (i=0; i<state->m->maxstack; ++i)
233 typecheck_copy_types(state, state->bptr->invars, state->savedindices,
234 state->bptr->indepth);
236 /* set the invars of the block to the saved variables */
237 /* and remember the original invars */
239 state->savedinvars = state->bptr->invars;
240 state->bptr->invars = state->savedindices;
244 /* typestate_restore_invars ***************************************************
246 Restore the invars of the current basic block that have been previously
247 saved by `typestate_save_invars`.
250 state............current state of the verifier
252 *******************************************************************************/
255 typestate_restore_invars(verifier_state *state)
257 TYPECHECK_COUNT(stat_savedstack);
258 LOG("restoring saved invars");
260 /* restore the invars pointer */
262 state->bptr->invars = state->savedinvars;
264 /* copy the types back */
266 typecheck_copy_types(state, state->savedindices, state->bptr->invars,
267 state->bptr->indepth);
269 /* mark that there are no saved invars currently */
271 state->savedinvars = NULL;
275 /* handle_fieldaccess **********************************************************
277 Verify an ICMD_{GET,PUT}{STATIC,FIELD}(CONST)?
280 state............the current state of the verifier
283 true.............successful verification,
284 false............an exception has been thrown.
286 *******************************************************************************/
289 handle_fieldaccess(verifier_state *state,
297 #define TYPECHECK_VARIABLESBASED
298 #define EXCEPTION do { return false; } while (0)
299 #define VERIFY_ERROR(msg) TYPECHECK_VERIFYERROR_bool(msg)
300 #include <typecheck-fields.inc>
303 #undef TYPECHECK_VARIABLESBASED
309 /* handle_invocation ***********************************************************
311 Verify an ICMD_INVOKE* instruction.
314 state............the current state of the verifier
317 true.............successful verification,
318 false............an exception has been thrown.
320 *******************************************************************************/
323 handle_invocation(verifier_state *state)
326 varinfo *dv; /* output variable of current instruction */
329 dv = VAROP(state->iptr->dst);
331 #define TYPECHECK_VARIABLESBASED
332 #define OP1 VAR(state->iptr->sx.s23.s2.args[0])
333 #include <typecheck-invoke.inc>
335 #undef TYPECHECK_VARIABLESBASED
341 /* handle_builtin **************************************************************
343 Verify the call of a builtin method.
346 state............the current state of the verifier
349 true.............successful verification,
350 false............an exception has been thrown.
352 *******************************************************************************/
355 handle_builtin(verifier_state *state)
358 varinfo *dv; /* output variable of current instruction */
361 dv = VAROP(state->iptr->dst);
363 #define TYPECHECK_VARIABLESBASED
364 #define OP1 state->iptr->sx.s23.s2.args[0]
365 #include <typecheck-builtins.inc>
367 #undef TYPECHECK_VARIABLESBASED
372 /* handle_multianewarray *******************************************************
374 Verify a MULTIANEWARRAY instruction.
377 state............the current state of the verifier
380 true.............successful verification,
381 false............an exception has been thrown.
383 *******************************************************************************/
386 handle_multianewarray(verifier_state *state)
389 varinfo *dv; /* output variable of current instruction */
392 dv = VAROP(state->iptr->dst);
394 #define TYPECHECK_VARIABLESBASED
395 #define VERIFY_ERROR(msg) TYPECHECK_VERIFYERROR_bool(msg)
396 #include <typecheck-multianewarray.inc>
398 #undef TYPECHECK_VARIABLESBASED
403 /* typecheck_invalidate_locals *************************************************
405 Invalidate locals that are overwritten by writing to the given local.
408 state............the current state of the verifier
409 index............the index of the local that is written
410 twoword..........true, if a two-word type is written
412 *******************************************************************************/
414 static void typecheck_invalidate_locals(verifier_state *state, s4 index, bool twoword)
419 jitdata *jd = state->jd;
420 s4 *localmap = jd->local_map;
421 varinfo *vars = jd->var;
423 javaindex = jd->reverselocalmap[index];
425 /* invalidate locals of two-word type at index javaindex-1 */
428 localmap += 5 * (javaindex-1);
429 for (t=0; t<5; ++t) {
430 varindex = *localmap++;
431 if (varindex >= 0 && IS_2_WORD_TYPE(vars[varindex].type)) {
432 LOG1("invalidate local %d", varindex);
433 vars[varindex].type = TYPE_VOID;
438 localmap += 5 * javaindex;
441 /* invalidate locals at index javaindex */
443 for (t=0; t<5; ++t) {
444 varindex = *localmap++;
446 LOG1("invalidate local %d", varindex);
447 vars[varindex].type = TYPE_VOID;
451 /* if a two-word type is written, invalidate locals at index javaindex+1 */
454 for (t=0; t<5; ++t) {
455 varindex = *localmap++;
457 LOG1("invalidate local %d", varindex);
458 vars[varindex].type = TYPE_VOID;
465 /* macros used by the generated code ******************************************/
467 #define EXCEPTION do { return false; } while (0)
468 #define VERIFY_ERROR(msg) TYPECHECK_VERIFYERROR_bool(msg)
470 #define CHECK_LOCAL_TYPE(index, t) \
472 if (!typevector_checktype(jd->var, (index), (t))) \
473 VERIFY_ERROR("Local variable type mismatch"); \
476 #define STORE_LOCAL(t, index) \
479 typecheck_invalidate_locals(state, (index), false); \
480 typevector_store(jd->var, (index), (temp_t), NULL); \
483 #define STORE_LOCAL_2_WORD(t, index) \
486 typecheck_invalidate_locals(state, (index), true); \
487 typevector_store(jd->var, (index), (temp_t), NULL); \
490 #define REACH_BLOCK(target) \
492 if (!typestate_reach(state, (target), \
493 state->bptr->outvars, jd->var, \
494 state->bptr->outdepth)) \
498 #define REACH(target) REACH_BLOCK((target).block)
501 /* handle_basic_block **********************************************************
503 Perform bytecode verification of a basic block.
506 state............the current state of the verifier
509 true.............successful verification,
510 false............an exception has been thrown.
512 *******************************************************************************/
515 handle_basic_block(verifier_state *state)
517 int opcode; /* current opcode */
518 int len; /* for counting instructions, etc. */
519 bool superblockend; /* true if no fallthrough to next block */
520 instruction *iptr; /* the current instruction */
521 basicblock *tbptr; /* temporary for target block */
522 bool maythrow; /* true if this instruction may throw */
525 branch_target_t *table;
526 lookup_target_t *lookup;
527 jitdata *jd = state->jd;
529 varinfo constvalue; /* for PUT*CONST */
530 constant_FMIref *fieldref;
532 LOGSTR1("\n---- BLOCK %04d ------------------------------------------------\n",state->bptr->nr);
535 superblockend = false;
536 state->bptr->flags = BBFINISHED;
538 /* prevent compiler warnings */
541 /* determine the active exception handlers for this block */
542 /* XXX could use a faster algorithm with sorted lists or */
545 for (ex = state->jd->exceptiontable; ex ; ex = ex->down) {
546 if ((ex->start->nr <= state->bptr->nr) && (ex->end->nr > state->bptr->nr)) {
547 LOG1("active handler L%03d", ex->handler->nr);
548 state->handlers[len++] = ex;
551 state->handlers[len] = NULL;
553 /* init variable types at the start of this block */
554 typevector_copy_inplace(state->bptr->inlocals, jd->var, state->numlocals);
556 DOLOG(show_basicblock(jd, state->bptr, SHOW_STACK));
557 DOLOG(typecheck_print_vararray(stdout, jd, state->bptr->invars,
558 state->bptr->indepth));
559 DOLOG(typevector_print(stdout, jd->var, state->numlocals));
562 /* loop over the instructions */
563 len = state->bptr->icount;
564 state->iptr = state->bptr->iinstr;
566 TYPECHECK_COUNT(stat_ins);
570 DOLOG(typevector_print(stdout, jd->var, state->numlocals));
572 DOLOG(show_icmd(jd, state->iptr, false, SHOW_STACK)); LOGNL; LOGFLUSH;
579 /* include generated code for ICMDs verification */
581 #define TYPECHECK_VARIABLESBASED
583 #define METHOD (state->m)
585 #define BPTR (state->bptr)
586 #include <typecheck-variablesbased-gen.inc>
591 #undef TYPECHECK_VARIABLESBASED
594 LOG1("ICMD %d\n", opcode);
595 TYPECHECK_VERIFYERROR_bool("Missing ICMD code during typecheck");
598 /* reach exception handlers for this instruction */
601 TYPECHECK_COUNT(stat_ins_maythrow);
602 TYPECHECK_MARK(state->stat_maythrow);
603 LOG("reaching exception handlers");
605 while (state->handlers[i]) {
606 TYPECHECK_COUNT(stat_handlers_reached);
607 if (state->handlers[i]->catchtype.any)
608 VAR(state->exinvars)->typeinfo.typeclass = state->handlers[i]->catchtype;
610 VAR(state->exinvars)->typeinfo.typeclass.cls = class_java_lang_Throwable;
611 if (!typestate_reach(state,
612 state->handlers[i]->handler,
613 &(state->exinvars), jd->var, 1))
619 LOG("\t\tnext instruction");
621 } /* while instructions */
623 LOG("instructions done");
625 DOLOG(typecheck_print_vararray(stdout, jd, state->bptr->outvars,
626 state->bptr->outdepth));
627 DOLOG(typevector_print(stdout, jd->var, state->numlocals));
630 /* propagate stack and variables to the following block */
631 if (!superblockend) {
632 LOG("reaching following block");
633 tbptr = state->bptr->next;
634 while (tbptr->flags == BBDELETED) {
636 #ifdef TYPECHECK_DEBUG
637 /* this must be checked in parse.c */
638 if ((tbptr->nr) >= state->basicblockcount)
639 TYPECHECK_VERIFYERROR_bool("Control flow falls off the last block");
642 if (!typestate_reach(state,tbptr,state->bptr->outvars, jd->var,
643 state->bptr->outdepth))
647 /* We may have to restore the types of the instack slots. They
648 * have been saved if an <init> call inside the block has
649 * modified the instack types. (see INVOKESPECIAL) */
651 if (state->savedinvars)
652 typestate_restore_invars(state);
658 /****************************************************************************/
660 /* This is the main function of the bytecode verifier. It is called */
661 /* directly after analyse_stack. */
664 /* meth.............the method to verify */
665 /* cdata............codegendata for the method */
666 /* rdata............registerdata for the method */
669 /* true.............successful verification */
670 /* false............an exception has been thrown */
672 /****************************************************************************/
674 #define MAXPARAMS 255
676 bool typecheck(jitdata *jd)
680 varinfo *savedlocals;
681 verifier_state state; /* current state of the verifier */
683 /* collect statistics */
685 #ifdef TYPECHECK_STATISTICS
686 int count_iterations = 0;
687 TYPECHECK_COUNT(stat_typechecked);
688 TYPECHECK_COUNT_FREQ(stat_locals,jd->maxlocals,STAT_LOCALS);
689 TYPECHECK_COUNT_FREQ(stat_blocks,cdata->method->basicblockcount/10,STAT_BLOCKS);
690 TYPECHECK_COUNTIF(cdata->method->exceptiontablelength != 0,stat_methods_with_handlers);
691 state.stat_maythrow = false;
694 /* get required compiler data */
699 /* some logging on entry */
702 LOGSTR("\n==============================================================================\n");
703 DOLOG( show_method(jd, SHOW_STACK) );
704 LOGSTR("\n==============================================================================\n");
705 LOGMETHOD("Entering typecheck: ",cd->method);
707 /* initialize the verifier state */
712 state.basicblockcount = jd->basicblockcount;
713 state.basicblocks = jd->basicblocks;
714 state.savedindices = NULL;
715 state.savedinvars = NULL;
717 /* check that the basicblock numbers are valid */
720 jit_check_basicblock_numbers(jd);
723 /* check if this method is an instance initializer method */
725 state.initmethod = (state.m->name == utf_init);
727 /* initialize the basic block flags for the following CFG traversal */
729 typecheck_init_flags(&state, BBFINISHED);
731 /* number of local variables */
733 /* In <init> methods we use an extra local variable to indicate whether */
734 /* the 'this' reference has been initialized. */
735 /* TYPE_VOID...means 'this' has not been initialized, */
736 /* TYPE_INT....means 'this' has been initialized. */
738 state.numlocals = state.jd->localcount;
739 state.validlocals = state.numlocals;
740 if (state.initmethod)
741 state.numlocals++; /* VERIFIER_EXTRA_LOCALS */
746 LOG("reverselocalmap:");
747 for (i=0; i<state.validlocals; ++i) {
748 LOG2(" %i => javaindex %i", i, jd->reverselocalmap[i]);
751 /* allocate the buffer of active exception handlers */
753 state.handlers = DMNEW(exception_entry*, state.jd->exceptiontablelength + 1);
755 /* save local variables */
757 savedlocals = DMNEW(varinfo, state.numlocals);
758 MCOPY(savedlocals, jd->var, varinfo, state.numlocals);
760 /* initialized local variables of first block */
762 if (!typecheck_init_locals(&state, true))
765 /* initialize invars of exception handlers */
767 state.exinvars = state.numlocals;
768 VAR(state.exinvars)->type = TYPE_ADR;
769 typeinfo_init_classinfo(&(VAR(state.exinvars)->typeinfo),
770 class_java_lang_Throwable); /* changed later */
772 LOG("Exception handler stacks set.\n");
774 /* loop while there are still blocks to be checked */
776 TYPECHECK_COUNT(count_iterations);
778 state.repeat = false;
780 state.bptr = state.basicblocks;
782 for (; state.bptr; state.bptr = state.bptr->next) {
783 LOGSTR1("---- BLOCK %04d, ",state.bptr->nr);
784 LOGSTR1("blockflags: %d\n",state.bptr->flags);
787 /* verify reached block */
788 if (state.bptr->flags == BBTYPECHECK_REACHED) {
789 if (!handle_basic_block(&state))
794 LOGIF(state.repeat,"state.repeat == true");
795 } while (state.repeat);
799 #ifdef TYPECHECK_STATISTICS
800 LOG1("Typechecker did %4d iterations",count_iterations);
801 TYPECHECK_COUNT_FREQ(stat_iterations,count_iterations,STAT_ITERATIONS);
802 TYPECHECK_COUNTIF(state.jsrencountered,stat_typechecked_jsr);
803 TYPECHECK_COUNTIF(state.stat_maythrow,stat_methods_maythrow);
806 /* reset the flags of blocks we haven't reached */
808 typecheck_reset_flags(&state);
812 MCOPY(jd->var, savedlocals, varinfo, state.numlocals);
814 /* everything's ok */
816 LOGimp("exiting typecheck");
819 #endif /* ENABLE_VERIFIER */
822 * These are local overrides for various environment variables in Emacs.
823 * Please do not remove this and leave it at the end of the file, where
824 * Emacs will automagically detect them.
825 * ---------------------------------------------------------------------
828 * indent-tabs-mode: t
832 * vim:noexpandtab:sw=4:ts=4:
projects / cacao.git / blob