Return-Path: X-Original-To: apmail-commons-issues-archive@minotaur.apache.org Delivered-To: apmail-commons-issues-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id E9DEC11398 for ; Thu, 24 Apr 2014 12:01:42 +0000 (UTC) Received: (qmail 9707 invoked by uid 500); 24 Apr 2014 12:01:40 -0000 Delivered-To: apmail-commons-issues-archive@commons.apache.org Received: (qmail 9411 invoked by uid 500); 24 Apr 2014 12:01:37 -0000 Mailing-List: contact issues-help@commons.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: issues@commons.apache.org Delivered-To: mailing list issues@commons.apache.org Received: (qmail 8307 invoked by uid 99); 24 Apr 2014 12:01:24 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 24 Apr 2014 12:01:24 +0000 Date: Thu, 24 Apr 2014 12:01:24 +0000 (UTC) From: "Emmanuel Bourg (JIRA)" To: issues@commons.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (BCEL-36) Incorrect verification of class files MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/BCEL-36?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Emmanuel Bourg updated BCEL-36: ------------------------------- Description: Hi, JustIce indicates that the storing of a newly created object in a local before calling it's constructor as an error. However, this is incorrect as the local is not accessed along any control flow path before the constructor is called. This is also safe in a multithreaded setting. Also, the same class file is well interpreted by java interpreters from SUN, Blackdown, and IBM. Moreover, there is no restriction on handling (not using) of uninitialized objects in the JVM spec. ASM output of the correponding class file and JustIce' output are inlined. public static main ([Ljava/lang/String;)V NEW excpsync ASTORE 1 ALOAD 1 INVOKESPECIAL excpsync ()V ALOAD 1 ASTORE 1 NEW java/lang/Thread ASTORE 2 ALOAD 2 ALOAD 1 INVOKESPECIAL java/lang/Thread (Ljava/lang/Runnable;)V ALOAD 2 INVOKEVIRTUAL java/lang/Thread start ()V NEW java/lang/Thread ASTORE 2 NEW f ASTORE 3 ALOAD 3 INVOKESPECIAL f ()V ALOAD 2 ALOAD 3 INVOKESPECIAL java/lang/Thread (Ljava/lang/Runnable;)V ALOAD 2 INVOKEVIRTUAL java/lang/Thread start ()V LDC "Hi" ASTORE 2 ALOAD 1 ALOAD 2 PUTFIELD excpsync o Ljava/lang/String; ALOAD 2 PUTSTATIC excpsync t Ljava/lang/String; RETURN MAXSTACK = 2 MAXLOCALS = 4 JustIce by Enver Haase, (C) 2001-2002. Now verifying: excpsync Pass 1: VERIFIED_OK Passed verification. Pass 2: VERIFIED_OK Passed verification. Pass 3a, method number 0 ['public void ()']: VERIFIED_OK Passed verification. Pass 3b, method number 0 ['public void ()']: VERIFIED_OK Passed verification. Pass 3a, method number 1 ['public static void main(String[] arg0)']: VERIFIED_OK Passed verification. Pass 3b, method number 1 ['public static void main(String[] arg0)']: VERIFIED_REJECTED Constraint violated in method 'public static void main(String[] arg0)': Instruction ASTORE constraint violated: Working on an uninitialized object ''. InstructionHandle: 3: astore_1[76](1) Execution Frame: Local Variables: 0: java.lang.String[] 1: 2: 3: OperandStack: Slots used: 1 MaxStack: 2. (Size: 1) Execution flow: 0: new 12 [InstructionContext] 3: astore_1 [InstructionContext] Pass 3a, method number 2 ['public void run()']: VERIFIED_OK Passed verification. Pass 3b, method number 2 ['public void run()']: VERIFIED_OK Passed verification. was: Hi, JustIce indicates that the storing of a newly created object in a local before calling it's constructor as an error. However, this is incorrect as the local is not accessed along any control flow path before the constructor is called. This is also safe in a multithreaded setting. Also, the same class file is well interpreted by java interpreters from SUN, Blackdown, and IBM. Moreover, there is no restriction on handling (not using) of uninitialized objects in the JVM spec. ASM output of the correponding class file and JustIce' output are inlined. public static main ([Ljava/lang/String;)V NEW excpsync ASTORE 1 ALOAD 1 INVOKESPECIAL excpsync ()V ALOAD 1 ASTORE 1 NEW java/lang/Thread ASTORE 2 ALOAD 2 ALOAD 1 INVOKESPECIAL java/lang/Thread (Ljava/lang/Runnable;)V ALOAD 2 INVOKEVIRTUAL java/lang/Thread start ()V NEW java/lang/Thread ASTORE 2 NEW f ASTORE 3 ALOAD 3 INVOKESPECIAL f ()V ALOAD 2 ALOAD 3 INVOKESPECIAL java/lang/Thread (Ljava/lang/Runnable;)V ALOAD 2 INVOKEVIRTUAL java/lang/Thread start ()V LDC "Hi" ASTORE 2 ALOAD 1 ALOAD 2 PUTFIELD excpsync o Ljava/lang/String; ALOAD 2 PUTSTATIC excpsync t Ljava/lang/String; RETURN MAXSTACK = 2 MAXLOCALS = 4 JustIce by Enver Haase, (C) 2001-2002. Now verifying: excpsync Pass 1: VERIFIED_OK Passed verification. Pass 2: VERIFIED_OK Passed verification. Pass 3a, method number 0 ['public void ()']: VERIFIED_OK Passed verification. Pass 3b, method number 0 ['public void ()']: VERIFIED_OK Passed verification. Pass 3a, method number 1 ['public static void main(String[] arg0)']: VERIFIED_OK Passed verification. Pass 3b, method number 1 ['public static void main(String[] arg0)']: VERIFIED_REJECTED Constraint violated in method 'public static void main(String[] arg0)': Instruction ASTORE constraint violated: Working on an uninitialized object ''. InstructionHandle: 3: astore_1[76](1) Execution Frame: Local Variables: 0: java.lang.String[] 1: 2: 3: OperandStack: Slots used: 1 MaxStack: 2. (Size: 1) Execution flow: 0: new 12 [InstructionContext] 3: astore_1 [InstructionContext] Pass 3a, method number 2 ['public void run()']: VERIFIED_OK Passed verification. Pass 3b, method number 2 ['public void run()']: VERIFIED_OK Passed verification. Priority: Major Environment: (was: Operating System: Linux Platform: PC) Fix Version/s: 5.2 Priority: (was: P3) Severity: (was: normal) > Incorrect verification of class files > ------------------------------------- > > Key: BCEL-36 > URL: https://issues.apache.org/jira/browse/BCEL-36 > Project: Commons BCEL > Issue Type: Bug > Components: Main > Affects Versions: 5.1 > Reporter: Venkatesh Prasad Ranganath > Assignee: Apache Commons Developers > Fix For: 5.2 > > Attachments: InstConstraintVisitor.java.patch > > > Hi, > JustIce indicates that the storing of a newly created object in a local before calling it's constructor as an error. However, this is incorrect as the local is not accessed along any control flow path before the constructor is called. This is also safe in a multithreaded setting. Also, the same class file is well interpreted by java interpreters from SUN, Blackdown, and IBM. Moreover, there is no restriction on handling (not using) of uninitialized objects in the JVM spec. > ASM output of the correponding class file and JustIce' output are inlined. > public static main ([Ljava/lang/String;)V > NEW excpsync > ASTORE 1 > ALOAD 1 > INVOKESPECIAL excpsync ()V > ALOAD 1 > ASTORE 1 > NEW java/lang/Thread > ASTORE 2 > ALOAD 2 > ALOAD 1 > INVOKESPECIAL java/lang/Thread (Ljava/lang/Runnable;)V > ALOAD 2 > INVOKEVIRTUAL java/lang/Thread start ()V > NEW java/lang/Thread > ASTORE 2 > NEW f > ASTORE 3 > ALOAD 3 > INVOKESPECIAL f ()V > ALOAD 2 > ALOAD 3 > INVOKESPECIAL java/lang/Thread (Ljava/lang/Runnable;)V > ALOAD 2 > INVOKEVIRTUAL java/lang/Thread start ()V > LDC "Hi" > ASTORE 2 > ALOAD 1 > ALOAD 2 > PUTFIELD excpsync o Ljava/lang/String; > ALOAD 2 > PUTSTATIC excpsync t Ljava/lang/String; > RETURN > MAXSTACK = 2 > MAXLOCALS = 4 > JustIce by Enver Haase, (C) 2001-2002. > > > Now verifying: excpsync > Pass 1: > VERIFIED_OK > Passed verification. > Pass 2: > VERIFIED_OK > Passed verification. > Pass 3a, method number 0 ['public void ()']: > VERIFIED_OK > Passed verification. > Pass 3b, method number 0 ['public void ()']: > VERIFIED_OK > Passed verification. > Pass 3a, method number 1 ['public static void main(String[] arg0)']: > VERIFIED_OK > Passed verification. > Pass 3b, method number 1 ['public static void main(String[] arg0)']: > VERIFIED_REJECTED > Constraint violated in method 'public static void main(String[] arg0)': > Instruction ASTORE constraint violated: Working on an uninitialized object > ''. > InstructionHandle: 3: astore_1[76](1) > Execution Frame: > Local Variables: > 0: java.lang.String[] > 1: > 2: > 3: > OperandStack: > Slots used: 1 MaxStack: 2. > (Size: 1) > Execution flow: > 0: new 12 [InstructionContext] > 3: astore_1 [InstructionContext] > Pass 3a, method number 2 ['public void run()']: > VERIFIED_OK > Passed verification. > Pass 3b, method number 2 ['public void run()']: > VERIFIED_OK > Passed verification. -- This message was sent by Atlassian JIRA (v6.2#6252)