jdk icon indicating copy to clipboard operation
jdk copied to clipboard
verified publisher icon openjdk

8320396: Class-File API ClassModel::verify should include checks from hotspot/share/classfile/classFileParser.cpp

Open asotona opened this issue 2 years ago • 13 comments

ClassFile API jdk.internal.classfile.verifier.VerifierImpl performed only bytecode-level class verification. This patch adds jdk.internal.classfile.verifier.ParserVerifier with additional class checks inspired by hotspot/share/classfile/classFileParser.cpp.

Also new VerifierSelfTest::testParserVerifier has been added.

Please review.

Thanks, Adam

Progress

  • [ ] Change must be properly reviewed (1 review required, with at least 1 Reviewer)
  • [x] Change must not contain extraneous whitespace
  • [x] Commit message must refer to an issue

Issue

  • JDK-8320396: Class-File API ClassModel::verify should include checks from hotspot/share/classfile/classFileParser.cpp (Enhancement - P3)

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk.git pull/16809/head:pull/16809
$ git checkout pull/16809

Update a local copy of the PR:
$ git checkout pull/16809
$ git pull https://git.openjdk.org/jdk.git pull/16809/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 16809

View PR using the GUI difftool:
$ git pr show -t 16809

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk/pull/16809.diff

Webrev

Link to Webrev Comment

asotona avatar Nov 24 '23 13:11 asotona

:wave: Welcome back asotona! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

bridgekeeper[bot] avatar Nov 24 '23 13:11 bridgekeeper[bot]

@asotona The following label will be automatically applied to this pull request:

  • core-libs

When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command.

openjdk[bot] avatar Nov 24 '23 13:11 openjdk[bot]

@asotona This pull request has been inactive for more than 8 weeks and will be automatically closed if another 8 weeks passes without any activity. To avoid this, simply add a new comment to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration!

bridgekeeper[bot] avatar Jan 19 '24 19:01 bridgekeeper[bot]

@asotona This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

8320396: Class-File API ClassModel::verify should include checks from hotspot/share/classfile/classFileParser.cpp

Reviewed-by: liach, mcimadamore

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 89 new commits pushed to the master branch:

  • 3634a9105053717f3099982390ce2b9e564f0ac5: 8332751: Broken link in VirtualMachine.html
  • ffb0867e2c07b41cb7124e11fe6cf63d9471f0d2: 8331485: Odd Results when Parsing Scientific Notation with Large Exponent
  • 79f49983d3597e8ab1ffb30b23ce41ae5f298c4e: 8321314: Reinstate disabling the compiler's default active annotation processing
  • ec88c6a872a97cee1cde8844f5ee6834023a10c6: 8332917: failure_handler should execute gdb "info threads" command on linux
  • b3e29db14466ccc64a2815224ecefab4cec4c775: 8333108: Update vmTestbase/nsk/share/DebugeeProcess.java to don't use finalization
  • 11e926cf50c64d57b0dba095eb62c2be4a8a8f1e: 8332777: Update JCStress test suite
  • 44c1845ae7fdff524d4a60a51362834cfea5c5da: 8330852: All callers of JvmtiEnvBase::get_threadOop_and_JavaThread should pass current thread explicitly
  • 922e312b0ab3ac54979ffdc53a8d8338e52234df: 8328611: Thread safety issue in com.sun.tools.jdi.ReferenceTypeImpl::classObject
  • 1d889e54fc6d6039e68191420bb377ea560e2eaa: 8332487: Regression in Crypto-AESGCMBench.encrypt (and others) after JDK-8328181
  • 32636dcc3d6cd7837c22c5cbcb5c7c6576766cf6: 8333105: Shenandoah: Results of concurrent mark may be lost for degenerated cycle
  • ... and 79 more: https://git.openjdk.org/jdk/compare/cfdc64fcb43e3b261dddc6cc6947235a9e76154e...master

As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

➡️ To integrate this PR with the above commit message to the master branch, type /integrate in a new comment.

openjdk[bot] avatar Mar 13 '24 20:03 openjdk[bot]

Webrevs

mlbridge[bot] avatar Mar 21 '24 12:03 mlbridge[bot]

class checks inspired by hotspot/share/classfile/classFileParser.cpp

Just to be clear any such checks are mandated by the JVMS

dholmes-ora avatar Mar 22 '24 02:03 dholmes-ora

@asotona pardon my ignorance of the Classfile API usage, but I had thought that the API could be used to either write the bytecode representation of class, or else introspect on an existing class that has already been loaded. So I'm not clear at what point you would run these JVMS defined structural verification checks that you are adding?

dholmes-ora avatar Mar 22 '24 02:03 dholmes-ora

So I'm not clear at what point you would run these JVMS defined structural verification checks that you are adding?

This is more like an addon module to Class-File API; it is only run when users call ClassFile::verify. Otherwise, Class-File API performs minimal validation that's required to generate or parse class files. The verification can be performed on both arbitrary byte array (may be built by Class-File API) or a ClassModel (always loaded from a byte array)

liach avatar Mar 22 '24 03:03 liach

Verification is an optional feature of Class-File API, however it is critical for development and testing of the Class-File API itself and all frameworks and libraries built on top of it. ClassFile::verify is now focused on JVMS chapter 6 only, however the goal is to give user a bit more confidence that any class file passing the ClassFile::verify is correct. Loading of the generated or transformed classes to verify them is not feasible in many situations and ClassFile::verify tries to give user at least some information, similar to ASM CheckClassAdapteror BCEL Verifier.

The work is also related to JDK-8182774 Verify code in javap.

I'll add references to the relevant JVMS chapters. Thank you for the review.

asotona avatar Mar 22 '24 08:03 asotona

@asotona This pull request has been inactive for more than 4 weeks and will be automatically closed if another 4 weeks passes without any activity. To avoid this, simply add a new comment to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration!

bridgekeeper[bot] avatar Apr 19 '24 15:04 bridgekeeper[bot]

/label add compiler

asotona avatar May 02 '24 11:05 asotona

@asotona The compiler label was successfully added.

openjdk[bot] avatar May 02 '24 12:05 openjdk[bot]

The patch also includes a ClassPrinterImpl fix to support duplicate attributes.

asotona avatar May 06 '24 18:05 asotona

Please review!

This verifier extension is actually blocking new javap feature for 23, see: https://github.com/openjdk/jdk/pull/18629 Missing all of these class file verifications in javap -verify would be sad.

Thank you!

Adam

asotona avatar May 28 '24 13:05 asotona

/integrate

asotona avatar May 31 '24 06:05 asotona

Going to push as commit 22ef827e2cc2409f21ad5c26611cb13d39b5cb3e. Since your change was applied there have been 92 commits pushed to the master branch:

  • 2ab8ab56130ca258bf0347ea44e74a8cad3d537d: 8332858: References with escapes have broken positions after they are transformed
  • 1b7d59f171d0e2a3bdd234cddffac548b1f8ba57: 8333303: Issues with DottedVersion class
  • e304a8ae63fdec125e085bd5048d62cf555e2caa: 8333307: Don't suppress jpackage logging in tests when it is detecting packaging tools in the system
  • 3634a9105053717f3099982390ce2b9e564f0ac5: 8332751: Broken link in VirtualMachine.html
  • ffb0867e2c07b41cb7124e11fe6cf63d9471f0d2: 8331485: Odd Results when Parsing Scientific Notation with Large Exponent
  • 79f49983d3597e8ab1ffb30b23ce41ae5f298c4e: 8321314: Reinstate disabling the compiler's default active annotation processing
  • ec88c6a872a97cee1cde8844f5ee6834023a10c6: 8332917: failure_handler should execute gdb "info threads" command on linux
  • b3e29db14466ccc64a2815224ecefab4cec4c775: 8333108: Update vmTestbase/nsk/share/DebugeeProcess.java to don't use finalization
  • 11e926cf50c64d57b0dba095eb62c2be4a8a8f1e: 8332777: Update JCStress test suite
  • 44c1845ae7fdff524d4a60a51362834cfea5c5da: 8330852: All callers of JvmtiEnvBase::get_threadOop_and_JavaThread should pass current thread explicitly
  • ... and 82 more: https://git.openjdk.org/jdk/compare/cfdc64fcb43e3b261dddc6cc6947235a9e76154e...master

Your commit was automatically rebased without conflicts.

openjdk[bot] avatar May 31 '24 06:05 openjdk[bot]

@asotona Pushed as commit 22ef827e2cc2409f21ad5c26611cb13d39b5cb3e.

:bulb: You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

openjdk[bot] avatar May 31 '24 06:05 openjdk[bot]