8050978: Fix bad field access check in C1 and C2
authorgoetz
Fri, 18 Jul 2014 09:04:01 +0200
changeset 25742 07bedc8d1893
parent 25741 aa6844e3ab10
child 25743 070874cf832a
child 25911 d47a5d9c5b89
child 25913 81dbc151e91c
8050978: Fix bad field access check in C1 and C2 Summary: JCK8 test vm/constantpool/accessControl/accessControl004/accessControl00402m3/accessControl00402m3.html fails with -Xbatch -Xcomp due to bad field access check in C1 and C2. Fix: In ciField::ciField(), just before the canonical holder is stored into the _holder variable (and which is used by ciField::will_link()) perform an additional access check with the holder declared in the class file. If this check fails, store the declared holder instead and ciField::will_link() will bail out compilation for this field later on. Then, the interpreter will throw an PrivilegedAccessException at runtime. Reviewed-by: kvn, vlivanov Contributed-by: andreas.schoesser@sap.com
hotspot/src/share/vm/ci/ciField.cpp
--- a/hotspot/src/share/vm/ci/ciField.cpp	Wed Jul 23 07:53:24 2014 +0200
+++ b/hotspot/src/share/vm/ci/ciField.cpp	Fri Jul 18 09:04:01 2014 +0200
@@ -138,6 +138,17 @@
     return;
   }
 
+  // Access check based on declared_holder. canonical_holder should not be used
+  // to check access because it can erroneously succeed. If this check fails,
+  // propagate the declared holder to will_link() which in turn will bail out
+  // compilation for this field access.
+  if (!Reflection::verify_field_access(klass->get_Klass(), declared_holder->get_Klass(), canonical_holder, field_desc.access_flags(), true)) {
+    _holder = declared_holder;
+    _offset = -1;
+    _is_constant = false;
+    return;
+  }
+
   assert(canonical_holder == field_desc.field_holder(), "just checking");
   initialize_from(&field_desc);
 }