On Fri, 31 Mar 2023 12:20:49 GMT, Adam Sotona <asot...@openjdk.org> wrote:

>> I believe that, in order to generate the actual bytecodes, the classfile API 
>> does a full verification pass (as it needs to infer the stackmap 
>> information). This leads me to believe that, yes, most (but probably all) 
>> errors would be detected simply by generating code. Maybe @asotona can 
>> clarify.
>
> Stackmap generator does not perform full verification, it only performs fast 
> pass through the code and hits only errors preventing to construct valid 
> stack maps (as for example stack underflow).
> Verifyier on the other hand does full verification similar to when the class 
> is loaded.

Classfile API allows to pass-through complete class members or attributes, so 
resulting class might be invalid even the particular code and stack maps have 
been generated. 

This is brief list of verifications performed when `verify` is explicitly 
called:
- class version
- signatures
- instruction opcodes
- CP entries matching instructions (matching types, array dimensions limits, 
etc...)
- stack map frames and assignability between reference types
- flow control (branches, exception handlers, falling through code end, falling 
through initialised, etc..)
- exception tables (offsets, throwing Throwables, etc...)
- local variable tables 
- switches (low/high, number of keys, etc...)
- method calls (arguments, operands, constructor call target, constructors 
returning void, etc...)
- return values

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/13247#discussion_r1154456627

Reply via email to