8341277: Validate slot argument for instruction factories

Reviewed-by: asotona

Author: liach

src/java.base/share/classes/java/lang/classfile/CodeBuilder.java

@@ -429,6 +429,8 @@ default CodeBuilder trying(Consumer<BlockCodeBuilder> tryHandler,
      * @param tk the load type
      * @param slot the local variable slot
      * @return this builder
+     * @throws IllegalArgumentException if {@code tk} is {@link TypeKind#VOID void}
+     *         or {@code slot} is out of range
      * @since 23
      */
     default CodeBuilder loadLocal(TypeKind tk, int slot) {
@@ -440,6 +442,8 @@ default CodeBuilder loadLocal(TypeKind tk, int slot) {
      * @param tk the store type
      * @param slot the local variable slot
      * @return this builder
+     * @throws IllegalArgumentException if {@code tk} is {@link TypeKind#VOID void}
+     *         or {@code slot} is out of range
      * @since 23
      */
     default CodeBuilder storeLocal(TypeKind tk, int slot) {
@@ -793,6 +797,7 @@ default CodeBuilder characterRange(Label startScope, Label endScope, int charact
      * @param startScope the start scope of the variable
      * @param endScope the end scope of the variable
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     default CodeBuilder localVariable(int slot, Utf8Entry nameEntry, Utf8Entry descriptorEntry, Label startScope, Label endScope) {
         return with(LocalVariable.of(slot, nameEntry, descriptorEntry, startScope, endScope));
@@ -806,6 +811,7 @@ default CodeBuilder localVariable(int slot, Utf8Entry nameEntry, Utf8Entry descr
      * @param startScope the start scope of the variable
      * @param endScope the end scope of the variable
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     default CodeBuilder localVariable(int slot, String name, ClassDesc descriptor, Label startScope, Label endScope) {
         return localVariable(slot,
@@ -822,6 +828,7 @@ default CodeBuilder localVariable(int slot, String name, ClassDesc descriptor, L
      * @param startScope the start scope of the variable
      * @param endScope the end scope of the variable
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     default CodeBuilder localVariableType(int slot, Utf8Entry nameEntry, Utf8Entry signatureEntry, Label startScope, Label endScope) {
         return with(LocalVariableType.of(slot, nameEntry, signatureEntry, startScope, endScope));
@@ -835,6 +842,7 @@ default CodeBuilder localVariableType(int slot, Utf8Entry nameEntry, Utf8Entry s
      * @param startScope the start scope of the variable
      * @param endScope the end scope of the variable
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     default CodeBuilder localVariableType(int slot, String name, Signature signature, Label startScope, Label endScope) {
         return localVariableType(slot,
@@ -877,6 +885,7 @@ default CodeBuilder aastore() {
      *
      * @param slot the local variable slot
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     default CodeBuilder aload(int slot) {
         return loadLocal(TypeKind.REFERENCE, slot);
@@ -925,6 +934,7 @@ default CodeBuilder arraylength() {
      *
      * @param slot the local variable slot
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     default CodeBuilder astore(int slot) {
         return storeLocal(TypeKind.REFERENCE, slot);
@@ -958,6 +968,7 @@ default CodeBuilder bastore() {
      * Generate an instruction pushing an int in the range of byte onto the operand stack.
      * @param b the int in the range of byte
      * @return this builder
+     * @throws IllegalArgumentException if {@code b} is out of range of byte
      */
     default CodeBuilder bipush(int b) {
         return with(ConstantInstruction.ofArgument(Opcode.BIPUSH, b));
@@ -1094,6 +1105,7 @@ default CodeBuilder ddiv() {
      *
      * @param slot the local variable slot
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     default CodeBuilder dload(int slot) {
         return loadLocal(TypeKind.DOUBLE, slot);
@@ -1139,6 +1151,7 @@ default CodeBuilder dreturn() {
      *
      * @param slot the local variable slot
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     default CodeBuilder dstore(int slot) {
         return storeLocal(TypeKind.DOUBLE, slot);
@@ -1306,6 +1319,7 @@ default CodeBuilder fdiv() {
      *
      * @param slot the local variable slot
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     default CodeBuilder fload(int slot) {
         return loadLocal(TypeKind.FLOAT, slot);
@@ -1351,6 +1365,7 @@ default CodeBuilder freturn() {
      *
      * @param slot the local variable slot
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     default CodeBuilder fstore(int slot) {
         return storeLocal(TypeKind.FLOAT, slot);
@@ -1726,6 +1741,7 @@ default CodeBuilder ifne(Label target) {
      * @param slot the local variable slot
      * @param val the increment value
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} or {@code val} is out of range
      */
     default CodeBuilder iinc(int slot, int val) {
         return with(IncrementInstruction.of(slot, val));
@@ -1739,6 +1755,7 @@ default CodeBuilder iinc(int slot, int val) {
      *
      * @param slot the local variable slot
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     default CodeBuilder iload(int slot) {
         return loadLocal(TypeKind.INT, slot);
@@ -1997,6 +2014,7 @@ default CodeBuilder ishr() {
      *
      * @param slot the local variable slot
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     default CodeBuilder istore(int slot) {
         return storeLocal(TypeKind.INT, slot);
@@ -2159,6 +2177,7 @@ default CodeBuilder ldiv() {
      *
      * @param slot the local variable slot
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     default CodeBuilder lload(int slot) {
         return loadLocal(TypeKind.LONG, slot);
@@ -2228,6 +2247,7 @@ default CodeBuilder lshr() {
      *
      * @param slot the local variable slot
      * @return this builder
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     default CodeBuilder lstore(int slot) {
         return storeLocal(TypeKind.LONG, slot);
@@ -2278,6 +2298,7 @@ default CodeBuilder monitorexit() {
      * @param array the array type
      * @param dims the number of dimensions
      * @return this builder
+     * @throws IllegalArgumentException if {@code dims} is out of range
      */
     default CodeBuilder multianewarray(ClassEntry array, int dims) {
         return with(NewMultiArrayInstruction.of(array, dims));
@@ -2289,6 +2310,7 @@ default CodeBuilder multianewarray(ClassEntry array, int dims) {
      * @param dims the number of dimensions
      * @return this builder
      * @throws IllegalArgumentException if {@code array} represents a primitive type
+     * or if {@code dims} is out of range
      */
     default CodeBuilder multianewarray(ClassDesc array, int dims) {
         return multianewarray(constantPool().classEntry(array), dims);
@@ -2327,6 +2349,8 @@ default CodeBuilder new_(ClassDesc clazz) {
      * Generate an instruction to create a new array of a primitive type
      * @param typeKind the primitive array type
      * @return this builder
+     * @throws IllegalArgumentException when the {@code typeKind} is not a legal
+     *         primitive array component type
      */
     default CodeBuilder newarray(TypeKind typeKind) {
         return with(NewPrimitiveArrayInstruction.of(typeKind));
@@ -2423,6 +2447,7 @@ default CodeBuilder sastore() {
      * Generate an instruction pushing an int in the range of short onto the operand stack.
      * @param s the int in the range of short
      * @return this builder
+     * @throws IllegalArgumentException if {@code s} is out of range of short
      */
     default CodeBuilder sipush(int s) {
         return with(ConstantInstruction.ofArgument(Opcode.SIPUSH, s));

src/java.base/share/classes/java/lang/classfile/instruction/DiscontinuedInstruction.java

@@ -30,6 +30,7 @@
 import java.lang.classfile.Label;
 import java.lang.classfile.Opcode;
 import jdk.internal.classfile.impl.AbstractInstruction;
+import jdk.internal.classfile.impl.BytecodeHelpers;
 import jdk.internal.classfile.impl.Util;
 import jdk.internal.javac.PreviewFeature;
 
@@ -112,17 +113,18 @@ sealed interface RetInstruction extends DiscontinuedInstruction
          *           which must be of kind {@link Opcode.Kind#DISCONTINUED_RET}
          * @param slot the local variable slot to load return address from
          * @throws IllegalArgumentException if the opcode kind is not
-         *         {@link Opcode.Kind#DISCONTINUED_RET}.
+         *         {@link Opcode.Kind#DISCONTINUED_RET} or if {@code slot} is out of range
          */
         static RetInstruction of(Opcode op, int slot) {
-            Util.checkKind(op, Opcode.Kind.DISCONTINUED_RET);
+            BytecodeHelpers.validateRet(op, slot);
             return new AbstractInstruction.UnboundRetInstruction(op, slot);
         }
 
         /**
          * {@return a RET instruction}
          *
          * @param slot the local variable slot to load return address from
+         * @throws IllegalArgumentException if {@code slot} is out of range
          */
         static RetInstruction of(int slot) {
             return of(slot < 256 ? Opcode.RET : Opcode.RET_W, slot);

src/java.base/share/classes/java/lang/classfile/instruction/IncrementInstruction.java

@@ -58,6 +58,7 @@ public sealed interface IncrementInstruction extends Instruction
      *
      * @param slot the local variable slot to increment
      * @param constant the value to increment by
+     * @throws IllegalArgumentException if {@code slot} or {@code constant} is out of range
      */
     static IncrementInstruction of(int slot, int constant) {
         return new AbstractInstruction.UnboundIncrementInstruction(slot, constant);

src/java.base/share/classes/java/lang/classfile/instruction/LoadInstruction.java

@@ -62,9 +62,12 @@ public sealed interface LoadInstruction extends Instruction
      *
      * @param kind the type of the value to be loaded
      * @param slot the local variable slot to load from
+     * @throws IllegalArgumentException if {@code kind} is
+     *         {@link TypeKind#VOID void} or {@code slot} is out of range
      */
     static LoadInstruction of(TypeKind kind, int slot) {
-        return of(BytecodeHelpers.loadOpcode(kind, slot), slot);
+        var opcode = BytecodeHelpers.loadOpcode(kind, slot); // validates slot, trusted
+        return new AbstractInstruction.UnboundLoadInstruction(opcode, slot);
     }
 
     /**
@@ -74,10 +77,11 @@ static LoadInstruction of(TypeKind kind, int slot) {
      *           which must be of kind {@link Opcode.Kind#LOAD}
      * @param slot the local variable slot to load from
      * @throws IllegalArgumentException if the opcode kind is not
-     *         {@link Opcode.Kind#LOAD}.
+     *         {@link Opcode.Kind#LOAD} or {@code slot} is out of range
      */
     static LoadInstruction of(Opcode op, int slot) {
         Util.checkKind(op, Opcode.Kind.LOAD);
+        BytecodeHelpers.validateSlot(op, slot, true);
         return new AbstractInstruction.UnboundLoadInstruction(op, slot);
     }
 }

src/java.base/share/classes/java/lang/classfile/instruction/LocalVariable.java

@@ -92,6 +92,7 @@ default ClassDesc typeSymbol() {
      * @param descriptorEntry the local variable descriptor
      * @param startScope the start range of the local variable scope
      * @param endScope the end range of the local variable scope
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     static LocalVariable of(int slot, Utf8Entry nameEntry, Utf8Entry descriptorEntry, Label startScope, Label endScope) {
         return new AbstractPseudoInstruction.UnboundLocalVariable(slot, nameEntry, descriptorEntry,
@@ -106,6 +107,7 @@ static LocalVariable of(int slot, Utf8Entry nameEntry, Utf8Entry descriptorEntry
      * @param descriptor the local variable descriptor
      * @param startScope the start range of the local variable scope
      * @param endScope the end range of the local variable scope
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     static LocalVariable of(int slot, String name, ClassDesc descriptor, Label startScope, Label endScope) {
         return of(slot,

src/java.base/share/classes/java/lang/classfile/instruction/LocalVariableType.java

@@ -89,6 +89,7 @@ default Signature signatureSymbol() {
      * @param signatureEntry the local variable signature
      * @param startScope the start range of the local variable scope
      * @param endScope the end range of the local variable scope
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     static LocalVariableType of(int slot, Utf8Entry nameEntry, Utf8Entry signatureEntry, Label startScope, Label endScope) {
         return new AbstractPseudoInstruction.UnboundLocalVariableType(slot, nameEntry, signatureEntry,
@@ -103,6 +104,7 @@ static LocalVariableType of(int slot, Utf8Entry nameEntry, Utf8Entry signatureEn
      * @param signature the local variable signature
      * @param startScope the start range of the local variable scope
      * @param endScope the end range of the local variable scope
+     * @throws IllegalArgumentException if {@code slot} is out of range
      */
     static LocalVariableType of(int slot, String name, Signature signature, Label startScope, Label endScope) {
         return of(slot,

src/java.base/share/classes/java/lang/classfile/instruction/NewMultiArrayInstruction.java

@@ -29,6 +29,7 @@
 import java.lang.classfile.constantpool.ClassEntry;
 import java.lang.classfile.Instruction;
 import jdk.internal.classfile.impl.AbstractInstruction;
+import jdk.internal.classfile.impl.BytecodeHelpers;
 import jdk.internal.javac.PreviewFeature;
 
 /**
@@ -58,9 +59,11 @@ public sealed interface NewMultiArrayInstruction extends Instruction
      *
      * @param arrayTypeEntry the type of the array
      * @param dimensions the number of dimensions of the array
+     * @throws IllegalArgumentException if {@code dimensions} is out of range
      */
     static NewMultiArrayInstruction of(ClassEntry arrayTypeEntry,
                                        int dimensions) {
+        BytecodeHelpers.validateMultiArrayDimensions(dimensions);
         return new AbstractInstruction.UnboundNewMultidimensionalArrayInstruction(arrayTypeEntry, dimensions);
     }
 }

src/java.base/share/classes/java/lang/classfile/instruction/StoreInstruction.java

@@ -61,9 +61,12 @@ public sealed interface StoreInstruction extends Instruction
      *
      * @param kind the type of the value to be stored
      * @param slot the local variable slot to store to
+     * @throws IllegalArgumentException if {@code kind} is {@link
+     *         TypeKind#VOID void} or {@code slot} is out of range
      */
     static StoreInstruction of(TypeKind kind, int slot) {
-        return of(BytecodeHelpers.storeOpcode(kind, slot), slot);
+        var opcode = BytecodeHelpers.storeOpcode(kind, slot); // validates slot
+        return new AbstractInstruction.UnboundStoreInstruction(opcode, slot);
     }
 
     /**
@@ -73,10 +76,11 @@ static StoreInstruction of(TypeKind kind, int slot) {
      *           which must be of kind {@link Opcode.Kind#STORE}
      * @param slot the local variable slot to store to
      * @throws IllegalArgumentException if the opcode kind is not
-     *         {@link Opcode.Kind#STORE}.
+     *         {@link Opcode.Kind#STORE} or {@code slot} is out of range
      */
     static StoreInstruction of(Opcode op, int slot) {
         Util.checkKind(op, Opcode.Kind.STORE);
+        BytecodeHelpers.validateSlot(op, slot, false);
         return new AbstractInstruction.UnboundStoreInstruction(op, slot);
     }
 }

src/java.base/share/classes/jdk/internal/classfile/impl/AbstractInstruction.java

@@ -848,9 +848,9 @@ public static final class UnboundIncrementInstruction
         final int constant;
 
         public UnboundIncrementInstruction(int slot, int constant) {
-            super(slot <= 255 && constant < 128 && constant > -127
-                  ? Opcode.IINC
-                  : Opcode.IINC_W);
+            super(BytecodeHelpers.validateAndIsWideIinc(slot, constant)
+                  ? Opcode.IINC_W
+                  : Opcode.IINC);
             this.slot = slot;
             this.constant = constant;
         }
@@ -867,7 +867,7 @@ public int constant() {
 
         @Override
         public void writeTo(DirectCodeBuilder writer) {
-            writer.writeIncrement(slot, constant);
+            writer.writeIncrement(op == Opcode.IINC_W, slot, constant);
         }
 
         @Override

src/java.base/share/classes/jdk/internal/classfile/impl/AbstractPseudoInstruction.java

@@ -163,6 +163,7 @@ private abstract static sealed class AbstractLocalPseudo extends AbstractPseudoI
         protected final Label endScope;
 
         public AbstractLocalPseudo(int slot, Utf8Entry name, Utf8Entry descriptor, Label startScope, Label endScope) {
+            BytecodeHelpers.validateSlot(slot);
             this.slot = slot;
             this.name = name;
             this.descriptor = descriptor;