Further fix for class deduction for ctor access checks

Previous fix went one frame to far, to get Constructor.newInstance
caller we need to look 2 frames in the past.

Bug: 25713446
Bug: 25753241
Bug: 24764403

Change-Id: Ieb9c144f1ef4df569302793243457f4623977b35

diff --git a/runtime/native/java_lang_reflect_Constructor.cc b/runtime/native/java_lang_reflect_Constructor.cc
index d005917..ddcaade 100644 (file)
--- a/runtime/native/java_lang_reflect_Constructor.cc
+++ b/runtime/native/java_lang_reflect_Constructor.cc
@@ -99,9 +99,9 @@ static jobject Constructor_newInstance0(JNIEnv* env, jobject javaMethod, jobject
   }
   // Verify that we can access the class.
   if (!m->IsAccessible() && !c->IsPublic()) {
-    // Go 3 frames back, this method is always called from newInstance0, which is called from
+    // Go 2 frames back, this method is always called from newInstance0, which is called from
     // Constructor.newInstance(Object... args).
-    auto* caller = GetCallingClass(soa.Self(), 3);
+    auto* caller = GetCallingClass(soa.Self(), 2);
     // If caller is null, then we called from JNI, just avoid the check since JNI avoids most
     // access checks anyways. TODO: Investigate if this the correct behavior.
     if (caller != nullptr && !caller->CanAccess(c.Get())) {