From 6659624baadf2285ac5880fd28ffa31767dcae0b Mon Sep 17 00:00:00 2001
From: Andreas Gampe <agampe@google.com>
Date: Thu, 14 Apr 2016 10:55:04 -0700
Subject: [PATCH] ART: Make iget receiver mismatch hard verifier error

If the classes are resolved, and still not match, this should be
a verify error.

Bug: 28187158
Change-Id: I89c996ae15865674f21cf32ec378d37bac34861b
---
 runtime/verifier/method_verifier.cc   | 13 +++++++++++--
 test/800-smali/expected.txt           |  1 +
 test/800-smali/smali/b_28187158.smali | 11 +++++++++++
 test/800-smali/src/Main.java          |  2 ++
 4 files changed, 25 insertions(+), 2 deletions(-)
 create mode 100644 test/800-smali/smali/b_28187158.smali

diff --git a/runtime/verifier/method_verifier.cc b/runtime/verifier/method_verifier.cc
index 83da6b7b4..cbd04141b 100644
--- a/runtime/verifier/method_verifier.cc
+++ b/runtime/verifier/method_verifier.cc
@@ -4567,8 +4567,17 @@ ArtField* MethodVerifier::GetInstanceField(const RegType& obj_type, int field_id
       // Trying to access C1.field1 using reference of type C2, which is neither C1 or a sub-class
       // of C1. For resolution to occur the declared class of the field must be compatible with
       // obj_type, we've discovered this wasn't so, so report the field didn't exist.
-      Fail(VERIFY_ERROR_NO_FIELD) << "cannot access instance field " << PrettyField(field)
-                                  << " from object of type " << obj_type;
+      VerifyError type;
+      bool is_aot = Runtime::Current()->IsAotCompiler();
+      if (is_aot && (field_klass.IsUnresolvedTypes() || obj_type.IsUnresolvedTypes())) {
+        // Compiler & unresolved types involved, retry at runtime.
+        type = VerifyError::VERIFY_ERROR_NO_CLASS;
+      } else {
+        // Classes known, or at compile time. This is a hard failure.
+        type = VerifyError::VERIFY_ERROR_BAD_CLASS_HARD;
+      }
+      Fail(type) << "cannot access instance field " << PrettyField(field)
+                 << " from object of type " << obj_type;
       return nullptr;
     } else {
       return field;
diff --git a/test/800-smali/expected.txt b/test/800-smali/expected.txt
index c2a9a31ae..11150c296 100644
--- a/test/800-smali/expected.txt
+++ b/test/800-smali/expected.txt
@@ -66,4 +66,5 @@ b/27799205 (3)
 b/27799205 (4)
 b/27799205 (5)
 b/27799205 (6)
+b/28187158
 Done!
diff --git a/test/800-smali/smali/b_28187158.smali b/test/800-smali/smali/b_28187158.smali
new file mode 100644
index 000000000..7dd202248
--- /dev/null
+++ b/test/800-smali/smali/b_28187158.smali
@@ -0,0 +1,11 @@
+.class public LB28187158;
+
+# Regression test for iget with wrong classes.
+
+.super Ljava/lang/Object;
+
+.method public static run(Ljava/lang/Integer;)V
+   .registers 2
+   iget v0, p0, Ljava/lang/String;->length:I
+.end method
+
diff --git a/test/800-smali/src/Main.java b/test/800-smali/src/Main.java
index 2001cb4ab..c883b7f0f 100644
--- a/test/800-smali/src/Main.java
+++ b/test/800-smali/src/Main.java
@@ -174,6 +174,8 @@ public class Main {
         testCases.add(new TestCase("b/27799205 (5)", "B27799205Helper", "run5", null,
                 new VerifyError(), null));
         testCases.add(new TestCase("b/27799205 (6)", "B27799205Helper", "run6", null, null, null));
+        testCases.add(new TestCase("b/28187158", "B28187158", "run", new Object[] { null} ,
+                new VerifyError(), null));
     }
 
     public void runTests() {
-- 
2.11.0