I'm using ASM to generate some bytecode and execute it dinamically. But there is a case where I need to invoke a private constructor, but i cound't figure out how. I know it is possible to invoke private constructor throug reflection (setAccessible), but how can i do that directly in bytecode/jvm ?
mv.visitMethodInsn(
INVOKESPECIAL, target.byteCodeName(), "<init>", "()V", false
)
When this code gets executed by JVM, it throws java.lang.IllegalAccessError.
Reflection is the only legal way to invoke a private constructor of the unrelated class. But of course this is not a good idea to make a reflective invocation each time.
The solution is invokedynamic. It allows to bind a call site to the constructor (obtained via reflection) just once and then invoke it with no overhead. Here is an example.
import org.objectweb.asm.*;
import java.lang.invoke.*;
import java.lang.reflect.Constructor;
import static org.objectweb.asm.Opcodes.*;
public class InvokeGenerator extends ClassLoader {
private static Class<?> generate() {
ClassWriter cv = new ClassWriter(ClassWriter.COMPUTE_FRAMES);
cv.visit(V1_7, ACC_PUBLIC, "InvokeImpl", null, "java/lang/Object", null);
MethodVisitor mv = cv.visitMethod(ACC_PUBLIC, "<init>", "()V", null, null);
mv.visitCode();
mv.visitVarInsn(ALOAD, 0);
mv.visitMethodInsn(INVOKESPECIAL, "java/lang/Object", "<init>", "()V", false);
// Generate INVOKEDYNAMIC instead of NEW+INVOKESPECIAL.
// This will instantiate the target class by calling its private constructor.
// Bootstrap method is called just once to link this call site.
mv.visitInvokeDynamicInsn("invoke", "()LInvokeGenerator$Target;",
new Handle(H_INVOKESTATIC, "InvokeGenerator", "bootstrap", "(Ljava/lang/invoke/MethodHandles$Lookup;Ljava/lang/String;Ljava/lang/invoke/MethodType;)Ljava/lang/invoke/CallSite;", false));
// Here we have newly constructed instance of InvokeGenerator.Target
mv.visitInsn(POP);
mv.visitInsn(RETURN);
mv.visitMaxs(0, 0);
mv.visitEnd();
cv.visitEnd();
byte[] classData = cv.toByteArray();
return new InvokeGenerator().defineClass(null, classData, 0, classData.length);
}
public static void main(String[] args) throws Exception {
Class<?> cls = generate();
cls.newInstance();
}
public static CallSite bootstrap(MethodHandles.Lookup lookup, String name, MethodType type) throws Exception {
// Derive the constructor signature from the signature of this INVOKEDYNAMIC
Constructor c = type.returnType().getDeclaredConstructor(type.parameterArray());
c.setAccessible(true);
// Convert Constructor to MethodHandle which will serve as a target of INVOKEDYNAMIC
MethodHandle mh = lookup.unreflectConstructor(c);
return new ConstantCallSite(mh);
}
public static class Target {
private Target() {
System.out.println("Private constructor called");
}
}
}
Before JDK 9 there was an alternative dirty hack. If you inherited your generated class from sun.reflect.MagicAccessorImpl, JVM would skip access checks and allow to call any private method or constructor. But the encapsulation of private APIs in JDK 9 made difficult to perform this trick. Furthermore, MagicAccessorImpl is specific to HotSpot JVM and is not supposed to work on other implementations. So I'd definitely not recommend this alternative.