8221530: Caller sensitive methods not handling caller = null when invoked by JNI code with no java frames on stack

Reviewed-by: alanb, dholmes, sundar

src/java.base/share/classes/java/lang/reflect/AccessibleObject.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -56,7 +56,10 @@ import sun.security.util.SecurityConstants;
  * {@code Field}s, {@code Method}s, or {@code Constructor}s are used to get or
  * set fields, to invoke methods, or to create and initialize new instances of
  * classes, respectively. Every reflected object checks that the code using it
- * is in an appropriate class, package, or module. </p>
+ * is in an appropriate class, package, or module. The check when invoked by
+ * <a href="{@docRoot}/../specs/jni/index.html">JNI code</a> with no Java
+ * class on the stack only succeeds if the member and the declaring class are
+ * public, and the class is in a package that is exported to all modules. </p>
  *
  * <p> The one variation from Java language access control is that the checks
  * by reflected objects assume readability. That is, the module containing
@@ -670,6 +673,13 @@ public class AccessibleObject implements AnnotatedElement {
     private boolean slowVerifyAccess(Class<?> caller, Class<?> memberClass,
                                      Class<?> targetClass, int modifiers)
     {
+
+        if (caller == null) {
+            // No caller frame when a native thread attaches to the VM
+            // only allow access to a public accessible member
+            return Reflection.verifyPublicMemberAccess(memberClass, modifiers);
+        }
+
         if (!Reflection.verifyMemberAccess(caller, memberClass, targetClass, modifiers)) {
             // access denied
             return false;