1 /*
2  * Copyright (C) 2019, The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include "aidl_language.h"
18 #include "aidl_typenames.h"
19 #include "logging.h"
20 
21 #include <stdlib.h>
22 #include <algorithm>
23 #include <iostream>
24 #include <limits>
25 #include <memory>
26 
27 #include <android-base/parsedouble.h>
28 #include <android-base/parseint.h>
29 #include <android-base/strings.h>
30 
31 using android::base::ConsumeSuffix;
32 using android::base::EndsWith;
33 using android::base::Join;
34 using android::base::StartsWith;
35 using std::string;
36 using std::unique_ptr;
37 using std::vector;
38 
39 template <typename T>
CLZ(T x)40 constexpr int CLZ(T x) {
41   // __builtin_clz(0) is undefined
42   if (x == 0) return sizeof(T) * 8;
43   return (sizeof(T) == sizeof(uint64_t)) ? __builtin_clzl(x) : __builtin_clz(x);
44 }
45 
46 template <typename T>
47 class OverflowGuard {
48  public:
OverflowGuard(T value)49   OverflowGuard(T value) : mValue(value) {}
Overflowed() const50   bool Overflowed() const { return mOverflowed; }
51 
operator +()52   T operator+() { return +mValue; }
operator -()53   T operator-() {
54     if (isMin()) {
55       mOverflowed = true;
56       return 0;
57     }
58     return -mValue;
59   }
operator !()60   T operator!() { return !mValue; }
operator ~()61   T operator~() { return ~mValue; }
62 
operator +(T o)63   T operator+(T o) {
64     T out;
65     mOverflowed = __builtin_add_overflow(mValue, o, &out);
66     return out;
67   }
operator -(T o)68   T operator-(T o) {
69     T out;
70     mOverflowed = __builtin_sub_overflow(mValue, o, &out);
71     return out;
72   }
operator *(T o)73   T operator*(T o) {
74     T out;
75 #ifdef _WIN32
76     // ___mulodi4 not on windows https://bugs.llvm.org/show_bug.cgi?id=46669
77     // we should still get an error here from ubsan, but the nice error
78     // is needed on linux for aidl_parser_fuzzer, where we are more
79     // concerned about overflows elsewhere in the compiler in addition to
80     // those in interfaces.
81     out = mValue * o;
82 #else
83     mOverflowed = __builtin_mul_overflow(mValue, o, &out);
84 #endif
85     return out;
86   }
operator /(T o)87   T operator/(T o) {
88     if (o == 0 || (isMin() && o == -1)) {
89       mOverflowed = true;
90       return 0;
91     }
92     return mValue / o;
93   }
operator %(T o)94   T operator%(T o) {
95     if (o == 0 || (isMin() && o == -1)) {
96       mOverflowed = true;
97       return 0;
98     }
99     return mValue % o;
100   }
operator |(T o)101   T operator|(T o) { return mValue | o; }
operator ^(T o)102   T operator^(T o) { return mValue ^ o; }
operator &(T o)103   T operator&(T o) { return mValue & o; }
operator <(T o)104   T operator<(T o) { return mValue < o; }
operator >(T o)105   T operator>(T o) { return mValue > o; }
operator <=(T o)106   T operator<=(T o) { return mValue <= o; }
operator >=(T o)107   T operator>=(T o) { return mValue >= o; }
operator ==(T o)108   T operator==(T o) { return mValue == o; }
operator !=(T o)109   T operator!=(T o) { return mValue != o; }
operator >>(T o)110   T operator>>(T o) {
111     if (o < 0 || o >= static_cast<T>(sizeof(T) * 8) || mValue < 0) {
112       mOverflowed = true;
113       return 0;
114     }
115     return mValue >> o;
116   }
operator <<(T o)117   T operator<<(T o) {
118     if (o < 0 || mValue < 0 || o > CLZ(mValue) || o >= static_cast<T>(sizeof(T) * 8)) {
119       mOverflowed = true;
120       return 0;
121     }
122     return mValue << o;
123   }
operator ||(T o)124   T operator||(T o) { return mValue || o; }
operator &&(T o)125   T operator&&(T o) { return mValue && o; }
126 
127  private:
isMin()128   bool isMin() { return mValue == std::numeric_limits<T>::min(); }
129 
130   T mValue;
131   bool mOverflowed = false;
132 };
133 
134 template <typename T>
processGuard(const OverflowGuard<T> & guard,const AidlConstantValue & context)135 bool processGuard(const OverflowGuard<T>& guard, const AidlConstantValue& context) {
136   if (guard.Overflowed()) {
137     AIDL_ERROR(context) << "Constant expression computation overflows.";
138     return false;
139   }
140   return true;
141 }
142 
143 // TODO: factor out all these macros
144 #define SHOULD_NOT_REACH() AIDL_FATAL(AIDL_LOCATION_HERE) << "Should not reach."
145 #define OPEQ(__y__) (string(op_) == string(__y__))
146 #define COMPUTE_UNARY(T, __op__)         \
147   if (op == string(#__op__)) {           \
148     OverflowGuard<T> guard(val);         \
149     *out = __op__ guard;                 \
150     return processGuard(guard, context); \
151   }
152 #define COMPUTE_BINARY(T, __op__)        \
153   if (op == string(#__op__)) {           \
154     OverflowGuard<T> guard(lval);        \
155     *out = guard __op__ rval;            \
156     return processGuard(guard, context); \
157   }
158 #define OP_IS_BIN_ARITHMETIC (OPEQ("+") || OPEQ("-") || OPEQ("*") || OPEQ("/") || OPEQ("%"))
159 #define OP_IS_BIN_BITFLIP (OPEQ("|") || OPEQ("^") || OPEQ("&"))
160 #define OP_IS_BIN_COMP \
161   (OPEQ("<") || OPEQ(">") || OPEQ("<=") || OPEQ(">=") || OPEQ("==") || OPEQ("!="))
162 #define OP_IS_BIN_SHIFT (OPEQ(">>") || OPEQ("<<"))
163 #define OP_IS_BIN_LOGICAL (OPEQ("||") || OPEQ("&&"))
164 
165 // NOLINT to suppress missing parentheses warnings about __def__.
166 #define SWITCH_KIND(__cond__, __action__, __def__) \
167   switch (__cond__) {                              \
168     case Type::BOOLEAN:                            \
169       __action__(bool);                            \
170     case Type::INT8:                               \
171       __action__(int8_t);                          \
172     case Type::INT32:                              \
173       __action__(int32_t);                         \
174     case Type::INT64:                              \
175       __action__(int64_t);                         \
176     default:                                       \
177       __def__; /* NOLINT */                        \
178   }
179 
180 template <class T>
handleUnary(const AidlConstantValue & context,const string & op,T val,int64_t * out)181 bool handleUnary(const AidlConstantValue& context, const string& op, T val, int64_t* out) {
182   COMPUTE_UNARY(T, +)
183   COMPUTE_UNARY(T, -)
184   COMPUTE_UNARY(T, !)
185   COMPUTE_UNARY(T, ~)
186   AIDL_FATAL(context) << "Could not handleUnary for " << op << " " << val;
187   return false;
188 }
189 template <>
handleUnary(const AidlConstantValue & context,const string & op,bool val,int64_t * out)190 bool handleUnary<bool>(const AidlConstantValue& context, const string& op, bool val, int64_t* out) {
191   COMPUTE_UNARY(bool, +)
192   COMPUTE_UNARY(bool, -)
193   COMPUTE_UNARY(bool, !)
194 
195   if (op == "~") {
196     AIDL_ERROR(context) << "Bitwise negation of a boolean expression is always true.";
197     return false;
198   }
199   AIDL_FATAL(context) << "Could not handleUnary for " << op << " " << val;
200   return false;
201 }
202 
203 template <class T>
handleBinaryCommon(const AidlConstantValue & context,T lval,const string & op,T rval,int64_t * out)204 bool handleBinaryCommon(const AidlConstantValue& context, T lval, const string& op, T rval,
205                         int64_t* out) {
206   COMPUTE_BINARY(T, +)
207   COMPUTE_BINARY(T, -)
208   COMPUTE_BINARY(T, *)
209   COMPUTE_BINARY(T, /)
210   COMPUTE_BINARY(T, %)
211   COMPUTE_BINARY(T, |)
212   COMPUTE_BINARY(T, ^)
213   COMPUTE_BINARY(T, &)
214   // comparison operators: return 0 or 1 by nature.
215   COMPUTE_BINARY(T, ==)
216   COMPUTE_BINARY(T, !=)
217   COMPUTE_BINARY(T, <)
218   COMPUTE_BINARY(T, >)
219   COMPUTE_BINARY(T, <=)
220   COMPUTE_BINARY(T, >=)
221 
222   AIDL_FATAL(context) << "Could not handleBinaryCommon for " << lval << " " << op << " " << rval;
223   return false;
224 }
225 
226 template <class T>
handleShift(const AidlConstantValue & context,T lval,const string & op,T rval,int64_t * out)227 bool handleShift(const AidlConstantValue& context, T lval, const string& op, T rval, int64_t* out) {
228   // just cast rval to int64_t and it should fit.
229   COMPUTE_BINARY(T, >>)
230   COMPUTE_BINARY(T, <<)
231 
232   AIDL_FATAL(context) << "Could not handleShift for " << lval << " " << op << " " << rval;
233   return false;
234 }
235 
handleLogical(const AidlConstantValue & context,bool lval,const string & op,bool rval,int64_t * out)236 bool handleLogical(const AidlConstantValue& context, bool lval, const string& op, bool rval,
237                    int64_t* out) {
238   COMPUTE_BINARY(bool, ||);
239   COMPUTE_BINARY(bool, &&);
240 
241   AIDL_FATAL(context) << "Could not handleLogical for " << lval << " " << op << " " << rval;
242   return false;
243 }
244 
isValidLiteralChar(char c)245 static bool isValidLiteralChar(char c) {
246   return !(c <= 0x1f ||  // control characters are < 0x20
247            c >= 0x7f ||  // DEL is 0x7f
248            c == '\\');   // Disallow backslashes for future proofing.
249 }
250 
ParseFloating(std::string_view sv,double * parsed)251 bool ParseFloating(std::string_view sv, double* parsed) {
252   // float literal should be parsed successfully.
253   android::base::ConsumeSuffix(&sv, "f");
254   return android::base::ParseDouble(std::string(sv).data(), parsed);
255 }
256 
ParseFloating(std::string_view sv,float * parsed)257 bool ParseFloating(std::string_view sv, float* parsed) {
258   // we only care about float literal (with suffix "f").
259   if (!android::base::ConsumeSuffix(&sv, "f")) {
260     return false;
261   }
262   return android::base::ParseFloat(std::string(sv).data(), parsed);
263 }
264 
IsCompatibleType(Type type,const string & op)265 bool AidlUnaryConstExpression::IsCompatibleType(Type type, const string& op) {
266   // Verify the unary type here
267   switch (type) {
268     case Type::BOOLEAN:  // fall-through
269     case Type::INT8:     // fall-through
270     case Type::INT32:    // fall-through
271     case Type::INT64:
272       return true;
273     case Type::FLOATING:
274       return (op == "+" || op == "-");
275     default:
276       return false;
277   }
278 }
279 
AreCompatibleTypes(Type t1,Type t2)280 bool AidlBinaryConstExpression::AreCompatibleTypes(Type t1, Type t2) {
281   switch (t1) {
282     case Type::STRING:
283       if (t2 == Type::STRING) {
284         return true;
285       }
286       break;
287     case Type::BOOLEAN:  // fall-through
288     case Type::INT8:     // fall-through
289     case Type::INT32:    // fall-through
290     case Type::INT64:
291       switch (t2) {
292         case Type::BOOLEAN:  // fall-through
293         case Type::INT8:     // fall-through
294         case Type::INT32:    // fall-through
295         case Type::INT64:
296           return true;
297           break;
298         default:
299           break;
300       }
301       break;
302     default:
303       break;
304   }
305 
306   return false;
307 }
308 
309 // Returns the promoted kind for both operands
UsualArithmeticConversion(Type left,Type right)310 AidlConstantValue::Type AidlBinaryConstExpression::UsualArithmeticConversion(Type left,
311                                                                              Type right) {
312   // These are handled as special cases
313   AIDL_FATAL_IF(left == Type::STRING || right == Type::STRING, AIDL_LOCATION_HERE);
314   AIDL_FATAL_IF(left == Type::FLOATING || right == Type::FLOATING, AIDL_LOCATION_HERE);
315 
316   // Kinds in concern: bool, (u)int[8|32|64]
317   if (left == right) return left;  // easy case
318   if (left == Type::BOOLEAN) return right;
319   if (right == Type::BOOLEAN) return left;
320 
321   return left < right ? right : left;
322 }
323 
324 // Returns the promoted integral type where INT32 is the smallest type
IntegralPromotion(Type in)325 AidlConstantValue::Type AidlBinaryConstExpression::IntegralPromotion(Type in) {
326   return (Type::INT32 < in) ? in : Type::INT32;
327 }
328 
Default(const AidlTypeSpecifier & specifier)329 AidlConstantValue* AidlConstantValue::Default(const AidlTypeSpecifier& specifier) {
330   AidlLocation location = specifier.GetLocation();
331 
332   // allocation of int[0] is a bit wasteful in Java
333   if (specifier.IsArray()) {
334     return nullptr;
335   }
336 
337   const std::string name = specifier.GetName();
338   if (name == "boolean") {
339     return Boolean(location, false);
340   }
341   if (name == "byte" || name == "int" || name == "long") {
342     return Integral(location, "0");
343   }
344   if (name == "float") {
345     return Floating(location, "0.0f");
346   }
347   if (name == "double") {
348     return Floating(location, "0.0");
349   }
350   return nullptr;
351 }
352 
Boolean(const AidlLocation & location,bool value)353 AidlConstantValue* AidlConstantValue::Boolean(const AidlLocation& location, bool value) {
354   return new AidlConstantValue(location, Type::BOOLEAN, value ? "true" : "false");
355 }
356 
Character(const AidlLocation & location,char value)357 AidlConstantValue* AidlConstantValue::Character(const AidlLocation& location, char value) {
358   const std::string explicit_value = string("'") + value + "'";
359   if (!isValidLiteralChar(value)) {
360     AIDL_ERROR(location) << "Invalid character literal " << value;
361     return new AidlConstantValue(location, Type::ERROR, explicit_value);
362   }
363   return new AidlConstantValue(location, Type::CHARACTER, explicit_value);
364 }
365 
Floating(const AidlLocation & location,const std::string & value)366 AidlConstantValue* AidlConstantValue::Floating(const AidlLocation& location,
367                                                const std::string& value) {
368   return new AidlConstantValue(location, Type::FLOATING, value);
369 }
370 
IsHex(const string & value)371 bool AidlConstantValue::IsHex(const string& value) {
372   return StartsWith(value, "0x") || StartsWith(value, "0X");
373 }
374 
ParseIntegral(const string & value,int64_t * parsed_value,Type * parsed_type)375 bool AidlConstantValue::ParseIntegral(const string& value, int64_t* parsed_value,
376                                       Type* parsed_type) {
377   if (parsed_value == nullptr || parsed_type == nullptr) {
378     return false;
379   }
380 
381   const bool isLong = EndsWith(value, 'l') || EndsWith(value, 'L');
382   const std::string value_substr = isLong ? value.substr(0, value.size() - 1) : value;
383 
384   if (IsHex(value)) {
385     // AIDL considers 'const int foo = 0xffffffff' as -1, but if we want to
386     // handle that when computing constant expressions, then we need to
387     // represent 0xffffffff as a uint32_t. However, AIDL only has signed types;
388     // so we parse as an unsigned int when possible and then cast to a signed
389     // int. One example of this is in ICameraService.aidl where a constant int
390     // is used for bit manipulations which ideally should be handled with an
391     // unsigned int.
392     //
393     // Note, for historical consistency, we need to consider small hex values
394     // as an integral type. Recognizing them as INT8 could break some files,
395     // even though it would simplify this code.
396     if (uint32_t rawValue32;
397         !isLong && android::base::ParseUint<uint32_t>(value_substr, &rawValue32)) {
398       *parsed_value = static_cast<int32_t>(rawValue32);
399       *parsed_type = Type::INT32;
400     } else if (uint64_t rawValue64; android::base::ParseUint<uint64_t>(value_substr, &rawValue64)) {
401       *parsed_value = static_cast<int64_t>(rawValue64);
402       *parsed_type = Type::INT64;
403     } else {
404       *parsed_value = 0;
405       *parsed_type = Type::ERROR;
406       return false;
407     }
408     return true;
409   }
410 
411   if (!android::base::ParseInt<int64_t>(value_substr, parsed_value)) {
412     *parsed_value = 0;
413     *parsed_type = Type::ERROR;
414     return false;
415   }
416 
417   if (isLong) {
418     *parsed_type = Type::INT64;
419   } else {
420     // guess literal type.
421     if (*parsed_value <= INT8_MAX && *parsed_value >= INT8_MIN) {
422       *parsed_type = Type::INT8;
423     } else if (*parsed_value <= INT32_MAX && *parsed_value >= INT32_MIN) {
424       *parsed_type = Type::INT32;
425     } else {
426       *parsed_type = Type::INT64;
427     }
428   }
429   return true;
430 }
431 
Integral(const AidlLocation & location,const string & value)432 AidlConstantValue* AidlConstantValue::Integral(const AidlLocation& location, const string& value) {
433   AIDL_FATAL_IF(value.empty(), location);
434 
435   Type parsed_type;
436   int64_t parsed_value = 0;
437   bool success = ParseIntegral(value, &parsed_value, &parsed_type);
438   if (!success) {
439     return nullptr;
440   }
441 
442   return new AidlConstantValue(location, parsed_type, parsed_value, value);
443 }
444 
Array(const AidlLocation & location,std::unique_ptr<vector<unique_ptr<AidlConstantValue>>> values)445 AidlConstantValue* AidlConstantValue::Array(
446     const AidlLocation& location, std::unique_ptr<vector<unique_ptr<AidlConstantValue>>> values) {
447   AIDL_FATAL_IF(values == nullptr, location);
448   std::vector<std::string> str_values;
449   for (const auto& v : *values) {
450     str_values.push_back(v->value_);
451   }
452   return new AidlConstantValue(location, Type::ARRAY, std::move(values), Join(str_values, ", "));
453 }
454 
String(const AidlLocation & location,const string & value)455 AidlConstantValue* AidlConstantValue::String(const AidlLocation& location, const string& value) {
456   for (size_t i = 0; i < value.length(); ++i) {
457     if (!isValidLiteralChar(value[i])) {
458       AIDL_ERROR(location) << "Found invalid character at index " << i << " in string constant '"
459                            << value << "'";
460       return new AidlConstantValue(location, Type::ERROR, value);
461     }
462   }
463 
464   return new AidlConstantValue(location, Type::STRING, value);
465 }
466 
ValueString(const AidlTypeSpecifier & type,const ConstantValueDecorator & decorator) const467 string AidlConstantValue::ValueString(const AidlTypeSpecifier& type,
468                                       const ConstantValueDecorator& decorator) const {
469   if (type.IsGeneric()) {
470     AIDL_ERROR(type) << "Generic type cannot be specified with a constant literal.";
471     return "";
472   }
473   if (!is_evaluated_) {
474     // TODO(b/142722772) CheckValid() should be called before ValueString()
475     bool success = CheckValid();
476     success &= evaluate();
477     if (!success) {
478       // the detailed error message shall be printed in evaluate
479       return "";
480     }
481   }
482   if (!is_valid_) {
483     AIDL_ERROR(this) << "Invalid constant value: " + value_;
484     return "";
485   }
486 
487   const AidlDefinedType* defined_type = type.GetDefinedType();
488   if (defined_type && !type.IsArray()) {
489     const AidlEnumDeclaration* enum_type = defined_type->AsEnumDeclaration();
490     if (!enum_type) {
491       AIDL_ERROR(this) << "Invalid type (" << defined_type->GetCanonicalName()
492                        << ") for a const value (" << value_ << ")";
493       return "";
494     }
495     if (type_ != Type::REF) {
496       AIDL_ERROR(this) << "Invalid value (" << value_ << ") for enum "
497                        << enum_type->GetCanonicalName();
498       return "";
499     }
500     return decorator(type, value_);
501   }
502 
503   const string& type_string = type.GetName();
504   int err = 0;
505 
506   switch (final_type_) {
507     case Type::CHARACTER:
508       if (type_string == "char") {
509         return decorator(type, final_string_value_);
510       }
511       err = -1;
512       break;
513     case Type::STRING:
514       if (type_string == "String") {
515         return decorator(type, final_string_value_);
516       }
517       err = -1;
518       break;
519     case Type::BOOLEAN:  // fall-through
520     case Type::INT8:     // fall-through
521     case Type::INT32:    // fall-through
522     case Type::INT64:
523       if (type_string == "byte") {
524         if (final_value_ > INT8_MAX || final_value_ < INT8_MIN) {
525           err = -1;
526           break;
527         }
528         return decorator(type, std::to_string(static_cast<int8_t>(final_value_)));
529       } else if (type_string == "int") {
530         if (final_value_ > INT32_MAX || final_value_ < INT32_MIN) {
531           err = -1;
532           break;
533         }
534         return decorator(type, std::to_string(static_cast<int32_t>(final_value_)));
535       } else if (type_string == "long") {
536         return decorator(type, std::to_string(final_value_));
537       } else if (type_string == "boolean") {
538         return decorator(type, final_value_ ? "true" : "false");
539       }
540       err = -1;
541       break;
542     case Type::ARRAY: {
543       if (!type.IsArray()) {
544         err = -1;
545         break;
546       }
547       vector<string> value_strings;
548       value_strings.reserve(values_.size());
549       bool success = true;
550 
551       for (const auto& value : values_) {
552         const AidlTypeSpecifier& array_base = type.ArrayBase();
553         const string value_string = value->ValueString(array_base, decorator);
554         if (value_string.empty()) {
555           success = false;
556           break;
557         }
558         value_strings.push_back(value_string);
559       }
560       if (!success) {
561         err = -1;
562         break;
563       }
564 
565       return decorator(type, "{" + Join(value_strings, ", ") + "}");
566     }
567     case Type::FLOATING: {
568       if (type_string == "double") {
569         double parsed_value;
570         if (!ParseFloating(value_, &parsed_value)) {
571           AIDL_ERROR(this) << "Could not parse " << value_;
572           err = -1;
573           break;
574         }
575         return decorator(type, std::to_string(parsed_value));
576       }
577       if (type_string == "float") {
578         float parsed_value;
579         if (!ParseFloating(value_, &parsed_value)) {
580           AIDL_ERROR(this) << "Could not parse " << value_;
581           err = -1;
582           break;
583         }
584         return decorator(type, std::to_string(parsed_value) + "f");
585       }
586       err = -1;
587       break;
588     }
589     default:
590       err = -1;
591       break;
592   }
593 
594   AIDL_FATAL_IF(err == 0, this);
595   AIDL_ERROR(this) << "Invalid type specifier for " << ToString(final_type_) << ": " << type_string;
596   return "";
597 }
598 
CheckValid() const599 bool AidlConstantValue::CheckValid() const {
600   // Nothing needs to be checked here. The constant value will be validated in
601   // the constructor or in the evaluate() function.
602   if (is_evaluated_) return is_valid_;
603 
604   switch (type_) {
605     case Type::BOOLEAN:    // fall-through
606     case Type::INT8:       // fall-through
607     case Type::INT32:      // fall-through
608     case Type::INT64:      // fall-through
609     case Type::CHARACTER:  // fall-through
610     case Type::STRING:     // fall-through
611     case Type::REF:        // fall-through
612     case Type::FLOATING:   // fall-through
613     case Type::UNARY:      // fall-through
614     case Type::BINARY:
615       is_valid_ = true;
616       break;
617     case Type::ARRAY:
618       is_valid_ = true;
619       for (const auto& v : values_) is_valid_ &= v->CheckValid();
620       break;
621     case Type::ERROR:
622       return false;
623     default:
624       AIDL_FATAL(this) << "Unrecognized constant value type: " << ToString(type_);
625       return false;
626   }
627 
628   return true;
629 }
630 
evaluate() const631 bool AidlConstantValue::evaluate() const {
632   if (is_evaluated_) {
633     return is_valid_;
634   }
635   int err = 0;
636   is_evaluated_ = true;
637 
638   switch (type_) {
639     case Type::ARRAY: {
640       Type array_type = Type::ERROR;
641       bool success = true;
642       for (const auto& value : values_) {
643         success = value->CheckValid();
644         if (success) {
645           success = value->evaluate();
646           if (!success) {
647             AIDL_ERROR(this) << "Invalid array element: " << value->value_;
648             break;
649           }
650           if (array_type == Type::ERROR) {
651             array_type = value->final_type_;
652           } else if (!AidlBinaryConstExpression::AreCompatibleTypes(array_type,
653                                                                     value->final_type_)) {
654             AIDL_ERROR(this) << "Incompatible array element type: " << ToString(value->final_type_)
655                              << ". Expecting type compatible with " << ToString(array_type);
656             success = false;
657             break;
658           }
659         } else {
660           break;
661         }
662       }
663       if (!success) {
664         err = -1;
665         break;
666       }
667       final_type_ = type_;
668       break;
669     }
670     case Type::BOOLEAN:
671       if ((value_ != "true") && (value_ != "false")) {
672         AIDL_ERROR(this) << "Invalid constant boolean value: " << value_;
673         err = -1;
674         break;
675       }
676       final_value_ = (value_ == "true") ? 1 : 0;
677       final_type_ = type_;
678       break;
679     case Type::INT8:   // fall-through
680     case Type::INT32:  // fall-through
681     case Type::INT64:
682       // Parsing happens in the constructor
683       final_type_ = type_;
684       break;
685     case Type::CHARACTER:  // fall-through
686     case Type::STRING:
687       final_string_value_ = value_;
688       final_type_ = type_;
689       break;
690     case Type::FLOATING:
691       // Just parse on the fly in ValueString
692       final_type_ = type_;
693       break;
694     default:
695       AIDL_FATAL(this) << "Unrecognized constant value type: " << ToString(type_);
696       err = -1;
697   }
698 
699   return (err == 0) ? true : false;
700 }
701 
ToString(Type type)702 string AidlConstantValue::ToString(Type type) {
703   switch (type) {
704     case Type::BOOLEAN:
705       return "a literal boolean";
706     case Type::INT8:
707       return "an int8 literal";
708     case Type::INT32:
709       return "an int32 literal";
710     case Type::INT64:
711       return "an int64 literal";
712     case Type::ARRAY:
713       return "a literal array";
714     case Type::CHARACTER:
715       return "a literal char";
716     case Type::STRING:
717       return "a literal string";
718     case Type::REF:
719       return "a reference";
720     case Type::FLOATING:
721       return "a literal float";
722     case Type::UNARY:
723       return "a unary expression";
724     case Type::BINARY:
725       return "a binary expression";
726     case Type::ERROR:
727       AIDL_FATAL(AIDL_LOCATION_HERE) << "aidl internal error: error type failed to halt program";
728       return "";
729     default:
730       AIDL_FATAL(AIDL_LOCATION_HERE)
731           << "aidl internal error: unknown constant type: " << static_cast<int>(type);
732       return "";  // not reached
733   }
734 }
735 
AidlConstantReference(const AidlLocation & location,const std::string & value)736 AidlConstantReference::AidlConstantReference(const AidlLocation& location, const std::string& value)
737     : AidlConstantValue(location, Type::REF, value) {
738   const auto pos = value.find_last_of('.');
739   if (pos == string::npos) {
740     field_name_ = value;
741   } else {
742     ref_type_ = std::make_unique<AidlTypeSpecifier>(location, value.substr(0, pos), false, nullptr,
743                                                     Comments{});
744     field_name_ = value.substr(pos + 1);
745   }
746 }
747 
Resolve(const AidlDefinedType * scope) const748 const AidlConstantValue* AidlConstantReference::Resolve(const AidlDefinedType* scope) const {
749   if (resolved_) return resolved_;
750 
751   const AidlDefinedType* defined_type;
752   if (ref_type_) {
753     defined_type = ref_type_->GetDefinedType();
754   } else {
755     defined_type = scope;
756   }
757 
758   if (!defined_type) {
759     // This can happen when "const reference" is used in an unsupported way,
760     // but missed in checks there. It works as a safety net.
761     AIDL_ERROR(*this) << "Can't resolve the reference (" << value_ << ")";
762     return nullptr;
763   }
764 
765   if (auto enum_decl = defined_type->AsEnumDeclaration(); enum_decl) {
766     for (const auto& e : enum_decl->GetEnumerators()) {
767       if (e->GetName() == field_name_) {
768         return resolved_ = e->GetValue();
769       }
770     }
771   } else {
772     for (const auto& c : defined_type->GetConstantDeclarations()) {
773       if (c->GetName() == field_name_) {
774         return resolved_ = &c->GetValue();
775       }
776     }
777   }
778   AIDL_ERROR(*this) << "Can't find " << field_name_ << " in " << defined_type->GetName();
779   return nullptr;
780 }
781 
CheckValid() const782 bool AidlConstantReference::CheckValid() const {
783   if (is_evaluated_) return is_valid_;
784   AIDL_FATAL_IF(!resolved_, this) << "Should be resolved first: " << value_;
785   is_valid_ = resolved_->CheckValid();
786   return is_valid_;
787 }
788 
evaluate() const789 bool AidlConstantReference::evaluate() const {
790   if (is_evaluated_) return is_valid_;
791   AIDL_FATAL_IF(!resolved_, this) << "Should be resolved first: " << value_;
792   is_evaluated_ = true;
793 
794   resolved_->evaluate();
795   is_valid_ = resolved_->is_valid_;
796   final_type_ = resolved_->final_type_;
797   if (is_valid_) {
798     if (final_type_ == Type::STRING) {
799       final_string_value_ = resolved_->final_string_value_;
800     } else {
801       final_value_ = resolved_->final_value_;
802     }
803   }
804   return is_valid_;
805 }
806 
CheckValid() const807 bool AidlUnaryConstExpression::CheckValid() const {
808   if (is_evaluated_) return is_valid_;
809   AIDL_FATAL_IF(unary_ == nullptr, this);
810 
811   is_valid_ = unary_->CheckValid();
812   if (!is_valid_) {
813     final_type_ = Type::ERROR;
814     return false;
815   }
816 
817   return AidlConstantValue::CheckValid();
818 }
819 
evaluate() const820 bool AidlUnaryConstExpression::evaluate() const {
821   if (is_evaluated_) {
822     return is_valid_;
823   }
824   is_evaluated_ = true;
825 
826   // Recursively evaluate the expression tree
827   if (!unary_->is_evaluated_) {
828     // TODO(b/142722772) CheckValid() should be called before ValueString()
829     bool success = CheckValid();
830     success &= unary_->evaluate();
831     if (!success) {
832       is_valid_ = false;
833       return false;
834     }
835   }
836   if (!IsCompatibleType(unary_->final_type_, op_)) {
837     AIDL_ERROR(unary_) << "'" << op_ << "'"
838                        << " is not compatible with " << ToString(unary_->final_type_)
839                        << ": " + value_;
840     is_valid_ = false;
841     return false;
842   }
843   if (!unary_->is_valid_) {
844     AIDL_ERROR(unary_) << "Invalid constant unary expression: " + value_;
845     is_valid_ = false;
846     return false;
847   }
848   final_type_ = unary_->final_type_;
849 
850   if (final_type_ == Type::FLOATING) {
851     // don't do anything here. ValueString() will handle everything.
852     is_valid_ = true;
853     return true;
854   }
855 
856 #define CASE_UNARY(__type__) \
857   return is_valid_ =         \
858              handleUnary(*this, op_, static_cast<__type__>(unary_->final_value_), &final_value_);
859 
860   SWITCH_KIND(final_type_, CASE_UNARY, SHOULD_NOT_REACH(); final_type_ = Type::ERROR;
861               is_valid_ = false; return false;)
862 }
863 
CheckValid() const864 bool AidlBinaryConstExpression::CheckValid() const {
865   bool success = false;
866   if (is_evaluated_) return is_valid_;
867   AIDL_FATAL_IF(left_val_ == nullptr, this);
868   AIDL_FATAL_IF(right_val_ == nullptr, this);
869 
870   success = left_val_->CheckValid();
871   if (!success) {
872     final_type_ = Type::ERROR;
873     AIDL_ERROR(this) << "Invalid left operand in binary expression: " + value_;
874   }
875 
876   success = right_val_->CheckValid();
877   if (!success) {
878     AIDL_ERROR(this) << "Invalid right operand in binary expression: " + value_;
879     final_type_ = Type::ERROR;
880   }
881 
882   if (final_type_ == Type::ERROR) {
883     is_valid_ = false;
884     return false;
885   }
886 
887   is_valid_ = true;
888   return AidlConstantValue::CheckValid();
889 }
890 
evaluate() const891 bool AidlBinaryConstExpression::evaluate() const {
892   if (is_evaluated_) {
893     return is_valid_;
894   }
895   is_evaluated_ = true;
896   AIDL_FATAL_IF(left_val_ == nullptr, this);
897   AIDL_FATAL_IF(right_val_ == nullptr, this);
898 
899   // Recursively evaluate the binary expression tree
900   if (!left_val_->is_evaluated_ || !right_val_->is_evaluated_) {
901     // TODO(b/142722772) CheckValid() should be called before ValueString()
902     bool success = CheckValid();
903     success &= left_val_->evaluate();
904     success &= right_val_->evaluate();
905     if (!success) {
906       is_valid_ = false;
907       return false;
908     }
909   }
910   if (!left_val_->is_valid_ || !right_val_->is_valid_) {
911     is_valid_ = false;
912     return false;
913   }
914   is_valid_ = AreCompatibleTypes(left_val_->final_type_, right_val_->final_type_);
915   if (!is_valid_) {
916     AIDL_ERROR(this) << "Cannot perform operation '" << op_ << "' on "
917                      << ToString(right_val_->GetType()) << " and " << ToString(left_val_->GetType())
918                      << ".";
919     return false;
920   }
921 
922   bool isArithmeticOrBitflip = OP_IS_BIN_ARITHMETIC || OP_IS_BIN_BITFLIP;
923 
924   // Handle String case first
925   if (left_val_->final_type_ == Type::STRING) {
926     AIDL_FATAL_IF(right_val_->final_type_ != Type::STRING, this);
927     if (!OPEQ("+")) {
928       AIDL_ERROR(this) << "Only '+' is supported for strings, not '" << op_ << "'.";
929       final_type_ = Type::ERROR;
930       is_valid_ = false;
931       return false;
932     }
933 
934     // Remove trailing " from lhs
935     const string& lhs = left_val_->final_string_value_;
936     if (lhs.back() != '"') {
937       AIDL_ERROR(this) << "'" << lhs << "' is missing a trailing quote.";
938       final_type_ = Type::ERROR;
939       is_valid_ = false;
940       return false;
941     }
942     const string& rhs = right_val_->final_string_value_;
943     // Remove starting " from rhs
944     if (rhs.front() != '"') {
945       AIDL_ERROR(this) << "'" << rhs << "' is missing a leading quote.";
946       final_type_ = Type::ERROR;
947       is_valid_ = false;
948       return false;
949     }
950 
951     final_string_value_ = string(lhs.begin(), lhs.end() - 1).append(rhs.begin() + 1, rhs.end());
952     final_type_ = Type::STRING;
953     return true;
954   }
955 
956   // CASE: + - *  / % | ^ & < > <= >= == !=
957   if (isArithmeticOrBitflip || OP_IS_BIN_COMP) {
958     // promoted kind for both operands.
959     Type promoted = UsualArithmeticConversion(IntegralPromotion(left_val_->final_type_),
960                                               IntegralPromotion(right_val_->final_type_));
961     // result kind.
962     final_type_ = isArithmeticOrBitflip
963                       ? promoted        // arithmetic or bitflip operators generates promoted type
964                       : Type::BOOLEAN;  // comparison operators generates bool
965 
966 #define CASE_BINARY_COMMON(__type__)                                                        \
967   return is_valid_ =                                                                        \
968              handleBinaryCommon(*this, static_cast<__type__>(left_val_->final_value_), op_, \
969                                 static_cast<__type__>(right_val_->final_value_), &final_value_);
970 
971     SWITCH_KIND(promoted, CASE_BINARY_COMMON, SHOULD_NOT_REACH(); final_type_ = Type::ERROR;
972                 is_valid_ = false; return false;)
973   }
974 
975   // CASE: << >>
976   string newOp = op_;
977   if (OP_IS_BIN_SHIFT) {
978     // promoted kind for both operands.
979     final_type_ = UsualArithmeticConversion(IntegralPromotion(left_val_->final_type_),
980                                             IntegralPromotion(right_val_->final_type_));
981     auto numBits = right_val_->final_value_;
982     if (numBits < 0) {
983       // shifting with negative number of bits is undefined in C. In AIDL it
984       // is defined as shifting into the other direction.
985       newOp = OPEQ("<<") ? ">>" : "<<";
986       numBits = -numBits;
987     }
988 
989 #define CASE_SHIFT(__type__)                                                                   \
990   return is_valid_ = handleShift(*this, static_cast<__type__>(left_val_->final_value_), newOp, \
991                                  static_cast<__type__>(numBits), &final_value_);
992 
993     SWITCH_KIND(final_type_, CASE_SHIFT, SHOULD_NOT_REACH(); final_type_ = Type::ERROR;
994                 is_valid_ = false; return false;)
995   }
996 
997   // CASE: && ||
998   if (OP_IS_BIN_LOGICAL) {
999     final_type_ = Type::BOOLEAN;
1000     // easy; everything is bool.
1001     return handleLogical(*this, left_val_->final_value_, op_, right_val_->final_value_,
1002                          &final_value_);
1003   }
1004 
1005   SHOULD_NOT_REACH();
1006   is_valid_ = false;
1007   return false;
1008 }
1009 
AidlConstantValue(const AidlLocation & location,Type parsed_type,int64_t parsed_value,const string & checked_value)1010 AidlConstantValue::AidlConstantValue(const AidlLocation& location, Type parsed_type,
1011                                      int64_t parsed_value, const string& checked_value)
1012     : AidlNode(location),
1013       type_(parsed_type),
1014       value_(checked_value),
1015       final_type_(parsed_type),
1016       final_value_(parsed_value) {
1017   AIDL_FATAL_IF(value_.empty() && type_ != Type::ERROR, location);
1018   AIDL_FATAL_IF(type_ != Type::INT8 && type_ != Type::INT32 && type_ != Type::INT64, location);
1019 }
1020 
AidlConstantValue(const AidlLocation & location,Type type,const string & checked_value)1021 AidlConstantValue::AidlConstantValue(const AidlLocation& location, Type type,
1022                                      const string& checked_value)
1023     : AidlNode(location),
1024       type_(type),
1025       value_(checked_value),
1026       final_type_(type) {
1027   AIDL_FATAL_IF(value_.empty() && type_ != Type::ERROR, location);
1028   switch (type_) {
1029     case Type::INT8:
1030     case Type::INT32:
1031     case Type::INT64:
1032     case Type::ARRAY:
1033       AIDL_FATAL(this) << "Invalid type: " << ToString(type_);
1034       break;
1035     default:
1036       break;
1037   }
1038 }
1039 
AidlConstantValue(const AidlLocation & location,Type type,std::unique_ptr<vector<unique_ptr<AidlConstantValue>>> values,const std::string & value)1040 AidlConstantValue::AidlConstantValue(const AidlLocation& location, Type type,
1041                                      std::unique_ptr<vector<unique_ptr<AidlConstantValue>>> values,
1042                                      const std::string& value)
1043     : AidlNode(location),
1044       type_(type),
1045       values_(std::move(*values)),
1046       value_(value),
1047       is_valid_(false),
1048       is_evaluated_(false),
1049       final_type_(type) {
1050   AIDL_FATAL_IF(type_ != Type::ARRAY, location);
1051 }
1052 
AidlUnaryConstExpression(const AidlLocation & location,const string & op,std::unique_ptr<AidlConstantValue> rval)1053 AidlUnaryConstExpression::AidlUnaryConstExpression(const AidlLocation& location, const string& op,
1054                                                    std::unique_ptr<AidlConstantValue> rval)
1055     : AidlConstantValue(location, Type::UNARY, op + rval->value_),
1056       unary_(std::move(rval)),
1057       op_(op) {
1058   final_type_ = Type::UNARY;
1059 }
1060 
AidlBinaryConstExpression(const AidlLocation & location,std::unique_ptr<AidlConstantValue> lval,const string & op,std::unique_ptr<AidlConstantValue> rval)1061 AidlBinaryConstExpression::AidlBinaryConstExpression(const AidlLocation& location,
1062                                                      std::unique_ptr<AidlConstantValue> lval,
1063                                                      const string& op,
1064                                                      std::unique_ptr<AidlConstantValue> rval)
1065     : AidlConstantValue(location, Type::BINARY, lval->value_ + op + rval->value_),
1066       left_val_(std::move(lval)),
1067       right_val_(std::move(rval)),
1068       op_(op) {
1069   final_type_ = Type::BINARY;
1070 }
1071