1 /* 2 * Copyright (C) 2011 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef ART_RUNTIME_VERIFIER_METHOD_VERIFIER_H_ 18 #define ART_RUNTIME_VERIFIER_METHOD_VERIFIER_H_ 19 20 #include <memory> 21 #include <sstream> 22 #include <vector> 23 24 #include <android-base/logging.h> 25 26 #include "base/arena_allocator.h" 27 #include "base/macros.h" 28 #include "base/scoped_arena_containers.h" 29 #include "base/value_object.h" 30 #include "dex/code_item_accessors.h" 31 #include "dex/dex_file_types.h" 32 #include "dex/method_reference.h" 33 #include "handle.h" 34 #include "instruction_flags.h" 35 #include "reg_type_cache.h" 36 #include "register_line.h" 37 #include "verifier_enums.h" 38 39 namespace art { 40 41 class ClassLinker; 42 class CompilerCallbacks; 43 class DexFile; 44 class Instruction; 45 struct ReferenceMap2Visitor; 46 class Thread; 47 class VariableIndentationOutputStream; 48 49 namespace dex { 50 struct ClassDef; 51 struct CodeItem; 52 } // namespace dex 53 54 namespace mirror { 55 class DexCache; 56 } // namespace mirror 57 58 namespace verifier { 59 60 class MethodVerifier; 61 class RegisterLine; 62 using RegisterLineArenaUniquePtr = std::unique_ptr<RegisterLine, RegisterLineArenaDelete>; 63 class RegType; 64 struct ScopedNewLine; 65 class VerifierDeps; 66 67 // We don't need to store the register data for many instructions, because we either only need 68 // it at branch points (for verification) or GC points and branches (for verification + 69 // type-precise register analysis). 70 enum RegisterTrackingMode { 71 kTrackRegsBranches, 72 kTrackCompilerInterestPoints, 73 kTrackRegsAll, 74 }; 75 76 // A class used by the verifier to tell users about what options need to be set for given methods. 77 class VerifierCallback { 78 public: ~VerifierCallback()79 virtual ~VerifierCallback() {} 80 virtual void SetDontCompile(ArtMethod* method, bool value) 81 REQUIRES_SHARED(Locks::mutator_lock_) = 0; 82 virtual void SetMustCountLocks(ArtMethod* method, bool value) 83 REQUIRES_SHARED(Locks::mutator_lock_) = 0; 84 }; 85 86 // A mapping from a dex pc to the register line statuses as they are immediately prior to the 87 // execution of that instruction. 88 class PcToRegisterLineTable { 89 public: 90 explicit PcToRegisterLineTable(ScopedArenaAllocator& allocator); 91 ~PcToRegisterLineTable(); 92 93 // Initialize the RegisterTable. Every instruction address can have a different set of information 94 // about what's in which register, but for verification purposes we only need to store it at 95 // branch target addresses (because we merge into that). 96 void Init(RegisterTrackingMode mode, 97 InstructionFlags* flags, 98 uint32_t insns_size, 99 uint16_t registers_size, 100 ScopedArenaAllocator& allocator, 101 RegTypeCache* reg_types); 102 IsInitialized()103 bool IsInitialized() const { 104 return !register_lines_.empty(); 105 } 106 GetLine(size_t idx)107 RegisterLine* GetLine(size_t idx) const { 108 return register_lines_[idx].get(); 109 } 110 111 private: 112 ScopedArenaVector<RegisterLineArenaUniquePtr> register_lines_; 113 114 DISALLOW_COPY_AND_ASSIGN(PcToRegisterLineTable); 115 }; 116 117 // The verifier 118 class MethodVerifier { 119 public: 120 static MethodVerifier* VerifyMethodAndDump(Thread* self, 121 VariableIndentationOutputStream* vios, 122 uint32_t method_idx, 123 const DexFile* dex_file, 124 Handle<mirror::DexCache> dex_cache, 125 Handle<mirror::ClassLoader> class_loader, 126 const dex::ClassDef& class_def, 127 const dex::CodeItem* code_item, ArtMethod* method, 128 uint32_t method_access_flags, 129 uint32_t api_level) 130 REQUIRES_SHARED(Locks::mutator_lock_); 131 132 // Calculates the verification information for every instruction of the given method. The given 133 // dex-cache and class-loader will be used for lookups. No classes will be loaded. If verification 134 // fails hard nullptr will be returned. This should only be used if one needs to examine what the 135 // verifier believes about the registers of a given method. 136 static MethodVerifier* CalculateVerificationInfo(Thread* self, 137 ArtMethod* method, 138 Handle<mirror::DexCache> dex_cache, 139 Handle<mirror::ClassLoader> class_loader) 140 REQUIRES_SHARED(Locks::mutator_lock_); 141 GetDexFile()142 const DexFile& GetDexFile() const { 143 DCHECK(dex_file_ != nullptr); 144 return *dex_file_; 145 } 146 GetClassDef()147 const dex::ClassDef& GetClassDef() const { 148 return class_def_; 149 } 150 GetRegTypeCache()151 RegTypeCache* GetRegTypeCache() { 152 return ®_types_; 153 } 154 155 // Log a verification failure. 156 std::ostream& Fail(VerifyError error, bool pending_exc = true); 157 158 // Log for verification information. 159 ScopedNewLine LogVerifyInfo(); 160 161 // Information structure for a lock held at a certain point in time. 162 struct DexLockInfo { 163 // The registers aliasing the lock. 164 std::set<uint32_t> dex_registers; 165 // The dex PC of the monitor-enter instruction. 166 uint32_t dex_pc; 167 DexLockInfoDexLockInfo168 explicit DexLockInfo(uint32_t dex_pc_in) { 169 dex_pc = dex_pc_in; 170 } 171 }; 172 // Fills 'monitor_enter_dex_pcs' with the dex pcs of the monitor-enter instructions corresponding 173 // to the locks held at 'dex_pc' in method 'm'. 174 // Note: this is the only situation where the verifier will visit quickened instructions. 175 static void FindLocksAtDexPc(ArtMethod* m, 176 uint32_t dex_pc, 177 std::vector<DexLockInfo>* monitor_enter_dex_pcs, 178 uint32_t api_level) 179 REQUIRES_SHARED(Locks::mutator_lock_); 180 181 static void Init(ClassLinker* class_linker) REQUIRES_SHARED(Locks::mutator_lock_); 182 static void Shutdown(); 183 184 virtual ~MethodVerifier(); 185 186 static void VisitStaticRoots(RootVisitor* visitor) 187 REQUIRES_SHARED(Locks::mutator_lock_); 188 void VisitRoots(RootVisitor* visitor, const RootInfo& roots) 189 REQUIRES_SHARED(Locks::mutator_lock_); 190 191 // Accessors used by the compiler via CompilerCallback CodeItem()192 const CodeItemDataAccessor& CodeItem() const { 193 return code_item_accessor_; 194 } 195 RegisterLine* GetRegLine(uint32_t dex_pc); 196 ALWAYS_INLINE const InstructionFlags& GetInstructionFlags(size_t index) const; 197 198 MethodReference GetMethodReference() const; 199 bool HasFailures() const; HasInstructionThatWillThrow()200 bool HasInstructionThatWillThrow() const { 201 return flags_.have_any_pending_runtime_throw_failure_; 202 } 203 204 virtual const RegType& ResolveCheckedClass(dex::TypeIndex class_idx) 205 REQUIRES_SHARED(Locks::mutator_lock_) = 0; 206 GetEncounteredFailureTypes()207 uint32_t GetEncounteredFailureTypes() const { 208 return encountered_failure_types_; 209 } 210 GetClassLinker()211 ClassLinker* GetClassLinker() const { 212 return class_linker_; 213 } 214 IsAotMode()215 bool IsAotMode() const { 216 return flags_.aot_mode_; 217 } 218 GetVerifierDeps()219 VerifierDeps* GetVerifierDeps() const { 220 return verifier_deps_; 221 } 222 223 protected: 224 MethodVerifier(Thread* self, 225 ClassLinker* class_linker, 226 ArenaPool* arena_pool, 227 VerifierDeps* verifier_deps, 228 const DexFile* dex_file, 229 const dex::ClassDef& class_def, 230 const dex::CodeItem* code_item, 231 uint32_t dex_method_idx, 232 bool can_load_classes, 233 bool allow_thread_suspension, 234 bool allow_soft_failures, 235 bool aot_mode) 236 REQUIRES_SHARED(Locks::mutator_lock_); 237 238 // Verification result for method(s). Includes a (maximum) failure kind, and (the union of) 239 // all failure types. 240 struct FailureData : ValueObject { 241 FailureKind kind = FailureKind::kNoFailure; 242 uint32_t types = 0U; 243 244 // Merge src into this. Uses the most severe failure kind, and the union of types. 245 void Merge(const FailureData& src); 246 }; 247 248 /* 249 * Perform verification on a single method. 250 * 251 * We do this in three passes: 252 * (1) Walk through all code units, determining instruction locations, 253 * widths, and other characteristics. 254 * (2) Walk through all code units, performing static checks on 255 * operands. 256 * (3) Iterate through the method, checking type safety and looking 257 * for code flow problems. 258 */ 259 static FailureData VerifyMethod(Thread* self, 260 ClassLinker* class_linker, 261 ArenaPool* arena_pool, 262 VerifierDeps* verifier_deps, 263 uint32_t method_idx, 264 const DexFile* dex_file, 265 Handle<mirror::DexCache> dex_cache, 266 Handle<mirror::ClassLoader> class_loader, 267 const dex::ClassDef& class_def_idx, 268 const dex::CodeItem* code_item, 269 ArtMethod* method, 270 uint32_t method_access_flags, 271 CompilerCallbacks* callbacks, 272 VerifierCallback* verifier_callback, 273 bool allow_soft_failures, 274 HardFailLogMode log_level, 275 bool need_precise_constants, 276 uint32_t api_level, 277 bool aot_mode, 278 std::string* hard_failure_msg) 279 REQUIRES_SHARED(Locks::mutator_lock_); 280 281 template <bool kVerifierDebug> 282 static FailureData VerifyMethod(Thread* self, 283 ClassLinker* class_linker, 284 ArenaPool* arena_pool, 285 VerifierDeps* verifier_deps, 286 uint32_t method_idx, 287 const DexFile* dex_file, 288 Handle<mirror::DexCache> dex_cache, 289 Handle<mirror::ClassLoader> class_loader, 290 const dex::ClassDef& class_def_idx, 291 const dex::CodeItem* code_item, 292 ArtMethod* method, 293 uint32_t method_access_flags, 294 CompilerCallbacks* callbacks, 295 VerifierCallback* verifier_callback, 296 bool allow_soft_failures, 297 HardFailLogMode log_level, 298 bool need_precise_constants, 299 uint32_t api_level, 300 bool aot_mode, 301 std::string* hard_failure_msg) 302 REQUIRES_SHARED(Locks::mutator_lock_); 303 304 // For VerifierDepsTest. TODO: Refactor. 305 306 // Run verification on the method. Returns true if verification completes and false if the input 307 // has an irrecoverable corruption. 308 virtual bool Verify() REQUIRES_SHARED(Locks::mutator_lock_) = 0; 309 static MethodVerifier* CreateVerifier(Thread* self, 310 VerifierDeps* verifier_deps, 311 const DexFile* dex_file, 312 Handle<mirror::DexCache> dex_cache, 313 Handle<mirror::ClassLoader> class_loader, 314 const dex::ClassDef& class_def, 315 const dex::CodeItem* code_item, 316 uint32_t method_idx, 317 ArtMethod* method, 318 uint32_t access_flags, 319 bool can_load_classes, 320 bool allow_soft_failures, 321 bool need_precise_constants, 322 bool verify_to_dump, 323 bool allow_thread_suspension, 324 uint32_t api_level) 325 REQUIRES_SHARED(Locks::mutator_lock_); 326 327 // The thread we're verifying on. 328 Thread* const self_; 329 330 // Arena allocator. 331 ArenaStack arena_stack_; 332 ScopedArenaAllocator allocator_; 333 334 RegTypeCache reg_types_; 335 336 PcToRegisterLineTable reg_table_; 337 338 // Storage for the register status we're currently working on. 339 RegisterLineArenaUniquePtr work_line_; 340 341 // The address of the instruction we're currently working on, note that this is in 2 byte 342 // quantities 343 uint32_t work_insn_idx_; 344 345 // Storage for the register status we're saving for later. 346 RegisterLineArenaUniquePtr saved_line_; 347 348 const uint32_t dex_method_idx_; // The method we're working on. 349 const DexFile* const dex_file_; // The dex file containing the method. 350 const dex::ClassDef& class_def_; // The class being verified. 351 const CodeItemDataAccessor code_item_accessor_; 352 353 // Instruction widths and flags, one entry per code unit. 354 // Owned, but not unique_ptr since insn_flags_ are allocated in arenas. 355 ArenaUniquePtr<InstructionFlags[]> insn_flags_; 356 357 // The types of any error that occurs. 358 std::vector<VerifyError> failures_; 359 // Error messages associated with failures. 360 std::vector<std::ostringstream*> failure_messages_; 361 struct { 362 // Is there a pending hard failure? 363 bool have_pending_hard_failure_ : 1; 364 365 // Is there a pending runtime throw failure? A runtime throw failure is when an instruction 366 // would fail at runtime throwing an exception. Such an instruction causes the following code 367 // to be unreachable. This is set by Fail and used to ensure we don't process unreachable 368 // instructions that would hard fail the verification. 369 // Note: this flag is reset after processing each instruction. 370 bool have_pending_runtime_throw_failure_ : 1; 371 372 // Is there a pending experimental failure? 373 bool have_pending_experimental_failure_ : 1; 374 375 // A version of the above that is not reset and thus captures if there were *any* throw 376 // failures. 377 bool have_any_pending_runtime_throw_failure_ : 1; 378 379 // Verify in AoT mode? 380 bool aot_mode_ : 1; 381 } flags_; 382 383 // Info message log use primarily for verifier diagnostics. 384 std::ostringstream info_messages_; 385 386 // Bitset of the encountered failure types. Bits are according to the values in VerifyError. 387 uint32_t encountered_failure_types_; 388 389 const bool can_load_classes_; 390 391 // Converts soft failures to hard failures when false. Only false when the compiler isn't 392 // running and the verifier is called from the class linker. 393 const bool allow_soft_failures_; 394 395 // Classlinker to use when resolving. 396 ClassLinker* class_linker_; 397 398 // The verifier deps object we are going to report type assigability 399 // constraints to. Can be null for runtime verification. 400 VerifierDeps* verifier_deps_; 401 402 // Link, for the method verifier root linked list. 403 MethodVerifier* link_; 404 405 friend class art::Thread; 406 friend class ClassVerifier; 407 friend class VerifierDepsTest; 408 409 DISALLOW_COPY_AND_ASSIGN(MethodVerifier); 410 }; 411 412 } // namespace verifier 413 } // namespace art 414 415 #endif // ART_RUNTIME_VERIFIER_METHOD_VERIFIER_H_ 416