1 // Copyright (C) 2018 The Android Open Source Project
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 //
15
16 #include <android-base/logging.h>
17 #include <nativehelper/scoped_local_ref.h>
18
19 #include <atomic>
20 #include <iomanip>
21 #include <iostream>
22 #include <istream>
23 #include <jni.h>
24 #include <jvmti.h>
25 #include <memory>
26 #include <sstream>
27 #include <string.h>
28 #include <string>
29 #include <unordered_map>
30 #include <vector>
31
32 namespace fieldnull {
33
34 #define CHECK_JVMTI(x) CHECK_EQ((x), JVMTI_ERROR_NONE)
35
36 // Special art ti-version number. We will use this as a fallback if we cannot get a regular JVMTI
37 // env.
38 static constexpr jint kArtTiVersion = JVMTI_VERSION_1_2 | 0x40000000;
39
40 static JavaVM* java_vm = nullptr;
41
42 // Field is "Lclass/name/here;.field_name:Lfield/type/here;"
SplitField(JNIEnv * env,const std::string & field_id)43 static std::pair<jclass, jfieldID> SplitField(JNIEnv* env, const std::string& field_id) {
44 CHECK_EQ(field_id[0], 'L');
45 env->PushLocalFrame(1);
46 std::istringstream is(field_id);
47 std::string class_name;
48 std::string field_name;
49 std::string field_type;
50
51 std::getline(is, class_name, '.');
52 std::getline(is, field_name, ':');
53 std::getline(is, field_type, '\0');
54
55 jclass klass = reinterpret_cast<jclass>(
56 env->NewGlobalRef(env->FindClass(class_name.substr(1, class_name.size() - 2).c_str())));
57 CHECK(klass != nullptr) << class_name;
58 jfieldID field = env->GetFieldID(klass, field_name.c_str(), field_type.c_str());
59 CHECK(field != nullptr) << field_name;
60 LOG(INFO) << "listing field " << field_id;
61 env->PopLocalFrame(nullptr);
62 return std::make_pair(klass, field);
63 }
64
GetRequestedFields(JNIEnv * env,const std::string & args)65 static std::vector<std::pair<jclass, jfieldID>> GetRequestedFields(JNIEnv* env,
66 const std::string& args) {
67 std::vector<std::pair<jclass, jfieldID>> res;
68 std::stringstream args_stream(args);
69 std::string item;
70 while (std::getline(args_stream, item, ',')) {
71 if (item == "") {
72 continue;
73 }
74 res.push_back(SplitField(env, item));
75 }
76 return res;
77 }
78
SetupJvmtiEnv(JavaVM * vm,jvmtiEnv ** jvmti)79 static jint SetupJvmtiEnv(JavaVM* vm, jvmtiEnv** jvmti) {
80 jint res = 0;
81 res = vm->GetEnv(reinterpret_cast<void**>(jvmti), JVMTI_VERSION_1_1);
82
83 if (res != JNI_OK || *jvmti == nullptr) {
84 LOG(ERROR) << "Unable to access JVMTI, error code " << res;
85 return vm->GetEnv(reinterpret_cast<void**>(jvmti), kArtTiVersion);
86 }
87 return res;
88 }
89
90 struct RequestList {
91 std::vector<std::pair<jclass, jfieldID>> fields_;
92 };
93
DataDumpRequestCb(jvmtiEnv * jvmti)94 static void DataDumpRequestCb(jvmtiEnv* jvmti) {
95 JNIEnv* env = nullptr;
96 CHECK_EQ(java_vm->GetEnv(reinterpret_cast<void**>(&env), JNI_VERSION_1_6), JNI_OK);
97 LOG(INFO) << "Dumping counts of fields.";
98 LOG(INFO) << "\t" << "Field name"
99 << "\t" << "Type"
100 << "\t" << "Count"
101 << "\t" << "TotalSize";
102 RequestList* list;
103 CHECK_JVMTI(jvmti->GetEnvironmentLocalStorage(reinterpret_cast<void**>(&list)));
104 for (std::pair<jclass, jfieldID>& p : list->fields_) {
105 jclass klass = p.first;
106 jfieldID field = p.second;
107 // Make sure all instances of the class are tagged with the klass ptr value. Since this is a
108 // global ref it's guaranteed to be unique.
109 CHECK_JVMTI(jvmti->IterateOverInstancesOfClass(
110 p.first,
111 // We need to do this to all objects every time since we might be looking for multiple
112 // fields in classes that are subtypes of each other.
113 JVMTI_HEAP_OBJECT_EITHER,
114 /* class_tag, size, tag_ptr, user_data*/
115 [](jlong, jlong, jlong* tag_ptr, void* klass) -> jvmtiIterationControl {
116 *tag_ptr = static_cast<jlong>(reinterpret_cast<intptr_t>(klass));
117 return JVMTI_ITERATION_CONTINUE;
118 },
119 klass));
120 jobject* obj_list;
121 jint obj_len;
122 jlong tag = static_cast<jlong>(reinterpret_cast<intptr_t>(klass));
123 CHECK_JVMTI(jvmti->GetObjectsWithTags(1, &tag, &obj_len, &obj_list, nullptr));
124
125 std::unordered_map<std::string, size_t> class_sizes;
126 std::unordered_map<std::string, size_t> class_counts;
127 size_t total_size = 0;
128 // Mark all the referenced objects with a single tag value, this way we can dedup them.
129 jlong referenced_object_tag = static_cast<jlong>(reinterpret_cast<intptr_t>(klass) + 1);
130 std::string null_class_name("<null>");
131 class_counts[null_class_name] = 0;
132 class_sizes[null_class_name] = 0;
133 for (jint i = 0; i < obj_len; i++) {
134 ScopedLocalRef<jobject> cur_thiz(env, obj_list[i]);
135 ScopedLocalRef<jobject> obj(env, env->GetObjectField(cur_thiz.get(), field));
136 std::string class_name(null_class_name);
137 if (obj == nullptr) {
138 class_counts[null_class_name]++;
139 } else {
140 CHECK_JVMTI(jvmti->SetTag(obj.get(), referenced_object_tag));
141 jlong size = 0;
142 if (obj.get() != nullptr) {
143 char* class_name_tmp;
144 ScopedLocalRef<jclass> obj_klass(env, env->GetObjectClass(obj.get()));
145 CHECK_JVMTI(jvmti->GetClassSignature(obj_klass.get(), &class_name_tmp, nullptr));
146 CHECK_JVMTI(jvmti->GetObjectSize(obj.get(), &size));
147 class_name = class_name_tmp;
148 CHECK_JVMTI(jvmti->Deallocate(reinterpret_cast<unsigned char*>(class_name_tmp)));
149 }
150 if (class_sizes.find(class_name) == class_counts.end()) {
151 class_sizes[class_name] = 0;
152 class_counts[class_name] = 0;
153 }
154 class_counts[class_name]++;
155 }
156 }
157 jobject* ref_list;
158 jint ref_len;
159 CHECK_JVMTI(jvmti->GetObjectsWithTags(1, &referenced_object_tag, &ref_len, &ref_list, nullptr));
160 for (jint i = 0; i < ref_len; i++) {
161 ScopedLocalRef<jobject> obj(env, ref_list[i]);
162 std::string class_name(null_class_name);
163 jlong size = 0;
164 if (obj.get() != nullptr) {
165 char* class_name_tmp;
166 ScopedLocalRef<jclass> obj_klass(env, env->GetObjectClass(obj.get()));
167 CHECK_JVMTI(jvmti->GetClassSignature(obj_klass.get(), &class_name_tmp, nullptr));
168 CHECK_JVMTI(jvmti->GetObjectSize(obj.get(), &size));
169 class_name = class_name_tmp;
170 CHECK_JVMTI(jvmti->Deallocate(reinterpret_cast<unsigned char*>(class_name_tmp)));
171 }
172 total_size += static_cast<size_t>(size);
173 class_sizes[class_name] += static_cast<size_t>(size);
174 }
175
176 char* field_name;
177 char* field_sig;
178 char* field_class_name;
179 CHECK_JVMTI(jvmti->GetFieldName(klass, field, &field_name, &field_sig, nullptr));
180 CHECK_JVMTI(jvmti->GetClassSignature(klass, &field_class_name, nullptr));
181 LOG(INFO) << "\t" << field_class_name << "." << field_name << ":" << field_sig
182 << "\t" << "<ALL_TYPES>"
183 << "\t" << obj_len
184 << "\t" << total_size;
185 for (auto sz : class_sizes) {
186 size_t count = class_counts[sz.first];
187 LOG(INFO) << "\t" << field_class_name << "." << field_name << ":" << field_sig
188 << "\t" << sz.first
189 << "\t" << count
190 << "\t" << sz.second;
191 }
192 CHECK_JVMTI(jvmti->Deallocate(reinterpret_cast<unsigned char*>(field_name)));
193 CHECK_JVMTI(jvmti->Deallocate(reinterpret_cast<unsigned char*>(field_sig)));
194 CHECK_JVMTI(jvmti->Deallocate(reinterpret_cast<unsigned char*>(field_class_name)));
195 }
196 }
197
VMDeathCb(jvmtiEnv * jvmti,JNIEnv * env ATTRIBUTE_UNUSED)198 static void VMDeathCb(jvmtiEnv* jvmti, JNIEnv* env ATTRIBUTE_UNUSED) {
199 DataDumpRequestCb(jvmti);
200 RequestList* list = nullptr;
201 CHECK_JVMTI(jvmti->GetEnvironmentLocalStorage(reinterpret_cast<void**>(&list)));
202 delete list;
203 }
204
CreateFieldList(jvmtiEnv * jvmti,JNIEnv * env,const std::string & args)205 static void CreateFieldList(jvmtiEnv* jvmti, JNIEnv* env, const std::string& args) {
206 RequestList* list = nullptr;
207 CHECK_JVMTI(jvmti->Allocate(sizeof(*list), reinterpret_cast<unsigned char**>(&list)));
208 new (list) RequestList{
209 .fields_ = GetRequestedFields(env, args),
210 };
211 CHECK_JVMTI(jvmti->SetEnvironmentLocalStorage(list));
212 }
213
VMInitCb(jvmtiEnv * jvmti,JNIEnv * env,jobject thr ATTRIBUTE_UNUSED)214 static void VMInitCb(jvmtiEnv* jvmti, JNIEnv* env, jobject thr ATTRIBUTE_UNUSED) {
215 char* args = nullptr;
216 CHECK_JVMTI(jvmti->GetEnvironmentLocalStorage(reinterpret_cast<void**>(&args)));
217 CHECK_JVMTI(jvmti->SetEnvironmentLocalStorage(nullptr));
218 CreateFieldList(jvmti, env, args);
219 CHECK_JVMTI(jvmti->SetEventNotificationMode(JVMTI_ENABLE, JVMTI_EVENT_VM_DEATH, nullptr));
220 CHECK_JVMTI(
221 jvmti->SetEventNotificationMode(JVMTI_ENABLE, JVMTI_EVENT_DATA_DUMP_REQUEST, nullptr));
222 CHECK_JVMTI(jvmti->Deallocate(reinterpret_cast<unsigned char*>(args)));
223 }
224
AgentStart(JavaVM * vm,char * options,bool is_onload)225 static jint AgentStart(JavaVM* vm, char* options, bool is_onload) {
226 android::base::InitLogging(/* argv= */ nullptr);
227 java_vm = vm;
228 jvmtiEnv* jvmti = nullptr;
229 if (SetupJvmtiEnv(vm, &jvmti) != JNI_OK) {
230 LOG(ERROR) << "Could not get JVMTI env or ArtTiEnv!";
231 return JNI_ERR;
232 }
233 jvmtiCapabilities caps{
234 .can_tag_objects = 1,
235 };
236 CHECK_JVMTI(jvmti->AddCapabilities(&caps));
237 jvmtiEventCallbacks cb{
238 .VMInit = VMInitCb,
239 .VMDeath = VMDeathCb,
240 .DataDumpRequest = DataDumpRequestCb,
241 };
242 CHECK_JVMTI(jvmti->SetEventCallbacks(&cb, sizeof(cb)));
243 if (is_onload) {
244 unsigned char* ptr = nullptr;
245 CHECK_JVMTI(jvmti->Allocate(strlen(options) + 1, &ptr));
246 strcpy(reinterpret_cast<char*>(ptr), options);
247 CHECK_JVMTI(jvmti->SetEnvironmentLocalStorage(ptr));
248 CHECK_JVMTI(jvmti->SetEventNotificationMode(JVMTI_ENABLE, JVMTI_EVENT_VM_INIT, nullptr));
249 } else {
250 JNIEnv* env = nullptr;
251 CHECK_EQ(vm->GetEnv(reinterpret_cast<void**>(&env), JNI_VERSION_1_6), JNI_OK);
252 CreateFieldList(jvmti, env, options);
253 CHECK_JVMTI(jvmti->SetEventNotificationMode(JVMTI_ENABLE, JVMTI_EVENT_VM_DEATH, nullptr));
254 CHECK_JVMTI(
255 jvmti->SetEventNotificationMode(JVMTI_ENABLE, JVMTI_EVENT_DATA_DUMP_REQUEST, nullptr));
256 }
257 return JNI_OK;
258 }
259
260 // Late attachment (e.g. 'am attach-agent').
Agent_OnAttach(JavaVM * vm,char * options,void * reserved ATTRIBUTE_UNUSED)261 extern "C" JNIEXPORT jint JNICALL Agent_OnAttach(JavaVM* vm,
262 char* options,
263 void* reserved ATTRIBUTE_UNUSED) {
264 return AgentStart(vm, options, /*is_onload=*/false);
265 }
266
267 // Early attachment
Agent_OnLoad(JavaVM * jvm,char * options,void * reserved ATTRIBUTE_UNUSED)268 extern "C" JNIEXPORT jint JNICALL Agent_OnLoad(JavaVM* jvm,
269 char* options,
270 void* reserved ATTRIBUTE_UNUSED) {
271 return AgentStart(jvm, options, /*is_onload=*/true);
272 }
273
274 } // namespace fieldnull
275