1 /* 2 * Copyright (C) 2011 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef ART_RUNTIME_VERIFIER_METHOD_VERIFIER_H_ 18 #define ART_RUNTIME_VERIFIER_METHOD_VERIFIER_H_ 19 20 #include <memory> 21 #include <sstream> 22 #include <vector> 23 24 #include <android-base/logging.h> 25 26 #include "base/arena_allocator.h" 27 #include "base/macros.h" 28 #include "base/scoped_arena_containers.h" 29 #include "base/value_object.h" 30 #include "dex/code_item_accessors.h" 31 #include "dex/dex_file_types.h" 32 #include "dex/method_reference.h" 33 #include "handle.h" 34 #include "instruction_flags.h" 35 #include "reg_type_cache.h" 36 #include "register_line.h" 37 #include "verifier_enums.h" 38 39 namespace art HIDDEN { 40 41 class ClassLinker; 42 class DexFile; 43 class Instruction; 44 struct ReferenceMap2Visitor; 45 class Thread; 46 class VariableIndentationOutputStream; 47 48 namespace dex { 49 struct ClassDef; 50 struct CodeItem; 51 } // namespace dex 52 53 namespace mirror { 54 class DexCache; 55 } // namespace mirror 56 57 namespace verifier { 58 59 class MethodVerifier; 60 class RegisterLine; 61 using RegisterLineArenaUniquePtr = std::unique_ptr<RegisterLine, RegisterLineArenaDelete>; 62 class RegType; 63 struct ScopedNewLine; 64 class VerifierDeps; 65 66 // A mapping from a dex pc to the register line statuses as they are immediately prior to the 67 // execution of that instruction. 68 class PcToRegisterLineTable { 69 public: 70 explicit PcToRegisterLineTable(ScopedArenaAllocator& allocator); 71 ~PcToRegisterLineTable(); 72 73 // Initialize the RegisterTable. Every instruction address can have a different set of information 74 // about what's in which register, but for verification purposes we only need to store it at 75 // branch target addresses (because we merge into that). 76 void Init(InstructionFlags* flags, 77 uint32_t insns_size, 78 uint16_t registers_size, 79 ScopedArenaAllocator& allocator, 80 RegTypeCache* reg_types, 81 uint32_t interesting_dex_pc); 82 IsInitialized()83 bool IsInitialized() const { 84 return !register_lines_.empty(); 85 } 86 GetLine(size_t idx)87 RegisterLine* GetLine(size_t idx) const { 88 return register_lines_[idx].get(); 89 } 90 91 private: 92 ScopedArenaVector<RegisterLineArenaUniquePtr> register_lines_; 93 94 DISALLOW_COPY_AND_ASSIGN(PcToRegisterLineTable); 95 }; 96 97 // The verifier 98 class MethodVerifier { 99 public: 100 EXPORT static MethodVerifier* VerifyMethodAndDump(Thread* self, 101 VariableIndentationOutputStream* vios, 102 uint32_t method_idx, 103 const DexFile* dex_file, 104 Handle<mirror::DexCache> dex_cache, 105 Handle<mirror::ClassLoader> class_loader, 106 const dex::ClassDef& class_def, 107 const dex::CodeItem* code_item, 108 uint32_t method_access_flags, 109 uint32_t api_level) 110 REQUIRES_SHARED(Locks::mutator_lock_); 111 112 // Calculates the type information at the given `dex_pc`. 113 // No classes will be loaded. 114 EXPORT static MethodVerifier* CalculateVerificationInfo(Thread* self, 115 ArtMethod* method, 116 Handle<mirror::DexCache> dex_cache, 117 Handle<mirror::ClassLoader> class_loader, 118 uint32_t dex_pc) 119 REQUIRES_SHARED(Locks::mutator_lock_); 120 GetDexFile()121 const DexFile& GetDexFile() const { 122 DCHECK(dex_file_ != nullptr); 123 return *dex_file_; 124 } 125 GetClassDef()126 const dex::ClassDef& GetClassDef() const { 127 return class_def_; 128 } 129 GetRegTypeCache()130 RegTypeCache* GetRegTypeCache() { 131 return ®_types_; 132 } 133 134 // Log a verification failure. 135 std::ostream& Fail(VerifyError error, bool pending_exc = true); 136 137 // Log for verification information. 138 ScopedNewLine LogVerifyInfo(); 139 140 // Information structure for a lock held at a certain point in time. 141 struct DexLockInfo { 142 // The registers aliasing the lock. 143 std::set<uint32_t> dex_registers; 144 // The dex PC of the monitor-enter instruction. 145 uint32_t dex_pc; 146 DexLockInfoDexLockInfo147 explicit DexLockInfo(uint32_t dex_pc_in) { 148 dex_pc = dex_pc_in; 149 } 150 }; 151 // Fills 'monitor_enter_dex_pcs' with the dex pcs of the monitor-enter instructions corresponding 152 // to the locks held at 'dex_pc' in method 'm'. 153 // Note: this is the only situation where the verifier will visit quickened instructions. 154 static void FindLocksAtDexPc(ArtMethod* m, 155 uint32_t dex_pc, 156 std::vector<DexLockInfo>* monitor_enter_dex_pcs, 157 uint32_t api_level) 158 REQUIRES_SHARED(Locks::mutator_lock_); 159 160 virtual ~MethodVerifier(); 161 CodeItem()162 const CodeItemDataAccessor& CodeItem() const { 163 return code_item_accessor_; 164 } 165 RegisterLine* GetRegLine(uint32_t dex_pc); 166 ALWAYS_INLINE const InstructionFlags& GetInstructionFlags(size_t index) const; 167 168 MethodReference GetMethodReference() const; 169 bool HasFailures() const; HasInstructionThatWillThrow()170 bool HasInstructionThatWillThrow() const { 171 return (encountered_failure_types_ & VERIFY_ERROR_RUNTIME_THROW) != 0; 172 } 173 174 virtual const RegType& ResolveCheckedClass(dex::TypeIndex class_idx) 175 REQUIRES_SHARED(Locks::mutator_lock_) = 0; 176 GetEncounteredFailureTypes()177 uint32_t GetEncounteredFailureTypes() const { 178 return encountered_failure_types_; 179 } 180 GetClassLinker()181 ClassLinker* GetClassLinker() const { 182 return reg_types_.GetClassLinker(); 183 } 184 IsAotMode()185 bool IsAotMode() const { 186 return const_flags_.aot_mode_; 187 } 188 CanLoadClasses()189 bool CanLoadClasses() const { 190 return const_flags_.can_load_classes_; 191 } 192 GetVerifierDeps()193 VerifierDeps* GetVerifierDeps() const { 194 return verifier_deps_; 195 } 196 197 protected: 198 MethodVerifier(Thread* self, 199 ClassLinker* class_linker, 200 ArenaPool* arena_pool, 201 VerifierDeps* verifier_deps, 202 const DexFile* dex_file, 203 const dex::ClassDef& class_def, 204 const dex::CodeItem* code_item, 205 uint32_t dex_method_idx, 206 bool can_load_classes, 207 bool allow_thread_suspension, 208 bool aot_mode) 209 REQUIRES_SHARED(Locks::mutator_lock_); 210 211 // Verification result for method(s). Includes a (maximum) failure kind, and (the union of) 212 // all failure types. 213 struct FailureData : ValueObject { 214 FailureKind kind = FailureKind::kNoFailure; 215 uint32_t types = 0U; 216 217 // Merge src into this. Uses the most severe failure kind, and the union of types. 218 void Merge(const FailureData& src); 219 }; 220 221 /* 222 * Perform verification on a single method. 223 * 224 * We do this in three passes: 225 * (1) Walk through all code units, determining instruction locations, 226 * widths, and other characteristics. 227 * (2) Walk through all code units, performing static checks on 228 * operands. 229 * (3) Iterate through the method, checking type safety and looking 230 * for code flow problems. 231 */ 232 static FailureData VerifyMethod(Thread* self, 233 ClassLinker* class_linker, 234 ArenaPool* arena_pool, 235 VerifierDeps* verifier_deps, 236 uint32_t method_idx, 237 const DexFile* dex_file, 238 Handle<mirror::DexCache> dex_cache, 239 Handle<mirror::ClassLoader> class_loader, 240 const dex::ClassDef& class_def_idx, 241 const dex::CodeItem* code_item, 242 uint32_t method_access_flags, 243 HardFailLogMode log_level, 244 uint32_t api_level, 245 bool aot_mode, 246 std::string* hard_failure_msg) 247 REQUIRES_SHARED(Locks::mutator_lock_); 248 249 template <bool kVerifierDebug> 250 static FailureData VerifyMethod(Thread* self, 251 ClassLinker* class_linker, 252 ArenaPool* arena_pool, 253 VerifierDeps* verifier_deps, 254 uint32_t method_idx, 255 const DexFile* dex_file, 256 Handle<mirror::DexCache> dex_cache, 257 Handle<mirror::ClassLoader> class_loader, 258 const dex::ClassDef& class_def_idx, 259 const dex::CodeItem* code_item, 260 uint32_t method_access_flags, 261 HardFailLogMode log_level, 262 uint32_t api_level, 263 bool aot_mode, 264 std::string* hard_failure_msg) 265 REQUIRES_SHARED(Locks::mutator_lock_); 266 267 // For VerifierDepsTest. TODO: Refactor. 268 269 // Run verification on the method. Returns true if verification completes and false if the input 270 // has an irrecoverable corruption. 271 virtual bool Verify() REQUIRES_SHARED(Locks::mutator_lock_) = 0; 272 static MethodVerifier* CreateVerifier(Thread* self, 273 VerifierDeps* verifier_deps, 274 const DexFile* dex_file, 275 Handle<mirror::DexCache> dex_cache, 276 Handle<mirror::ClassLoader> class_loader, 277 const dex::ClassDef& class_def, 278 const dex::CodeItem* code_item, 279 uint32_t method_idx, 280 uint32_t access_flags, 281 bool can_load_classes, 282 bool verify_to_dump, 283 bool allow_thread_suspension, 284 uint32_t api_level) 285 REQUIRES_SHARED(Locks::mutator_lock_); 286 287 virtual bool PotentiallyMarkRuntimeThrow() = 0; 288 289 // The thread we're verifying on. 290 Thread* const self_; 291 292 // Arena allocator. 293 ArenaStack arena_stack_; 294 ScopedArenaAllocator allocator_; 295 296 RegTypeCache reg_types_; 297 298 PcToRegisterLineTable reg_table_; 299 300 // Storage for the register status we're currently working on. 301 RegisterLineArenaUniquePtr work_line_; 302 303 // The address of the instruction we're currently working on, note that this is in 2 byte 304 // quantities 305 uint32_t work_insn_idx_; 306 307 // Storage for the register status we're saving for later. 308 RegisterLineArenaUniquePtr saved_line_; 309 310 const uint32_t dex_method_idx_; // The method we're working on. 311 const DexFile* const dex_file_; // The dex file containing the method. 312 const dex::ClassDef& class_def_; // The class being verified. 313 const CodeItemDataAccessor code_item_accessor_; 314 315 // Instruction widths and flags, one entry per code unit. 316 // Owned, but not unique_ptr since insn_flags_ are allocated in arenas. 317 ArenaUniquePtr<InstructionFlags[]> insn_flags_; 318 319 // The types of any error that occurs. 320 std::vector<VerifyError> failures_; 321 // Error messages associated with failures. 322 std::vector<std::ostringstream*> failure_messages_; 323 324 struct { 325 // Is there a pending hard failure? 326 bool have_pending_hard_failure_ : 1; 327 328 // Is there a pending runtime throw failure? A runtime throw failure is when an instruction 329 // would fail at runtime throwing an exception. Such an instruction causes the following code 330 // to be unreachable. This is set by Fail and used to ensure we don't process unreachable 331 // instructions that would hard fail the verification. 332 // Note: this flag is reset after processing each instruction. 333 bool have_pending_runtime_throw_failure_ : 1; 334 } flags_; 335 336 struct { 337 // Verify in AoT mode? 338 bool aot_mode_ : 1; 339 340 // Whether the `MethodVerifer` can load classes. 341 bool can_load_classes_ : 1; 342 } const const_flags_; 343 344 // Bitset of the encountered failure types. Bits are according to the values in VerifyError. 345 uint32_t encountered_failure_types_; 346 347 // Info message log use primarily for verifier diagnostics. 348 std::ostringstream info_messages_; 349 350 // The verifier deps object we are going to report type assigability 351 // constraints to. Can be null for runtime verification. 352 VerifierDeps* verifier_deps_; 353 354 // Link, for the method verifier root linked list. 355 MethodVerifier* link_; 356 357 friend class art::Thread; 358 friend class ClassVerifier; 359 friend class VerifierDepsTest; 360 361 DISALLOW_COPY_AND_ASSIGN(MethodVerifier); 362 }; 363 364 } // namespace verifier 365 } // namespace art 366 367 #endif // ART_RUNTIME_VERIFIER_METHOD_VERIFIER_H_ 368