1 /*
2  * Copyright (C) 2014 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include "inline_method_analyser.h"
18 
19 #include "art_field-inl.h"
20 #include "art_method-inl.h"
21 #include "class_linker-inl.h"
22 #include "dex_file-inl.h"
23 #include "dex_instruction.h"
24 #include "dex_instruction-inl.h"
25 #include "dex_instruction_utils.h"
26 #include "mirror/class-inl.h"
27 #include "mirror/dex_cache-inl.h"
28 #include "verifier/method_verifier-inl.h"
29 
30 /*
31  * NOTE: This code is part of the quick compiler. It lives in the runtime
32  * only to allow the debugger to check whether a method has been inlined.
33  */
34 
35 namespace art {
36 
37 namespace {  // anonymous namespace
38 
39 // Helper class for matching a pattern.
40 class Matcher {
41  public:
42   // Match function type.
43   typedef bool MatchFn(Matcher* matcher);
44 
45   template <size_t size>
46   static bool Match(const DexFile::CodeItem* code_item, MatchFn* const (&pattern)[size]);
47 
48   // Match and advance.
49 
50   static bool Mark(Matcher* matcher);
51 
52   template <bool (Matcher::*Fn)()>
53   static bool Required(Matcher* matcher);
54 
55   template <bool (Matcher::*Fn)()>
56   static bool Repeated(Matcher* matcher);  // On match, returns to the mark.
57 
58   // Match an individual instruction.
59 
60   template <Instruction::Code opcode> bool Opcode();
61   bool Const0();
62   bool IPutOnThis();
63 
64  private:
Matcher(const DexFile::CodeItem * code_item)65   explicit Matcher(const DexFile::CodeItem* code_item)
66       : code_item_(code_item),
67         instruction_(Instruction::At(code_item->insns_)),
68         pos_(0u),
69         mark_(0u) { }
70 
71   static bool DoMatch(const DexFile::CodeItem* code_item, MatchFn* const* pattern, size_t size);
72 
73   const DexFile::CodeItem* const code_item_;
74   const Instruction* instruction_;
75   size_t pos_;
76   size_t mark_;
77 };
78 
79 template <size_t size>
Match(const DexFile::CodeItem * code_item,MatchFn * const (& pattern)[size])80 bool Matcher::Match(const DexFile::CodeItem* code_item, MatchFn* const (&pattern)[size]) {
81   return DoMatch(code_item, pattern, size);
82 }
83 
Mark(Matcher * matcher)84 bool Matcher::Mark(Matcher* matcher) {
85   matcher->pos_ += 1u;  // Advance to the next match function before marking.
86   matcher->mark_ = matcher->pos_;
87   return true;
88 }
89 
90 template <bool (Matcher::*Fn)()>
Required(Matcher * matcher)91 bool Matcher::Required(Matcher* matcher) {
92   if (!(matcher->*Fn)()) {
93     return false;
94   }
95   matcher->pos_ += 1u;
96   matcher->instruction_ = matcher->instruction_->Next();
97   return true;
98 }
99 
100 template <bool (Matcher::*Fn)()>
Repeated(Matcher * matcher)101 bool Matcher::Repeated(Matcher* matcher) {
102   if (!(matcher->*Fn)()) {
103     // Didn't match optional instruction, try the next match function.
104     matcher->pos_ += 1u;
105     return true;
106   }
107   matcher->pos_ = matcher->mark_;
108   matcher->instruction_ = matcher->instruction_->Next();
109   return true;
110 }
111 
112 template <Instruction::Code opcode>
Opcode()113 bool Matcher::Opcode() {
114   return instruction_->Opcode() == opcode;
115 }
116 
117 // Match const 0.
Const0()118 bool Matcher::Const0() {
119   return IsInstructionDirectConst(instruction_->Opcode()) &&
120       (instruction_->Opcode() == Instruction::CONST_WIDE ? instruction_->VRegB_51l() == 0
121                                                          : instruction_->VRegB() == 0);
122 }
123 
IPutOnThis()124 bool Matcher::IPutOnThis() {
125   DCHECK_NE(code_item_->ins_size_, 0u);
126   return IsInstructionIPut(instruction_->Opcode()) &&
127       instruction_->VRegB_22c() == code_item_->registers_size_ - code_item_->ins_size_;
128 }
129 
DoMatch(const DexFile::CodeItem * code_item,MatchFn * const * pattern,size_t size)130 bool Matcher::DoMatch(const DexFile::CodeItem* code_item, MatchFn* const* pattern, size_t size) {
131   Matcher matcher(code_item);
132   while (matcher.pos_ != size) {
133     if (!pattern[matcher.pos_](&matcher)) {
134       return false;
135     }
136   }
137   return true;
138 }
139 
140 // Used for a single invoke in a constructor. In that situation, the method verifier makes
141 // sure we invoke a constructor either in the same class or superclass with at least "this".
GetTargetConstructor(ArtMethod * method,const Instruction * invoke_direct)142 ArtMethod* GetTargetConstructor(ArtMethod* method, const Instruction* invoke_direct)
143     SHARED_REQUIRES(Locks::mutator_lock_) {
144   DCHECK_EQ(invoke_direct->Opcode(), Instruction::INVOKE_DIRECT);
145   DCHECK_EQ(invoke_direct->VRegC_35c(),
146             method->GetCodeItem()->registers_size_ - method->GetCodeItem()->ins_size_);
147   uint32_t method_index = invoke_direct->VRegB_35c();
148   size_t pointer_size = Runtime::Current()->GetClassLinker()->GetImagePointerSize();
149   ArtMethod* target_method =
150       method->GetDexCache()->GetResolvedMethod(method_index, pointer_size);
151   if (kIsDebugBuild && target_method != nullptr) {
152     CHECK(!target_method->IsStatic());
153     CHECK(target_method->IsConstructor());
154     CHECK(target_method->GetDeclaringClass() == method->GetDeclaringClass() ||
155           target_method->GetDeclaringClass() == method->GetDeclaringClass()->GetSuperClass());
156   }
157   return target_method;
158 }
159 
160 // Return the forwarded arguments and check that all remaining arguments are zero.
161 // If the check fails, return static_cast<size_t>(-1).
CountForwardedConstructorArguments(const DexFile::CodeItem * code_item,const Instruction * invoke_direct,uint16_t zero_vreg_mask)162 size_t CountForwardedConstructorArguments(const DexFile::CodeItem* code_item,
163                                           const Instruction* invoke_direct,
164                                           uint16_t zero_vreg_mask) {
165   DCHECK_EQ(invoke_direct->Opcode(), Instruction::INVOKE_DIRECT);
166   size_t number_of_args = invoke_direct->VRegA_35c();
167   DCHECK_NE(number_of_args, 0u);
168   uint32_t args[Instruction::kMaxVarArgRegs];
169   invoke_direct->GetVarArgs(args);
170   uint16_t this_vreg = args[0];
171   DCHECK_EQ(this_vreg, code_item->registers_size_ - code_item->ins_size_);  // Checked by verifier.
172   size_t forwarded = 1u;
173   while (forwarded < number_of_args &&
174       args[forwarded] == this_vreg + forwarded &&
175       (zero_vreg_mask & (1u << args[forwarded])) == 0) {
176     ++forwarded;
177   }
178   for (size_t i = forwarded; i != number_of_args; ++i) {
179     if ((zero_vreg_mask & (1u << args[i])) == 0) {
180       return static_cast<size_t>(-1);
181     }
182   }
183   return forwarded;
184 }
185 
GetZeroVRegMask(const Instruction * const0)186 uint16_t GetZeroVRegMask(const Instruction* const0) {
187   DCHECK(IsInstructionDirectConst(const0->Opcode()));
188   DCHECK((const0->Opcode() == Instruction::CONST_WIDE) ? const0->VRegB_51l() == 0u
189                                                        : const0->VRegB() == 0);
190   uint16_t base_mask = IsInstructionConstWide(const0->Opcode()) ? 3u : 1u;
191   return base_mask << const0->VRegA();
192 }
193 
194 // We limit the number of IPUTs storing parameters. There can be any number
195 // of IPUTs that store the value 0 as they are useless in a constructor as
196 // the object always starts zero-initialized. We also eliminate all but the
197 // last store to any field as they are not observable; not even if the field
198 // is volatile as no reference to the object can escape from a constructor
199 // with this pattern.
200 static constexpr size_t kMaxConstructorIPuts = 3u;
201 
202 struct ConstructorIPutData {
ConstructorIPutDataart::__anon8023c6a50111::ConstructorIPutData203   ConstructorIPutData() : field_index(DexFile::kDexNoIndex16), arg(0u) { }
204 
205   uint16_t field_index;
206   uint16_t arg;
207 };
208 
RecordConstructorIPut(ArtMethod * method,const Instruction * new_iput,uint16_t this_vreg,uint16_t zero_vreg_mask,ConstructorIPutData (& iputs)[kMaxConstructorIPuts])209 bool RecordConstructorIPut(ArtMethod* method,
210                            const Instruction* new_iput,
211                            uint16_t this_vreg,
212                            uint16_t zero_vreg_mask,
213                            /*inout*/ ConstructorIPutData (&iputs)[kMaxConstructorIPuts])
214     SHARED_REQUIRES(Locks::mutator_lock_) {
215   DCHECK(IsInstructionIPut(new_iput->Opcode()));
216   uint32_t field_index = new_iput->VRegC_22c();
217   size_t pointer_size = Runtime::Current()->GetClassLinker()->GetImagePointerSize();
218   mirror::DexCache* dex_cache = method->GetDexCache();
219   ArtField* field = dex_cache->GetResolvedField(field_index, pointer_size);
220   if (UNLIKELY(field == nullptr)) {
221     return false;
222   }
223   // Remove previous IPUT to the same field, if any. Different field indexes may refer
224   // to the same field, so we need to compare resolved fields from the dex cache.
225   for (size_t old_pos = 0; old_pos != arraysize(iputs); ++old_pos) {
226     if (iputs[old_pos].field_index == DexFile::kDexNoIndex16) {
227       break;
228     }
229     ArtField* f = dex_cache->GetResolvedField(iputs[old_pos].field_index, pointer_size);
230     DCHECK(f != nullptr);
231     if (f == field) {
232       auto back_it = std::copy(iputs + old_pos + 1, iputs + arraysize(iputs), iputs + old_pos);
233       *back_it = ConstructorIPutData();
234       break;
235     }
236   }
237   // If the stored value isn't zero, record the IPUT.
238   if ((zero_vreg_mask & (1u << new_iput->VRegA_22c())) == 0u) {
239     size_t new_pos = 0;
240     while (new_pos != arraysize(iputs) && iputs[new_pos].field_index != DexFile::kDexNoIndex16) {
241       ++new_pos;
242     }
243     if (new_pos == arraysize(iputs)) {
244       return false;  // Exceeded capacity of the output array.
245     }
246     iputs[new_pos].field_index = field_index;
247     iputs[new_pos].arg = new_iput->VRegA_22c() - this_vreg;
248   }
249   return true;
250 }
251 
DoAnalyseConstructor(const DexFile::CodeItem * code_item,ArtMethod * method,ConstructorIPutData (& iputs)[kMaxConstructorIPuts])252 bool DoAnalyseConstructor(const DexFile::CodeItem* code_item,
253                           ArtMethod* method,
254                           /*inout*/ ConstructorIPutData (&iputs)[kMaxConstructorIPuts])
255     SHARED_REQUIRES(Locks::mutator_lock_) {
256   // On entry we should not have any IPUTs yet.
257   DCHECK_EQ(0, std::count_if(
258       iputs,
259       iputs + arraysize(iputs),
260       [](const ConstructorIPutData& iput_data) {
261         return iput_data.field_index != DexFile::kDexNoIndex16;
262       }));
263 
264   // Limit the maximum number of code units we're willing to match.
265   static constexpr size_t kMaxCodeUnits = 16u;
266 
267   // Limit the number of registers that the constructor may use to 16.
268   // Given that IPUTs must use low 16 registers and we do not match MOVEs,
269   // this is a reasonable limitation.
270   static constexpr size_t kMaxVRegs = 16u;
271 
272   // We try to match a constructor that calls another constructor (either in
273   // superclass or in the same class) with the same parameters, or with some
274   // parameters truncated (allowed only for calls to superclass constructor)
275   // or with extra parameters with value 0 (with any type, including null).
276   // This call can be followed by optional IPUTs on "this" storing either one
277   // of the parameters or 0 and the code must then finish with RETURN_VOID.
278   // The called constructor must be either java.lang.Object.<init>() or it
279   // must also match the same pattern.
280   static Matcher::MatchFn* const kConstructorPattern[] = {
281       &Matcher::Mark,
282       &Matcher::Repeated<&Matcher::Const0>,
283       &Matcher::Required<&Matcher::Opcode<Instruction::INVOKE_DIRECT>>,
284       &Matcher::Mark,
285       &Matcher::Repeated<&Matcher::Const0>,
286       &Matcher::Repeated<&Matcher::IPutOnThis>,
287       &Matcher::Required<&Matcher::Opcode<Instruction::RETURN_VOID>>,
288   };
289 
290   DCHECK(method != nullptr);
291   DCHECK(!method->IsStatic());
292   DCHECK(method->IsConstructor());
293   DCHECK(code_item != nullptr);
294   if (!method->GetDeclaringClass()->IsVerified() ||
295       code_item->insns_size_in_code_units_ > kMaxCodeUnits ||
296       code_item->registers_size_ > kMaxVRegs ||
297       !Matcher::Match(code_item, kConstructorPattern)) {
298     return false;
299   }
300 
301   // Verify the invoke, prevent a few odd cases and collect IPUTs.
302   uint16_t this_vreg = code_item->registers_size_ - code_item->ins_size_;
303   uint16_t zero_vreg_mask = 0u;
304   for (const Instruction* instruction = Instruction::At(code_item->insns_);
305       instruction->Opcode() != Instruction::RETURN_VOID;
306       instruction = instruction->Next()) {
307     if (instruction->Opcode() == Instruction::INVOKE_DIRECT) {
308       ArtMethod* target_method = GetTargetConstructor(method, instruction);
309       if (target_method == nullptr) {
310         return false;
311       }
312       // We allow forwarding constructors only if they pass more arguments
313       // to prevent infinite recursion.
314       if (target_method->GetDeclaringClass() == method->GetDeclaringClass() &&
315           instruction->VRegA_35c() <= code_item->ins_size_) {
316         return false;
317       }
318       size_t forwarded = CountForwardedConstructorArguments(code_item, instruction, zero_vreg_mask);
319       if (forwarded == static_cast<size_t>(-1)) {
320         return false;
321       }
322       if (target_method->GetDeclaringClass()->IsObjectClass()) {
323         DCHECK_EQ(Instruction::At(target_method->GetCodeItem()->insns_)->Opcode(),
324                   Instruction::RETURN_VOID);
325       } else {
326         const DexFile::CodeItem* target_code_item = target_method->GetCodeItem();
327         if (target_code_item == nullptr) {
328           return false;  // Native constructor?
329         }
330         if (!DoAnalyseConstructor(target_code_item, target_method, iputs)) {
331           return false;
332         }
333         // Prune IPUTs with zero input.
334         auto kept_end = std::remove_if(
335             iputs,
336             iputs + arraysize(iputs),
337             [forwarded](const ConstructorIPutData& iput_data) {
338               return iput_data.arg >= forwarded;
339             });
340         std::fill(kept_end, iputs + arraysize(iputs), ConstructorIPutData());
341         // If we have any IPUTs from the call, check that the target method is in the same
342         // dex file (compare DexCache references), otherwise field_indexes would be bogus.
343         if (iputs[0].field_index != DexFile::kDexNoIndex16 &&
344             target_method->GetDexCache() != method->GetDexCache()) {
345           return false;
346         }
347       }
348     } else if (IsInstructionDirectConst(instruction->Opcode())) {
349       zero_vreg_mask |= GetZeroVRegMask(instruction);
350       if ((zero_vreg_mask & (1u << this_vreg)) != 0u) {
351         return false;  // Overwriting `this` is unsupported.
352       }
353     } else {
354       DCHECK(IsInstructionIPut(instruction->Opcode()));
355       DCHECK_EQ(instruction->VRegB_22c(), this_vreg);
356       if (!RecordConstructorIPut(method, instruction, this_vreg, zero_vreg_mask, iputs)) {
357         return false;
358       }
359     }
360   }
361   return true;
362 }
363 
364 }  // anonymous namespace
365 
AnalyseConstructor(const DexFile::CodeItem * code_item,ArtMethod * method,InlineMethod * result)366 bool AnalyseConstructor(const DexFile::CodeItem* code_item,
367                         ArtMethod* method,
368                         InlineMethod* result)
369     SHARED_REQUIRES(Locks::mutator_lock_) {
370   ConstructorIPutData iputs[kMaxConstructorIPuts];
371   if (!DoAnalyseConstructor(code_item, method, iputs)) {
372     return false;
373   }
374   static_assert(kMaxConstructorIPuts == 3, "Unexpected limit");  // Code below depends on this.
375   DCHECK(iputs[0].field_index != DexFile::kDexNoIndex16 ||
376          iputs[1].field_index == DexFile::kDexNoIndex16);
377   DCHECK(iputs[1].field_index != DexFile::kDexNoIndex16 ||
378          iputs[2].field_index == DexFile::kDexNoIndex16);
379 
380 #define STORE_IPUT(n)                                                         \
381   do {                                                                        \
382     result->d.constructor_data.iput##n##_field_index = iputs[n].field_index;  \
383     result->d.constructor_data.iput##n##_arg = iputs[n].arg;                  \
384   } while (false)
385 
386   STORE_IPUT(0);
387   STORE_IPUT(1);
388   STORE_IPUT(2);
389 #undef STORE_IPUT
390 
391   result->opcode = kInlineOpConstructor;
392   result->flags = kInlineSpecial;
393   result->d.constructor_data.reserved = 0u;
394   return true;
395 }
396 
397 static_assert(InlineMethodAnalyser::IsInstructionIGet(Instruction::IGET), "iget type");
398 static_assert(InlineMethodAnalyser::IsInstructionIGet(Instruction::IGET_WIDE), "iget_wide type");
399 static_assert(InlineMethodAnalyser::IsInstructionIGet(Instruction::IGET_OBJECT),
400               "iget_object type");
401 static_assert(InlineMethodAnalyser::IsInstructionIGet(Instruction::IGET_BOOLEAN),
402               "iget_boolean type");
403 static_assert(InlineMethodAnalyser::IsInstructionIGet(Instruction::IGET_BYTE), "iget_byte type");
404 static_assert(InlineMethodAnalyser::IsInstructionIGet(Instruction::IGET_CHAR), "iget_char type");
405 static_assert(InlineMethodAnalyser::IsInstructionIGet(Instruction::IGET_SHORT), "iget_short type");
406 static_assert(InlineMethodAnalyser::IsInstructionIPut(Instruction::IPUT), "iput type");
407 static_assert(InlineMethodAnalyser::IsInstructionIPut(Instruction::IPUT_WIDE), "iput_wide type");
408 static_assert(InlineMethodAnalyser::IsInstructionIPut(Instruction::IPUT_OBJECT),
409               "iput_object type");
410 static_assert(InlineMethodAnalyser::IsInstructionIPut(Instruction::IPUT_BOOLEAN),
411               "iput_boolean type");
412 static_assert(InlineMethodAnalyser::IsInstructionIPut(Instruction::IPUT_BYTE), "iput_byte type");
413 static_assert(InlineMethodAnalyser::IsInstructionIPut(Instruction::IPUT_CHAR), "iput_char type");
414 static_assert(InlineMethodAnalyser::IsInstructionIPut(Instruction::IPUT_SHORT), "iput_short type");
415 static_assert(InlineMethodAnalyser::IGetVariant(Instruction::IGET) ==
416     InlineMethodAnalyser::IPutVariant(Instruction::IPUT), "iget/iput variant");
417 static_assert(InlineMethodAnalyser::IGetVariant(Instruction::IGET_WIDE) ==
418     InlineMethodAnalyser::IPutVariant(Instruction::IPUT_WIDE), "iget/iput_wide variant");
419 static_assert(InlineMethodAnalyser::IGetVariant(Instruction::IGET_OBJECT) ==
420     InlineMethodAnalyser::IPutVariant(Instruction::IPUT_OBJECT), "iget/iput_object variant");
421 static_assert(InlineMethodAnalyser::IGetVariant(Instruction::IGET_BOOLEAN) ==
422     InlineMethodAnalyser::IPutVariant(Instruction::IPUT_BOOLEAN), "iget/iput_boolean variant");
423 static_assert(InlineMethodAnalyser::IGetVariant(Instruction::IGET_BYTE) ==
424     InlineMethodAnalyser::IPutVariant(Instruction::IPUT_BYTE), "iget/iput_byte variant");
425 static_assert(InlineMethodAnalyser::IGetVariant(Instruction::IGET_CHAR) ==
426     InlineMethodAnalyser::IPutVariant(Instruction::IPUT_CHAR), "iget/iput_char variant");
427 static_assert(InlineMethodAnalyser::IGetVariant(Instruction::IGET_SHORT) ==
428     InlineMethodAnalyser::IPutVariant(Instruction::IPUT_SHORT), "iget/iput_short variant");
429 
430 // This is used by compiler and debugger. We look into the dex cache for resolved methods and
431 // fields. However, in the context of the debugger, not all methods and fields are resolved. Since
432 // we need to be able to detect possibly inlined method, we pass a null inline method to indicate
433 // we don't want to take unresolved methods and fields into account during analysis.
AnalyseMethodCode(verifier::MethodVerifier * verifier,InlineMethod * result)434 bool InlineMethodAnalyser::AnalyseMethodCode(verifier::MethodVerifier* verifier,
435                                              InlineMethod* result) {
436   DCHECK(verifier != nullptr);
437   if (!Runtime::Current()->UseJitCompilation()) {
438     DCHECK_EQ(verifier->CanLoadClasses(), result != nullptr);
439   }
440 
441   // Note: verifier->GetMethod() may be null.
442   return AnalyseMethodCode(verifier->CodeItem(),
443                            verifier->GetMethodReference(),
444                            (verifier->GetAccessFlags() & kAccStatic) != 0u,
445                            verifier->GetMethod(),
446                            result);
447 }
448 
AnalyseMethodCode(ArtMethod * method,InlineMethod * result)449 bool InlineMethodAnalyser::AnalyseMethodCode(ArtMethod* method, InlineMethod* result) {
450   const DexFile::CodeItem* code_item = method->GetCodeItem();
451   if (code_item == nullptr) {
452     // Native or abstract.
453     return false;
454   }
455   return AnalyseMethodCode(
456       code_item, method->ToMethodReference(), method->IsStatic(), method, result);
457 }
458 
AnalyseMethodCode(const DexFile::CodeItem * code_item,const MethodReference & method_ref,bool is_static,ArtMethod * method,InlineMethod * result)459 bool InlineMethodAnalyser::AnalyseMethodCode(const DexFile::CodeItem* code_item,
460                                              const MethodReference& method_ref,
461                                              bool is_static,
462                                              ArtMethod* method,
463                                              InlineMethod* result) {
464   // We currently support only plain return or 2-instruction methods.
465 
466   DCHECK_NE(code_item->insns_size_in_code_units_, 0u);
467   const Instruction* instruction = Instruction::At(code_item->insns_);
468   Instruction::Code opcode = instruction->Opcode();
469 
470   switch (opcode) {
471     case Instruction::RETURN_VOID:
472       if (result != nullptr) {
473         result->opcode = kInlineOpNop;
474         result->flags = kInlineSpecial;
475         result->d.data = 0u;
476       }
477       return true;
478     case Instruction::RETURN:
479     case Instruction::RETURN_OBJECT:
480     case Instruction::RETURN_WIDE:
481       return AnalyseReturnMethod(code_item, result);
482     case Instruction::CONST:
483     case Instruction::CONST_4:
484     case Instruction::CONST_16:
485     case Instruction::CONST_HIGH16:
486       // TODO: Support wide constants (RETURN_WIDE).
487       if (AnalyseConstMethod(code_item, result)) {
488         return true;
489       }
490       FALLTHROUGH_INTENDED;
491     case Instruction::CONST_WIDE:
492     case Instruction::CONST_WIDE_16:
493     case Instruction::CONST_WIDE_32:
494     case Instruction::CONST_WIDE_HIGH16:
495     case Instruction::INVOKE_DIRECT:
496       if (method != nullptr && !method->IsStatic() && method->IsConstructor()) {
497         return AnalyseConstructor(code_item, method, result);
498       }
499       return false;
500     case Instruction::IGET:
501     case Instruction::IGET_OBJECT:
502     case Instruction::IGET_BOOLEAN:
503     case Instruction::IGET_BYTE:
504     case Instruction::IGET_CHAR:
505     case Instruction::IGET_SHORT:
506     case Instruction::IGET_WIDE:
507     // TODO: Add handling for JIT.
508     // case Instruction::IGET_QUICK:
509     // case Instruction::IGET_WIDE_QUICK:
510     // case Instruction::IGET_OBJECT_QUICK:
511       return AnalyseIGetMethod(code_item, method_ref, is_static, method, result);
512     case Instruction::IPUT:
513     case Instruction::IPUT_OBJECT:
514     case Instruction::IPUT_BOOLEAN:
515     case Instruction::IPUT_BYTE:
516     case Instruction::IPUT_CHAR:
517     case Instruction::IPUT_SHORT:
518     case Instruction::IPUT_WIDE:
519       // TODO: Add handling for JIT.
520     // case Instruction::IPUT_QUICK:
521     // case Instruction::IPUT_WIDE_QUICK:
522     // case Instruction::IPUT_OBJECT_QUICK:
523       return AnalyseIPutMethod(code_item, method_ref, is_static, method, result);
524     default:
525       return false;
526   }
527 }
528 
IsSyntheticAccessor(MethodReference ref)529 bool InlineMethodAnalyser::IsSyntheticAccessor(MethodReference ref) {
530   const DexFile::MethodId& method_id = ref.dex_file->GetMethodId(ref.dex_method_index);
531   const char* method_name = ref.dex_file->GetMethodName(method_id);
532   // javac names synthetic accessors "access$nnn",
533   // jack names them "-getN", "-putN", "-wrapN".
534   return strncmp(method_name, "access$", strlen("access$")) == 0 ||
535       strncmp(method_name, "-", strlen("-")) == 0;
536 }
537 
AnalyseReturnMethod(const DexFile::CodeItem * code_item,InlineMethod * result)538 bool InlineMethodAnalyser::AnalyseReturnMethod(const DexFile::CodeItem* code_item,
539                                                InlineMethod* result) {
540   const Instruction* return_instruction = Instruction::At(code_item->insns_);
541   Instruction::Code return_opcode = return_instruction->Opcode();
542   uint32_t reg = return_instruction->VRegA_11x();
543   uint32_t arg_start = code_item->registers_size_ - code_item->ins_size_;
544   DCHECK_GE(reg, arg_start);
545   DCHECK_LT((return_opcode == Instruction::RETURN_WIDE) ? reg + 1 : reg,
546       code_item->registers_size_);
547 
548   if (result != nullptr) {
549     result->opcode = kInlineOpReturnArg;
550     result->flags = kInlineSpecial;
551     InlineReturnArgData* data = &result->d.return_data;
552     data->arg = reg - arg_start;
553     data->is_wide = (return_opcode == Instruction::RETURN_WIDE) ? 1u : 0u;
554     data->is_object = (return_opcode == Instruction::RETURN_OBJECT) ? 1u : 0u;
555     data->reserved = 0u;
556     data->reserved2 = 0u;
557   }
558   return true;
559 }
560 
AnalyseConstMethod(const DexFile::CodeItem * code_item,InlineMethod * result)561 bool InlineMethodAnalyser::AnalyseConstMethod(const DexFile::CodeItem* code_item,
562                                               InlineMethod* result) {
563   const Instruction* instruction = Instruction::At(code_item->insns_);
564   const Instruction* return_instruction = instruction->Next();
565   Instruction::Code return_opcode = return_instruction->Opcode();
566   if (return_opcode != Instruction::RETURN &&
567       return_opcode != Instruction::RETURN_OBJECT) {
568     return false;
569   }
570 
571   int32_t return_reg = return_instruction->VRegA_11x();
572   DCHECK_LT(return_reg, code_item->registers_size_);
573 
574   int32_t const_value = instruction->VRegB();
575   if (instruction->Opcode() == Instruction::CONST_HIGH16) {
576     const_value <<= 16;
577   }
578   DCHECK_LT(instruction->VRegA(), code_item->registers_size_);
579   if (instruction->VRegA() != return_reg) {
580     return false;  // Not returning the value set by const?
581   }
582   if (return_opcode == Instruction::RETURN_OBJECT && const_value != 0) {
583     return false;  // Returning non-null reference constant?
584   }
585   if (result != nullptr) {
586     result->opcode = kInlineOpNonWideConst;
587     result->flags = kInlineSpecial;
588     result->d.data = static_cast<uint64_t>(const_value);
589   }
590   return true;
591 }
592 
AnalyseIGetMethod(const DexFile::CodeItem * code_item,const MethodReference & method_ref,bool is_static,ArtMethod * method,InlineMethod * result)593 bool InlineMethodAnalyser::AnalyseIGetMethod(const DexFile::CodeItem* code_item,
594                                              const MethodReference& method_ref,
595                                              bool is_static,
596                                              ArtMethod* method,
597                                              InlineMethod* result) {
598   const Instruction* instruction = Instruction::At(code_item->insns_);
599   Instruction::Code opcode = instruction->Opcode();
600   DCHECK(IsInstructionIGet(opcode));
601 
602   const Instruction* return_instruction = instruction->Next();
603   Instruction::Code return_opcode = return_instruction->Opcode();
604   if (!(return_opcode == Instruction::RETURN_WIDE && opcode == Instruction::IGET_WIDE) &&
605       !(return_opcode == Instruction::RETURN_OBJECT && opcode == Instruction::IGET_OBJECT) &&
606       !(return_opcode == Instruction::RETURN && opcode != Instruction::IGET_WIDE &&
607           opcode != Instruction::IGET_OBJECT)) {
608     return false;
609   }
610 
611   uint32_t return_reg = return_instruction->VRegA_11x();
612   DCHECK_LT(return_opcode == Instruction::RETURN_WIDE ? return_reg + 1 : return_reg,
613             code_item->registers_size_);
614 
615   uint32_t dst_reg = instruction->VRegA_22c();
616   uint32_t object_reg = instruction->VRegB_22c();
617   uint32_t field_idx = instruction->VRegC_22c();
618   uint32_t arg_start = code_item->registers_size_ - code_item->ins_size_;
619   DCHECK_GE(object_reg, arg_start);
620   DCHECK_LT(object_reg, code_item->registers_size_);
621   uint32_t object_arg = object_reg - arg_start;
622 
623   DCHECK_LT(opcode == Instruction::IGET_WIDE ? dst_reg + 1 : dst_reg, code_item->registers_size_);
624   if (dst_reg != return_reg) {
625     return false;  // Not returning the value retrieved by IGET?
626   }
627 
628   if (is_static || object_arg != 0u) {
629     // TODO: Implement inlining of IGET on non-"this" registers (needs correct stack trace for NPE).
630     // Allow synthetic accessors. We don't care about losing their stack frame in NPE.
631     if (!IsSyntheticAccessor(method_ref)) {
632       return false;
633     }
634   }
635 
636   // InlineIGetIPutData::object_arg is only 4 bits wide.
637   static constexpr uint16_t kMaxObjectArg = 15u;
638   if (object_arg > kMaxObjectArg) {
639     return false;
640   }
641 
642   if (result != nullptr) {
643     InlineIGetIPutData* data = &result->d.ifield_data;
644     if (!ComputeSpecialAccessorInfo(method, field_idx, false, data)) {
645       return false;
646     }
647     result->opcode = kInlineOpIGet;
648     result->flags = kInlineSpecial;
649     data->op_variant = IGetVariant(opcode);
650     data->method_is_static = is_static ? 1u : 0u;
651     data->object_arg = object_arg;  // Allow IGET on any register, not just "this".
652     data->src_arg = 0u;
653     data->return_arg_plus1 = 0u;
654   }
655   return true;
656 }
657 
AnalyseIPutMethod(const DexFile::CodeItem * code_item,const MethodReference & method_ref,bool is_static,ArtMethod * method,InlineMethod * result)658 bool InlineMethodAnalyser::AnalyseIPutMethod(const DexFile::CodeItem* code_item,
659                                              const MethodReference& method_ref,
660                                              bool is_static,
661                                              ArtMethod* method,
662                                              InlineMethod* result) {
663   const Instruction* instruction = Instruction::At(code_item->insns_);
664   Instruction::Code opcode = instruction->Opcode();
665   DCHECK(IsInstructionIPut(opcode));
666 
667   const Instruction* return_instruction = instruction->Next();
668   Instruction::Code return_opcode = return_instruction->Opcode();
669   uint32_t arg_start = code_item->registers_size_ - code_item->ins_size_;
670   uint16_t return_arg_plus1 = 0u;
671   if (return_opcode != Instruction::RETURN_VOID) {
672     if (return_opcode != Instruction::RETURN &&
673         return_opcode != Instruction::RETURN_OBJECT &&
674         return_opcode != Instruction::RETURN_WIDE) {
675       return false;
676     }
677     // Returning an argument.
678     uint32_t return_reg = return_instruction->VRegA_11x();
679     DCHECK_GE(return_reg, arg_start);
680     DCHECK_LT(return_opcode == Instruction::RETURN_WIDE ? return_reg + 1u : return_reg,
681               code_item->registers_size_);
682     return_arg_plus1 = return_reg - arg_start + 1u;
683   }
684 
685   uint32_t src_reg = instruction->VRegA_22c();
686   uint32_t object_reg = instruction->VRegB_22c();
687   uint32_t field_idx = instruction->VRegC_22c();
688   DCHECK_GE(object_reg, arg_start);
689   DCHECK_LT(object_reg, code_item->registers_size_);
690   DCHECK_GE(src_reg, arg_start);
691   DCHECK_LT(opcode == Instruction::IPUT_WIDE ? src_reg + 1 : src_reg, code_item->registers_size_);
692   uint32_t object_arg = object_reg - arg_start;
693   uint32_t src_arg = src_reg - arg_start;
694 
695   if (is_static || object_arg != 0u) {
696     // TODO: Implement inlining of IPUT on non-"this" registers (needs correct stack trace for NPE).
697     // Allow synthetic accessors. We don't care about losing their stack frame in NPE.
698     if (!IsSyntheticAccessor(method_ref)) {
699       return false;
700     }
701   }
702 
703   // InlineIGetIPutData::object_arg/src_arg/return_arg_plus1 are each only 4 bits wide.
704   static constexpr uint16_t kMaxObjectArg = 15u;
705   static constexpr uint16_t kMaxSrcArg = 15u;
706   static constexpr uint16_t kMaxReturnArgPlus1 = 15u;
707   if (object_arg > kMaxObjectArg || src_arg > kMaxSrcArg || return_arg_plus1 > kMaxReturnArgPlus1) {
708     return false;
709   }
710 
711   if (result != nullptr) {
712     InlineIGetIPutData* data = &result->d.ifield_data;
713     if (!ComputeSpecialAccessorInfo(method, field_idx, true, data)) {
714       return false;
715     }
716     result->opcode = kInlineOpIPut;
717     result->flags = kInlineSpecial;
718     data->op_variant = IPutVariant(opcode);
719     data->method_is_static = is_static ? 1u : 0u;
720     data->object_arg = object_arg;  // Allow IPUT on any register, not just "this".
721     data->src_arg = src_arg;
722     data->return_arg_plus1 = return_arg_plus1;
723   }
724   return true;
725 }
726 
ComputeSpecialAccessorInfo(ArtMethod * method,uint32_t field_idx,bool is_put,InlineIGetIPutData * result)727 bool InlineMethodAnalyser::ComputeSpecialAccessorInfo(ArtMethod* method,
728                                                       uint32_t field_idx,
729                                                       bool is_put,
730                                                       InlineIGetIPutData* result) {
731   if (method == nullptr) {
732     return false;
733   }
734   mirror::DexCache* dex_cache = method->GetDexCache();
735   size_t pointer_size = Runtime::Current()->GetClassLinker()->GetImagePointerSize();
736   ArtField* field = dex_cache->GetResolvedField(field_idx, pointer_size);
737   if (field == nullptr || field->IsStatic()) {
738     return false;
739   }
740   mirror::Class* method_class = method->GetDeclaringClass();
741   mirror::Class* field_class = field->GetDeclaringClass();
742   if (!method_class->CanAccessResolvedField(field_class, field, dex_cache, field_idx) ||
743       (is_put && field->IsFinal() && method_class != field_class)) {
744     return false;
745   }
746   DCHECK_GE(field->GetOffset().Int32Value(), 0);
747   // Do not interleave function calls with bit field writes to placate valgrind. Bug: 27552451.
748   uint32_t field_offset = field->GetOffset().Uint32Value();
749   bool is_volatile = field->IsVolatile();
750   result->field_idx = field_idx;
751   result->field_offset = field_offset;
752   result->is_volatile = is_volatile ? 1u : 0u;
753   return true;
754 }
755 
756 }  // namespace art
757