/*
* Copyright (C) 2016 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef ART_RUNTIME_VERIFIER_VERIFIER_DEPS_H_
#define ART_RUNTIME_VERIFIER_VERIFIER_DEPS_H_
#include <map>
#include <set>
#include <vector>
#include "base/array_ref.h"
#include "base/locks.h"
#include "dex/dex_file_structs.h"
#include "dex/dex_file_types.h"
#include "handle.h"
#include "obj_ptr.h"
#include "thread.h"
#include "verifier_enums.h" // For MethodVerifier::FailureKind.
namespace art {
class ArtField;
class ArtMethod;
class DexFile;
class VariableIndentationOutputStream;
namespace mirror {
class Class;
class ClassLoader;
} // namespace mirror
namespace verifier {
// Verification dependencies collector class used by the MethodVerifier to record
// resolution outcomes and type assignability tests of classes/methods/fields
// not present in the set of compiled DEX files, that is classes/methods/fields
// defined in the classpath.
// The compilation driver initializes the class and registers all DEX files
// which are being compiled. Classes defined in DEX files outside of this set
// (or synthesized classes without associated DEX files) are considered being
// in the classpath.
// During code-flow verification, the MethodVerifier informs VerifierDeps
// about the outcome of every resolution and assignability test, and
// the VerifierDeps object records them if their outcome may change with
// changes in the classpath.
class VerifierDeps {
public:
explicit VerifierDeps(const std::vector<const DexFile*>& dex_files);
VerifierDeps(const std::vector<const DexFile*>& dex_files, ArrayRef<const uint8_t> data);
// Merge `other` into this `VerifierDeps`'. `other` and `this` must be for the
// same set of dex files.
void MergeWith(std::unique_ptr<VerifierDeps> other, const std::vector<const DexFile*>& dex_files);
// Record information that a class was verified.
// Note that this function is different from MaybeRecordVerificationStatus() which
// looks up thread-local VerifierDeps first.
void RecordClassVerified(const DexFile& dex_file, const dex::ClassDef& class_def)
REQUIRES(!Locks::verifier_deps_lock_);
// Record the verification status of the class defined in `class_def`.
static void MaybeRecordVerificationStatus(const DexFile& dex_file,
const dex::ClassDef& class_def,
FailureKind failure_kind)
REQUIRES(!Locks::verifier_deps_lock_);
// Record that class defined in `class_def` was not verified because it redefines
// a class with the same descriptor which takes precedence in class resolution.
static void MaybeRecordClassRedefinition(const DexFile& dex_file, const dex::ClassDef& class_def)
REQUIRES(!Locks::verifier_deps_lock_);
// Record the outcome `klass` of resolving type `type_idx` from `dex_file`.
// If `klass` is null, the class is assumed unresolved.
static void MaybeRecordClassResolution(const DexFile& dex_file,
dex::TypeIndex type_idx,
ObjPtr<mirror::Class> klass)
REQUIRES_SHARED(Locks::mutator_lock_)
REQUIRES(!Locks::verifier_deps_lock_);
// Record the outcome `field` of resolving field `field_idx` from `dex_file`.
// If `field` is null, the field is assumed unresolved.
static void MaybeRecordFieldResolution(const DexFile& dex_file,
uint32_t field_idx,
ArtField* field)
REQUIRES_SHARED(Locks::mutator_lock_)
REQUIRES(!Locks::verifier_deps_lock_);
// Record the outcome `method` of resolving method `method_idx` from `dex_file`.
// If `method` is null, the method is assumed unresolved.
static void MaybeRecordMethodResolution(const DexFile& dex_file,
uint32_t method_idx,
ArtMethod* method)
REQUIRES_SHARED(Locks::mutator_lock_)
REQUIRES(!Locks::verifier_deps_lock_);
// Record the outcome `is_assignable` of type assignability test from `source`
// to `destination` as defined by RegType::AssignableFrom. `dex_file` is the
// owner of the method for which MethodVerifier performed the assignability test.
static void MaybeRecordAssignability(const DexFile& dex_file,
ObjPtr<mirror::Class> destination,
ObjPtr<mirror::Class> source,
bool is_strict,
bool is_assignable)
REQUIRES_SHARED(Locks::mutator_lock_)
REQUIRES(!Locks::verifier_deps_lock_);
// Serialize the recorded dependencies and store the data into `buffer`.
// `dex_files` provides the order of the dex files in which the dependencies
// should be emitted.
void Encode(const std::vector<const DexFile*>& dex_files, std::vector<uint8_t>* buffer) const;
void Dump(VariableIndentationOutputStream* vios) const;
// Verify the encoded dependencies of this `VerifierDeps` are still valid.
bool ValidateDependencies(Thread* self,
Handle<mirror::ClassLoader> class_loader,
const std::vector<const DexFile*>& classpath,
/* out */ std::string* error_msg) const
REQUIRES_SHARED(Locks::mutator_lock_);
const std::vector<bool>& GetVerifiedClasses(const DexFile& dex_file) const {
return GetDexFileDeps(dex_file)->verified_classes_;
}
const std::vector<bool>& GetRedefinedClasses(const DexFile& dex_file) const {
return GetDexFileDeps(dex_file)->redefined_classes_;
}
bool OutputOnly() const {
return output_only_;
}
// Parses raw VerifierDeps data to extract bitvectors of which class def indices
// were verified or not. The given `dex_files` must match the order and count of
// dex files used to create the VerifierDeps.
static std::vector<std::vector<bool>> ParseVerifiedClasses(
const std::vector<const DexFile*>& dex_files,
ArrayRef<const uint8_t> data);
private:
static constexpr uint16_t kUnresolvedMarker = static_cast<uint16_t>(-1);
using ClassResolutionBase = std::tuple<dex::TypeIndex, uint16_t>;
struct ClassResolution : public ClassResolutionBase {
ClassResolution() = default;
ClassResolution(const ClassResolution&) = default;
ClassResolution(dex::TypeIndex type_idx, uint16_t access_flags)
: ClassResolutionBase(type_idx, access_flags) {}
bool IsResolved() const { return GetAccessFlags() != kUnresolvedMarker; }
dex::TypeIndex GetDexTypeIndex() const { return std::get<0>(*this); }
uint16_t GetAccessFlags() const { return std::get<1>(*this); }
};
using FieldResolutionBase = std::tuple<uint32_t, uint16_t, dex::StringIndex>;
struct FieldResolution : public FieldResolutionBase {
FieldResolution() = default;
FieldResolution(const FieldResolution&) = default;
FieldResolution(uint32_t field_idx, uint16_t access_flags, dex::StringIndex declaring_class_idx)
: FieldResolutionBase(field_idx, access_flags, declaring_class_idx) {}
bool IsResolved() const { return GetAccessFlags() != kUnresolvedMarker; }
uint32_t GetDexFieldIndex() const { return std::get<0>(*this); }
uint16_t GetAccessFlags() const { return std::get<1>(*this); }
dex::StringIndex GetDeclaringClassIndex() const { return std::get<2>(*this); }
};
using MethodResolutionBase = std::tuple<uint32_t, uint16_t, dex::StringIndex>;
struct MethodResolution : public MethodResolutionBase {
MethodResolution() = default;
MethodResolution(const MethodResolution&) = default;
MethodResolution(uint32_t method_idx,
uint16_t access_flags,
dex::StringIndex declaring_class_idx)
: MethodResolutionBase(method_idx, access_flags, declaring_class_idx) {}
bool IsResolved() const { return GetAccessFlags() != kUnresolvedMarker; }
uint32_t GetDexMethodIndex() const { return std::get<0>(*this); }
uint16_t GetAccessFlags() const { return std::get<1>(*this); }
dex::StringIndex GetDeclaringClassIndex() const { return std::get<2>(*this); }
};
using TypeAssignabilityBase = std::tuple<dex::StringIndex, dex::StringIndex>;
struct TypeAssignability : public TypeAssignabilityBase {
TypeAssignability() = default;
TypeAssignability(const TypeAssignability&) = default;
TypeAssignability(dex::StringIndex destination_idx, dex::StringIndex source_idx)
: TypeAssignabilityBase(destination_idx, source_idx) {}
dex::StringIndex GetDestination() const { return std::get<0>(*this); }
dex::StringIndex GetSource() const { return std::get<1>(*this); }
};
// Data structure representing dependencies collected during verification of
// methods inside one DexFile.
struct DexFileDeps {
explicit DexFileDeps(size_t num_class_defs)
: verified_classes_(num_class_defs),
redefined_classes_(num_class_defs) {}
// Vector of strings which are not present in the corresponding DEX file.
// These are referred to with ids starting with `NumStringIds()` of that DexFile.
std::vector<std::string> strings_;
// Set of class pairs recording the outcome of assignability test from one
// of the two types to the other.
std::set<TypeAssignability> assignable_types_;
std::set<TypeAssignability> unassignable_types_;
// Sets of recorded class/field/method resolutions.
std::set<ClassResolution> classes_;
std::set<FieldResolution> fields_;
std::set<MethodResolution> methods_;
// Bit vector indexed by class def indices indicating whether the corresponding
// class was successfully verified.
std::vector<bool> verified_classes_;
// Bit vector indexed by class def indices indicating whether the corresponding
// class resolved into a different class with the same descriptor (was eclipsed).
// The other class might have been both external (not covered by these VerifierDeps)
// and internal (same VerifierDeps, different DexFileDeps).
std::vector<bool> redefined_classes_;
bool Equals(const DexFileDeps& rhs) const;
};
VerifierDeps(const std::vector<const DexFile*>& dex_files, bool output_only);
// Helper function to share DexFileDeps decoding code.
static void DecodeDexFileDeps(DexFileDeps& deps,
const uint8_t** data_start,
const uint8_t* data_end);
// Finds the DexFileDep instance associated with `dex_file`, or nullptr if
// `dex_file` is not reported as being compiled.
DexFileDeps* GetDexFileDeps(const DexFile& dex_file);
const DexFileDeps* GetDexFileDeps(const DexFile& dex_file) const;
// Returns true if `klass` is null or not defined in any of dex files which
// were reported as being compiled.
bool IsInClassPath(ObjPtr<mirror::Class> klass) const
REQUIRES_SHARED(Locks::mutator_lock_);
// Finds the class in the classpath that makes `source` inherit` from `destination`.
// Returns null if a class defined in the compiled DEX files, and assignable to
// `source`, direclty inherits from `destination`.
ObjPtr<mirror::Class> FindOneClassPathBoundaryForInterface(ObjPtr<mirror::Class> destination,
ObjPtr<mirror::Class> source) const
REQUIRES_SHARED(Locks::mutator_lock_);
// Returns the index of `str`. If it is defined in `dex_file_`, this is the dex
// string ID. If not, an ID is assigned to the string and cached in `strings_`
// of the corresponding DexFileDeps structure (either provided or inferred from
// `dex_file`).
dex::StringIndex GetIdFromString(const DexFile& dex_file, const std::string& str)
REQUIRES(!Locks::verifier_deps_lock_);
// Returns the string represented by `id`.
std::string GetStringFromId(const DexFile& dex_file, dex::StringIndex string_id) const;
// Returns the bytecode access flags of `element` (bottom 16 bits), or
// `kUnresolvedMarker` if `element` is null.
template <typename Ptr>
static uint16_t GetAccessFlags(Ptr element)
REQUIRES_SHARED(Locks::mutator_lock_);
// Returns a string ID of the descriptor of the declaring class of `element`,
// or `kUnresolvedMarker` if `element` is null.
dex::StringIndex GetMethodDeclaringClassStringId(const DexFile& dex_file,
uint32_t dex_method_idx,
ArtMethod* method)
REQUIRES_SHARED(Locks::mutator_lock_);
dex::StringIndex GetFieldDeclaringClassStringId(const DexFile& dex_file,
uint32_t dex_field_idx,
ArtField* field)
REQUIRES_SHARED(Locks::mutator_lock_);
// Returns a string ID of the descriptor of the class.
dex::StringIndex GetClassDescriptorStringId(const DexFile& dex_file, ObjPtr<mirror::Class> klass)
REQUIRES_SHARED(Locks::mutator_lock_)
REQUIRES(!Locks::verifier_deps_lock_);
void AddClassResolution(const DexFile& dex_file,
dex::TypeIndex type_idx,
ObjPtr<mirror::Class> klass)
REQUIRES_SHARED(Locks::mutator_lock_)
REQUIRES(!Locks::verifier_deps_lock_);
void AddFieldResolution(const DexFile& dex_file,
uint32_t field_idx,
ArtField* field)
REQUIRES_SHARED(Locks::mutator_lock_)
REQUIRES(!Locks::verifier_deps_lock_);
void AddMethodResolution(const DexFile& dex_file,
uint32_t method_idx,
ArtMethod* method)
REQUIRES_SHARED(Locks::mutator_lock_)
REQUIRES(!Locks::verifier_deps_lock_);
void AddAssignability(const DexFile& dex_file,
ObjPtr<mirror::Class> destination,
ObjPtr<mirror::Class> source,
bool is_strict,
bool is_assignable)
REQUIRES_SHARED(Locks::mutator_lock_);
bool Equals(const VerifierDeps& rhs) const;
// Verify `dex_file` according to the `deps`, that is going over each
// `DexFileDeps` field, and checking that the recorded information still
// holds.
bool VerifyDexFile(Handle<mirror::ClassLoader> class_loader,
const DexFile& dex_file,
const DexFileDeps& deps,
const std::vector<const DexFile*>& classpath,
Thread* self,
/* out */ std::string* error_msg) const
REQUIRES_SHARED(Locks::mutator_lock_);
// Iterates over `dex_files` and tries to find a class def matching `descriptor`.
// Returns true if such class def is found.
bool IsInDexFiles(const char* descriptor,
size_t hash,
const std::vector<const DexFile*>& dex_files,
/* out */ const DexFile** cp_dex_file) const;
// Check that classes which are to be verified using these dependencies
// are not eclipsed by classes in parent class loaders, e.g. when vdex was
// created against SDK stubs and the app redefines a non-public class on
// boot classpath, or simply if a class is added during an OTA. In such cases,
// dependencies do not include the dependencies on the presumed-internal class
// and verification must fail unless the class was recorded to have been
// redefined during dependencies' generation too.
bool VerifyInternalClasses(const DexFile& dex_file,
const std::vector<const DexFile*>& classpath,
const std::vector<bool>& verified_classes,
const std::vector<bool>& redefined_classes,
/* out */ std::string* error_msg) const
REQUIRES_SHARED(Locks::mutator_lock_);
bool VerifyAssignability(Handle<mirror::ClassLoader> class_loader,
const DexFile& dex_file,
const std::set<TypeAssignability>& assignables,
bool expected_assignability,
Thread* self,
/* out */ std::string* error_msg) const
REQUIRES_SHARED(Locks::mutator_lock_);
// Verify that the set of resolved classes at the point of creation
// of this `VerifierDeps` is still the same.
bool VerifyClasses(Handle<mirror::ClassLoader> class_loader,
const DexFile& dex_file,
const std::set<ClassResolution>& classes,
Thread* self,
/* out */ std::string* error_msg) const
REQUIRES_SHARED(Locks::mutator_lock_);
// Verify that the set of resolved fields at the point of creation
// of this `VerifierDeps` is still the same, and each field resolves to the
// same field holder and access flags.
bool VerifyFields(Handle<mirror::ClassLoader> class_loader,
const DexFile& dex_file,
const std::set<FieldResolution>& classes,
Thread* self,
/* out */ std::string* error_msg) const
REQUIRES_SHARED(Locks::mutator_lock_)
REQUIRES(!Locks::verifier_deps_lock_);
// Verify that the set of resolved methods at the point of creation
// of this `VerifierDeps` is still the same, and each method resolves to the
// same method holder, access flags, and invocation kind.
bool VerifyMethods(Handle<mirror::ClassLoader> class_loader,
const DexFile& dex_file,
const std::set<MethodResolution>& methods,
Thread* self,
/* out */ std::string* error_msg) const
REQUIRES_SHARED(Locks::mutator_lock_);
// Map from DexFiles into dependencies collected from verification of their methods.
std::map<const DexFile*, std::unique_ptr<DexFileDeps>> dex_deps_;
// Output only signifies if we are using the verifier deps to verify or just to generate them.
const bool output_only_;
friend class VerifierDepsTest;
ART_FRIEND_TEST(VerifierDepsTest, StringToId);
ART_FRIEND_TEST(VerifierDepsTest, EncodeDecode);
ART_FRIEND_TEST(VerifierDepsTest, EncodeDecodeMulti);
ART_FRIEND_TEST(VerifierDepsTest, VerifyDeps);
ART_FRIEND_TEST(VerifierDepsTest, CompilerDriver);
};
} // namespace verifier
} // namespace art
#endif // ART_RUNTIME_VERIFIER_VERIFIER_DEPS_H_