1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
|
/*
* Copyright (C) 2012 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef ART_RUNTIME_VERIFIER_REGISTER_LINE_H_
#define ART_RUNTIME_VERIFIER_REGISTER_LINE_H_
#include <limits>
#include <memory>
#include <vector>
#include <android-base/logging.h>
#include "base/locks.h"
#include "base/macros.h"
#include "base/safe_map.h"
#include "base/scoped_arena_containers.h"
namespace art HIDDEN {
class Instruction;
namespace verifier {
class MethodVerifier;
class RegType;
class RegTypeCache;
/*
* Register type categories, for type checking.
*
* The spec says category 1 includes boolean, byte, char, short, int, float, reference, and
* returnAddress. Category 2 includes long and double.
*
* We treat object references separately, so we have "category1nr". We don't support jsr/ret, so
* there is no "returnAddress" type.
*/
enum TypeCategory {
kTypeCategoryUnknown = 0,
kTypeCategory1nr = 1, // boolean, byte, char, short, int, float
kTypeCategory2 = 2, // long, double
kTypeCategoryRef = 3, // object reference
};
// What to do with the lock levels when setting the register type.
enum class LockOp {
kClear, // Clear the lock levels recorded.
kKeep // Leave the lock levels alone.
};
// During verification, we associate one of these with every "interesting" instruction. We track
// the status of all registers, and (if the method has any monitor-enter instructions) maintain a
// stack of entered monitors (identified by code unit offset).
class RegisterLine {
public:
using RegisterStackMask = uint32_t;
// A map from register to a bit vector of indices into the monitors_ stack.
using RegToLockDepthsMap = ScopedArenaSafeMap<uint32_t, RegisterStackMask>;
// Maximum number of nested monitors to track before giving up and
// taking the slow path.
static constexpr size_t kMaxMonitorStackDepth =
std::numeric_limits<RegisterStackMask>::digits;
// Create a register line of num_regs registers.
static RegisterLine* Create(size_t num_regs,
ScopedArenaAllocator& allocator,
RegTypeCache* reg_types);
// Implement category-1 "move" instructions. Copy a 32-bit value from "vsrc" to "vdst".
void CopyRegister1(MethodVerifier* verifier, uint32_t vdst, uint32_t vsrc, TypeCategory cat)
REQUIRES_SHARED(Locks::mutator_lock_);
// Implement category-2 "move" instructions. Copy a 64-bit value from "vsrc" to "vdst". This
// copies both halves of the register.
void CopyRegister2(MethodVerifier* verifier, uint32_t vdst, uint32_t vsrc)
REQUIRES_SHARED(Locks::mutator_lock_);
// Implement "move-result". Copy the category-1 value from the result register to another
// register, and reset the result register.
void CopyResultRegister1(MethodVerifier* verifier, uint32_t vdst, bool is_reference)
REQUIRES_SHARED(Locks::mutator_lock_);
// Implement "move-result-wide". Copy the category-2 value from the result register to another
// register, and reset the result register.
void CopyResultRegister2(MethodVerifier* verifier, uint32_t vdst)
REQUIRES_SHARED(Locks::mutator_lock_);
// Set the invisible result register to unknown
void SetResultTypeToUnknown(RegTypeCache* reg_types) REQUIRES_SHARED(Locks::mutator_lock_);
// Set the type of register N, verifying that the register is valid. If "newType" is the "Lo"
// part of a 64-bit value, register N+1 will be set to "newType+1".
// The register index was validated during the static pass, so we don't need to check it here.
//
// LockOp::kClear should be used by default; it will clear the lock levels associated with the
// register. An example is setting the register type because an instruction writes to the
// register.
// LockOp::kKeep keeps the lock levels of the register and only changes the register type. This
// is typical when the underlying value did not change, but we have "different" type information
// available now. An example is sharpening types after a check-cast. Note that when given kKeep,
// the new_type is dchecked to be a reference type.
template <LockOp kLockOp>
ALWAYS_INLINE void SetRegisterType(uint32_t vdst, const RegType& new_type)
REQUIRES_SHARED(Locks::mutator_lock_);
void SetRegisterTypeWide(uint32_t vdst,
const RegType& new_type1,
const RegType& new_type2)
REQUIRES_SHARED(Locks::mutator_lock_);
/* Set the type of the "result" register. */
void SetResultRegisterType(MethodVerifier* verifier, const RegType& new_type)
REQUIRES_SHARED(Locks::mutator_lock_);
void SetResultRegisterTypeWide(const RegType& new_type1, const RegType& new_type2)
REQUIRES_SHARED(Locks::mutator_lock_);
// Get the type of register vsrc.
const RegType& GetRegisterType(MethodVerifier* verifier, uint32_t vsrc) const;
ALWAYS_INLINE bool VerifyRegisterType(MethodVerifier* verifier,
uint32_t vsrc,
const RegType& check_type)
REQUIRES_SHARED(Locks::mutator_lock_);
bool VerifyRegisterTypeWide(MethodVerifier* verifier,
uint32_t vsrc,
const RegType& check_type1,
const RegType& check_type2)
REQUIRES_SHARED(Locks::mutator_lock_);
void CopyFromLine(const RegisterLine* src) {
DCHECK_EQ(num_regs_, src->num_regs_);
memcpy(&line_, &src->line_, num_regs_ * sizeof(uint16_t));
monitors_ = src->monitors_;
reg_to_lock_depths_ = src->reg_to_lock_depths_;
this_initialized_ = src->this_initialized_;
}
std::string Dump(MethodVerifier* verifier) const REQUIRES_SHARED(Locks::mutator_lock_);
void FillWithGarbage() {
memset(&line_, 0xf1, num_regs_ * sizeof(uint16_t));
monitors_.clear();
reg_to_lock_depths_.clear();
}
/*
* We're creating a new instance of class C at address A. Any registers holding instances
* previously created at address A must be initialized by now. If not, we mark them as "conflict"
* to prevent them from being used (otherwise, MarkRefsAsInitialized would mark the old ones and
* the new ones at the same time).
*/
void MarkUninitRefsAsInvalid(MethodVerifier* verifier, const RegType& uninit_type)
REQUIRES_SHARED(Locks::mutator_lock_);
/*
* Update all registers holding "uninit_type" to instead hold the corresponding initialized
* reference type. This is called when an appropriate constructor is invoked -- all copies of
* the reference must be marked as initialized.
*/
void MarkRefsAsInitialized(MethodVerifier* verifier, const RegType& uninit_type)
REQUIRES_SHARED(Locks::mutator_lock_);
/*
* Update all registers to be Conflict except vsrc.
*/
void MarkAllRegistersAsConflicts(MethodVerifier* verifier);
void MarkAllRegistersAsConflictsExcept(MethodVerifier* verifier, uint32_t vsrc);
void MarkAllRegistersAsConflictsExceptWide(MethodVerifier* verifier, uint32_t vsrc);
void SetThisInitialized() {
this_initialized_ = true;
}
void CopyThisInitialized(const RegisterLine& src) {
this_initialized_ = src.this_initialized_;
}
/*
* Check constraints on constructor return. Specifically, make sure that the "this" argument got
* initialized.
* The "this" argument to <init> uses code offset kUninitThisArgAddr, which puts it at the start
* of the list in slot 0. If we see a register with an uninitialized slot 0 reference, we know it
* somehow didn't get initialized.
*/
bool CheckConstructorReturn(MethodVerifier* verifier) const;
// Compare two register lines. Returns 0 if they match.
// Using this for a sort is unwise, since the value can change based on machine endianness.
int CompareLine(const RegisterLine* line2) const {
if (monitors_ != line2->monitors_) {
return 1;
}
// TODO: DCHECK(reg_to_lock_depths_ == line2->reg_to_lock_depths_);
return memcmp(&line_, &line2->line_, num_regs_ * sizeof(uint16_t));
}
size_t NumRegs() const {
return num_regs_;
}
// Return how many bytes of memory a register line uses.
ALWAYS_INLINE static size_t ComputeSize(size_t num_regs);
/*
* Get the "this" pointer from a non-static method invocation. This returns the RegType so the
* caller can decide whether it needs the reference to be initialized or not. (Can also return
* kRegTypeZero if the reference can only be zero at this point.)
*
* The argument count is in vA, and the first argument is in vC, for both "simple" and "range"
* versions. We just need to make sure vA is >= 1 and then return vC.
* allow_failure will return Conflict() instead of causing a verification failure if there is an
* error.
*/
const RegType& GetInvocationThis(MethodVerifier* verifier,
const Instruction* inst,
bool allow_failure = false)
REQUIRES_SHARED(Locks::mutator_lock_);
/*
* Verify types for a simple two-register instruction (e.g. "neg-int").
* "dst_type" is stored into vA, and "src_type" is verified against vB.
*/
void CheckUnaryOp(MethodVerifier* verifier,
const Instruction* inst,
const RegType& dst_type,
const RegType& src_type)
REQUIRES_SHARED(Locks::mutator_lock_);
void CheckUnaryOpWide(MethodVerifier* verifier,
const Instruction* inst,
const RegType& dst_type1,
const RegType& dst_type2,
const RegType& src_type1,
const RegType& src_type2)
REQUIRES_SHARED(Locks::mutator_lock_);
void CheckUnaryOpToWide(MethodVerifier* verifier,
const Instruction* inst,
const RegType& dst_type1,
const RegType& dst_type2,
const RegType& src_type)
REQUIRES_SHARED(Locks::mutator_lock_);
void CheckUnaryOpFromWide(MethodVerifier* verifier,
const Instruction* inst,
const RegType& dst_type,
const RegType& src_type1,
const RegType& src_type2)
REQUIRES_SHARED(Locks::mutator_lock_);
/*
* Verify types for a simple three-register instruction (e.g. "add-int").
* "dst_type" is stored into vA, and "src_type1"/"src_type2" are verified
* against vB/vC.
*/
void CheckBinaryOp(MethodVerifier* verifier,
const Instruction* inst,
const RegType& dst_type,
const RegType& src_type1,
const RegType& src_type2,
bool check_boolean_op)
REQUIRES_SHARED(Locks::mutator_lock_);
void CheckBinaryOpWide(MethodVerifier* verifier,
const Instruction* inst,
const RegType& dst_type1,
const RegType& dst_type2,
const RegType& src_type1_1,
const RegType& src_type1_2,
const RegType& src_type2_1,
const RegType& src_type2_2)
REQUIRES_SHARED(Locks::mutator_lock_);
void CheckBinaryOpWideShift(MethodVerifier* verifier,
const Instruction* inst,
const RegType& long_lo_type,
const RegType& long_hi_type,
const RegType& int_type)
REQUIRES_SHARED(Locks::mutator_lock_);
/*
* Verify types for a binary "2addr" operation. "src_type1"/"src_type2"
* are verified against vA/vB, then "dst_type" is stored into vA.
*/
void CheckBinaryOp2addr(MethodVerifier* verifier,
const Instruction* inst,
const RegType& dst_type,
const RegType& src_type1,
const RegType& src_type2,
bool check_boolean_op)
REQUIRES_SHARED(Locks::mutator_lock_);
void CheckBinaryOp2addrWide(MethodVerifier* verifier,
const Instruction* inst,
const RegType& dst_type1,
const RegType& dst_type2,
const RegType& src_type1_1,
const RegType& src_type1_2,
const RegType& src_type2_1,
const RegType& src_type2_2)
REQUIRES_SHARED(Locks::mutator_lock_);
void CheckBinaryOp2addrWideShift(MethodVerifier* verifier,
const Instruction* inst,
const RegType& long_lo_type,
const RegType& long_hi_type,
const RegType& int_type)
REQUIRES_SHARED(Locks::mutator_lock_);
/*
* Verify types for A two-register instruction with a literal constant (e.g. "add-int/lit8").
* "dst_type" is stored into vA, and "src_type" is verified against vB.
*
* If "check_boolean_op" is set, we use the constant value in vC.
*/
void CheckLiteralOp(MethodVerifier* verifier,
const Instruction* inst,
const RegType& dst_type,
const RegType& src_type,
bool check_boolean_op,
bool is_lit16)
REQUIRES_SHARED(Locks::mutator_lock_);
// Verify/push monitor onto the monitor stack, locking the value in reg_idx at location insn_idx.
void PushMonitor(MethodVerifier* verifier, uint32_t reg_idx, int32_t insn_idx)
REQUIRES_SHARED(Locks::mutator_lock_);
// Verify/pop monitor from monitor stack ensuring that we believe the monitor is locked
void PopMonitor(MethodVerifier* verifier, uint32_t reg_idx)
REQUIRES_SHARED(Locks::mutator_lock_);
// Stack of currently held monitors and where they were locked
size_t MonitorStackDepth() const {
return monitors_.size();
}
// We expect no monitors to be held at certain points, such a method returns. Verify the stack
// is empty, queueing a LOCKING error else.
void VerifyMonitorStackEmpty(MethodVerifier* verifier) const;
bool MergeRegisters(MethodVerifier* verifier, const RegisterLine* incoming_line)
REQUIRES_SHARED(Locks::mutator_lock_);
size_t GetMonitorEnterCount() const {
return monitors_.size();
}
uint32_t GetMonitorEnterDexPc(size_t i) const {
return monitors_[i];
}
// We give access to the lock depth map to avoid an expensive poll loop for FindLocksAtDexPC.
template <typename T>
void IterateRegToLockDepths(T fn) const {
for (const auto& pair : reg_to_lock_depths_) {
const uint32_t reg = pair.first;
uint32_t depths = pair.second;
uint32_t depth = 0;
while (depths != 0) {
if ((depths & 1) != 0) {
fn(reg, depth);
}
depths >>= 1;
depth++;
}
}
}
private:
void CopyRegToLockDepth(size_t dst, size_t src) {
auto it = reg_to_lock_depths_.find(src);
if (it != reg_to_lock_depths_.end()) {
reg_to_lock_depths_.Put(dst, it->second);
}
}
bool IsSetLockDepth(size_t reg, size_t depth) {
auto it = reg_to_lock_depths_.find(reg);
if (it != reg_to_lock_depths_.end()) {
return (it->second & (1 << depth)) != 0;
} else {
return false;
}
}
bool SetRegToLockDepth(size_t reg, size_t depth) {
CHECK_LT(depth, kMaxMonitorStackDepth);
if (IsSetLockDepth(reg, depth)) {
return false; // Register already holds lock so locking twice is erroneous.
}
auto it = reg_to_lock_depths_.find(reg);
if (it == reg_to_lock_depths_.end()) {
reg_to_lock_depths_.Put(reg, 1 << depth);
} else {
it->second |= (1 << depth);
}
return true;
}
void ClearRegToLockDepth(size_t reg, size_t depth);
void ClearAllRegToLockDepths(size_t reg) {
reg_to_lock_depths_.erase(reg);
}
RegisterLine(size_t num_regs, ScopedArenaAllocator& allocator, RegTypeCache* reg_types);
// Storage for the result register's type, valid after an invocation.
uint16_t result_[2];
// Length of reg_types_
const uint32_t num_regs_;
// A stack of monitor enter locations.
ScopedArenaVector<uint32_t> monitors_;
// A map from register to a bit vector of indices into the monitors_ stack. As we pop the monitor
// stack we verify that monitor-enter/exit are correctly nested. That is, if there was a
// monitor-enter on v5 and then on v6, we expect the monitor-exit to be on v6 then on v5.
RegToLockDepthsMap reg_to_lock_depths_;
// Whether "this" initialization (a constructor supercall) has happened.
bool this_initialized_;
// An array of RegType Ids associated with each dex register.
uint16_t line_[1];
DISALLOW_COPY_AND_ASSIGN(RegisterLine);
};
class RegisterLineArenaDelete : public ArenaDelete<RegisterLine> {
public:
void operator()(RegisterLine* ptr) const;
};
} // namespace verifier
} // namespace art
#endif // ART_RUNTIME_VERIFIER_REGISTER_LINE_H_
|
