1 /*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "oat_file_manager.h"
18
19 #include <memory>
20 #include <queue>
21 #include <vector>
22 #include <sys/stat.h>
23
24 #include "android-base/stringprintf.h"
25 #include "android-base/strings.h"
26
27 #include "art_field-inl.h"
28 #include "base/bit_vector-inl.h"
29 #include "base/file_utils.h"
30 #include "base/logging.h" // For VLOG.
31 #include "base/mutex-inl.h"
32 #include "base/sdk_version.h"
33 #include "base/stl_util.h"
34 #include "base/systrace.h"
35 #include "class_linker.h"
36 #include "class_loader_context.h"
37 #include "dex/art_dex_file_loader.h"
38 #include "dex/dex_file-inl.h"
39 #include "dex/dex_file_loader.h"
40 #include "dex/dex_file_tracking_registrar.h"
41 #include "gc/scoped_gc_critical_section.h"
42 #include "gc/space/image_space.h"
43 #include "handle_scope-inl.h"
44 #include "jit/jit.h"
45 #include "jni/java_vm_ext.h"
46 #include "jni/jni_internal.h"
47 #include "mirror/class_loader.h"
48 #include "mirror/object-inl.h"
49 #include "oat_file.h"
50 #include "oat_file_assistant.h"
51 #include "obj_ptr-inl.h"
52 #include "scoped_thread_state_change-inl.h"
53 #include "thread-current-inl.h"
54 #include "thread_list.h"
55 #include "thread_pool.h"
56 #include "vdex_file.h"
57 #include "verifier/verifier_deps.h"
58 #include "well_known_classes.h"
59
60 namespace art {
61
62 using android::base::StringPrintf;
63
64 // If true, we attempt to load the application image if it exists.
65 static constexpr bool kEnableAppImage = true;
66
RegisterOatFile(std::unique_ptr<const OatFile> oat_file)67 const OatFile* OatFileManager::RegisterOatFile(std::unique_ptr<const OatFile> oat_file) {
68 WriterMutexLock mu(Thread::Current(), *Locks::oat_file_manager_lock_);
69 CHECK(!only_use_system_oat_files_ ||
70 LocationIsOnSystem(oat_file->GetLocation().c_str()) ||
71 !oat_file->IsExecutable())
72 << "Registering a non /system oat file: " << oat_file->GetLocation();
73 DCHECK(oat_file != nullptr);
74 if (kIsDebugBuild) {
75 CHECK(oat_files_.find(oat_file) == oat_files_.end());
76 for (const std::unique_ptr<const OatFile>& existing : oat_files_) {
77 CHECK_NE(oat_file.get(), existing.get()) << oat_file->GetLocation();
78 // Check that we don't have an oat file with the same address. Copies of the same oat file
79 // should be loaded at different addresses.
80 CHECK_NE(oat_file->Begin(), existing->Begin()) << "Oat file already mapped at that location";
81 }
82 }
83 const OatFile* ret = oat_file.get();
84 oat_files_.insert(std::move(oat_file));
85 return ret;
86 }
87
UnRegisterAndDeleteOatFile(const OatFile * oat_file)88 void OatFileManager::UnRegisterAndDeleteOatFile(const OatFile* oat_file) {
89 WriterMutexLock mu(Thread::Current(), *Locks::oat_file_manager_lock_);
90 DCHECK(oat_file != nullptr);
91 std::unique_ptr<const OatFile> compare(oat_file);
92 auto it = oat_files_.find(compare);
93 CHECK(it != oat_files_.end());
94 oat_files_.erase(it);
95 compare.release(); // NOLINT b/117926937
96 }
97
FindOpenedOatFileFromDexLocation(const std::string & dex_base_location) const98 const OatFile* OatFileManager::FindOpenedOatFileFromDexLocation(
99 const std::string& dex_base_location) const {
100 ReaderMutexLock mu(Thread::Current(), *Locks::oat_file_manager_lock_);
101 for (const std::unique_ptr<const OatFile>& oat_file : oat_files_) {
102 const std::vector<const OatDexFile*>& oat_dex_files = oat_file->GetOatDexFiles();
103 for (const OatDexFile* oat_dex_file : oat_dex_files) {
104 if (DexFileLoader::GetBaseLocation(oat_dex_file->GetDexFileLocation()) == dex_base_location) {
105 return oat_file.get();
106 }
107 }
108 }
109 return nullptr;
110 }
111
FindOpenedOatFileFromOatLocation(const std::string & oat_location) const112 const OatFile* OatFileManager::FindOpenedOatFileFromOatLocation(const std::string& oat_location)
113 const {
114 ReaderMutexLock mu(Thread::Current(), *Locks::oat_file_manager_lock_);
115 return FindOpenedOatFileFromOatLocationLocked(oat_location);
116 }
117
FindOpenedOatFileFromOatLocationLocked(const std::string & oat_location) const118 const OatFile* OatFileManager::FindOpenedOatFileFromOatLocationLocked(
119 const std::string& oat_location) const {
120 for (const std::unique_ptr<const OatFile>& oat_file : oat_files_) {
121 if (oat_file->GetLocation() == oat_location) {
122 return oat_file.get();
123 }
124 }
125 return nullptr;
126 }
127
GetBootOatFiles() const128 std::vector<const OatFile*> OatFileManager::GetBootOatFiles() const {
129 std::vector<gc::space::ImageSpace*> image_spaces =
130 Runtime::Current()->GetHeap()->GetBootImageSpaces();
131 std::vector<const OatFile*> oat_files;
132 oat_files.reserve(image_spaces.size());
133 for (gc::space::ImageSpace* image_space : image_spaces) {
134 oat_files.push_back(image_space->GetOatFile());
135 }
136 return oat_files;
137 }
138
GetPrimaryOatFile() const139 const OatFile* OatFileManager::GetPrimaryOatFile() const {
140 ReaderMutexLock mu(Thread::Current(), *Locks::oat_file_manager_lock_);
141 std::vector<const OatFile*> boot_oat_files = GetBootOatFiles();
142 if (!boot_oat_files.empty()) {
143 for (const std::unique_ptr<const OatFile>& oat_file : oat_files_) {
144 if (std::find(boot_oat_files.begin(), boot_oat_files.end(), oat_file.get()) ==
145 boot_oat_files.end()) {
146 return oat_file.get();
147 }
148 }
149 }
150 return nullptr;
151 }
152
OatFileManager()153 OatFileManager::OatFileManager()
154 : only_use_system_oat_files_(false) {}
155
~OatFileManager()156 OatFileManager::~OatFileManager() {
157 // Explicitly clear oat_files_ since the OatFile destructor calls back into OatFileManager for
158 // UnRegisterOatFileLocation.
159 oat_files_.clear();
160 }
161
RegisterImageOatFiles(const std::vector<gc::space::ImageSpace * > & spaces)162 std::vector<const OatFile*> OatFileManager::RegisterImageOatFiles(
163 const std::vector<gc::space::ImageSpace*>& spaces) {
164 std::vector<const OatFile*> oat_files;
165 oat_files.reserve(spaces.size());
166 for (gc::space::ImageSpace* space : spaces) {
167 oat_files.push_back(RegisterOatFile(space->ReleaseOatFile()));
168 }
169 return oat_files;
170 }
171
ClassLoaderContextMatches(const OatFile * oat_file,const ClassLoaderContext * context,bool * is_special_shared_library,std::string * error_msg)172 static bool ClassLoaderContextMatches(
173 const OatFile* oat_file,
174 const ClassLoaderContext* context,
175 bool* is_special_shared_library,
176 /*out*/ std::string* error_msg) {
177 DCHECK(oat_file != nullptr);
178 DCHECK(error_msg != nullptr);
179 DCHECK(context != nullptr);
180
181 if (!CompilerFilter::IsVerificationEnabled(oat_file->GetCompilerFilter())) {
182 // If verification is not enabled we don't need to check if class loader context matches
183 // as the oat file is either extracted or assumed verified.
184 return true;
185 }
186
187 // If the oat file loading context matches the context used during compilation then we accept
188 // the oat file without addition checks
189 ClassLoaderContext::VerificationResult result = context->VerifyClassLoaderContextMatch(
190 oat_file->GetClassLoaderContext(),
191 /*verify_names=*/ true,
192 /*verify_checksums=*/ true);
193 switch (result) {
194 case ClassLoaderContext::VerificationResult::kForcedToSkipChecks:
195 *is_special_shared_library = true;
196 return true;
197 case ClassLoaderContext::VerificationResult::kMismatch:
198 *is_special_shared_library = false;
199 return false;
200 case ClassLoaderContext::VerificationResult::kVerifies:
201 *is_special_shared_library = false;
202 return true;
203 }
204 LOG(FATAL) << "Unreachable";
205 }
206
ShouldLoadAppImage(const OatFile * source_oat_file) const207 bool OatFileManager::ShouldLoadAppImage(const OatFile* source_oat_file) const {
208 Runtime* const runtime = Runtime::Current();
209 return kEnableAppImage && (!runtime->IsJavaDebuggable() || source_oat_file->IsDebuggable());
210 }
211
OpenDexFilesFromOat(const char * dex_location,jobject class_loader,jobjectArray dex_elements,const OatFile ** out_oat_file,std::vector<std::string> * error_msgs)212 std::vector<std::unique_ptr<const DexFile>> OatFileManager::OpenDexFilesFromOat(
213 const char* dex_location,
214 jobject class_loader,
215 jobjectArray dex_elements,
216 const OatFile** out_oat_file,
217 std::vector<std::string>* error_msgs) {
218 ScopedTrace trace(__FUNCTION__);
219 CHECK(dex_location != nullptr);
220 CHECK(error_msgs != nullptr);
221
222 // Verify we aren't holding the mutator lock, which could starve GC when
223 // hitting the disk.
224 Thread* const self = Thread::Current();
225 Locks::mutator_lock_->AssertNotHeld(self);
226 Runtime* const runtime = Runtime::Current();
227
228 std::vector<std::unique_ptr<const DexFile>> dex_files;
229
230 // If the class_loader is null there's not much we can do. This happens if a dex files is loaded
231 // directly with DexFile APIs instead of using class loaders.
232 if (class_loader == nullptr) {
233 LOG(WARNING) << "Opening an oat file without a class loader. "
234 << "Are you using the deprecated DexFile APIs?";
235 } else {
236 std::unique_ptr<ClassLoaderContext> context(
237 ClassLoaderContext::CreateContextForClassLoader(class_loader, dex_elements));
238
239 OatFileAssistant oat_file_assistant(dex_location,
240 kRuntimeISA,
241 runtime->GetOatFilesExecutable(),
242 only_use_system_oat_files_);
243
244 // Get the oat file on disk.
245 std::unique_ptr<const OatFile> oat_file(oat_file_assistant.GetBestOatFile().release());
246 VLOG(oat) << "OatFileAssistant(" << dex_location << ").GetBestOatFile()="
247 << reinterpret_cast<uintptr_t>(oat_file.get())
248 << " (executable=" << (oat_file != nullptr ? oat_file->IsExecutable() : false) << ")";
249
250 const OatFile* source_oat_file = nullptr;
251 std::string error_msg;
252 bool is_special_shared_library = false;
253 bool class_loader_context_matches = false;
254 if (oat_file != nullptr &&
255 context != nullptr &&
256 ClassLoaderContextMatches(oat_file.get(),
257 context.get(),
258 /*out*/ &is_special_shared_library,
259 /*out*/ &error_msg)) {
260 class_loader_context_matches = true;
261 // Load the dex files from the oat file.
262 bool added_image_space = false;
263 if (oat_file->IsExecutable()) {
264 ScopedTrace app_image_timing("AppImage:Loading");
265
266 // We need to throw away the image space if we are debuggable but the oat-file source of the
267 // image is not otherwise we might get classes with inlined methods or other such things.
268 std::unique_ptr<gc::space::ImageSpace> image_space;
269 if (!is_special_shared_library && ShouldLoadAppImage(oat_file.get())) {
270 image_space = oat_file_assistant.OpenImageSpace(oat_file.get());
271 }
272 if (image_space != nullptr) {
273 ScopedObjectAccess soa(self);
274 StackHandleScope<1> hs(self);
275 Handle<mirror::ClassLoader> h_loader(
276 hs.NewHandle(soa.Decode<mirror::ClassLoader>(class_loader)));
277 // Can not load app image without class loader.
278 if (h_loader != nullptr) {
279 std::string temp_error_msg;
280 // Add image space has a race condition since other threads could be reading from the
281 // spaces array.
282 {
283 ScopedThreadSuspension sts(self, kSuspended);
284 gc::ScopedGCCriticalSection gcs(self,
285 gc::kGcCauseAddRemoveAppImageSpace,
286 gc::kCollectorTypeAddRemoveAppImageSpace);
287 ScopedSuspendAll ssa("Add image space");
288 runtime->GetHeap()->AddSpace(image_space.get());
289 }
290 {
291 ScopedTrace image_space_timing(
292 StringPrintf("Adding image space for location %s", dex_location));
293 added_image_space = runtime->GetClassLinker()->AddImageSpace(image_space.get(),
294 h_loader,
295 /*out*/&dex_files,
296 /*out*/&temp_error_msg);
297 }
298 if (added_image_space) {
299 // Successfully added image space to heap, release the map so that it does not get
300 // freed.
301 image_space.release(); // NOLINT b/117926937
302
303 // Register for tracking.
304 for (const auto& dex_file : dex_files) {
305 dex::tracking::RegisterDexFile(dex_file.get());
306 }
307 } else {
308 LOG(INFO) << "Failed to add image file " << temp_error_msg;
309 dex_files.clear();
310 {
311 ScopedThreadSuspension sts(self, kSuspended);
312 gc::ScopedGCCriticalSection gcs(self,
313 gc::kGcCauseAddRemoveAppImageSpace,
314 gc::kCollectorTypeAddRemoveAppImageSpace);
315 ScopedSuspendAll ssa("Remove image space");
316 runtime->GetHeap()->RemoveSpace(image_space.get());
317 }
318 // Non-fatal, don't update error_msg.
319 }
320 }
321 }
322 }
323 if (!added_image_space) {
324 DCHECK(dex_files.empty());
325
326 if (oat_file->RequiresImage()) {
327 VLOG(oat) << "Loading "
328 << oat_file->GetLocation()
329 << "non-executable as it requires an image which we failed to load";
330 // file as non-executable.
331 OatFileAssistant nonexecutable_oat_file_assistant(dex_location,
332 kRuntimeISA,
333 /*load_executable=*/false,
334 only_use_system_oat_files_);
335 oat_file.reset(nonexecutable_oat_file_assistant.GetBestOatFile().release());
336 }
337
338 dex_files = oat_file_assistant.LoadDexFiles(*oat_file.get(), dex_location);
339
340 // Register for tracking.
341 for (const auto& dex_file : dex_files) {
342 dex::tracking::RegisterDexFile(dex_file.get());
343 }
344 }
345 if (dex_files.empty()) {
346 error_msgs->push_back("Failed to open dex files from " + oat_file->GetLocation());
347 } else {
348 // Opened dex files from an oat file, madvise them to their loaded state.
349 for (const std::unique_ptr<const DexFile>& dex_file : dex_files) {
350 OatDexFile::MadviseDexFile(*dex_file, MadviseState::kMadviseStateAtLoad);
351 }
352 }
353
354 VLOG(class_linker) << "Registering " << oat_file->GetLocation();
355 source_oat_file = RegisterOatFile(std::move(oat_file));
356 *out_oat_file = source_oat_file;
357 } else if (!error_msg.empty()) {
358 LOG(WARNING) << error_msg;
359 }
360
361 // Verify if any of the dex files being loaded is already in the class path.
362 // If so, report an error with the current stack trace.
363 // Most likely the developer didn't intend to do this because it will waste
364 // performance and memory.
365 if (context != nullptr && !class_loader_context_matches) {
366 std::set<const DexFile*> already_exists_in_classpath =
367 context->CheckForDuplicateDexFiles(MakeNonOwningPointerVector(dex_files));
368 if (!already_exists_in_classpath.empty()) {
369 auto duplicate_it = already_exists_in_classpath.begin();
370 std::string duplicates = (*duplicate_it)->GetLocation();
371 for (duplicate_it++ ; duplicate_it != already_exists_in_classpath.end(); duplicate_it++) {
372 duplicates += "," + (*duplicate_it)->GetLocation();
373 }
374
375 std::ostringstream out;
376 out << "Trying to load dex files which is already loaded in the same ClassLoader "
377 << "hierarchy.\n"
378 << "This is a strong indication of bad ClassLoader construct which leads to poor "
379 << "performance and wastes memory.\n"
380 << "The list of duplicate dex files is: " << duplicates << "\n"
381 << "The current class loader context is: "
382 << context->EncodeContextForOatFile("") << "\n"
383 << "Java stack trace:\n";
384
385 {
386 ScopedObjectAccess soa(self);
387 self->DumpJavaStack(out);
388 }
389
390 // We log this as an ERROR to stress the fact that this is most likely unintended.
391 // Note that ART cannot do anything about it. It is up to the app to fix their logic.
392 // Here we are trying to give a heads up on why the app might have performance issues.
393 LOG(ERROR) << out.str();
394 }
395 }
396 }
397
398 // If we arrive here with an empty dex files list, it means we fail to load
399 // it/them through an .oat file.
400 if (dex_files.empty()) {
401 std::string error_msg;
402 static constexpr bool kVerifyChecksum = true;
403 const ArtDexFileLoader dex_file_loader;
404 if (!dex_file_loader.Open(dex_location,
405 dex_location,
406 Runtime::Current()->IsVerificationEnabled(),
407 kVerifyChecksum,
408 /*out*/ &error_msg,
409 &dex_files)) {
410 LOG(WARNING) << error_msg;
411 error_msgs->push_back("Failed to open dex files from " + std::string(dex_location)
412 + " because: " + error_msg);
413 }
414 }
415
416 if (Runtime::Current()->GetJit() != nullptr) {
417 Runtime::Current()->GetJit()->RegisterDexFiles(dex_files, class_loader);
418 }
419
420 return dex_files;
421 }
422
GetDexFileHeaders(const std::vector<MemMap> & maps)423 static std::vector<const DexFile::Header*> GetDexFileHeaders(const std::vector<MemMap>& maps) {
424 std::vector<const DexFile::Header*> headers;
425 headers.reserve(maps.size());
426 for (const MemMap& map : maps) {
427 DCHECK(map.IsValid());
428 headers.push_back(reinterpret_cast<const DexFile::Header*>(map.Begin()));
429 }
430 return headers;
431 }
432
GetDexFileHeaders(const std::vector<const DexFile * > & dex_files)433 static std::vector<const DexFile::Header*> GetDexFileHeaders(
434 const std::vector<const DexFile*>& dex_files) {
435 std::vector<const DexFile::Header*> headers;
436 headers.reserve(dex_files.size());
437 for (const DexFile* dex_file : dex_files) {
438 headers.push_back(&dex_file->GetHeader());
439 }
440 return headers;
441 }
442
OpenDexFilesFromOat(std::vector<MemMap> && dex_mem_maps,jobject class_loader,jobjectArray dex_elements,const OatFile ** out_oat_file,std::vector<std::string> * error_msgs)443 std::vector<std::unique_ptr<const DexFile>> OatFileManager::OpenDexFilesFromOat(
444 std::vector<MemMap>&& dex_mem_maps,
445 jobject class_loader,
446 jobjectArray dex_elements,
447 const OatFile** out_oat_file,
448 std::vector<std::string>* error_msgs) {
449 std::vector<std::unique_ptr<const DexFile>> dex_files = OpenDexFilesFromOat_Impl(
450 std::move(dex_mem_maps),
451 class_loader,
452 dex_elements,
453 out_oat_file,
454 error_msgs);
455
456 if (error_msgs->empty()) {
457 // Remove write permission from DexFile pages. We do this at the end because
458 // OatFile assigns OatDexFile pointer in the DexFile objects.
459 for (std::unique_ptr<const DexFile>& dex_file : dex_files) {
460 if (!dex_file->DisableWrite()) {
461 error_msgs->push_back("Failed to make dex file " + dex_file->GetLocation() + " read-only");
462 }
463 }
464 }
465
466 if (!error_msgs->empty()) {
467 return std::vector<std::unique_ptr<const DexFile>>();
468 }
469
470 return dex_files;
471 }
472
OpenDexFilesFromOat_Impl(std::vector<MemMap> && dex_mem_maps,jobject class_loader,jobjectArray dex_elements,const OatFile ** out_oat_file,std::vector<std::string> * error_msgs)473 std::vector<std::unique_ptr<const DexFile>> OatFileManager::OpenDexFilesFromOat_Impl(
474 std::vector<MemMap>&& dex_mem_maps,
475 jobject class_loader,
476 jobjectArray dex_elements,
477 const OatFile** out_oat_file,
478 std::vector<std::string>* error_msgs) {
479 ScopedTrace trace(__FUNCTION__);
480 std::string error_msg;
481 DCHECK(error_msgs != nullptr);
482
483 // Extract dex file headers from `dex_mem_maps`.
484 const std::vector<const DexFile::Header*> dex_headers = GetDexFileHeaders(dex_mem_maps);
485
486 // Determine dex/vdex locations and the combined location checksum.
487 uint32_t location_checksum;
488 std::string dex_location;
489 std::string vdex_path;
490 bool has_vdex = OatFileAssistant::AnonymousDexVdexLocation(dex_headers,
491 kRuntimeISA,
492 &location_checksum,
493 &dex_location,
494 &vdex_path);
495
496 // Attempt to open an existing vdex and check dex file checksums match.
497 std::unique_ptr<VdexFile> vdex_file = nullptr;
498 if (has_vdex && OS::FileExists(vdex_path.c_str())) {
499 vdex_file = VdexFile::Open(vdex_path,
500 /* writable= */ false,
501 /* low_4gb= */ false,
502 /* unquicken= */ false,
503 &error_msg);
504 if (vdex_file == nullptr) {
505 LOG(WARNING) << "Failed to open vdex " << vdex_path << ": " << error_msg;
506 } else if (!vdex_file->MatchesDexFileChecksums(dex_headers)) {
507 LOG(WARNING) << "Failed to open vdex " << vdex_path << ": dex file checksum mismatch";
508 vdex_file.reset(nullptr);
509 }
510 }
511
512 // Load dex files. Skip structural dex file verification if vdex was found
513 // and dex checksums matched.
514 std::vector<std::unique_ptr<const DexFile>> dex_files;
515 for (size_t i = 0; i < dex_mem_maps.size(); ++i) {
516 static constexpr bool kVerifyChecksum = true;
517 const ArtDexFileLoader dex_file_loader;
518 std::unique_ptr<const DexFile> dex_file(dex_file_loader.Open(
519 DexFileLoader::GetMultiDexLocation(i, dex_location.c_str()),
520 location_checksum,
521 std::move(dex_mem_maps[i]),
522 /* verify= */ (vdex_file == nullptr) && Runtime::Current()->IsVerificationEnabled(),
523 kVerifyChecksum,
524 &error_msg));
525 if (dex_file != nullptr) {
526 dex::tracking::RegisterDexFile(dex_file.get()); // Register for tracking.
527 dex_files.push_back(std::move(dex_file));
528 } else {
529 error_msgs->push_back("Failed to open dex files from memory: " + error_msg);
530 }
531 }
532
533 // Check if we should proceed to creating an OatFile instance backed by the vdex.
534 // We need: (a) an existing vdex, (b) class loader (can be null if invoked via reflection),
535 // and (c) no errors during dex file loading.
536 if (vdex_file == nullptr || class_loader == nullptr || !error_msgs->empty()) {
537 return dex_files;
538 }
539
540 // Attempt to create a class loader context, check OpenDexFiles succeeds (prerequisite
541 // for using the context later).
542 std::unique_ptr<ClassLoaderContext> context = ClassLoaderContext::CreateContextForClassLoader(
543 class_loader,
544 dex_elements);
545 if (context == nullptr) {
546 LOG(ERROR) << "Could not create class loader context for " << vdex_path;
547 return dex_files;
548 }
549 DCHECK(context->OpenDexFiles(kRuntimeISA, ""))
550 << "Context created from already opened dex files should not attempt to open again";
551
552 // Check that we can use the vdex against this boot class path and in this class loader context.
553 // Note 1: We do not need a class loader collision check because there is no compiled code.
554 // Note 2: If these checks fail, we cannot fast-verify because the vdex does not contain
555 // full VerifierDeps.
556 if (!vdex_file->MatchesBootClassPathChecksums() ||
557 !vdex_file->MatchesClassLoaderContext(*context.get())) {
558 return dex_files;
559 }
560
561 // Initialize an OatFile instance backed by the loaded vdex.
562 std::unique_ptr<OatFile> oat_file(OatFile::OpenFromVdex(MakeNonOwningPointerVector(dex_files),
563 std::move(vdex_file),
564 dex_location));
565 if (oat_file != nullptr) {
566 VLOG(class_linker) << "Registering " << oat_file->GetLocation();
567 *out_oat_file = RegisterOatFile(std::move(oat_file));
568 }
569 return dex_files;
570 }
571
572 // Check how many vdex files exist in the same directory as the vdex file we are about
573 // to write. If more than or equal to kAnonymousVdexCacheSize, unlink the least
574 // recently used one(s) (according to stat-reported atime).
UnlinkLeastRecentlyUsedVdexIfNeeded(const std::string & vdex_path_to_add,std::string * error_msg)575 static bool UnlinkLeastRecentlyUsedVdexIfNeeded(const std::string& vdex_path_to_add,
576 std::string* error_msg) {
577 if (OS::FileExists(vdex_path_to_add.c_str())) {
578 // File already exists and will be overwritten.
579 // This will not change the number of entries in the cache.
580 return true;
581 }
582
583 auto last_slash = vdex_path_to_add.rfind('/');
584 CHECK(last_slash != std::string::npos);
585 std::string vdex_dir = vdex_path_to_add.substr(0, last_slash + 1);
586
587 if (!OS::DirectoryExists(vdex_dir.c_str())) {
588 // Folder does not exist yet. Cache has zero entries.
589 return true;
590 }
591
592 std::vector<std::pair<time_t, std::string>> cache;
593
594 DIR* c_dir = opendir(vdex_dir.c_str());
595 if (c_dir == nullptr) {
596 *error_msg = "Unable to open " + vdex_dir + " to delete unused vdex files";
597 return false;
598 }
599 for (struct dirent* de = readdir(c_dir); de != nullptr; de = readdir(c_dir)) {
600 if (de->d_type != DT_REG) {
601 continue;
602 }
603 std::string basename = de->d_name;
604 if (!OatFileAssistant::IsAnonymousVdexBasename(basename)) {
605 continue;
606 }
607 std::string fullname = vdex_dir + basename;
608
609 struct stat s;
610 int rc = TEMP_FAILURE_RETRY(stat(fullname.c_str(), &s));
611 if (rc == -1) {
612 *error_msg = "Failed to stat() anonymous vdex file " + fullname;
613 return false;
614 }
615
616 cache.push_back(std::make_pair(s.st_atime, fullname));
617 }
618 CHECK_EQ(0, closedir(c_dir)) << "Unable to close directory.";
619
620 if (cache.size() < OatFileManager::kAnonymousVdexCacheSize) {
621 return true;
622 }
623
624 std::sort(cache.begin(),
625 cache.end(),
626 [](const auto& a, const auto& b) { return a.first < b.first; });
627 for (size_t i = OatFileManager::kAnonymousVdexCacheSize - 1; i < cache.size(); ++i) {
628 if (unlink(cache[i].second.c_str()) != 0) {
629 *error_msg = "Could not unlink anonymous vdex file " + cache[i].second;
630 return false;
631 }
632 }
633
634 return true;
635 }
636
637 class BackgroundVerificationTask final : public Task {
638 public:
BackgroundVerificationTask(const std::vector<const DexFile * > & dex_files,jobject class_loader,const char * class_loader_context,const std::string & vdex_path)639 BackgroundVerificationTask(const std::vector<const DexFile*>& dex_files,
640 jobject class_loader,
641 const char* class_loader_context,
642 const std::string& vdex_path)
643 : dex_files_(dex_files),
644 class_loader_context_(class_loader_context),
645 vdex_path_(vdex_path) {
646 Thread* const self = Thread::Current();
647 ScopedObjectAccess soa(self);
648 // Create a global ref for `class_loader` because it will be accessed from a different thread.
649 class_loader_ = soa.Vm()->AddGlobalRef(self, soa.Decode<mirror::ClassLoader>(class_loader));
650 CHECK(class_loader_ != nullptr);
651 }
652
~BackgroundVerificationTask()653 ~BackgroundVerificationTask() {
654 Thread* const self = Thread::Current();
655 ScopedObjectAccess soa(self);
656 soa.Vm()->DeleteGlobalRef(self, class_loader_);
657 }
658
Run(Thread * self)659 void Run(Thread* self) override {
660 std::string error_msg;
661 ClassLinker* const class_linker = Runtime::Current()->GetClassLinker();
662 verifier::VerifierDeps verifier_deps(dex_files_);
663
664 // Iterate over all classes and verify them.
665 for (const DexFile* dex_file : dex_files_) {
666 for (uint32_t cdef_idx = 0; cdef_idx < dex_file->NumClassDefs(); cdef_idx++) {
667 const dex::ClassDef& class_def = dex_file->GetClassDef(cdef_idx);
668
669 // Take handles inside the loop. The background verification is low priority
670 // and we want to minimize the risk of blocking anyone else.
671 ScopedObjectAccess soa(self);
672 StackHandleScope<2> hs(self);
673 Handle<mirror::ClassLoader> h_loader(hs.NewHandle(
674 soa.Decode<mirror::ClassLoader>(class_loader_)));
675 Handle<mirror::Class> h_class(hs.NewHandle<mirror::Class>(class_linker->FindClass(
676 self,
677 dex_file->GetClassDescriptor(class_def),
678 h_loader)));
679
680 if (h_class == nullptr) {
681 CHECK(self->IsExceptionPending());
682 self->ClearException();
683 continue;
684 }
685
686 if (&h_class->GetDexFile() != dex_file) {
687 // There is a different class in the class path or a parent class loader
688 // with the same descriptor. This `h_class` is not resolvable, skip it.
689 continue;
690 }
691
692 CHECK(h_class->IsResolved()) << h_class->PrettyDescriptor();
693 class_linker->VerifyClass(self, h_class);
694 if (h_class->IsErroneous()) {
695 // ClassLinker::VerifyClass throws, which isn't useful here.
696 CHECK(soa.Self()->IsExceptionPending());
697 soa.Self()->ClearException();
698 }
699
700 CHECK(h_class->IsVerified() || h_class->IsErroneous())
701 << h_class->PrettyDescriptor() << ": state=" << h_class->GetStatus();
702
703 if (h_class->IsVerified()) {
704 verifier_deps.RecordClassVerified(*dex_file, class_def);
705 }
706 }
707 }
708
709 // Delete old vdex files if there are too many in the folder.
710 if (!UnlinkLeastRecentlyUsedVdexIfNeeded(vdex_path_, &error_msg)) {
711 LOG(ERROR) << "Could not unlink old vdex files " << vdex_path_ << ": " << error_msg;
712 return;
713 }
714
715 // Construct a vdex file and write `verifier_deps` into it.
716 if (!VdexFile::WriteToDisk(vdex_path_,
717 dex_files_,
718 verifier_deps,
719 class_loader_context_,
720 &error_msg)) {
721 LOG(ERROR) << "Could not write anonymous vdex " << vdex_path_ << ": " << error_msg;
722 return;
723 }
724 }
725
Finalize()726 void Finalize() override {
727 delete this;
728 }
729
730 private:
731 const std::vector<const DexFile*> dex_files_;
732 jobject class_loader_;
733 const std::string class_loader_context_;
734 const std::string vdex_path_;
735
736 DISALLOW_COPY_AND_ASSIGN(BackgroundVerificationTask);
737 };
738
RunBackgroundVerification(const std::vector<const DexFile * > & dex_files,jobject class_loader,const char * class_loader_context)739 void OatFileManager::RunBackgroundVerification(const std::vector<const DexFile*>& dex_files,
740 jobject class_loader,
741 const char* class_loader_context) {
742 Runtime* const runtime = Runtime::Current();
743 Thread* const self = Thread::Current();
744
745 if (runtime->IsJavaDebuggable()) {
746 // Threads created by ThreadPool ("runtime threads") are not allowed to load
747 // classes when debuggable to match class-initialization semantics
748 // expectations. Do not verify in the background.
749 return;
750 }
751
752 if (!IsSdkVersionSetAndAtLeast(runtime->GetTargetSdkVersion(), SdkVersion::kQ)) {
753 // Do not run for legacy apps as they may depend on the previous class loader behaviour.
754 return;
755 }
756
757 if (runtime->IsShuttingDown(self)) {
758 // Not allowed to create new threads during runtime shutdown.
759 return;
760 }
761
762 uint32_t location_checksum;
763 std::string dex_location;
764 std::string vdex_path;
765 if (OatFileAssistant::AnonymousDexVdexLocation(GetDexFileHeaders(dex_files),
766 kRuntimeISA,
767 &location_checksum,
768 &dex_location,
769 &vdex_path)) {
770 if (verification_thread_pool_ == nullptr) {
771 verification_thread_pool_.reset(
772 new ThreadPool("Verification thread pool", /* num_threads= */ 1));
773 verification_thread_pool_->StartWorkers(self);
774 }
775 verification_thread_pool_->AddTask(self, new BackgroundVerificationTask(
776 dex_files,
777 class_loader,
778 class_loader_context,
779 vdex_path));
780 }
781 }
782
WaitForWorkersToBeCreated()783 void OatFileManager::WaitForWorkersToBeCreated() {
784 DCHECK(!Runtime::Current()->IsShuttingDown(Thread::Current()))
785 << "Cannot create new threads during runtime shutdown";
786 if (verification_thread_pool_ != nullptr) {
787 verification_thread_pool_->WaitForWorkersToBeCreated();
788 }
789 }
790
DeleteThreadPool()791 void OatFileManager::DeleteThreadPool() {
792 verification_thread_pool_.reset(nullptr);
793 }
794
WaitForBackgroundVerificationTasks()795 void OatFileManager::WaitForBackgroundVerificationTasks() {
796 if (verification_thread_pool_ != nullptr) {
797 Thread* const self = Thread::Current();
798 verification_thread_pool_->WaitForWorkersToBeCreated();
799 verification_thread_pool_->Wait(self, /* do_work= */ true, /* may_hold_locks= */ false);
800 }
801 }
802
SetOnlyUseSystemOatFiles()803 void OatFileManager::SetOnlyUseSystemOatFiles() {
804 ReaderMutexLock mu(Thread::Current(), *Locks::oat_file_manager_lock_);
805 // Make sure all files that were loaded up to this point are on /system.
806 // Skip the image files as they can encode locations that don't exist (eg not
807 // containing the arch in the path, or for JIT zygote /nonx/existent).
808 std::vector<const OatFile*> boot_vector = GetBootOatFiles();
809 std::unordered_set<const OatFile*> boot_set(boot_vector.begin(), boot_vector.end());
810
811 for (const std::unique_ptr<const OatFile>& oat_file : oat_files_) {
812 if (boot_set.find(oat_file.get()) == boot_set.end()) {
813 CHECK(LocationIsOnSystem(oat_file->GetLocation().c_str())) << oat_file->GetLocation();
814 }
815 }
816 only_use_system_oat_files_ = true;
817 }
818
DumpForSigQuit(std::ostream & os)819 void OatFileManager::DumpForSigQuit(std::ostream& os) {
820 ReaderMutexLock mu(Thread::Current(), *Locks::oat_file_manager_lock_);
821 std::vector<const OatFile*> boot_oat_files = GetBootOatFiles();
822 for (const std::unique_ptr<const OatFile>& oat_file : oat_files_) {
823 if (ContainsElement(boot_oat_files, oat_file.get())) {
824 continue;
825 }
826 os << oat_file->GetLocation() << ": " << oat_file->GetCompilerFilter() << "\n";
827 }
828 }
829
830 } // namespace art
831