Add verification for invoke receiver types

Christian Wimmer · Christian Wimmer · commit 76b385f73004 · 2021-09-22T17:19:10.000-07:00
diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/SubstrateOptions.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/SubstrateOptions.java
@@ -620,4 +620,7 @@ protected void onValueUpdate(EconomicMap<OptionKey<?>, Object> values, String ol
     @APIOption(name = "configure-reflection-metadata")//
     @Option(help = "Limit method reflection metadata to configuration entries instead of including it for all reachable methods")//
     public static final HostedOptionKey<Boolean> ConfigureReflectionMetadata = new HostedOptionKey<>(true);
+
+    @Option(help = "Verify type states computed by the static analysis at run time", type = Debug)//
+    public static final HostedOptionKey<Boolean> VerifyTypes = new HostedOptionKey<>(true);
 }
diff --git a/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/graal/snippets/NonSnippetLowerings.java b/substratevm/src/com.oracle.svm.core/src/com/oracle/svm/core/graal/snippets/NonSnippetLowerings.java
@@ -33,15 +33,19 @@
 import org.graalvm.compiler.api.replacements.SnippetReflectionProvider;
 import org.graalvm.compiler.core.common.spi.ForeignCallDescriptor;
 import org.graalvm.compiler.core.common.type.StampPair;
+import org.graalvm.compiler.core.common.type.TypeReference;
 import org.graalvm.compiler.debug.DebugHandlersFactory;
 import org.graalvm.compiler.graph.Node;
 import org.graalvm.compiler.graph.NodeInputList;
+import org.graalvm.compiler.nodes.BeginNode;
 import org.graalvm.compiler.nodes.CallTargetNode;
 import org.graalvm.compiler.nodes.CallTargetNode.InvokeKind;
 import org.graalvm.compiler.nodes.ConstantNode;
 import org.graalvm.compiler.nodes.DirectCallTargetNode;
 import org.graalvm.compiler.nodes.FixedGuardNode;
 import org.graalvm.compiler.nodes.FixedNode;
+import org.graalvm.compiler.nodes.FixedWithNextNode;
+import org.graalvm.compiler.nodes.IfNode;
 import org.graalvm.compiler.nodes.IndirectCallTargetNode;
 import org.graalvm.compiler.nodes.Invoke;
 import org.graalvm.compiler.nodes.InvokeNode;
@@ -54,11 +58,14 @@
 import org.graalvm.compiler.nodes.StructuredGraph;
 import org.graalvm.compiler.nodes.ValueNode;
 import org.graalvm.compiler.nodes.calc.IsNullNode;
+import org.graalvm.compiler.nodes.extended.BranchProbabilityNode;
 import org.graalvm.compiler.nodes.extended.BytecodeExceptionNode;
 import org.graalvm.compiler.nodes.extended.BytecodeExceptionNode.BytecodeExceptionKind;
 import org.graalvm.compiler.nodes.extended.ForeignCallNode;
 import org.graalvm.compiler.nodes.extended.GetClassNode;
 import org.graalvm.compiler.nodes.extended.LoadHubNode;
+import org.graalvm.compiler.nodes.extended.OpaqueNode;
+import org.graalvm.compiler.nodes.java.InstanceOfNode;
 import org.graalvm.compiler.nodes.java.MethodCallTargetNode;
 import org.graalvm.compiler.nodes.memory.OnHeapMemoryAccess.BarrierType;
 import org.graalvm.compiler.nodes.memory.ReadNode;
@@ -73,6 +80,7 @@
 import org.graalvm.word.LocationIdentity;
 
 import com.oracle.svm.core.FrameAccess;
+import com.oracle.svm.core.SubstrateOptions;
 import com.oracle.svm.core.code.CodeInfoTable;
 import com.oracle.svm.core.graal.code.SubstrateBackend;
 import com.oracle.svm.core.graal.meta.RuntimeConfiguration;
@@ -81,6 +89,8 @@
 import com.oracle.svm.core.meta.SharedMethod;
 import com.oracle.svm.core.meta.SubstrateObjectConstant;
 import com.oracle.svm.core.snippets.ImplicitExceptions;
+import com.oracle.svm.core.snippets.SnippetRuntime;
+import com.oracle.svm.core.snippets.SubstrateForeignCallTarget;
 import com.oracle.svm.core.util.VMError;
 
 import jdk.vm.ci.code.CallingConvention;
@@ -93,9 +103,19 @@
 
 public abstract class NonSnippetLowerings {
 
+    public static final SnippetRuntime.SubstrateForeignCallDescriptor REPORT_VERIFY_TYPES_ERROR = SnippetRuntime.findForeignCall(NonSnippetLowerings.class, "reportVerifyTypesError", false,
+                    LocationIdentity.any());
+
     private final RuntimeConfiguration runtimeConfig;
     private final Predicate<ResolvedJavaMethod> mustNotAllocatePredicate;
 
+    final boolean verifyTypes = SubstrateOptions.VerifyTypes.getValue();
+
+    @SubstrateForeignCallTarget(stubCallingConvention = true)
+    private static void reportVerifyTypesError(Object object, String message) {
+        throw VMError.shouldNotReachHere("VerifyTypes found a type error for object " + (object == null ? "null" : object.getClass().getTypeName()) + ": " + message);
+    }
+
     @SuppressWarnings("unused")
     protected NonSnippetLowerings(RuntimeConfiguration runtimeConfig, Predicate<ResolvedJavaMethod> mustNotAllocatePredicate, OptionValues options, Iterable<DebugHandlersFactory> factories,
                     Providers providers, SnippetReflectionProvider snippetReflection, Map<Class<? extends Node>, NodeLoweringProvider<?>> lowerings) {
@@ -251,6 +271,24 @@ public void lower(FixedNode node, LoweringTool tool) {
                 JavaType[] signature = method.getSignature().toParameterTypes(callTarget.isStatic() ? null : method.getDeclaringClass());
                 CallingConvention.Type callType = method.getCallingConventionKind().toType(true);
 
+                if (verifyTypes && !callTarget.isStatic() && receiver.getStackKind() == JavaKind.Object) {
+                    ValueNode opaqueReceiver = graph.unique(new OpaqueNode(receiver));
+                    LogicNode instanceOf = graph.addOrUniqueWithInputs(InstanceOfNode.create(TypeReference.createTrustedWithoutAssumptions(method.getDeclaringClass()), opaqueReceiver));
+                    BeginNode passingBegin = graph.add(new BeginNode());
+                    BeginNode failingBegin = graph.add(new BeginNode());
+                    IfNode ifNode = graph.add(new IfNode(instanceOf, passingBegin, failingBegin, BranchProbabilityNode.EXTREMELY_FAST_PATH_PROFILE));
+
+                    FixedWithNextNode pred = (FixedWithNextNode) node.predecessor();
+                    pred.setNext(ifNode);
+                    passingBegin.setNext(node);
+
+                    ConstantNode errorMessage = ConstantNode.forConstant(tool.getConstantReflection().forString("Invoke of " + method.format("%H.%n(%p)%r")), tool.getMetaAccess(), graph);
+                    ForeignCallNode reportError = graph.add(new ForeignCallNode(REPORT_VERIFY_TYPES_ERROR, opaqueReceiver, errorMessage));
+                    reportError.setStateAfter(invoke.stateAfter().duplicateModifiedDuringCall(invoke.bci(), node.getStackKind()));
+                    failingBegin.setNext(reportError);
+                    reportError.setNext(graph.add(new LoweredDeadEndNode()));
+                }
+
                 InvokeKind invokeKind = callTarget.invokeKind();
                 SharedMethod[] implementations = method.getImplementations();
                 LoadHubNode hub = null;
diff --git a/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/snippets/ImplicitExceptionsFeature.java b/substratevm/src/com.oracle.svm.hosted/src/com/oracle/svm/hosted/snippets/ImplicitExceptionsFeature.java
@@ -25,9 +25,11 @@
 package com.oracle.svm.hosted.snippets;
 
 import com.oracle.graal.pointsto.meta.AnalysisMethod;
+import com.oracle.svm.core.SubstrateOptions;
 import com.oracle.svm.core.annotate.AutomaticFeature;
 import com.oracle.svm.core.graal.GraalFeature;
 import com.oracle.svm.core.graal.meta.SubstrateForeignCallsProvider;
+import com.oracle.svm.core.graal.snippets.NonSnippetLowerings;
 import com.oracle.svm.core.snippets.ExceptionUnwind;
 import com.oracle.svm.core.snippets.ImplicitExceptions;
 import com.oracle.svm.core.snippets.SnippetRuntime.SubstrateForeignCallDescriptor;
@@ -46,11 +48,17 @@ public void beforeAnalysis(BeforeAnalysisAccess a) {
         for (SubstrateForeignCallDescriptor descriptor : ExceptionUnwind.FOREIGN_CALLS) {
             access.getBigBang().addRootMethod((AnalysisMethod) descriptor.findMethod(access.getMetaAccess()));
         }
+        if (SubstrateOptions.VerifyTypes.getValue()) {
+            access.getBigBang().addRootMethod((AnalysisMethod) NonSnippetLowerings.REPORT_VERIFY_TYPES_ERROR.findMethod(access.getMetaAccess()));
+        }
     }
 
     @Override
     public void registerForeignCalls(SubstrateForeignCallsProvider foreignCalls) {
         foreignCalls.register(ImplicitExceptions.FOREIGN_CALLS);
         foreignCalls.register(ExceptionUnwind.FOREIGN_CALLS);
+        if (SubstrateOptions.VerifyTypes.getValue()) {
+            foreignCalls.register(NonSnippetLowerings.REPORT_VERIFY_TYPES_ERROR);
+        }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -620,4 +620,7 @@ protected void onValueUpdate(EconomicMap<OptionKey<?>, Object> values, String ol`
`620`	`620`	`@APIOption(name = "configure-reflection-metadata")//`
`621`	`621`	`@Option(help = "Limit method reflection metadata to configuration entries instead of including it for all reachable methods")//`
`622`	`622`	`public static final HostedOptionKey<Boolean> ConfigureReflectionMetadata = new HostedOptionKey<>(true);`
	`623`	`+`
	`624`	`+ @Option(help = "Verify type states computed by the static analysis at run time", type = Debug)//`
	`625`	`+ public static final HostedOptionKey<Boolean> VerifyTypes = new HostedOptionKey<>(true);`
`623`	`626`	`}`