StrictMode: gather and return violating stacks in Binder replies
Now, when Thread A has a strict mode policy in effect and does a
Binder call to Thread B (most likely in another process), the strict
mode policy is passed along, but with the GATHER penalty bit set which
overrides other policies and instead gathers all offending stack
traces to a threadlocal which are then written back in the Parcel's
reply header.
Change-Id: I7d4497032a0609b37b1a2a15855f5c929ba0584d
diff --git a/core/java/android/os/Parcel.java b/core/java/android/os/Parcel.java
index 8ad600c..bfe3b60 100644
--- a/core/java/android/os/Parcel.java
+++ b/core/java/android/os/Parcel.java
@@ -176,6 +176,7 @@
*/
public final class Parcel {
private static final boolean DEBUG_RECYCLE = false;
+ private static final String TAG = "Parcel";
@SuppressWarnings({"UnusedDeclaration"})
private int mObject; // used by native code
@@ -214,12 +215,14 @@
private static final int VAL_BOOLEANARRAY = 23;
private static final int VAL_CHARSEQUENCEARRAY = 24;
+ // The initial int32 in a Binder call's reply Parcel header:
private static final int EX_SECURITY = -1;
private static final int EX_BAD_PARCELABLE = -2;
private static final int EX_ILLEGAL_ARGUMENT = -3;
private static final int EX_NULL_POINTER = -4;
private static final int EX_ILLEGAL_STATE = -5;
-
+ private static final int EX_HAS_REPLY_HEADER = -128; // special; see below
+
public final static Parcelable.Creator<String> STRING_CREATOR
= new Parcelable.Creator<String>() {
public String createFromParcel(Parcel source) {
@@ -1216,7 +1219,31 @@
* @see #readException
*/
public final void writeNoException() {
- writeInt(0);
+ // Despite the name of this function ("write no exception"),
+ // it should instead be thought of as "write the RPC response
+ // header", but because this function name is written out by
+ // the AIDL compiler, we're not going to rename it.
+ //
+ // The response header, in the non-exception case (see also
+ // writeException above, also called by the AIDL compiler), is
+ // either a 0 (the default case), or EX_HAS_REPLY_HEADER if
+ // StrictMode has gathered up violations that have occurred
+ // during a Binder call, in which case we write out the number
+ // of violations and their details, serialized, before the
+ // actual RPC respons data. The receiving end of this is
+ // readException(), below.
+ if (StrictMode.hasGatheredViolations()) {
+ writeInt(EX_HAS_REPLY_HEADER);
+ final int sizePosition = dataPosition();
+ writeInt(0); // total size of fat header, to be filled in later
+ StrictMode.writeGatheredViolationsToParcel(this);
+ final int payloadPosition = dataPosition();
+ setDataPosition(sizePosition);
+ writeInt(payloadPosition - sizePosition); // header size
+ setDataPosition(payloadPosition);
+ } else {
+ writeInt(0);
+ }
}
/**
@@ -1229,10 +1256,44 @@
* @see #writeNoException
*/
public final void readException() {
+ int code = readExceptionCode();
+ if (code != 0) {
+ String msg = readString();
+ readException(code, msg);
+ }
+ }
+
+ /**
+ * Parses the header of a Binder call's response Parcel and
+ * returns the exception code. Deals with lite or fat headers.
+ * In the common successful case, this header is generally zero.
+ * In less common cases, it's a small negative number and will be
+ * followed by an error string.
+ *
+ * This exists purely for android.database.DatabaseUtils and
+ * insulating it from having to handle fat headers as returned by
+ * e.g. StrictMode-induced RPC responses.
+ *
+ * @hide
+ */
+ public final int readExceptionCode() {
int code = readInt();
- if (code == 0) return;
- String msg = readString();
- readException(code, msg);
+ if (code == EX_HAS_REPLY_HEADER) {
+ int headerSize = readInt();
+ if (headerSize == 0) {
+ Log.e(TAG, "Unexpected zero-sized Parcel reply header.");
+ } else {
+ // Currently the only thing in the header is StrictMode stacks,
+ // but discussions around event/RPC tracing suggest we might
+ // put that here too. If so, switch on sub-header tags here.
+ // But for now, just parse out the StrictMode stuff.
+ StrictMode.readAndHandleBinderCallViolations(this);
+ }
+ // And fat response headers are currently only used when
+ // there are no exceptions, so return no error:
+ return 0;
+ }
+ return code;
}
/**
@@ -1872,13 +1933,13 @@
creator = (Parcelable.Creator)f.get(null);
}
catch (IllegalAccessException e) {
- Log.e("Parcel", "Class not found when unmarshalling: "
+ Log.e(TAG, "Class not found when unmarshalling: "
+ name + ", e: " + e);
throw new BadParcelableException(
"IllegalAccessException when unmarshalling: " + name);
}
catch (ClassNotFoundException e) {
- Log.e("Parcel", "Class not found when unmarshalling: "
+ Log.e(TAG, "Class not found when unmarshalling: "
+ name + ", e: " + e);
throw new BadParcelableException(
"ClassNotFoundException when unmarshalling: " + name);
@@ -1983,7 +2044,7 @@
if (DEBUG_RECYCLE) {
mStack = new RuntimeException();
}
- //Log.i("Parcel", "Initializing obj=0x" + Integer.toHexString(obj), mStack);
+ //Log.i(TAG, "Initializing obj=0x" + Integer.toHexString(obj), mStack);
init(obj);
}
@@ -1991,7 +2052,7 @@
protected void finalize() throws Throwable {
if (DEBUG_RECYCLE) {
if (mStack != null) {
- Log.w("Parcel", "Client did not call Parcel.recycle()", mStack);
+ Log.w(TAG, "Client did not call Parcel.recycle()", mStack);
}
}
destroy();
@@ -2015,7 +2076,7 @@
ClassLoader loader) {
while (N > 0) {
Object value = readValue(loader);
- //Log.d("Parcel", "Unmarshalling value=" + value);
+ //Log.d(TAG, "Unmarshalling value=" + value);
outVal.add(value);
N--;
}
@@ -2025,7 +2086,7 @@
ClassLoader loader) {
for (int i = 0; i < N; i++) {
Object value = readValue(loader);
- //Log.d("Parcel", "Unmarshalling value=" + value);
+ //Log.d(TAG, "Unmarshalling value=" + value);
outVal[i] = value;
}
}
@@ -2035,7 +2096,7 @@
while (N > 0) {
int key = readInt();
Object value = readValue(loader);
- //Log.i("Parcel", "Unmarshalling key=" + key + " value=" + value);
+ //Log.i(TAG, "Unmarshalling key=" + key + " value=" + value);
outVal.append(key, value);
N--;
}
@@ -2046,7 +2107,7 @@
while (N > 0) {
int key = readInt();
boolean value = this.readByte() == 1;
- //Log.i("Parcel", "Unmarshalling key=" + key + " value=" + value);
+ //Log.i(TAG, "Unmarshalling key=" + key + " value=" + value);
outVal.append(key, value);
N--;
}