base/android/jni_android.cc - chromium/src - Git at Google

 // Copyright 2012 The Chromium Authors
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "base/android/jni_android.h"

 #include <stddef.h>
 #include <sys/prctl.h>

 #include "base/android/java_exception_reporter.h"
 #include "base/android/jni_string.h"
 #include "base/android/jni_utils.h"
 #include "base/android_runtime_jni_headers/Throwable_jni.h"
 #include "base/debug/debugging_buildflags.h"
 #include "base/feature_list.h"
 #include "base/logging.h"
 #include "base/strings/string_util.h"
 #include "build/build_config.h"
 #include "build/robolectric_buildflags.h"
 #include "third_party/jni_zero/jni_zero.h"

 // Must come after all headers that specialize FromJniType() / ToJniType().
 #include "base/jni_android_jni/JniAndroid_jni.h"

 namespace base {
 namespace android {
 namespace {

 // If disabled, we LOG(FATAL) immediately in native code when faced with an
 // uncaught Java exception (historical behavior). If enabled, we give the Java
 // uncaught exception handler a chance to handle the exception first, so that
 // the crash is (hopefully) seen as a Java crash, not a native crash.
 // TODO(crbug.com/40261529): remove this switch once we are confident the
 // new behavior is fine.
 BASE_FEATURE(kHandleExceptionsInJava,
              "HandleJniExceptionsInJava",
              base::FEATURE_ENABLED_BY_DEFAULT);

 jclass g_out_of_memory_error_class = nullptr;

 #if !BUILDFLAG(IS_ROBOLECTRIC)
 jmethodID g_class_loader_load_class_method_id = nullptr;
 // ClassLoader.loadClass() accepts either slashes or dots on Android, but JVM
 // requires dots. We could translate, but there is no need to go through
 // ClassLoaders in Robolectric anyways.
 // https://cs.android.com/search?q=symbol:DexFile_defineClassNative
 jclass GetClassFromSplit(JNIEnv* env,
                          const char* class_name,
                          const char* split_name) {
   DCHECK(IsStringASCII(class_name));
   ScopedJavaLocalRef<jstring> j_class_name(env, env->NewStringUTF(class_name));
   return static_cast<jclass>(env->CallObjectMethod(
       GetSplitClassLoader(env, split_name), g_class_loader_load_class_method_id,
       j_class_name.obj()));
 }

 // Must be called before using GetClassFromSplit - we need to set the global,
 // and we need to call GetClassLoader at least once to allow the default
 // resolver (env->FindClass()) to get our main ClassLoader class instance, which
 // we then cache use for all future calls to GetSplitClassLoader.
 void PrepareClassLoaders(JNIEnv* env) {
   if (g_class_loader_load_class_method_id == nullptr) {
     GetClassLoader(env);
     ScopedJavaLocalRef<jclass> class_loader_clazz = ScopedJavaLocalRef<jclass>(
         env, env->FindClass("java/lang/ClassLoader"));
     CHECK(!ClearException(env));
     g_class_loader_load_class_method_id =
         env->GetMethodID(class_loader_clazz.obj(), "loadClass",
                          "(Ljava/lang/String;)Ljava/lang/Class;");
     CHECK(!ClearException(env));
   }
 }
 #endif  // !BUILDFLAG(IS_ROBOLECTRIC)
 }  // namespace

 LogFatalCallback g_log_fatal_callback_for_testing = nullptr;
 const char kUnableToGetStackTraceMessage[] =
     "Unable to retrieve Java caller stack trace as the exception handler is "
     "being re-entered";
 const char kReetrantOutOfMemoryMessage[] =
     "While handling an uncaught Java exception, an OutOfMemoryError "
     "occurred.";
 const char kReetrantExceptionMessage[] =
     "While handling an uncaught Java exception, another exception "
     "occurred.";
 const char kUncaughtExceptionMessage[] =
     "Uncaught Java exception in native code. Please include the Java exception "
     "stack from the Android log in your crash report.";
 const char kUncaughtExceptionHandlerFailedMessage[] =
     "Uncaught Java exception in native code and the Java uncaught exception "
     "handler did not terminate the process. Please include the Java exception "
     "stack from the Android log in your crash report.";
 const char kOomInGetJavaExceptionInfoMessage[] =
     "Unable to obtain Java stack trace due to OutOfMemoryError";

 void InitVM(JavaVM* vm) {
   jni_zero::InitVM(vm);
   jni_zero::SetExceptionHandler(CheckException);
   JNIEnv* env = jni_zero::AttachCurrentThread();
 #if !BUILDFLAG(IS_ROBOLECTRIC)
   // Warm-up needed for GetClassFromSplit, must be called before we set the
   // resolver, since GetClassFromSplit won't work until after
   // PrepareClassLoaders has happened.
   PrepareClassLoaders(env);
   jni_zero::SetClassResolver(GetClassFromSplit);
 #endif
   g_out_of_memory_error_class = static_cast<jclass>(
       env->NewGlobalRef(env->FindClass("java/lang/OutOfMemoryError")));
   DCHECK(g_out_of_memory_error_class);
 }

 void CheckException(JNIEnv* env) {
   if (!jni_zero::HasException(env)) {
     return;
   }

   static thread_local bool g_reentering = false;
   if (g_reentering) {
     // We were handling an uncaught Java exception already, but one of the Java
     // methods we called below threw another exception. (This is unlikely to
     // happen, as we are careful to never throw from these methods, but we
     // can't rule it out entirely. E.g. an OutOfMemoryError when constructing
     // the jstring for the return value of
     // sanitizedStacktraceForUnhandledException().
     env->ExceptionDescribe();
     jthrowable raw_throwable = env->ExceptionOccurred();
     env->ExceptionClear();
     jclass clazz = env->GetObjectClass(raw_throwable);
     bool is_oom_error = env->IsSameObject(clazz, g_out_of_memory_error_class);
     env->Throw(raw_throwable);  // Ensure we don't re-enter Java.

     if (is_oom_error) {
       base::android::SetJavaException(kReetrantOutOfMemoryMessage);
       // Use different LOG(FATAL) statements to ensure unique stack traces.
       if (g_log_fatal_callback_for_testing) {
         g_log_fatal_callback_for_testing(kReetrantOutOfMemoryMessage);
       } else {
         LOG(FATAL) << kReetrantOutOfMemoryMessage;
       }
     } else {
       base::android::SetJavaException(kReetrantExceptionMessage);
       if (g_log_fatal_callback_for_testing) {
         g_log_fatal_callback_for_testing(kReetrantExceptionMessage);
       } else {
         LOG(FATAL) << kReetrantExceptionMessage;
       }
     }
     // Needed for tests, which do not terminate from LOG(FATAL).
     return;
   }
   g_reentering = true;

   // Log a message to ensure there is something in the log even if the rest of
   // this function goes horribly wrong, and also to provide a convenient marker
   // in the log for where Java exception crash information starts.
   LOG(ERROR) << "Crashing due to uncaught Java exception";

   const bool handle_exception_in_java =
       base::FeatureList::IsEnabled(kHandleExceptionsInJava);

   if (!handle_exception_in_java) {
     env->ExceptionDescribe();
   }

   // We cannot use `ScopedJavaLocalRef` directly because that ends up calling
   // env->GetObjectRefType() when DCHECK is on, and that call is not allowed
   // with a pending exception according to the JNI spec.
   jthrowable raw_throwable = env->ExceptionOccurred();
   // Now that we saved the reference to the throwable, clear the exception.
   //
   // We need to do this as early as possible to remove the risk that code below
   // might accidentally call back into Java, which is not allowed when `env`
   // has an exception set, per the JNI spec. (For example, LOG(FATAL) doesn't
   // work with a JNI exception set, because it calls
   // GetJavaStackTraceIfPresent()).
   env->ExceptionClear();
   // The reference returned by `ExceptionOccurred()` is a local reference.
   // `ExceptionClear()` merely removes the exception information from `env`;
   // it doesn't delete the reference, which is why this call is valid.
   auto throwable = ScopedJavaLocalRef<jthrowable>::Adopt(env, raw_throwable);

   if (!handle_exception_in_java) {
     base::android::SetJavaException(
         GetJavaExceptionInfo(env, throwable).c_str());
     if (g_log_fatal_callback_for_testing) {
       g_log_fatal_callback_for_testing(kUncaughtExceptionMessage);
     } else {
       LOG(FATAL) << kUncaughtExceptionMessage;
     }
     // Needed for tests, which do not terminate from LOG(FATAL).
     g_reentering = false;
     return;
   }

   // We don't need to call SetJavaException() in this branch because we
   // expect handleException() to eventually call JavaExceptionReporter through
   // the global uncaught exception handler.

   const std::string native_stack_trace = base::debug::StackTrace().ToString();
   LOG(ERROR) << "Native stack trace:" << std::endl << native_stack_trace;

   ScopedJavaLocalRef<jthrowable> secondary_exception =
       Java_JniAndroid_handleException(env, throwable, native_stack_trace);

   // Ideally handleException() should have terminated the process and we should
   // not get here. This can happen in the case of OutOfMemoryError or if the
   // app that embedded WebView installed an exception handler that does not
   // terminate, or itself threw an exception. We cannot be confident that
   // JavaExceptionReporter ran, so set the java exception explicitly.
   base::android::SetJavaException(
       GetJavaExceptionInfo(
           env, secondary_exception ? secondary_exception : throwable)
           .c_str());
   if (g_log_fatal_callback_for_testing) {
     g_log_fatal_callback_for_testing(kUncaughtExceptionHandlerFailedMessage);
   } else {
     LOG(FATAL) << kUncaughtExceptionHandlerFailedMessage;
   }
   // Needed for tests, which do not terminate from LOG(FATAL).
   g_reentering = false;
 }

 std::string GetJavaExceptionInfo(JNIEnv* env,
                                  const JavaRef<jthrowable>& throwable) {
   std::string sanitized_exception_string =
       Java_JniAndroid_sanitizedStacktraceForUnhandledException(env, throwable);
   // Returns null when PiiElider results in an OutOfMemoryError.
   return !sanitized_exception_string.empty()
              ? sanitized_exception_string
              : kOomInGetJavaExceptionInfoMessage;
 }

 std::string GetJavaStackTraceIfPresent() {
   JNIEnv* env = nullptr;
   JavaVM* jvm = jni_zero::GetVM();
   if (jvm) {
     jvm->GetEnv(reinterpret_cast<void**>(&env), JNI_VERSION_1_2);
   }
   if (!env) {
     // JNI has not been initialized on this thread.
     return {};
   }

   if (HasException(env)) {
     // This can happen if CheckException() is being re-entered, decided to
     // LOG(FATAL) immediately, and LOG(FATAL) itself is calling us. In that case
     // it is imperative that we don't try to call Java again.
     return kUnableToGetStackTraceMessage;
   }

   ScopedJavaLocalRef<jthrowable> throwable =
       JNI_Throwable::Java_Throwable_Constructor(env);
   std::string ret = GetJavaExceptionInfo(env, throwable);
   // Strip the exception message and leave only the "at" lines. Example:
   // java.lang.Throwable:
   // {tab}at Clazz.method(Clazz.java:111)
   // {tab}at ...
   size_t newline_idx = ret.find('\n');
   if (newline_idx == std::string::npos) {
     // There are no java frames.
     return {};
   }
   return ret.substr(newline_idx + 1);
 }

 }  // namespace android
 }  // namespace base

 DEFINE_JNI_FOR_JniAndroid()
	// Copyright 2012 The Chromium Authors
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "base/android/jni_android.h"

	#include <stddef.h>
	#include <sys/prctl.h>

	#include "base/android/java_exception_reporter.h"
	#include "base/android/jni_string.h"
	#include "base/android/jni_utils.h"
	#include "base/android_runtime_jni_headers/Throwable_jni.h"
	#include "base/debug/debugging_buildflags.h"
	#include "base/feature_list.h"
	#include "base/logging.h"
	#include "base/strings/string_util.h"
	#include "build/build_config.h"
	#include "build/robolectric_buildflags.h"
	#include "third_party/jni_zero/jni_zero.h"

	// Must come after all headers that specialize FromJniType() / ToJniType().
	#include "base/jni_android_jni/JniAndroid_jni.h"

	namespace base {
	namespace android {
	namespace {

	// If disabled, we LOG(FATAL) immediately in native code when faced with an
	// uncaught Java exception (historical behavior). If enabled, we give the Java
	// uncaught exception handler a chance to handle the exception first, so that
	// the crash is (hopefully) seen as a Java crash, not a native crash.
	// TODO(crbug.com/40261529): remove this switch once we are confident the
	// new behavior is fine.
	BASE_FEATURE(kHandleExceptionsInJava,
	"HandleJniExceptionsInJava",
	base::FEATURE_ENABLED_BY_DEFAULT);

	jclass g_out_of_memory_error_class = nullptr;

	#if !BUILDFLAG(IS_ROBOLECTRIC)
	jmethodID g_class_loader_load_class_method_id = nullptr;
	// ClassLoader.loadClass() accepts either slashes or dots on Android, but JVM
	// requires dots. We could translate, but there is no need to go through
	// ClassLoaders in Robolectric anyways.
	// https://cs.android.com/search?q=symbol:DexFile_defineClassNative
	jclass GetClassFromSplit(JNIEnv* env,
	const char* class_name,
	const char* split_name) {
	DCHECK(IsStringASCII(class_name));
	ScopedJavaLocalRef<jstring> j_class_name(env, env->NewStringUTF(class_name));
	return static_cast<jclass>(env->CallObjectMethod(
	GetSplitClassLoader(env, split_name), g_class_loader_load_class_method_id,
	j_class_name.obj()));
	}

	// Must be called before using GetClassFromSplit - we need to set the global,
	// and we need to call GetClassLoader at least once to allow the default
	// resolver (env->FindClass()) to get our main ClassLoader class instance, which
	// we then cache use for all future calls to GetSplitClassLoader.
	void PrepareClassLoaders(JNIEnv* env) {
	if (g_class_loader_load_class_method_id == nullptr) {
	GetClassLoader(env);
	ScopedJavaLocalRef<jclass> class_loader_clazz = ScopedJavaLocalRef<jclass>(
	env, env->FindClass("java/lang/ClassLoader"));
	CHECK(!ClearException(env));
	g_class_loader_load_class_method_id =
	env->GetMethodID(class_loader_clazz.obj(), "loadClass",
	"(Ljava/lang/String;)Ljava/lang/Class;");
	CHECK(!ClearException(env));
	}
	}
	#endif // !BUILDFLAG(IS_ROBOLECTRIC)
	} // namespace

	LogFatalCallback g_log_fatal_callback_for_testing = nullptr;
	const char kUnableToGetStackTraceMessage[] =
	"Unable to retrieve Java caller stack trace as the exception handler is "
	"being re-entered";
	const char kReetrantOutOfMemoryMessage[] =
	"While handling an uncaught Java exception, an OutOfMemoryError "
	"occurred.";
	const char kReetrantExceptionMessage[] =
	"While handling an uncaught Java exception, another exception "
	"occurred.";
	const char kUncaughtExceptionMessage[] =
	"Uncaught Java exception in native code. Please include the Java exception "
	"stack from the Android log in your crash report.";
	const char kUncaughtExceptionHandlerFailedMessage[] =
	"Uncaught Java exception in native code and the Java uncaught exception "
	"handler did not terminate the process. Please include the Java exception "
	"stack from the Android log in your crash report.";
	const char kOomInGetJavaExceptionInfoMessage[] =
	"Unable to obtain Java stack trace due to OutOfMemoryError";

	void InitVM(JavaVM* vm) {
	jni_zero::InitVM(vm);
	jni_zero::SetExceptionHandler(CheckException);
	JNIEnv* env = jni_zero::AttachCurrentThread();
	#if !BUILDFLAG(IS_ROBOLECTRIC)
	// Warm-up needed for GetClassFromSplit, must be called before we set the
	// resolver, since GetClassFromSplit won't work until after
	// PrepareClassLoaders has happened.
	PrepareClassLoaders(env);
	jni_zero::SetClassResolver(GetClassFromSplit);
	#endif
	g_out_of_memory_error_class = static_cast<jclass>(
	env->NewGlobalRef(env->FindClass("java/lang/OutOfMemoryError")));
	DCHECK(g_out_of_memory_error_class);
	}

	void CheckException(JNIEnv* env) {
	if (!jni_zero::HasException(env)) {
	return;
	}

	static thread_local bool g_reentering = false;
	if (g_reentering) {
	// We were handling an uncaught Java exception already, but one of the Java
	// methods we called below threw another exception. (This is unlikely to
	// happen, as we are careful to never throw from these methods, but we
	// can't rule it out entirely. E.g. an OutOfMemoryError when constructing
	// the jstring for the return value of
	// sanitizedStacktraceForUnhandledException().
	env->ExceptionDescribe();
	jthrowable raw_throwable = env->ExceptionOccurred();
	env->ExceptionClear();
	jclass clazz = env->GetObjectClass(raw_throwable);
	bool is_oom_error = env->IsSameObject(clazz, g_out_of_memory_error_class);
	env->Throw(raw_throwable); // Ensure we don't re-enter Java.

	if (is_oom_error) {
	base::android::SetJavaException(kReetrantOutOfMemoryMessage);
	// Use different LOG(FATAL) statements to ensure unique stack traces.
	if (g_log_fatal_callback_for_testing) {
	g_log_fatal_callback_for_testing(kReetrantOutOfMemoryMessage);
	} else {
	LOG(FATAL) << kReetrantOutOfMemoryMessage;
	}
	} else {
	base::android::SetJavaException(kReetrantExceptionMessage);
	if (g_log_fatal_callback_for_testing) {
	g_log_fatal_callback_for_testing(kReetrantExceptionMessage);
	} else {
	LOG(FATAL) << kReetrantExceptionMessage;
	}
	}
	// Needed for tests, which do not terminate from LOG(FATAL).
	return;
	}
	g_reentering = true;

	// Log a message to ensure there is something in the log even if the rest of
	// this function goes horribly wrong, and also to provide a convenient marker
	// in the log for where Java exception crash information starts.
	LOG(ERROR) << "Crashing due to uncaught Java exception";

	const bool handle_exception_in_java =
	base::FeatureList::IsEnabled(kHandleExceptionsInJava);

	if (!handle_exception_in_java) {
	env->ExceptionDescribe();
	}

	// We cannot use `ScopedJavaLocalRef` directly because that ends up calling
	// env->GetObjectRefType() when DCHECK is on, and that call is not allowed
	// with a pending exception according to the JNI spec.
	jthrowable raw_throwable = env->ExceptionOccurred();
	// Now that we saved the reference to the throwable, clear the exception.
	//
	// We need to do this as early as possible to remove the risk that code below
	// might accidentally call back into Java, which is not allowed when `env`
	// has an exception set, per the JNI spec. (For example, LOG(FATAL) doesn't
	// work with a JNI exception set, because it calls
	// GetJavaStackTraceIfPresent()).
	env->ExceptionClear();
	// The reference returned by `ExceptionOccurred()` is a local reference.
	// `ExceptionClear()` merely removes the exception information from `env`;
	// it doesn't delete the reference, which is why this call is valid.
	auto throwable = ScopedJavaLocalRef<jthrowable>::Adopt(env, raw_throwable);

	if (!handle_exception_in_java) {
	base::android::SetJavaException(
	GetJavaExceptionInfo(env, throwable).c_str());
	if (g_log_fatal_callback_for_testing) {
	g_log_fatal_callback_for_testing(kUncaughtExceptionMessage);
	} else {
	LOG(FATAL) << kUncaughtExceptionMessage;
	}
	// Needed for tests, which do not terminate from LOG(FATAL).
	g_reentering = false;
	return;
	}

	// We don't need to call SetJavaException() in this branch because we
	// expect handleException() to eventually call JavaExceptionReporter through
	// the global uncaught exception handler.

	const std::string native_stack_trace = base::debug::StackTrace().ToString();
	LOG(ERROR) << "Native stack trace:" << std::endl << native_stack_trace;

	ScopedJavaLocalRef<jthrowable> secondary_exception =
	Java_JniAndroid_handleException(env, throwable, native_stack_trace);

	// Ideally handleException() should have terminated the process and we should
	// not get here. This can happen in the case of OutOfMemoryError or if the
	// app that embedded WebView installed an exception handler that does not
	// terminate, or itself threw an exception. We cannot be confident that
	// JavaExceptionReporter ran, so set the java exception explicitly.
	base::android::SetJavaException(
	GetJavaExceptionInfo(
	env, secondary_exception ? secondary_exception : throwable)
	.c_str());
	if (g_log_fatal_callback_for_testing) {
	g_log_fatal_callback_for_testing(kUncaughtExceptionHandlerFailedMessage);
	} else {
	LOG(FATAL) << kUncaughtExceptionHandlerFailedMessage;
	}
	// Needed for tests, which do not terminate from LOG(FATAL).
	g_reentering = false;
	}

	std::string GetJavaExceptionInfo(JNIEnv* env,
	const JavaRef<jthrowable>& throwable) {
	std::string sanitized_exception_string =
	Java_JniAndroid_sanitizedStacktraceForUnhandledException(env, throwable);
	// Returns null when PiiElider results in an OutOfMemoryError.
	return !sanitized_exception_string.empty()
	? sanitized_exception_string
	: kOomInGetJavaExceptionInfoMessage;
	}

	std::string GetJavaStackTraceIfPresent() {
	JNIEnv* env = nullptr;
	JavaVM* jvm = jni_zero::GetVM();
	if (jvm) {
	jvm->GetEnv(reinterpret_cast<void**>(&env), JNI_VERSION_1_2);
	}
	if (!env) {
	// JNI has not been initialized on this thread.
	return {};
	}

	if (HasException(env)) {
	// This can happen if CheckException() is being re-entered, decided to
	// LOG(FATAL) immediately, and LOG(FATAL) itself is calling us. In that case
	// it is imperative that we don't try to call Java again.
	return kUnableToGetStackTraceMessage;
	}

	ScopedJavaLocalRef<jthrowable> throwable =
	JNI_Throwable::Java_Throwable_Constructor(env);
	std::string ret = GetJavaExceptionInfo(env, throwable);
	// Strip the exception message and leave only the "at" lines. Example:
	// java.lang.Throwable:
	// {tab}at Clazz.method(Clazz.java:111)
	// {tab}at ...
	size_t newline_idx = ret.find('\n');
	if (newline_idx == std::string::npos) {
	// There are no java frames.
	return {};
	}
	return ret.substr(newline_idx + 1);
	}

	} // namespace android
	} // namespace base

	DEFINE_JNI_FOR_JniAndroid()