/** Called by the Fuzzer to verify the mutated program using the host-side dex2oat. */
public boolean verifyOnHost(String programName) {
StringBuilder commandBuilder = new StringBuilder();
commandBuilder.append("dex2oat ");
commandBuilder.append("--instruction-set=").append(architecture.asString());
commandBuilder.append(" --instruction-set-features=default ");
// Select the correct boot image.
commandBuilder.append("--boot-image=").append(device.getAndroidProductOut());
if (device.noBootImageAvailable()) {
commandBuilder.append("/data/art-test/core.art ");
} else {
commandBuilder.append("/system/framework/boot.art ");
}
commandBuilder.append("--oat-file=output.oat ");
commandBuilder.append("--android-root=").append(device.getAndroidHostOut()).append(" ");
commandBuilder.append("--runtime-arg -classpath ");
commandBuilder.append("--runtime-arg ").append(programName).append(" ");
commandBuilder.append("--dex-file=").append(programName).append(" ");
commandBuilder.append("--compiler-filter=interpret-only --runtime-arg -Xnorelocate ");
ExecutionResult verificationResult =
device.executeCommand(commandBuilder.toString(), true, outputConsumer, errorConsumer);
boolean success = true;
if (verificationResult.isSigabort()) {
listener.handleHostVerificationSigabort(verificationResult);
success = false;
}
if (success) {
// Search for a keyword that indicates verification was not successful.
// TODO: Determine if dex2oat crashed?
for (String line : verificationResult.error) {
if (line.contains("Verification error") || line.contains("Failure to verify dex file")) {
success = false;
}
if (Options.dumpVerify) {
// Strip out the start of the log lines.
listener.handleDumpVerify(line.replaceFirst(".*(cc|h):\\d+] ", ""));
}
}
}
if (!success) {
listener.handleFailedHostVerification(verificationResult);
}
device.executeCommand("rm output.oat", false);
return success;
}
/**
* Because dex2oat can accept a program with soft errors on the host, and then fail after
* performing hard verification on the target, we need to check if the Executor detected a target
* verification failure, before doing anything else with the resulting output. Used by the Fuzzer.
*/
public boolean didTargetVerify() {
// TODO: Remove this once host-verification can be forced to always fail?
String output = executionResult.getFlattenedAll();
if (output.contains("VerifyError") || output.contains("Verification failed on class")) {
return false;
}
return true;
}