[Soot-list] dava Error : Could not verify approximated Synch ronized body

Tue Jun 19 13:37:24 EDT 2007

Michael, I think in this particular case, this here is the problem:

r2 = $r4;
entermonitor $r4;
exitmonitor r2;

We need to use must-alias analysis in order to tell that $r4 and r2
are the same. (Or alternatively, a copy-propagation. I think if we add
must-alias, we should eb able to handle this gracefully.

@Dionne: I think if that's all you want to do it might be enoough to
look at the Jimple output, actually. I find it reasonable easy to read
for such purposes.

Eric

On 19/06/07, Dionne, Sebastien <Sebastien.Dionne at fbn.ca> wrote:
>
> thanks.
>
> I know that Jad don't decompile perfectly and it's even harder maybe
> impossible to correctly decompile an offuscated class.  but in the case it's
> not offuscated.
>
> I just receive a new version of an API and I wanted to know what were the
> differences in the code.  I have to know if I can deploy this new librairies
> in production without refactoring all our gateways.
>
> There were concurrency problems in the last API.  Most of the changes are
> synchronized block that been added.  I saw them in few classes.
>
>
> Sébastien Dionne ing. jr.
> Financière Banque Nationale
> Analyste programmeur Senior
> tel : 514-879-3107
> courriel : sebastien.dionne at fbn.ca
>
> -----Original Message-----
> From: mbatch at cs.mcgill.ca [mailto:mbatch at cs.mcgill.ca]
> Sent: 2007/06/19 12:46
> To: Dionne, Sebastien
> Cc: 'soot-list at sable.mcgill.ca'
> Subject: Re: [Soot-list] dava Error : Could not verify approximated
> Synchronized body
>
> On Tue, June 19, 2007 10:33 am, Dionne, Sebastien wrote:
> > I'm trying to decompile a class but I got an error.  There is a way to
> > fix it ?
> >
> > I try with JAD and I obtain this (if that could help)
>
> Dionne,
>
> It appears as though the class you are decompiling has some complicated
> control flow containing some synchronized blocks. It is difficult to
> identify the exact problem without seeing the class file itself, but you
> are basically seeing the same problem with both Jad and Dava. Jad handles
> problems by just spitting out the class-level bytecode instructions if it
> cannot figure out how to translate them to java source. This is why you
> get the line "JVM INSTR monitorexit ;" for example.
>
> Dava is just slightly more clear on the problem, by failing with an
> exception. It is telling you exactly what the problem is: "Could not
> verify approximated Synchronized body".
>
> While the class may be "correct" bytecode and even verifiable, this does
> not guarantee that automatic tools such as Dava or Jad can necessarily
> decompile them. This is especially a problem for bytecode generated by
> third-party tools such as bytecode instrumenters or other frameworks that
> compile their own code with a non-standard compiler.
>
> I suspect, too, that this code might have been semi-obfuscated, given the
> program method and variable names. The entire point of obfuscating is to
> complicate decompilation attempts and this might be exactly what is
> happening here.
>
> Michael Batchelder
>
> >
> >
> >
> > private void a(BFContext bfcontext) {
> > label0:
> > {
> > synchronized(y) {
> > if(bfcontext.d < 0 || bfcontext.d >= z.size() || a(bfcontext.d) !=
> > bfcontext) break label0; }
> > return; }
> > if(ab == null) {
> > bfcontext.d = z.size(); z.addElement(bfcontext); } else
> > {
> > bfcontext.d = ab.intValue(); ab = (Integer)z.elementAt(ab.intValue());
> > z.setElementAt(bfcontext, bfcontext.d); }
> > if(a()) b(bfcontext.d, "+++"); abyte0; JVM INSTR monitorexit ;
> > goto _L1 exception; throw exception; _L1:
> > }
> >
> >
> >
> >
> > -------------------------------------------------------------------------
> > ---
> > --------------------------------------------------------------------------
> > --
> > ----------------------------------
> >
> >
> >
> >
> > C:\workspace-test\test-soot-bf>java -Xmx400m -classpath
> > sootclasses-2.2.4.jar;polyglot.jar;C:\workspace-test\test-soot-b
> > f\classes;C:\jdk_5\jre\lib\rt.jar;C:\jdk_5\jre\lib\jsse.jar;C:\jdk_5\jre\l
> > ib \jce.jar;C:\jdk_5\jre\lib\charsets.jar;C:\jd
> > k_5\jre\lib\ext\dnsns.jar;C:\jdk_5\jre\lib\ext\localedata.jar;C:\jdk_5\jre
> > \l
> > ib\ext\sunjce_provider.jar;C:\jdk_5\jre\lib\
> > ext\sunmscapi.jar;C:\jdk_5\jre\lib\ext\sunpkcs11.jar soot.Main --cp
> > sootclasses-2.2.4.jar;polyglot.jar;C:\workspace-test
> > \test-soot-bf\classes;C:\jdk_5\jre\lib\rt.jar;C:\jdk_5\jre\lib\jsse.jar;C:
> > \j
> > dk_5\jre\lib\jce.jar;C:\jdk_5\jre\lib\charse
> > ts.jar;C:\jdk_5\jre\lib\ext\dnsns.jar;C:\jdk_5\jre\lib\ext\localedata.jar;
> > C:
> > \jdk_5\jre\lib\ext\sunjce_provider.jar;C:\jd
> > k_5\jre\lib\ext\sunmscapi.jar;C:\jdk_5\jre\lib\ext\sunpkcs11.jar
> > --process-dir C:\workspace-test\test-soot-bf\classes -d
> > C:\workspace-test\test-soot-bf\sootOutput\ -f dava
> > Soot started on Tue Jun 19 10:19:28 EDT 2007
> > Verifying exception handling.. Warning: using incomplete callgraph
> > containing only application classes. [Call Graph] For information on where
> > the call graph may be incomplete, use the verbose option to the cg phase.
> .
> >
> >
> > Decompiling com.bridge.feed.server.BFContext...
> > Decompiling com.bridge.feed.server.BFContextAdmin...
> > Decompiling com.bridge.feed.server.BFContextLogin...
> > Decompiling com.bridge.feed.server.BFContextStartup...
> > Decompiling com.bridge.feed.server.BFCrypt...
> > Decompiling com.bridge.feed.server.BFDriver...
> > Exception in thread "main" java.lang.RuntimeException: Could not verify
> > approximated Synchronized body at
> > soot.dava.toolkits.base.finders.SynchronizedBlockFinder.find(Synchronized
> > Blo
> > ckFinder.java:163)
> > at soot.dava.DavaBody.<init>(DavaBody.java:331) at
> > soot.dava.Dava.newBody(Dava.java:84)
> > at soot.PackManager.runBodyPacks(PackManager.java:807) at
> > soot.PackManager.runBodyPacks(PackManager.java:451)
> > at soot.PackManager.runBodyPacks(PackManager.java:370) at
> > soot.PackManager.runPacks(PackManager.java:347)
> > at soot.Main.run(Main.java:203) at soot.Main.main(Main.java:146)
> >
> > Sébastien Dionne ing. jr.
> > Financière Banque Nationale
> > Analyste programmeur Senior
> > tel : 514-879-3107 courriel : sebastien.dionne at fbn.ca
> >
> >
> >
> > **************************************************
> > AVIS DE NON-RESPONSABILITE: Ce document transmis par courrier electronique
> > est destine uniquement a la personne ou a l'entite a qui il est adresse
> > et peut contenir des renseignements confidentiels et assujettis au secret
> > professionnel. La confidentialite et le secret professionnel demeurent
> > malgre l'envoi de ce document a la mauvaise adresse electronique. Si vous
> > n'etes pas le destinataire vise ou la personne chargee de remettre ce
> > document a son destinataire, veuillez nous en informer sans delai et
> > detruire ce document ainsi que toute copie qui en aurait ete faite. Toute
> > distribution, reproduction ou autre utilisation de ce document est
> > strictement interdite. De plus, le Groupe Financiere Banque Nationale et
> > ses filiales ne peuvent pas etre tenus responsables des dommages pouvant
> > etre causes par des virus ou des erreurs de transmission.
> >
> > DISCLAIMER: This documentation transmitted by electronic mail is intended
> > for the use of the individual to whom or the entity to which it is
> > addressed and may contain information which is confidential and
> > privileged. Confidentiality and privilege are not lost by this
> > documentation having been sent to the wrong electronic mail address. If
> > you are not the intended recipient or the person responsible for
> > delivering it to the intended recipient please notify the sender
> > immediately and destroy this document as well as any copies of it. Any
> > distribution, reproduction or other use of this document is strictly
> > prohibited. National Bank Financial Group and its affiliates cannot be
> > held liable for any damage that may be caused by viruses or transmission
> > errors. **************************************************
> >
> >
> > _______________________________________________
> > Soot-list mailing list
> > Soot-list at sable.mcgill.ca
> > http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
> >
> >
>
>
>
> **************************************************
> AVIS DE NON-RESPONSABILITE: Ce document transmis par courrier electronique est destine uniquement a la personne ou a l'entite a qui il est adresse et peut contenir des renseignements confidentiels et assujettis au secret professionnel. La confidentialite et le secret professionnel demeurent malgre l'envoi de ce document a la mauvaise adresse electronique. Si vous n'etes pas le destinataire vise ou la personne chargee de remettre ce document a son destinataire, veuillez nous en informer sans delai et detruire ce document ainsi que toute copie qui en aurait ete faite. Toute distribution, reproduction ou autre utilisation de ce document est strictement interdite. De plus, le Groupe Financiere Banque Nationale et ses filiales ne peuvent pas etre tenus responsables des dommages pouvant etre causes par des virus ou des erreurs de transmission.
>
> DISCLAIMER: This documentation transmitted by electronic mail is intended for the use of the individual to whom or the entity to which it is addressed and may contain information which is confidential and privileged. Confidentiality and privilege are not lost by this documentation having been sent to the wrong electronic mail address. If you are not the intended recipient or the person responsible for delivering it to the intended recipient please notify the sender immediately and destroy this document as well as any copies of it. Any distribution, reproduction or other use of this document is strictly prohibited. National Bank Financial Group and its affiliates cannot be held liable for any damage that may be caused by viruses or transmission errors.
> **************************************************
>
>
> _______________________________________________
> Soot-list mailing list
> Soot-list at sable.mcgill.ca
> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>

-- 
Eric Bodden
Sable Research Group
McGill University, Montréal, Canada