[Soot-list] Re: Soot-list Digest, Vol 26, Issue 13
diana.gheorghiu at mail.mcgill.ca
diana.gheorghiu at mail.mcgill.ca
Wed Jun 20 11:43:26 EDT 2007
Hi Dionne,
I am currently working on fixing Dava to decompile synchronized blocks
properly. As Eric mentioned in the Soot mailing list, it seems that
Dava is getting confused about what goes in the synchronized block
because the variable that is entered on is different from the one in
the exit. This is fixed in my new analysis which checks for aliases.
It seems that Jad is also getting confused about the catch block
associated with the synch block.
Java requires that when a method finishes, whether normally or
abruptly, all the monitors it acquired are released. Thus, when a
synchronized block is compiled, it is placed in a try-catch so that if
anything goes wrong, the catch ensures that the monitor is released. In
order to be _absolutely_ sure that this rule is enforced, the javac
compiler will have this trap catch any exceptions that are thrown
_during its own execution_. This is the reason that you see three catch
labels in Jimple.
Looking at the Jimple code for the method, it seems that you have two
monitorexits in the body and one in the catch. I'm guessing there is a
return statement inside of the synchronized body which may also be the
reason that Dava screws up.
So to sum it up:
- Dava is getting fixed. I have an analysis that I think works and I'll
be incorporating it into the decompiler soon. - Java makes sure that
you always exit all entered monitors before you leave the method so you
may have more than one monitorexit in each method.
- The catch that covers itself is put there by the compiler to ensure
that all monitors are exited but it would not be part of the original
source code.
I hope that was helpful. Please let me know if I can answer any more
questions.
Diana
Quoting soot-list-request at sable.mcgill.ca:
> Send Soot-list mailing list submissions to
> soot-list at sable.mcgill.ca
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
> or, via email, send a message with subject or body 'help' to
> soot-list-request at sable.mcgill.ca
>
> You can reach the person managing the list at
> soot-list-owner at sable.mcgill.ca
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Soot-list digest..."
>
>
> Today's Topics:
>
> 1. RE: dava Error : Could not verify approximated Synch ronized
> body (Dionne, Sebastien)
> 2. RE: dava Error : Could not verify approximated Synch
> ronized body (mbatch at cs.mcgill.ca)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 19 Jun 2007 13:50:01 -0400
> From: "Dionne, Sebastien" <Sebastien.Dionne at fbn.ca>
> Subject: RE: [Soot-list] dava Error : Could not verify approximated
> Synch ronized body
> To: 'Eric Bodden' <eric.bodden at mail.mcgill.ca>
> Cc: soot-list at sable.mcgill.ca
> Message-ID:
> <7B3D3F9DDE6DB341A696EDC61200FEAC13BDAC4B at fbmsg008.fbn-nbf.local>
> Content-Type: text/plain; charset="iso-8859-1"
>
> OK. the trouble is to recreate all the java sources. to test our gateways
> we are using tracing into all the classes even this librairies. That's why I
> try to obtain the java source. I can do it manually.
>
>
> How should I interpret the code from jimple ? (an exemple below)
>
>
> ---- JAD ----
>
> private void a(BFContext bfcontext)
> {
> label0:
> {
> synchronized(y)
> {
> if(bfcontext.d < 0 || bfcontext.d >= z.size() ||
> a(bfcontext.d) != bfcontext)
> break label0;
> }
> return;
> }
> if(ab == null)
> {
> bfcontext.d = z.size();
> z.addElement(bfcontext);
> } else
> {
> bfcontext.d = ab.intValue();
> ab = (Integer)z.elementAt(ab.intValue());
> z.setElementAt(bfcontext, bfcontext.d);
> }
> if(a())
> b(bfcontext.d, "+++");
> abyte0;
> JVM INSTR monitorexit ;
> goto _L1
> exception;
> throw exception;
> _L1:
> }
>
>
> is it the throw Exception the problem ? (if I compare to jimple, that have
> 3 throws at the end)
>
> label0: should be a try {
>
> and
>
> abyte0;
> JVM INSTR monitorexit ;
> goto _L1
> exception;
> throw exception;
> _L1:
>
> } catch(Exception e){throw e}
>
>
> ???
>
> -------------- JIMPLE ----------------
> private void a(com.bridge.feed.server.BFContext)
> {
> com.bridge.feed.server.BFDriver r0;
> com.bridge.feed.server.BFContext r1, $r6;
> byte[] r2, $r4;
> java.lang.Throwable r3, $r16;
> int $i0, $i1, $i2, $i3, $i4, $i5, $i6, $i7, $i8;
> java.util.Vector $r5, $r8, $r9, $r11, $r15;
> java.lang.Integer $r7, $r10, $r12, $r14;
> java.lang.Object $r13;
> boolean $z0;
>
> r0 := @this: com.bridge.feed.server.BFDriver;
> r1 := @parameter0: com.bridge.feed.server.BFContext;
> $r4 = r0.<com.bridge.feed.server.BFDriver: byte[] y>;
> r2 = $r4;
> entermonitor $r4;
>
> label0:
> $i0 = r1.<com.bridge.feed.server.BFContext: int d>;
> if $i0 < 0 goto label2;
>
> $i1 = r1.<com.bridge.feed.server.BFContext: int d>;
> $r5 = r0.<com.bridge.feed.server.BFDriver: java.util.Vector z>;
> $i2 = virtualinvoke $r5.<java.util.Vector: int size()>();
> if $i1 >= $i2 goto label2;
>
> $i3 = r1.<com.bridge.feed.server.BFContext: int d>;
> $r6 = virtualinvoke r0.<com.bridge.feed.server.BFDriver:
> com.bridge.feed.server.BFContext a(int)>($i3);
> if $r6 != r1 goto label2;
>
> exitmonitor r2;
>
> label1:
> return;
>
> label2:
> $r7 = r0.<com.bridge.feed.server.BFDriver: java.lang.Integer ab>;
> if $r7 != null goto label3;
>
> $r8 = r0.<com.bridge.feed.server.BFDriver: java.util.Vector z>;
> $i4 = virtualinvoke $r8.<java.util.Vector: int size()>();
> r1.<com.bridge.feed.server.BFContext: int d> = $i4;
> $r9 = r0.<com.bridge.feed.server.BFDriver: java.util.Vector z>;
> virtualinvoke $r9.<java.util.Vector: void
> addElement(java.lang.Object)>(r1);
> goto label4;
>
> label3:
> $r10 = r0.<com.bridge.feed.server.BFDriver: java.lang.Integer ab>;
> $i5 = virtualinvoke $r10.<java.lang.Integer: int intValue()>();
> r1.<com.bridge.feed.server.BFContext: int d> = $i5;
> $r11 = r0.<com.bridge.feed.server.BFDriver: java.util.Vector z>;
> $r12 = r0.<com.bridge.feed.server.BFDriver: java.lang.Integer ab>;
> $i6 = virtualinvoke $r12.<java.lang.Integer: int intValue()>();
> $r13 = virtualinvoke $r11.<java.util.Vector: java.lang.Object
> elementAt(int)>($i6);
> $r14 = (java.lang.Integer) $r13;
> r0.<com.bridge.feed.server.BFDriver: java.lang.Integer ab> = $r14;
> $r15 = r0.<com.bridge.feed.server.BFDriver: java.util.Vector z>;
> $i7 = r1.<com.bridge.feed.server.BFContext: int d>;
> virtualinvoke $r15.<java.util.Vector: void
> setElementAt(java.lang.Object,int)>(r1, $i7);
>
> label4:
> $z0 = virtualinvoke r0.<com.bridge.feed.server.BFDriver: boolean
> a()>();
> if $z0 == 0 goto label5;
>
> $i8 = r1.<com.bridge.feed.server.BFContext: int d>;
> specialinvoke r0.<com.bridge.feed.server.BFDriver: void
> b(int,java.lang.String)>($i8, "+++");
>
> label5:
> exitmonitor r2;
>
> label6:
> goto label10;
>
> label7:
> $r16 := @caughtexception;
>
> label8:
> r3 = $r16;
> exitmonitor r2;
>
> label9:
> throw r3;
>
> label10:
> return;
>
> catch java.lang.Throwable from label0 to label1 with label7;
> catch java.lang.Throwable from label2 to label6 with label7;
> catch java.lang.Throwable from label8 to label9 with label7;
> }
>
>
>
>
>
>
>
> Sébastien Dionne ing. jr.
> Financière Banque Nationale
> Analyste programmeur Senior
> tel : 514-879-3107
> courriel : sebastien.dionne at fbn.ca
>
> -----Original Message-----
> From: eric.bodden at googlemail.com [mailto:eric.bodden at googlemail.com] On
> Behalf Of Eric Bodden
> Sent: 2007/06/19 13:37
> To: Dionne, Sebastien
> Cc: mbatch at cs.mcgill.ca; soot-list at sable.mcgill.ca
> Subject: Re: [Soot-list] dava Error : Could not verify approximated Synch
> ronized body
>
> Michael, I think in this particular case, this here is the problem:
>
>
> r2 = $r4;
> entermonitor $r4;
> exitmonitor r2;
>
>
> We need to use must-alias analysis in order to tell that $r4 and r2
> are the same. (Or alternatively, a copy-propagation. I think if we add
> must-alias, we should eb able to handle this gracefully.
>
> @Dionne: I think if that's all you want to do it might be enoough to
> look at the Jimple output, actually. I find it reasonable easy to read
> for such purposes.
>
> Eric
>
> On 19/06/07, Dionne, Sebastien <Sebastien.Dionne at fbn.ca> wrote:
>>
>> thanks.
>>
>> I know that Jad don't decompile perfectly and it's even harder maybe
>> impossible to correctly decompile an offuscated class. but in the case
> it's
>> not offuscated.
>>
>> I just receive a new version of an API and I wanted to know what were the
>> differences in the code. I have to know if I can deploy this new
> librairies
>> in production without refactoring all our gateways.
>>
>> There were concurrency problems in the last API. Most of the changes are
>> synchronized block that been added. I saw them in few classes.
>>
>>
>> Sébastien Dionne ing. jr.
>> Financière Banque Nationale
>> Analyste programmeur Senior
>> tel : 514-879-3107
>> courriel : sebastien.dionne at fbn.ca
>>
>> -----Original Message-----
>> From: mbatch at cs.mcgill.ca [mailto:mbatch at cs.mcgill.ca]
>> Sent: 2007/06/19 12:46
>> To: Dionne, Sebastien
>> Cc: 'soot-list at sable.mcgill.ca'
>> Subject: Re: [Soot-list] dava Error : Could not verify approximated
>> Synchronized body
>>
>> On Tue, June 19, 2007 10:33 am, Dionne, Sebastien wrote:
>> > I'm trying to decompile a class but I got an error. There is a way to
>> > fix it ?
>> >
>> > I try with JAD and I obtain this (if that could help)
>>
>> Dionne,
>>
>> It appears as though the class you are decompiling has some complicated
>> control flow containing some synchronized blocks. It is difficult to
>> identify the exact problem without seeing the class file itself, but you
>> are basically seeing the same problem with both Jad and Dava. Jad handles
>> problems by just spitting out the class-level bytecode instructions if it
>> cannot figure out how to translate them to java source. This is why you
>> get the line "JVM INSTR monitorexit ;" for example.
>>
>> Dava is just slightly more clear on the problem, by failing with an
>> exception. It is telling you exactly what the problem is: "Could not
>> verify approximated Synchronized body".
>>
>> While the class may be "correct" bytecode and even verifiable, this does
>> not guarantee that automatic tools such as Dava or Jad can necessarily
>> decompile them. This is especially a problem for bytecode generated by
>> third-party tools such as bytecode instrumenters or other frameworks that
>> compile their own code with a non-standard compiler.
>>
>> I suspect, too, that this code might have been semi-obfuscated, given the
>> program method and variable names. The entire point of obfuscating is to
>> complicate decompilation attempts and this might be exactly what is
>> happening here.
>>
>> Michael Batchelder
>>
>> >
>> >
>> >
>> > private void a(BFContext bfcontext) {
>> > label0:
>> > {
>> > synchronized(y) {
>> > if(bfcontext.d < 0 || bfcontext.d >= z.size() || a(bfcontext.d) !=
>> > bfcontext) break label0; }
>> > return; }
>> > if(ab == null) {
>> > bfcontext.d = z.size(); z.addElement(bfcontext); } else
>> > {
>> > bfcontext.d = ab.intValue(); ab = (Integer)z.elementAt(ab.intValue());
>> > z.setElementAt(bfcontext, bfcontext.d); }
>> > if(a()) b(bfcontext.d, "+++"); abyte0; JVM INSTR monitorexit ;
>> > goto _L1 exception; throw exception; _L1:
>> > }
>> >
>> >
>> >
>> >
>> >
> -------------------------------------------------------------------------
>> > ---
>> >
> --------------------------------------------------------------------------
>> > --
>> > ----------------------------------
>> >
>> >
>> >
>> >
>> > C:\workspace-test\test-soot-bf>java -Xmx400m -classpath
>> > sootclasses-2.2.4.jar;polyglot.jar;C:\workspace-test\test-soot-b
>> >
> f\classes;C:\jdk_5\jre\lib\rt.jar;C:\jdk_5\jre\lib\jsse.jar;C:\jdk_5\jre\l
>> > ib \jce.jar;C:\jdk_5\jre\lib\charsets.jar;C:\jd
>> >
> k_5\jre\lib\ext\dnsns.jar;C:\jdk_5\jre\lib\ext\localedata.jar;C:\jdk_5\jre
>> > \l
>> > ib\ext\sunjce_provider.jar;C:\jdk_5\jre\lib\
>> > ext\sunmscapi.jar;C:\jdk_5\jre\lib\ext\sunpkcs11.jar soot.Main --cp
>> > sootclasses-2.2.4.jar;polyglot.jar;C:\workspace-test
>> >
> \test-soot-bf\classes;C:\jdk_5\jre\lib\rt.jar;C:\jdk_5\jre\lib\jsse.jar;C:
>> > \j
>> > dk_5\jre\lib\jce.jar;C:\jdk_5\jre\lib\charse
>> >
> ts.jar;C:\jdk_5\jre\lib\ext\dnsns.jar;C:\jdk_5\jre\lib\ext\localedata.jar;
>> > C:
>> > \jdk_5\jre\lib\ext\sunjce_provider.jar;C:\jd
>> > k_5\jre\lib\ext\sunmscapi.jar;C:\jdk_5\jre\lib\ext\sunpkcs11.jar
>> > --process-dir C:\workspace-test\test-soot-bf\classes -d
>> > C:\workspace-test\test-soot-bf\sootOutput\ -f dava
>> > Soot started on Tue Jun 19 10:19:28 EDT 2007
>> > Verifying exception handling.. Warning: using incomplete callgraph
>> > containing only application classes. [Call Graph] For information on
> where
>> > the call graph may be incomplete, use the verbose option to the cg
> phase.
>> .
>> >
>> >
>> > Decompiling com.bridge.feed.server.BFContext...
>> > Decompiling com.bridge.feed.server.BFContextAdmin...
>> > Decompiling com.bridge.feed.server.BFContextLogin...
>> > Decompiling com.bridge.feed.server.BFContextStartup...
>> > Decompiling com.bridge.feed.server.BFCrypt...
>> > Decompiling com.bridge.feed.server.BFDriver...
>> > Exception in thread "main" java.lang.RuntimeException: Could not verify
>> > approximated Synchronized body at
>> >
> soot.dava.toolkits.base.finders.SynchronizedBlockFinder.find(Synchronized
>> > Blo
>> > ckFinder.java:163)
>> > at soot.dava.DavaBody.<init>(DavaBody.java:331) at
>> > soot.dava.Dava.newBody(Dava.java:84)
>> > at soot.PackManager.runBodyPacks(PackManager.java:807) at
>> > soot.PackManager.runBodyPacks(PackManager.java:451)
>> > at soot.PackManager.runBodyPacks(PackManager.java:370) at
>> > soot.PackManager.runPacks(PackManager.java:347)
>> > at soot.Main.run(Main.java:203) at soot.Main.main(Main.java:146)
>> >
>> > Sébastien Dionne ing. jr.
>> > Financière Banque Nationale
>> > Analyste programmeur Senior
>> > tel : 514-879-3107 courriel : sebastien.dionne at fbn.ca
>> >
>> >
>> >
>> > **************************************************
>> > AVIS DE NON-RESPONSABILITE: Ce document transmis par courrier
> electronique
>> > est destine uniquement a la personne ou a l'entite a qui il est adresse
>> > et peut contenir des renseignements confidentiels et assujettis au
> secret
>> > professionnel. La confidentialite et le secret professionnel demeurent
>> > malgre l'envoi de ce document a la mauvaise adresse electronique. Si
> vous
>> > n'etes pas le destinataire vise ou la personne chargee de remettre ce
>> > document a son destinataire, veuillez nous en informer sans delai et
>> > detruire ce document ainsi que toute copie qui en aurait ete faite.
> Toute
>> > distribution, reproduction ou autre utilisation de ce document est
>> > strictement interdite. De plus, le Groupe Financiere Banque Nationale et
>> > ses filiales ne peuvent pas etre tenus responsables des dommages pouvant
>> > etre causes par des virus ou des erreurs de transmission.
>> >
>> > DISCLAIMER: This documentation transmitted by electronic mail is
> intended
>> > for the use of the individual to whom or the entity to which it is
>> > addressed and may contain information which is confidential and
>> > privileged. Confidentiality and privilege are not lost by this
>> > documentation having been sent to the wrong electronic mail address. If
>> > you are not the intended recipient or the person responsible for
>> > delivering it to the intended recipient please notify the sender
>> > immediately and destroy this document as well as any copies of it. Any
>> > distribution, reproduction or other use of this document is strictly
>> > prohibited. National Bank Financial Group and its affiliates cannot be
>> > held liable for any damage that may be caused by viruses or transmission
>> > errors. **************************************************
>> >
>> >
>> > _______________________________________________
>> > Soot-list mailing list
>> > Soot-list at sable.mcgill.ca
>> > http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>> >
>> >
>>
>>
>>
>> **************************************************
>> AVIS DE NON-RESPONSABILITE: Ce document transmis par courrier electronique
> est destine uniquement a la personne ou a l'entite a qui il est adresse et
> peut contenir des renseignements confidentiels et assujettis au secret
> professionnel. La confidentialite et le secret professionnel demeurent
> malgre l'envoi de ce document a la mauvaise adresse electronique. Si vous
> n'etes pas le destinataire vise ou la personne chargee de remettre ce
> document a son destinataire, veuillez nous en informer sans delai et
> detruire ce document ainsi que toute copie qui en aurait ete faite. Toute
> distribution, reproduction ou autre utilisation de ce document est
> strictement interdite. De plus, le Groupe Financiere Banque Nationale et ses
> filiales ne peuvent pas etre tenus responsables des dommages pouvant etre
> causes par des virus ou des erreurs de transmission.
>>
>> DISCLAIMER: This documentation transmitted by electronic mail is intended
> for the use of the individual to whom or the entity to which it is addressed
> and may contain information which is confidential and privileged.
> Confidentiality and privilege are not lost by this documentation having been
> sent to the wrong electronic mail address. If you are not the intended
> recipient or the person responsible for delivering it to the intended
> recipient please notify the sender immediately and destroy this document as
> well as any copies of it. Any distribution, reproduction or other use of
> this document is strictly prohibited. National Bank Financial Group and its
> affiliates cannot be held liable for any damage that may be caused by
> viruses or transmission errors.
>> **************************************************
>>
>>
>> _______________________________________________
>> Soot-list mailing list
>> Soot-list at sable.mcgill.ca
>> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>>
>
>
> --
> Eric Bodden
> Sable Research Group
> McGill University, Montréal, Canada
>
> **************************************************
> AVIS DE NON-RESPONSABILITE: Ce document transmis par courrier
> electronique est destine uniquement a la personne ou a l'entite a qui
> il est adresse et peut contenir des renseignements confidentiels et
> assujettis au secret professionnel. La confidentialite et le secret
> professionnel demeurent malgre l'envoi de ce document a la mauvaise
> adresse electronique. Si vous n'etes pas le destinataire vise ou la
> personne chargee de remettre ce document a son destinataire, veuillez
> nous en informer sans delai et detruire ce document ainsi que toute
> copie qui en aurait ete faite. Toute distribution, reproduction ou
> autre utilisation de ce document est strictement interdite. De plus,
> le Groupe Financiere Banque Nationale et ses filiales ne peuvent pas
> etre tenus responsables des dommages pouvant etre causes par des
> virus ou des erreurs de transmission.
>
> DISCLAIMER: This documentation transmitted by electronic mail is
> intended for the use of the individual to whom or the entity to which
> it is addressed and may contain information which is confidential and
> privileged. Confidentiality and privilege are not lost by this
> documentation having been sent to the wrong electronic mail address.
> If you are not the intended recipient or the person responsible for
> delivering it to the intended recipient please notify the sender
> immediately and destroy this document as well as any copies of it.
> Any distribution, reproduction or other use of this document is
> strictly prohibited. National Bank Financial Group and its affiliates
> cannot be held liable for any damage that may be caused by viruses or
> transmission errors.
> **************************************************
>
>
>
>
> ------------------------------
>
> Message: 2
> Date: Tue, 19 Jun 2007 15:50:58 -0400 (EDT)
> From: mbatch at cs.mcgill.ca
> Subject: RE: [Soot-list] dava Error : Could not verify approximated
> Synch ronized body
> To: "Dionne, Sebastien" <Sebastien.Dionne at fbn.ca>
> Cc: soot-list at sable.mcgill.ca
> Message-ID:
> <64122.209.113.245.98.1182282658.squirrel at mail.cs.mcgill.ca>
> Content-Type: text/plain;charset=iso-8859-1
>
>> How should I interpret the code from jimple ? (an exemple below)
>
> Dionne,
>
> Eric is correct. In this instance, it is simply a problem of the program
> loading an object onto the stack ($r4), storing it to a real register
> position (r2) but then locking (synchronizing) that object using its $r4
> reference (Jimple uses the $ symbol to demark stack position variables).
> The other end of the problem is that the program tries to unlock
> (unsynchronize) the object through reference r2. The result being that
> static analysis like Jad or Dava won't be able to ensure proper
> synchronization blocks if it can't tell that the references are the same.
> As Eric stated, use of Copy-prop or Must-alias should work out fine for
> this problem.
>
> Good Luck,
>
> Michael Batchelder
>
>> -------------- JIMPLE ----------------
>> private void a(com.bridge.feed.server.BFContext) {
>> com.bridge.feed.server.BFDriver r0; com.bridge.feed.server.BFContext r1,
>> $r6;
>> byte[] r2, $r4; java.lang.Throwable r3, $r16; int $i0, $i1, $i2, $i3, $i4,
>> $i5, $i6, $i7, $i8;
>> java.util.Vector $r5, $r8, $r9, $r11, $r15; java.lang.Integer $r7, $r10,
>> $r12, $r14;
>> java.lang.Object $r13; boolean $z0;
>>
>> r0 := @this: com.bridge.feed.server.BFDriver; r1 := @parameter0:
>> com.bridge.feed.server.BFContext; $r4 =
>> r0.<com.bridge.feed.server.BFDriver: byte[] y>;
>> r2 = $r4; entermonitor $r4;
>>
>> label0:
>> $i0 = r1.<com.bridge.feed.server.BFContext: int d>;
>> if $i0 < 0 goto label2;
>>
>> $i1 = r1.<com.bridge.feed.server.BFContext: int d>;
>> $r5 = r0.<com.bridge.feed.server.BFDriver: java.util.Vector z>;
>> $i2 = virtualinvoke $r5.<java.util.Vector: int size()>();
>> if $i1 >= $i2 goto label2;
>>
>> $i3 = r1.<com.bridge.feed.server.BFContext: int d>;
>> $r6 = virtualinvoke r0.<com.bridge.feed.server.BFDriver:
>> com.bridge.feed.server.BFContext a(int)>($i3); if $r6 != r1 goto label2;
>>
>> exitmonitor r2;
>>
>> label1:
>> return;
>>
>> label2:
>> $r7 = r0.<com.bridge.feed.server.BFDriver: java.lang.Integer ab>;
>> if $r7 != null goto label3;
>>
>> $r8 = r0.<com.bridge.feed.server.BFDriver: java.util.Vector z>;
>> $i4 = virtualinvoke $r8.<java.util.Vector: int size()>();
>> r1.<com.bridge.feed.server.BFContext: int d> = $i4;
>> $r9 = r0.<com.bridge.feed.server.BFDriver: java.util.Vector z>;
>> virtualinvoke $r9.<java.util.Vector: void
>> addElement(java.lang.Object)>(r1); goto label4;
>>
>> label3:
>> $r10 = r0.<com.bridge.feed.server.BFDriver: java.lang.Integer ab>;
>> $i5 = virtualinvoke $r10.<java.lang.Integer: int intValue()>();
>> r1.<com.bridge.feed.server.BFContext: int d> = $i5;
>> $r11 = r0.<com.bridge.feed.server.BFDriver: java.util.Vector z>;
>> $r12 = r0.<com.bridge.feed.server.BFDriver: java.lang.Integer ab>;
>> $i6 = virtualinvoke $r12.<java.lang.Integer: int intValue()>();
>> $r13 = virtualinvoke $r11.<java.util.Vector: java.lang.Object
>> elementAt(int)>($i6); $r14 = (java.lang.Integer) $r13;
>> r0.<com.bridge.feed.server.BFDriver: java.lang.Integer ab> = $r14;
>> $r15 = r0.<com.bridge.feed.server.BFDriver: java.util.Vector z>;
>> $i7 = r1.<com.bridge.feed.server.BFContext: int d>;
>> virtualinvoke $r15.<java.util.Vector: void
>> setElementAt(java.lang.Object,int)>(r1, $i7);
>>
>> label4:
>> $z0 = virtualinvoke r0.<com.bridge.feed.server.BFDriver: boolean
>> a()>(); if $z0 == 0 goto label5;
>>
>> $i8 = r1.<com.bridge.feed.server.BFContext: int d>;
>> specialinvoke r0.<com.bridge.feed.server.BFDriver: void
>> b(int,java.lang.String)>($i8, "+++");
>>
>> label5:
>> exitmonitor r2;
>>
>> label6:
>> goto label10;
>>
>> label7:
>> $r16 := @caughtexception;
>>
>>
>> label8:
>> r3 = $r16; exitmonitor r2;
>>
>> label9:
>> throw r3;
>>
>> label10:
>> return;
>>
>> catch java.lang.Throwable from label0 to label1 with label7; catch
>> java.lang.Throwable from label2 to label6 with label7; catch
>> java.lang.Throwable from label8 to label9 with label7; }
>>
>>
>>
>>
>>
>>
>>
>>
>> Sébastien Dionne ing. jr.
>> Financière Banque Nationale
>> Analyste programmeur Senior
>> tel : 514-879-3107 courriel : sebastien.dionne at fbn.ca
>>
>> -----Original Message-----
>> From: eric.bodden at googlemail.com [mailto:eric.bodden at googlemail.com] On
>> Behalf Of Eric Bodden
>> Sent: 2007/06/19 13:37
>> To: Dionne, Sebastien
>> Cc: mbatch at cs.mcgill.ca; soot-list at sable.mcgill.ca
>> Subject: Re: [Soot-list] dava Error : Could not verify approximated Synch
>> ronized body
>>
>> Michael, I think in this particular case, this here is the problem:
>>
>>
>>
>> r2 = $r4; entermonitor $r4; exitmonitor r2;
>>
>>
>> We need to use must-alias analysis in order to tell that $r4 and r2
>> are the same. (Or alternatively, a copy-propagation. I think if we add
>> must-alias, we should eb able to handle this gracefully.
>>
>> @Dionne: I think if that's all you want to do it might be enoough to
>> look at the Jimple output, actually. I find it reasonable easy to read for
>> such purposes.
>>
>> Eric
>>
>>
>> On 19/06/07, Dionne, Sebastien <Sebastien.Dionne at fbn.ca> wrote:
>>
>>>
>>> thanks.
>>>
>>> I know that Jad don't decompile perfectly and it's even harder maybe
>>> impossible to correctly decompile an offuscated class. but in the case
>> it's
>>> not offuscated.
>>>
>>> I just receive a new version of an API and I wanted to know what were
>>> the differences in the code. I have to know if I can deploy this new
>> librairies
>>> in production without refactoring all our gateways.
>>>
>>> There were concurrency problems in the last API. Most of the changes
>>> are synchronized block that been added. I saw them in few classes.
>>>
>>>
>>> Sébastien Dionne ing. jr.
>>> Financière Banque Nationale
>>> Analyste programmeur Senior
>>> tel : 514-879-3107 courriel : sebastien.dionne at fbn.ca
>>>
>>> -----Original Message-----
>>> From: mbatch at cs.mcgill.ca [mailto:mbatch at cs.mcgill.ca]
>>> Sent: 2007/06/19 12:46
>>> To: Dionne, Sebastien
>>> Cc: 'soot-list at sable.mcgill.ca'
>>> Subject: Re: [Soot-list] dava Error : Could not verify approximated
>>> Synchronized body
>>>
>>>
>>> On Tue, June 19, 2007 10:33 am, Dionne, Sebastien wrote:
>>>
>>>> I'm trying to decompile a class but I got an error. There is a way
>>>> to fix it ?
>>>>
>>>> I try with JAD and I obtain this (if that could help)
>>>>
>>>
>>> Dionne,
>>>
>>>
>>> It appears as though the class you are decompiling has some complicated
>>> control flow containing some synchronized blocks. It is difficult to
>>> identify the exact problem without seeing the class file itself, but
>>> you are basically seeing the same problem with both Jad and Dava. Jad
>>> handles problems by just spitting out the class-level bytecode
>>> instructions if it cannot figure out how to translate them to java
>>> source. This is why you get the line "JVM INSTR monitorexit ;" for
>>> example.
>>>
>>> Dava is just slightly more clear on the problem, by failing with an
>>> exception. It is telling you exactly what the problem is: "Could not
>>> verify approximated Synchronized body".
>>>
>>> While the class may be "correct" bytecode and even verifiable, this
>>> does not guarantee that automatic tools such as Dava or Jad can
>>> necessarily decompile them. This is especially a problem for bytecode
>>> generated by third-party tools such as bytecode instrumenters or other
>>> frameworks that compile their own code with a non-standard compiler.
>>>
>>> I suspect, too, that this code might have been semi-obfuscated, given
>>> the program method and variable names. The entire point of obfuscating
>>> is to complicate decompilation attempts and this might be exactly what
>>> is happening here.
>>>
>>> Michael Batchelder
>>>
>>>
>>>>
>>>>
>>>>
>>>> private void a(BFContext bfcontext) { label0:
>>>> {
>>>> synchronized(y) { if(bfcontext.d < 0 || bfcontext.d >= z.size() ||
>>>> a(bfcontext.d) != bfcontext) break label0; } return; } if(ab == null) {
>>>> bfcontext.d = z.size(); z.addElement(bfcontext); } else {
>>>> bfcontext.d = ab.intValue(); ab = (Integer)z.elementAt(ab.intValue());
>>>> z.setElementAt(bfcontext, bfcontext.d); } if(a()) b(bfcontext.d,
>>>> "+++"); abyte0; JVM INSTR monitorexit ;
>>>> goto _L1 exception; throw exception; _L1: }
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>> -------------------------------------------------------------------------
>>
>>>> ---
>>>>
>>>>
>> -------------------------------------------------------------------------
>> -
>>
>>>> --
>>>> ----------------------------------
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> C:\workspace-test\test-soot-bf>java -Xmx400m -classpath
>>>> sootclasses-2.2.4.jar;polyglot.jar;C:\workspace-test\test-soot-b
>>>>
>>>>
>> f\classes;C:\jdk_5\jre\lib\rt.jar;C:\jdk_5\jre\lib\jsse.jar;C:\jdk_5\jre\
>> l
>>>> ib \jce.jar;C:\jdk_5\jre\lib\charsets.jar;C:\jd
>>>>
>> k_5\jre\lib\ext\dnsns.jar;C:\jdk_5\jre\lib\ext\localedata.jar;C:\jdk_5\jr
>> e
>>>> \l
>>>> ib\ext\sunjce_provider.jar;C:\jdk_5\jre\lib\
>>>> ext\sunmscapi.jar;C:\jdk_5\jre\lib\ext\sunpkcs11.jar soot.Main --cp
>>>> sootclasses-2.2.4.jar;polyglot.jar;C:\workspace-test
>>>>
>>>>
>> \test-soot-bf\classes;C:\jdk_5\jre\lib\rt.jar;C:\jdk_5\jre\lib\jsse.jar;C
>> :
>>
>>>> \j
>>>> dk_5\jre\lib\jce.jar;C:\jdk_5\jre\lib\charse
>>>>
>>>>
>> ts.jar;C:\jdk_5\jre\lib\ext\dnsns.jar;C:\jdk_5\jre\lib\ext\localedata.jar
>> ;
>>
>>>> C:
>>>> \jdk_5\jre\lib\ext\sunjce_provider.jar;C:\jd
>>>> k_5\jre\lib\ext\sunmscapi.jar;C:\jdk_5\jre\lib\ext\sunpkcs11.jar
>>>> --process-dir C:\workspace-test\test-soot-bf\classes -d
>>>> C:\workspace-test\test-soot-bf\sootOutput\ -f dava
>>>> Soot started on Tue Jun 19 10:19:28 EDT 2007
>>>> Verifying exception handling.. Warning: using incomplete callgraph
>>>> containing only application classes. [Call Graph] For information on
>> where
>>>> the call graph may be incomplete, use the verbose option to the cg
>> phase.
>>> .
>>>
>>>>
>>>>
>>>> Decompiling com.bridge.feed.server.BFContext...
>>>> Decompiling com.bridge.feed.server.BFContextAdmin...
>>>> Decompiling com.bridge.feed.server.BFContextLogin...
>>>> Decompiling com.bridge.feed.server.BFContextStartup...
>>>> Decompiling com.bridge.feed.server.BFCrypt...
>>>> Decompiling com.bridge.feed.server.BFDriver...
>>>> Exception in thread "main" java.lang.RuntimeException: Could not
>>>> verify approximated Synchronized body at
>>>>
>> soot.dava.toolkits.base.finders.SynchronizedBlockFinder.find(Synchronized
>>
>>>> Blo
>>>> ckFinder.java:163)
>>>> at soot.dava.DavaBody.<init>(DavaBody.java:331) at
>>>> soot.dava.Dava.newBody(Dava.java:84)
>>>> at soot.PackManager.runBodyPacks(PackManager.java:807) at
>>>> soot.PackManager.runBodyPacks(PackManager.java:451)
>>>> at soot.PackManager.runBodyPacks(PackManager.java:370) at
>>>> soot.PackManager.runPacks(PackManager.java:347)
>>>> at soot.Main.run(Main.java:203) at soot.Main.main(Main.java:146)
>>>>
>>>> Sébastien Dionne ing. jr.
>>>> Financière Banque Nationale
>>>> Analyste programmeur Senior
>>>> tel : 514-879-3107 courriel : sebastien.dionne at fbn.ca
>>>>
>>>>
>>>>
>>>> **************************************************
>>>> AVIS DE NON-RESPONSABILITE: Ce document transmis par courrier
>>>>
>> electronique
>>>> est destine uniquement a la personne ou a l'entite a qui il est
>>>> adresse et peut contenir des renseignements confidentiels et
>>>> assujettis au
>> secret
>>>> professionnel. La confidentialite et le secret professionnel
>>>> demeurent malgre l'envoi de ce document a la mauvaise adresse
>>>> electronique. Si
>> vous
>>>> n'etes pas le destinataire vise ou la personne chargee de remettre ce
>>>> document a son destinataire, veuillez nous en informer sans delai et
>>>> detruire ce document ainsi que toute copie qui en aurait ete faite.
>> Toute
>>
>>>> distribution, reproduction ou autre utilisation de ce document est
>>>> strictement interdite. De plus, le Groupe Financiere Banque Nationale
>>>> et ses filiales ne peuvent pas etre tenus responsables des dommages
>>>> pouvant etre causes par des virus ou des erreurs de transmission.
>>>>
>>>> DISCLAIMER: This documentation transmitted by electronic mail is
>>>>
>> intended
>>>> for the use of the individual to whom or the entity to which it is
>>>> addressed and may contain information which is confidential and
>>>> privileged. Confidentiality and privilege are not lost by this
>>>> documentation having been sent to the wrong electronic mail address.
>>>> If
>>>> you are not the intended recipient or the person responsible for
>>>> delivering it to the intended recipient please notify the sender
>>>> immediately and destroy this document as well as any copies of it.
>>>> Any
>>>> distribution, reproduction or other use of this document is strictly
>>>> prohibited. National Bank Financial Group and its affiliates cannot
>>>> be held liable for any damage that may be caused by viruses or
>>>> transmission errors.
>>>> **************************************************
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Soot-list mailing list
>>>> Soot-list at sable.mcgill.ca
>>>> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>> **************************************************
>>> AVIS DE NON-RESPONSABILITE: Ce document transmis par courrier
>>> electronique
>> est destine uniquement a la personne ou a l'entite a qui il est adresse
>> et peut contenir des renseignements confidentiels et assujettis au secret
>> professionnel. La confidentialite et le secret professionnel demeurent
>> malgre l'envoi de ce document a la mauvaise adresse electronique. Si vous
>> n'etes pas le destinataire vise ou la personne chargee de remettre ce
>> document a son destinataire, veuillez nous en informer sans delai et
>> detruire ce document ainsi que toute copie qui en aurait ete faite. Toute
>> distribution, reproduction ou autre utilisation de ce document est
>> strictement interdite. De plus, le Groupe Financiere Banque Nationale et
>> ses filiales ne peuvent pas etre tenus responsables des dommages pouvant
>> etre causes par des virus ou des erreurs de transmission.
>>>
>>> DISCLAIMER: This documentation transmitted by electronic mail is
>>> intended
>> for the use of the individual to whom or the entity to which it is
>> addressed and may contain information which is confidential and
>> privileged. Confidentiality and privilege are not lost by this
>> documentation having been sent to the wrong electronic mail address. If
>> you are not the intended recipient or the person responsible for
>> delivering it to the intended recipient please notify the sender
>> immediately and destroy this document as well as any copies of it. Any
>> distribution, reproduction or other use of this document is strictly
>> prohibited. National Bank Financial Group and its affiliates cannot be
>> held liable for any damage that may be caused by viruses or transmission
>> errors.
>>> **************************************************
>>>
>>>
>>>
>>> _______________________________________________
>>> Soot-list mailing list
>>> Soot-list at sable.mcgill.ca
>>> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>>>
>>>
>>
>>
>> --
>> Eric Bodden
>> Sable Research Group
>> McGill University, Montréal, Canada
>>
>>
>> **************************************************
>> AVIS DE NON-RESPONSABILITE: Ce document transmis par courrier electronique
>> est destine uniquement a la personne ou a l'entite a qui il est adresse
>> et peut contenir des renseignements confidentiels et assujettis au secret
>> professionnel. La confidentialite et le secret professionnel demeurent
>> malgre l'envoi de ce document a la mauvaise adresse electronique. Si vous
>> n'etes pas le destinataire vise ou la personne chargee de remettre ce
>> document a son destinataire, veuillez nous en informer sans delai et
>> detruire ce document ainsi que toute copie qui en aurait ete faite. Toute
>> distribution, reproduction ou autre utilisation de ce document est
>> strictement interdite. De plus, le Groupe Financiere Banque Nationale et
>> ses filiales ne peuvent pas etre tenus responsables des dommages pouvant
>> etre causes par des virus ou des erreurs de transmission.
>>
>> DISCLAIMER: This documentation transmitted by electronic mail is intended
>> for the use of the individual to whom or the entity to which it is
>> addressed and may contain information which is confidential and
>> privileged. Confidentiality and privilege are not lost by this
>> documentation having been sent to the wrong electronic mail address. If
>> you are not the intended recipient or the person responsible for
>> delivering it to the intended recipient please notify the sender
>> immediately and destroy this document as well as any copies of it. Any
>> distribution, reproduction or other use of this document is strictly
>> prohibited. National Bank Financial Group and its affiliates cannot be
>> held liable for any damage that may be caused by viruses or transmission
>> errors. **************************************************
>>
>>
>>
>>
>
>
>
>
> ------------------------------
>
> _______________________________________________
> Soot-list mailing list
> Soot-list at sable.mcgill.ca
> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>
>
> End of Soot-list Digest, Vol 26, Issue 13
> *****************************************
>
More information about the Soot-list
mailing list