[Soot-list] Class Hierarchy Analysis causes NullPointerException

Ondrej Lhotak olhotak at uwaterloo.ca
Fri Dec 18 08:48:51 EST 2009 

Hi Eric...

When start() is invoked on a thread, a new thread is created and run()
is called implicitly on the newly-created thread. Thus the THREAD edge
is necessary to model the implicit call to run(). In this case, the
problem seems to be that start() is being called using a special invoke,
whereas the implicit call to run() is then (presumably) being done as 
a virtual call. However, because the call to start() is a special
invoke, Soot tries to also resolve the call to run() as a special
invoke, which fails. The fix is to always handle the THREAD edge
as a virtual call, even if the original start() call is special.
So, the following if statement in addType:
    if( site.iie() instanceof SpecialInvokeExpr ) {
should be changed to:
    if( site.iie() instanceof SpecialInvokeExpr && site.kind != Kind.THREAD ) {
Can you try this to see if it fixes the problem?

Ondrej

On Fri, Dec 18, 2009 at 09:53:37AM +0100, Eric Bodden wrote:
> Ok, I got quite far with this. Maybe Ondrej or so can go the rest of the way...
> 
> This configuration causes some odd things to happen inside
> soot.jimple.toolkits.callgraph.OnFlyCallGraphBuilder.addType(Local,
> Context, Type, Context):
> 
> For the receiver r0, receiverToSites returns two sites, one of kind
> SPECIAL and one of kind THREAD. Both are passed to
> VirtualCalls.v().resolveSpecial(..). The first one, of kind SPECIAL,
> resolves just fine: This site contains a sub-signature "subsig" of
> "void start()". This resolves to "<c2.fw.Brick: void start()>". The
> second site of kind THREAD, however, instead contains a subsig "void
> run()". This cannot be resolved, as no superclass of c2.fw.Connector
> has any run method.
> 
> So the question is: why do we see this second site? Does it need to be
> there? If it actually does, then why is it not properly resolved?
> 
> Eric
> 
> --
> Eric Bodden
> Software Technology Group, Technische Universität Darmstadt, Germany
> Tel: +49 6151 16-5478    Fax: +49 6151 16-5410
> Mailing Address: S2|02 A209, Hochschulstraße 10, 64289 Darmstadt
> 
> 
> 
> 2009/12/17 Daniel Popescu <dpopescu at usc.edu>:
> > Thanks Eric for helping out.
> >
> > Here is the requested information:
> >
> > These are the command line options that I have extracted from the
> > Eclipse console:
> > soot.Main --w --omit-excepting-unit-edges --p cg verbose:true
> > --main-class c2.apps.dradel.DradelTest --p cg.cha verbose:true --d
> > [MyWorkspaceDirectory]/c2.fw/sootOutput --cp
> > [MyWorkspaceDirectory]/c2.fw/bin:/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Classes/jce.jar:/System/Library/Java/Extensions/dns_sd.jar:/c2.fw/src:/System/Library/Java/Extensions/AppleScriptEngine.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext/sunjce_provider.jar:/System/Library/Java/Extensions/jai_codec.jar:/System/Library/Java/Extensions/mlibwrapper_jai.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext/sunpkcs11.jar:/System/Library/Java/Extensions/j3dcore.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Classes/laf.jar:/System/Library/Java/Extensions/vecmath.jar:/c2.fw/lib/plaid-annotations.jar:/System/Library/Java/Extensions/j3daudio.jar:/System/Library/Java/Extensions/QTJava.zip:/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Classes/classes.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext/localedata.jar:/System/Library/Java/Extensions/MRJToolkit.jar:/System/Library/Frameworks/JavaV
> M.framework/Versions/1.6.0/Home/lib/ext/apple_provider.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Classes/ui.jar:/System/Library/Java/Extensions/j3dutils.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Classes/jsse.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext/dnsns.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Classes/charsets.jar:/System/Library/Java/Extensions/jai_core.jar::/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Classes/classes.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Classes/ui.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Classes/laf.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Classes/jsse.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Classes/jce.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Classes/charsets.jar:/System/Library/Java/Extensions/AppleScriptEngine.jar:/System/Library/Java/Extensions/dns_sd.jar:/Syst
> em/Library/Java/Extensions/j3daudio.jar:/System/Library/Java/Extensions/j3dcore.jar:/System/Library/Java/Extensions/j3dutils.jar:/System/Library/Java/Extensions/jai_codec.jar:/System/Library/Java/Extensions/jai_core.jar:/System/Library/Java/Extensions/mlibwrapper_jai.jar:/System/Library/Java/Extensions/MRJToolkit.jar:/System/Library/Java/Extensions/QTJava.zip:/System/Library/Java/Extensions/vecmath.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext/apple_provider.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext/dnsns.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext/localedata.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext/sunjce_provider.jar:/System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext/sunpkcs11.jar:
> > --process-dir [MyWorkspaceDirectory]/c2.fw/bin --keep-line-number
> > --xml-attributes
> >
> > The Soot plugin extracted the class path and I have no idea why the
> > class path contains so many redundant entries.
> >
> > You can find the application code here:
> > http://softarch.usc.edu/~popescu/soot/c2.fw.zip
> >
> > Thanks,
> > Daniel
> >
> > On Wed, Dec 16, 2009 at 2:16 PM, Eric Bodden
> > <bodden at st.informatik.tu-darmstadt.de> wrote:
> >> Daniel can you send us a concrete example including your command line
> >> options that would allow us to reproduce this?
> >>
> >> Eric
> >>
> >> --
> >> Eric Bodden
> >> Software Technology Group, Technische Universität Darmstadt, Germany
> >> Tel: +49 6151 16-5478    Fax: +49 6151 16-5410
> >> Mailing Address: S2|02 A209, Hochschulstraße 10, 64289 Darmstadt
> >>
> >>
> >>
> >> 2009/12/11 Daniel Popescu <dpopescu at usc.edu>:
> >>> Hi all.
> >>>
> >>> I am trying to analyze some Java legacy systems using the Soot Eclipse
> >>> plugin. I have been running into some problems and I hope somebody on
> >>> the list can help me.
> >>>
> >>> I have been trying to create a call graph of my application using the
> >>> Class Hierarchy Analysis. Whenever I am analyzing the Java files of my
> >>> application, the JastAdd frontent is reporting a semantic error:
> >>> "Semantic Error: annotation is not applicable to this kind of
> >>> declaration". The Eclipse JDT parser and the JDK are able to parse
> >>> these annotations.
> >>>
> >>> Since parsing the source code did not work for me, I was trying to
> >>> analyze the bytecode of the classes. This bytecode-based analysis
> >>> caused a NullPointerException in a different file.
> >>>
> >>> java.lang.reflect.InvocationTargetException
> >>>        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >>>        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> >>>        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> >>>        at java.lang.reflect.Method.invoke(Method.java:597)
> >>>        at ca.mcgill.sable.soot.launching.SootThread.run(SootThread.java:138)
> >>> Caused by: java.lang.NullPointerException
> >>>        at soot.jimple.toolkits.callgraph.Edge.hashCode(Edge.java:109)
> >>>        at java.util.HashMap.put(HashMap.java:372)
> >>>        at java.util.HashSet.add(HashSet.java:200)
> >>>        at soot.jimple.toolkits.callgraph.CallGraph.addEdge(CallGraph.java:43)
> >>>        at soot.jimple.toolkits.callgraph.ContextInsensitiveContextManager.addVirtualEdge(ContextInsensitiveContextManager.java:39)
> >>>        at soot.jimple.toolkits.callgraph.OnFlyCallGraphBuilder.addType(OnFlyCallGraphBuilder.java:111)
> >>>        at soot.jimple.toolkits.callgraph.CallGraphBuilder.build(CallGraphBuilder.java:94)
> >>>        at soot.jimple.toolkits.callgraph.CHATransformer.internalTransform(CHATransformer.java:43)
> >>>        at soot.SceneTransformer.transform(SceneTransformer.java:39)
> >>>
> >>> How could I prevent this NullPointerException?
> >>>
> >>> I have also noticed that Soot creates the call graph from classes that
> >>> I would like to ignore (e.g. sun.net.spi.DefaultProxySelector )
> >>> although the non-application mode is selected. I would have thought
> >>> that only the files of the project and the process directory would be
> >>> analyzed. My assumption seems to be wrong. How can I set classes as
> >>> library classes in the non-application mode?
> >>>
> >>> I appreciate your help.
> >>> Daniel
> >>> _______________________________________________
> >>> Soot-list mailing list
> >>> Soot-list at sable.mcgill.ca
> >>> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
> >>>
> >>
> >
>

More information about the Soot-list mailing list