[Soot-list] Jimple TypeResolver bug

Heejong Lee heejong at gmail.com
Fri Jun 3 02:06:54 EDT 2011 

Follow-up:

The problem is that the implementation of split_new() is too naive. If
there exists
consecutive new expressions, split_new() does wrong transformation.
Maybe we should generate unique variable id for each splitting.

original code:
$stack0#5 = new java.io.BufferedReader
$stack2 = new java.io.InputStreamReader
$stack4 = new java.io.FileInputStream
specialinvoke $stack4.<java.io.FileInputStream: void
<init>(java.io.File)>(queueFile)
specialinvoke $stack2.<java.io.InputStreamReader: void
<init>(java.io.InputStream)>($stack4)
specialinvoke $stack0#5.<java.io.BufferedReader: void
<init>(java.io.Reader)>($stack2)

after 1st run (split $stack4):
$stack0#5 = new java.io.BufferedReader
$stack2 = new java.io.InputStreamReader
tmp = new java.io.FileInputStream
$stack4 = tmp
specialinvoke tmp.<java.io.FileInputStream: void
<init>(java.io.File)>(queueFile)
specialinvoke $stack2.<java.io.InputStreamReader: void
<init>(java.io.InputStream)>($stack4)
specialinvoke $stack0#5.<java.io.BufferedReader: void
<init>(java.io.Reader)>($stack2)

after 2nd run (split $stack2):
$stack0#5 = new java.io.BufferedReader
tmp = new java.io.InputStreamReader
$stack2 = tmp
tmp = new java.io.FileInputStream
$stack4 = tmp
specialinvoke tmp.<java.io.FileInputStream: void
<init>(java.io.File)>(queueFile)
specialinvoke tmp.<java.io.InputStreamReader: void
<init>(java.io.InputStream)>($stack4)
specialinvoke $stack0#5.<java.io.BufferedReader: void
<init>(java.io.Reader)>($stack2)

after 3rd run (split $stack0#5):
tmp = new java.io.BufferedReader
$stack0#5 = tmp
tmp = new java.io.InputStreamReader
$stack2 = tmp
tmp = new java.io.FileInputStream
$stack4 = tmp
specialinvoke tmp.<java.io.FileInputStream: void
<init>(java.io.File)>(queueFile)
specialinvoke tmp.<java.io.InputStreamReader: void
<init>(java.io.InputStream)>($stack4)
specialinvoke tmp.<java.io.BufferedReader: void <init>(java.io.Reader)>($stack2)

after some optimization:
tmp = new java.io.BufferedReader
tmp = new java.io.InputStreamReader
tmp = new java.io.FileInputStream
specialinvoke tmp.<java.io.FileInputStream: void
<init>(java.io.File)>(queueFile)
specialinvoke tmp.<java.io.InputStreamReader: void
<init>(java.io.InputStream)>(tmp)
specialinvoke tmp.<java.io.BufferedReader: void <init>(java.io.Reader)>(tmp)

How can I fix this? What's a proper method for replacing
"Jimple.v().newLocal("tmp",null)"? Any unique variable generating method?

Regards,

On Thu, Jun 2, 2011 at 7:18 PM, Heejong Lee <heejong at gmail.com> wrote:
> Hi, Eric.
>
> It's a part of hudson library. Source and compiled byte-codes are attached.
>
> Regards,
>
> On Thu, Jun 2, 2011 at 6:59 PM, Eric Bodden
> <bodden at st.informatik.tu-darmstadt.de> wrote:
>> Hello Heejong Lee.
>>
>> Can you show us what the Java source code for this method looks like?
>> It appears that there is a problem with multiple variables having the
>> same name.
>>
>> Eric
>>
>> On 2 June 2011 10:57, Heejong Lee <heejong at gmail.com> wrote:
>>> Hi,
>>>
>>> I've got a bug of jimple transformation like following:
>>>
>>> BufferedReader in = new BufferedReader(new InputStreamReader(new
>>> FileInputStream(queueFile)));
>>>>>>>>
>>>  181         tmp = new java.io.BufferedReader;
>>>  182         tmp = new java.io.InputStreamReader;
>>>  183         tmp = new java.io.FileInputStream;
>>>  184         specialinvoke tmp.<java.io.FileInputStream: void
>>> <init>(java.io.File)>(queueFile);
>>>  185         specialinvoke tmp.<java.io.InputStreamReader: void
>>> <init>(java.io.InputStream)>(tmp);
>>>  186         specialinvoke tmp.<java.io.BufferedReader: void
>>> <init>(java.io.Reader)>(tmp);
>>>
>>> This IL is obviously incorrect. When I replace
>>> soot.jimple.toolkits.typing.fast.TypeResolver.split_new()
>>> with an empty method, the correct output is generated:
>>>
>>>  181         $r2 = new java.io.BufferedReader;
>>>  182         $r0 = new java.io.InputStreamReader;
>>>  183         $r1 = new java.io.FileInputStream;
>>>  184         specialinvoke $r1.<java.io.FileInputStream: void
>>> <init>(java.io.File)>(queueFile);
>>>  185         specialinvoke $r0.<java.io.InputStreamReader: void
>>> <init>(java.io.InputStream)>($r1);
>>>  186         specialinvoke $r2.<java.io.BufferedReader: void
>>> <init>(java.io.Reader)>($r0);
>>>
>>> What's the purpose of split_new() ?
>>> (my executing options are "-p jb use-original-names:true
>>> -allow-phantom-refs -f jimple" and removing
>>> use-original-names option also resolves the problem.)
>>>
>>> Regards,
>>>
>>> --
>>> Heejong Lee
>>>
>>> Associate Research Engineer
>>> Program Analysis Division
>>> Fasoo.com, Inc. (www.spa-arrow.com)
>>> _______________________________________________
>>> Soot-list mailing list
>>> Soot-list at sable.mcgill.ca
>>> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>>>
>>
>>
>>
>> --
>> Dr. Eric Bodden, http://bodden.de/
>> Principal Investigator in Secure Services at CASED
>> Coordinator of the CASED Advisory Board of Study Affairs
>> PostDoc at Software Technology Group, Technische Universität Darmstadt
>> Tel: +49 6151 16-5478    Fax: +49 6151 16-5410
>> Mailing Address: S2|02 A209, Hochschulstraße 10, 64289 Darmstadt
>>
>
>
>
> --
> Heejong Lee
>
> Associate Research Engineer
> Program Analysis Division
> Fasoo.com, Inc. (www.spa-arrow.com)
>



-- 
Heejong Lee

Associate Research Engineer
Program Analysis Division
Fasoo.com, Inc. (www.spa-arrow.com)

More information about the Soot-list mailing list