[Soot-list] Problem with LocalSplitter/ThrowAnalysis

Christophe Foket christophe.foket at elis.ugent.be
Fri Jan 27 11:37:05 EST 2012 

Hi,

I've run into the following problem when using soot to analyze the 
xalan-2.6.0.jar, used by the batik benchmark in the latest DaCapo release.

Exception in thread "main" java.lang.RuntimeException: Base of array 
reference is not an array!
     at 
soot.jimple.toolkits.typing.fast.AugEvalFunction.eval_(AugEvalFunction.java:186)
     at 
soot.jimple.toolkits.typing.fast.AugEvalFunction.eval(AugEvalFunction.java:42)
     at 
soot.jimple.toolkits.typing.fast.TypeResolver.applyAssignmentConstraints(TypeResolver.java:407)
     at 
soot.jimple.toolkits.typing.fast.TypeResolver.inferTypes(TypeResolver.java:113)
     at 
soot.jimple.toolkits.typing.TypeAssigner.internalTransform(TypeAssigner.java:101)
     at soot.BodyTransformer.transform(BodyTransformer.java:51)
     at soot.Transform.apply(Transform.java:104)
     at soot.JimpleBodyPack.applyPhaseOptions(JimpleBodyPack.java:66)
     at soot.JimpleBodyPack.internalApply(JimpleBodyPack.java:89)
     at soot.Pack.apply(Pack.java:124)
     at soot.coffi.CoffiMethodSource.getBody(CoffiMethodSource.java:170)
     at soot.SootMethod.getBodyFromMethodSource(SootMethod.java:89)
     at soot.SootMethod.retrieveActiveBody(SootMethod.java:322)
     at soot.PackManager.retrieveAllBodies(PackManager.java:974)
     at soot.PackManager.runPacks(PackManager.java:338)
     at soot.Main.run(Main.java:205)
     at soot.Main.main(Main.java:144)
     at main.Main.main(Main.java:138)

The exception occurs when processing the formatDate method declared in 
class org.apache.xalan.lib.ExsltDatetime (class included). In my 
understanding this is because during local type inference for the 
formatDate method, soot tries to assign two different types to the local 
"l7". Closer inspection reveals that l7 occurs in multiple places in the 
jimple code. Depending on the occurence, it should be either of type 
String or of type String[]. It seems that the LocalSplitter class, which 
I assume was written to handle such cases has not split l7 into multiple 
locals, which causes type assignment to fail. I've included the jimple 
code of the formatDate method before and after the LocalSplitter phase, 
as formatDate-before and formatDate-after respectively. It is clear that 
even after the LocalSplitter has run, the type of l7 still cannot be 
determined uniquely.

For example, we still have the following jimple code after the 
LocalSplitter has run:

$stack0#24 = virtualinvoke $stack0#23.<java.lang.String: 
java.lang.String substring(int)>($stack1#22)
l7 = $stack0#24    // l7 should be of type String

$stack1#49 = l7    // l7 should be an array
$stack1#50 = lengthof $stack1#49

I think the cause of the problem is the following. LocalSplitter uses an 
ExceptionalUnitGraph for several analyses. However, when using soot's 
default setttings, ExceptionalUnitGraphs make use of the 
PedanticThrowAnalysis. Using this analysis, the ExceptionalUnitGraph of 
formatDate does not seem to have any exceptional control flow edges, 
even though the byte code declares exception handlers. Instead, the 
ExceptionalUnitGraph indicates that all thrown Exceptions escape the 
method. I think that because of this, the SmartLocalDefs and 
SimpleLocalUses analyses that use this ExceptionalUnitGraph are 
incorrect, resulting in some Locals not being split.

When I use the option -throw-analysis unit, the ExceptionalUnitGraph 
_does_ contains exeptional control flow edges. Furthermore, all locals 
are split correctly and the type assigner terminates successfully. I 
don't know if there is something that can be done to resolve this issue 
other than using the UnitThrowAnalysis, but I still wanted to share my 
experience with this.

Best,

Christophe
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: formatDate-after
Url: http://mailman.cs.mcgill.ca/pipermail/soot-list/attachments/20120127/cef98c2b/attachment-0002.pl 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: formatDate-before
Url: http://mailman.cs.mcgill.ca/pipermail/soot-list/attachments/20120127/cef98c2b/attachment-0003.pl 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ExsltDatetime.class
Type: application/java-vm
Size: 11572 bytes
Desc: not available
Url : http://mailman.cs.mcgill.ca/pipermail/soot-list/attachments/20120127/cef98c2b/attachment-0001.bin

More information about the Soot-list mailing list