[Soot-list] Issue with trap generation in Jimple

[Eric Bodden]

Hi all.

I just found an interesting problem with the generation of traps that
requires some discussion on how to fix best.

Please consider the following code:

     label5:
        $u0 = 1;
        return $u0;

     label6:
        $u1 := @caughtexception;
        exitmonitor $u0;
        throw $u1;

        catch java.lang.Throwable from label2 to label5 with label6;

The problem here is at follows:
At the beginning, $u0 holds a reference-typed value. Hence, if "$u0 =
1;" throws an exception, it is correct to execute the exception
handler at label6 and call "exitmonitor $u0;". If the statement "$u0 =
1;" does NOT throw an exception, then the assignment succeeds and the
method returns 1.

Currently the type assignment for $u0 fails because both the handler
and the return are considered to be successors, and therefore "uses"
of $u0. But this is actually incorrect, I think. Rather, we should
generate an exceptional edge from just *before* the assignment to the
handler, and a normal successor from after the assignment to its
normal successor. That is a bit fishy also, because it assumes that
the last Jimple statement of a trap will have no effect (guaranteed!)
if an exception is thrown. I think this should always be the case, but
I am not 100% sure. In any case, I think it is the only way to
correctly type-assign the above code.

Any feedback would be appreciated.

Cheers,
Eric