[Soot-list] Possible bug with null-type locals
Eric Bodden
eric.bodden at ec-spride.de
Mon Mar 4 09:52:32 EST 2013
Thanks a lot Rohan, that's quite useful.
Unfortunately I am unable to reproduce this bug. Using the command
line arguments "-cp . -pp BugTest -f J" I am getting this input with
my version of Soot (which should correspond to the current development
branch and thus the nightly build). What command line are you using?
public class BugTest extends java.lang.Object
{
public void <init>()
{
BugTest r0;
r0 := @this: BugTest;
specialinvoke r0.<java.lang.Object: void <init>()>();
return;
}
public static void main(java.lang.String[])
{
java.lang.String[] r0;
Node r1, r2, $r3;
int i0;
r0 := @parameter0: java.lang.String[];
r1 = null;
i0 = 0;
goto label1;
label0:
$r3 = new Node;
specialinvoke $r3.<Node: void <init>()>();
r2 = $r3;
r2.<Node: Node n> = r1;
r1 = r2;
i0 = i0 + 1;
label1:
if i0 < 5 goto label0;
return;
}
}
Eric
On 4 March 2013 14:32, Rohan Padhye <rohanpadhye at cse.iitb.ac.in> wrote:
> Hi,
>
> I have come across what seems to be a bug in the nightly build.
>
> Consider a simple program constructing a linked-list of five elements:
>
> class Node
> {
> Node n;
> }
> class BugTest
> {
> public static void main(String args[])
> {
> Node x = null;
> for(int i=0; i<5; i++) {
> Node t = new Node();
> t.n = x;
> x = t;
> }
> }
> }
>
>
> For some reason Soot builds the following Jimple: (Note the Jimple for
> the line "t.n = x")
>
> public static void main(java.lang.String[])
> {
> java.lang.String[] r0;
> null_type n0;
> byte b0;
> Node r1, $r2, r3;
> int i1;
>
> r0 := @parameter0: java.lang.String[];
> n0 = null;
> b0 = 0;
>
> label0:
> if b0 >= 5 goto label1;
>
> $r2 = new Node;
> specialinvoke $r2.<Node: void <init>()>();
> r1 = $r2;
> r1.<Node: Node n> = n0; // <-----------------------
> r3 = r1;
> i1 = b0 + 1;
> goto label0;
>
> label1:
> return;
> }
>
> Notice that "t.n = x" has essentially turned to "t.n = null". This is
> not some optimization as I have acquired this dump right after
> the Jimple body creation phase. The optimized Jimple gets away with the
> loop altogether which is even stranger.
>
> Oh, and it is not because I am not using the linked list later, which
> makes it dead, or something like that.
> This behaviour is observed even in larger programs where I am actively
> using the list.
>
> This problem did not occur in the last build I used (Jan 26), but is
> occurring in the current one.
>
> Regards,
>
> Rohan
> _______________________________________________
> Soot-list mailing list
> Soot-list at sable.mcgill.ca
> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
--
Eric Bodden, Ph.D., http://sse.ec-spride.de/ http://bodden.de/
Head of Secure Software Engineering Group at EC SPRIDE
Tel: +49 6151 16-75422 Fax: +49 6151 16-72051
Room 3.2.14, Mornewegstr. 30, 64293 Darmstadt
More information about the Soot-list
mailing list