[Soot-list] Error in Android validation/custom validation?

Tue Feb 11 17:17:52 EST 2014

Hi Julian,

the ExceptionalUnitGraph assumes that the exception may occur at a statement
s, so the successor of s’ predecessor p is not s, but the exception handler.
This is a good idea in general, but for Dalvik it does not really capture
the semantics of the VM. This issue is definitely nothing that can be fixed
in a minute – otherwise I would have done it instead of opening a bug report
^^ I hope that I will find the time to have a deeper look into this at some
point.

Best regards,

  Steven

From: soot-list-bounces at sable.mcgill.ca
[mailto:soot-list-bounces at sable.mcgill.ca] On Behalf Of Julian Schütte
Sent: Dienstag, 11. Februar 2014 21:23
To: Steven Arzt; 'Soot list'
Subject: Re: [Soot-list] Error in Android validation/custom validation?

Hi Steven,

true, this is the same issue.
Referring to the bug report, I don't see the reason why ExceptionalUnitGraph
adds edges from the predecessor of a statment which might throw an implicit
exceptions to the handler, even if the respective statement is outside of
the monitor.

Anyway, it's easy to work around this thing.

Best,
Julian

On 11.02.2014 18:16, Steven Arzt wrote:
> Hi Julian,

      >

      > this seems to be another instance of a known issue:

      > https://github.com/Sable/soot/issues/109

      >

      > The only workaround at the moment is to comment out the

      "checkInit" method

      > in the "Body" class or to disable Jimple validation

      altogether. The issue as

      > such is definitely not trivial, but we will have to look into

      it at some

      > point.

      >

      > Best regards,

      >   Steven

      >

      > -----Ursprüngliche Nachricht-----

      > Von: soot-list-bounces at sable.mcgill.ca

      > [mailto:soot-list-bounces at sable.mcgill.ca] Im Auftrag von

      Julian Schütte

      > Gesendet: Dienstag, 11. Februar 2014 17:16

      > An: Soot list

      > Betreff: [Soot-list] Error in Android validation/custom

      validation?

      >

      > Hello all,

      >

      > when parsing an (slightly obfuscated) Android app, I bumped

      into the

      > following Exception if Options.v().set_validate(true) is set.

      My impression

      > is that there is a bug in soot.toolkits.scalar.InitAnalysis,

      > but I might be wrong here. If this is the expected behavior,

      is there any

     > way to register a custom validation?

      >

      > Exception in thread "main" java.lang.RuntimeException:

      Warning: Local

      > variable $r3 not definitely defined at exitmonitor $r3 in

      > <org.example.myapp.c: void a(org.example.myapp.b)>

      >     at soot.Body.checkInit(Body.java:787)

      >     at soot.Body.validate(Body.java:237)

      >     at soot.jimple.JimpleBody.validate(JimpleBody.java:72)

      >     at soot.PackManager.runBodyPacks(PackManager.java:900)

      >     at soot.PackManager.runBodyPacks(PackManager.java:584)

      >     at soot.PackManager.runBodyPacks(PackManager.java:487)

      >     at

      soot.PackManager.runPacksNormally(PackManager.java:464)

      >     at soot.PackManager.runPacks(PackManager.java:388)

      >     at de.linkality.test.Main.main(Main.java:105)

      >

      >

      > The following Jimple code is responsible for the Exception.

      It passes the

      > Dex verifier and executes nicely, but fails Soot's

      validation.

      >

      > public void a(org.example.myapp.b)

      >     {

      >         org.example.myapp.c $r0;

      >         org.example.myapp.b $r1;

      >         java.util.ArrayList $r2;

      >         java.lang.Object $r3;

      >         boolean $z0;

      >         java.lang.Throwable $r4;

      >         java.util.List $r5;

      >

      >         $r0 := @this: org.example.myapp.c;

      >         $r1 := @parameter0: org.example.myapp.b;

      >         $r2 = $r0.<org.example.myapp.c:

      java.util.ArrayList h>;

      >         if $r2 == null goto label5;

      >

      >         $r3 = $r0.<org.example.myapp.c: java.lang.Object

      b>;

      >         entermonitor $r3;

      >

      >      label0:

      >         $r2 = $r0.<org.example.myapp.c:

      java.util.ArrayList h>;

      >         virtualinvoke $r2.<java.util.ArrayList: boolean

      > add(java.lang.Object)>($r1);

      >         $z0 = $r0.<org.example.myapp.c: boolean f>;

      >         if $z0 == 0 goto label1;

      >

      >         virtualinvoke $r0.<org.example.myapp.c: void

      > notifyDataSetChanged()>();

      >

      >      label1:

      >         exitmonitor $r3;    // <-- NO PROBLEM HERE

      >

      >      label2:

      >         return;

      >

      >      label3:

      >         $r4 := @caughtexception;

      >         exitmonitor $r3;    // <-- ************ EXCEPTION

      OCCURS HERE.

      > InitAnalysis.getFlowBefore() is {$r0, $r1, $r2} ********

      >

      >      label4:

      >         throw $r4;

      >

      >      label5:

      >         $r5 = $r0.<org.example.myapp.c: java.util.List

      a>;

      >         interfaceinvoke $r5.<java.util.List: boolean

      > add(java.lang.Object)>($r1);

      >         $z0 = $r0.<org.example.myapp.c: boolean f>;

      >         if $z0 == 0 goto label2;

      >

      >         virtualinvoke $r0.<org.example.myapp.c: void

      > notifyDataSetChanged()>();

      >         goto label2;

      >

      >         catch java.lang.Throwable from label0 to label4 with

      label3;

      >     }

      >

      >

      > Best regards,

      > Julian

      >

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.cs.mcgill.ca/pipermail/soot-list/attachments/20140211/f674e408/attachment-0001.html 