[Soot-list] "no defs for value" exception when adding GotoStmt

Shgck shgck at pistache.land
Wed Mar 4 06:59:57 EST 2015 

Hi everyone,

I'm trying to instrument an Android application to force the exploration 
of some
conditional branches. To achieve this, my first idea was to add gotos before
conditional jumps to land just where I needed.

However, inserting a GotoStmt in the PatchingChain causes Soot to fail to
validate the program, with the message "no defs for value: $r6!", $r6 
being the
variable used just before the conditional jump and by the conditional jump
itself. Inserting NopStmt doesn't cause such problems.

The simplified code of my instrumentation is here:
   http://pastebin.com/nd2D6GDh

These are the dot graphs of this body before and after the instrumentation,
the exception is thrown during the validation just after:
   Before: http://bytes.shgck.io/tmp/temp-pre.dot
   After: http://bytes.shgck.io/tmp/temp-post.dot

The APK is available here, in case of:
   http://bytes.shgck.io/tmp/selendroid-test-app.apk

The full exception is:

   Exception in thread "main" 
(<io.selendroid.testapp.server.NanoHTTPD$HTTPSession: void 
decodeHeader(java.io.BufferedReader,java.util.Properties,java.util.Properties,java.util.Properties)>) 
no defs for value: $r6!
     at soot.validation.UsesValidator.validate(UsesValidator.java:78)
     at soot.Body.validate(Body.java:261)
     at soot.jimple.JimpleBody.validate(JimpleBody.java:112)
     at soot.jimple.JimpleBody.validate(JimpleBody.java:102)
     at instrumentation.BranchForcer.inspectUnit(BranchForcer.java:142)
     at instrumentation.BranchForcer.internalTransform(BranchForcer.java:45)
     at soot.BodyTransformer.transform(BodyTransformer.java:51)
     at soot.Transform.apply(Transform.java:105)
     at soot.BodyPack.internalApply(BodyPack.java:49)
     at soot.Pack.apply(Pack.java:126)
     at soot.PackManager.runBodyPacks(PackManager.java:911)
     at soot.PackManager.runBodyPacks(PackManager.java:606)
     at soot.PackManager.runBodyPacks(PackManager.java:507)
     at soot.PackManager.runPacksNormally(PackManager.java:484)
     at soot.PackManager.runPacks(PackManager.java:391)
     at instrumentation.Main.main(Main.java:117)

Any idea of what I could be doing wrong?

Sincerely,
Adrien

More information about the Soot-list mailing list