From b31481667c0e87847d96c6c2cb8204dc6d9c4a1c Mon Sep 17 00:00:00 2001 From: Timothy Hoffman <4001421+tim-hoffman@users.noreply.github.com> Date: Wed, 23 Jun 2021 14:22:18 -0500 Subject: [PATCH 01/14] add PhiNodeTest to demonstrate a bug in Shimple --- .../java/soot/shimple/PhiNodeTest.java | 465 ++++++++++++++++++ .../soot/shimple/PhiNodeTestInput.java | 65 +++ 2 files changed, 530 insertions(+) create mode 100644 src/systemTest/java/soot/shimple/PhiNodeTest.java create mode 100644 src/systemTest/targets/soot/shimple/PhiNodeTestInput.java diff --git a/src/systemTest/java/soot/shimple/PhiNodeTest.java b/src/systemTest/java/soot/shimple/PhiNodeTest.java new file mode 100644 index 00000000000..40b95c88d1e --- /dev/null +++ b/src/systemTest/java/soot/shimple/PhiNodeTest.java @@ -0,0 +1,465 @@ +package soot.shimple; + +/*- + * #%L + * Soot - a J*va Optimization Framework + * %% + * Copyright (C) 2021 Timothy Hoffman + * %% + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation, either version 2.1 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Lesser Public License for more details. + * + * You should have received a copy of the GNU General Lesser Public + * License along with this program. If not, see + * . + * #L% + */ +import java.io.IOException; +import java.io.PrintWriter; +import java.io.StringWriter; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import org.junit.Assert; +import org.junit.Test; +import org.objectweb.asm.ClassReader; +import org.objectweb.asm.util.CheckClassAdapter; +import org.powermock.core.classloader.annotations.PowerMockIgnore; + +import soot.Body; +import soot.G; +import soot.ModulePathSourceLocator; +import soot.ModuleScene; +import soot.Scene; +import soot.SootClass; +import soot.SootMethod; +import soot.jimple.JimpleBody; +import soot.options.Options; +import soot.testing.framework.AbstractTestingFramework; +import soot.validation.CheckInitValidator; +import soot.validation.UsesValidator; +import soot.validation.ValidationException; + +/** + * @author Timothy Hoffman + */ +@PowerMockIgnore({ "com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "org.w3c.*" }) +public class PhiNodeTest extends AbstractTestingFramework { + + private static final boolean DEBUG_PRINT = false; + private static final boolean USE_ASM_VERIFIER = true; + + @Override + protected void setupSoot() { + final Options opts = Options.v(); + + // Ensure Shimple form is generated to trigger the bug + opts.set_via_shimple(true); + + if (DEBUG_PRINT) { + opts.setPhaseOption("jb", "use-original-names:true"); + } + } + + @Test + public void testComplexPhi() throws Exception { + final String TEST_TARGET_CLASS = "soot.shimple.PhiNodeTestInput"; + final String TEST_METHOD_NAME = "sync"; + + SootMethod m = prepareTarget(methodSigFromComponents(TEST_TARGET_CLASS, "boolean", TEST_METHOD_NAME), TEST_TARGET_CLASS); + + Body b = m.retrieveActiveBody(); + if (DEBUG_PRINT) { + System.out.println("[testComplexPhi] " + b.getClass().getName() + " = " + b); + } + Assert.assertTrue(b instanceof JimpleBody); + + // Ensure that the Soot validators pass + { + List exceptions = new ArrayList<>(); + CheckInitValidator.v().validate(b, exceptions); + UsesValidator.v().validate(b, exceptions); + if (DEBUG_PRINT) { + for (ValidationException e : exceptions) { + System.out.println(e); + } + } + Assert.assertTrue(exceptions.isEmpty()); + } + + // Convert the body to a runnable classfile, run, and test output. + Class c = generateClass(m.getDeclaringClass()); + + // If the generated bytecode does not pass JVM bytecode verifier, then + // an exception will occur when trying to create a new instance. + Object cInstance = c.newInstance(); + + Object retVal = c.getMethod(TEST_METHOD_NAME).invoke(cInstance); + Assert.assertEquals(Boolean.FALSE, retVal); + } + + /** + * TODO: on Java9 and Java11, only the java.* classes are being loaded. All of the others are not located in the + * "java.base" module but are in different standard modules. I'm not sure how to get Soot to load other modules. + * + * @throws Exception + */ + @Test + public void testStdLib() throws Exception { + final String rtJar = rtJar(); + final boolean isModuleJar = isModuleJar(rtJar); + + final List cls = new ArrayList<>(185); + if (!isModuleJar) { + // These are not present in JDK 11 + cls.add("com.sun.corba.se.impl.corba.ServerRequestImpl"); + cls.add("com.sun.corba.se.impl.corba.TCUtility"); + cls.add("com.sun.corba.se.impl.dynamicany.DynEnumImpl"); + cls.add("com.sun.corba.se.impl.dynamicany.DynFixedImpl"); + cls.add("com.sun.corba.se.impl.io.ObjectStreamClass"); + cls.add("com.sun.corba.se.impl.naming.cosnaming.TransientNameServer"); + cls.add("com.sun.corba.se.impl.naming.pcosnaming.ServantManagerImpl"); + cls.add("com.sun.corba.se.impl.oa.poa.POAPolicyMediatorImpl_R_USM"); + cls.add("com.sun.corba.se.impl.orbutil.ObjectStreamClassUtil_1_3"); + cls.add("com.sun.corba.se.impl.orbutil.ObjectStreamClassUtil_1_3$3"); + cls.add("com.sun.corba.se.impl.orbutil.threadpool.ThreadPoolManagerImpl$1"); + cls.add("com.sun.corba.se.impl.presentation.rmi.ReflectiveTie"); + cls.add("com.sun.corba.se.impl.presentation.rmi.StubInvocationHandlerImpl"); + cls.add("com.sun.corba.se.impl.resolver.BootstrapResolverImpl"); + cls.add("com.sun.corba.se.impl.util.Utility"); + cls.add("com.sun.istack.internal.localization.Localizer"); + cls.add("com.sun.jndi.cosnaming.CNCtx"); + cls.add("com.sun.org.apache.bcel.internal.util.SecuritySupport$3"); + cls.add("com.sun.org.apache.xalan.internal.utils.SecuritySupport"); + cls.add("com.sun.org.apache.xalan.internal.utils.SecuritySupport$3"); + cls.add("com.sun.org.apache.xalan.internal.xslt.Process"); + cls.add("com.sun.org.apache.xalan.internal.xsltc.cmdline.Transform"); + cls.add("com.sun.org.apache.xerces.internal.util.XMLCatalogResolver"); + cls.add("com.sun.org.apache.xerces.internal.utils.SecuritySupport"); + cls.add("com.sun.org.apache.xerces.internal.utils.SecuritySupport$3"); + cls.add("com.sun.org.apache.xerces.internal.xinclude.SecuritySupport$3"); + cls.add("com.sun.org.apache.xml.internal.resolver.CatalogManager"); + cls.add("com.sun.org.apache.xml.internal.resolver.tools.CatalogResolver"); + cls.add("com.sun.org.apache.xml.internal.serialize.SecuritySupport$3"); + cls.add("com.sun.org.apache.xml.internal.serialize.BaseMarkupSerializer"); + cls.add("com.sun.org.apache.xml.internal.serialize.HTMLdtd"); + cls.add("com.sun.org.apache.xml.internal.serializer.CharInfo"); + cls.add("com.sun.org.apache.xml.internal.serializer.OutputPropertiesFactory"); + cls.add("com.sun.org.apache.xml.internal.utils.XMLReaderManager"); + cls.add("com.sun.xml.internal.bind.v2.runtime.MarshallerImpl"); + cls.add("com.sun.xml.internal.fastinfoset.stax.factory.StAXOutputFactory"); + cls.add("com.sun.xml.internal.messaging.saaj.client.p2p.HttpSOAPConnection"); + cls.add("com.sun.xml.internal.messaging.saaj.packaging.mime.internet.MimeBodyPart"); + cls.add("com.sun.xml.internal.org.jvnet.mimepull.MIMEPart"); + cls.add("com.sun.xml.internal.ws.client.dispatch.DispatchImpl"); + cls.add("com.sun.xml.internal.ws.commons.xmlutil.Converter"); + cls.add("com.sun.xml.internal.ws.encoding.ContentTypeImpl"); + cls.add("com.sun.xml.internal.ws.fault.SOAPFaultBuilder"); + cls.add("com.sun.xml.internal.ws.handler.HandlerProcessor"); + cls.add("com.sun.xml.internal.ws.policy.jaxws.PolicyWSDLParserExtension"); + cls.add("com.sun.xml.internal.ws.transport.http.HttpAdapter$Oneway"); + cls.add("javax.activation.SecuritySupport$3"); + cls.add("javax.activation.SecuritySupport$4"); + cls.add("javax.swing.JOptionPane$ModalPrivilegedAction"); + cls.add("javax.xml.ws.spi.FactoryFinder"); + cls.add("sun.applet.AppletPanel$6"); + cls.add("sun.misc.Launcher"); + cls.add("sun.misc.Service$LazyIterator"); + cls.add("sun.misc.URLClassPath"); + cls.add("sun.rmi.transport.proxy.HttpSendSocket"); + cls.add("sun.tracing.ProviderSkeleton"); + if (USE_ASM_VERIFIER) { + // These cannot be loaded successfully via the generateClass(..) method so + // only include them if the ASM verifier is used instead of Class loading. + cls.add("com.sun.corba.se.impl.dynamicany.DynAnyComplexImpl"); + cls.add("com.sun.corba.se.impl.dynamicany.DynUnionImpl"); + cls.add("com.sun.corba.se.impl.encoding.CDRInputStream_1_0"); + cls.add("com.sun.corba.se.impl.transport.SelectorImpl"); + cls.add("com.sun.xml.internal.bind.v2.runtime.property.SingleElementLeafProperty"); + cls.add("java.awt.KeyboardFocusManager$5"); + cls.add("java.util.ServiceLoader$LazyIterator"); + cls.add("javax.xml.bind.ContextFinder"); + cls.add("sun.management.Agent"); + } + } + cls.add("com.sun.imageio.plugins.png.PNGImageReader"); + cls.add("com.sun.jmx.remote.util.EnvHelp"); + cls.add("com.sun.jndi.dns.DnsContextFactory"); + cls.add("com.sun.jndi.ldap.Connection"); + cls.add("com.sun.jndi.ldap.LdapClient"); + cls.add("com.sun.jndi.ldap.LdapCtx"); + cls.add("com.sun.naming.internal.FactoryEnumeration"); + cls.add("com.sun.naming.internal.ResourceManager"); + cls.add("com.sun.org.apache.xalan.internal.lib.ExsltDynamic"); + cls.add("com.sun.org.apache.xalan.internal.xsltc.compiler.Parser"); + cls.add("com.sun.org.apache.xalan.internal.xsltc.trax.TrAXFilter"); + cls.add("com.sun.org.apache.xalan.internal.xsltc.trax.TransformerImpl"); + cls.add("com.sun.org.apache.xerces.internal.impl.XMLScanner"); + cls.add("com.sun.org.apache.xerces.internal.impl.dtd.XMLDTDValidator"); + cls.add("com.sun.org.apache.xerces.internal.impl.xpath.regex.REUtil"); + cls.add("com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaLoader"); + cls.add("com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator"); + cls.add("com.sun.org.apache.xerces.internal.impl.xs.traversers.XSDAbstractTraverser"); + cls.add("com.sun.org.apache.xerces.internal.impl.xs.traversers.XSDHandler"); + cls.add("com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderFactoryImpl"); + cls.add("com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser"); + cls.add("com.sun.org.apache.xerces.internal.parsers.DOMParser"); + cls.add("com.sun.org.apache.xerces.internal.xinclude.XIncludeHandler"); + cls.add("com.sun.org.apache.xml.internal.dtm.ref.IncrementalSAXSource_Xerces"); + cls.add("com.sun.org.apache.xml.internal.security.keys.storage.implementations.CertsInFilesystemDirectoryResolver"); + cls.add("com.sun.org.apache.xml.internal.security.utils.JavaUtils"); + cls.add("com.sun.org.apache.xml.internal.security.utils.XalanXPathAPI"); + cls.add("com.sun.org.apache.xpath.internal.XPath"); + cls.add("com.sun.rowset.internal.CachedRowSetReader"); + cls.add("com.sun.security.auth.module.KeyStoreLoginModule"); + cls.add("com.sun.security.auth.module.LdapLoginModule"); + cls.add("javax.imageio.ImageIO$ImageReaderIterator"); + cls.add("javax.imageio.ImageIO$ImageWriterIterator"); + cls.add("javax.management.loading.MLet"); + cls.add("javax.management.modelmbean.DescriptorSupport"); + cls.add("javax.management.monitor.Monitor"); + cls.add("javax.management.remote.rmi.RMIConnector"); + cls.add("javax.management.remote.rmi.RMIConnector$RMIClientCommunicatorAdmin"); + cls.add("javax.naming.spi.NamingManager"); + cls.add("javax.smartcardio.TerminalFactory"); + cls.add("javax.sql.rowset.spi.ProviderImpl"); + cls.add("javax.swing.BufferStrategyPaintManager$BufferInfo"); + cls.add("javax.swing.plaf.basic.BasicLookAndFeel"); + cls.add("javax.swing.text.CompositeView"); + cls.add("javax.swing.text.html.StyleSheet$ListPainter"); + cls.add("org.jcp.xml.dsig.internal.dom.DOMReference"); + cls.add("org.xml.sax.helpers.XMLReaderFactory"); + cls.add("sun.awt.SunToolkit"); + cls.add("sun.awt.im.InputContext"); + cls.add("sun.font.FontUtilities$1"); + cls.add("sun.font.SunFontManager"); + cls.add("sun.font.SunFontManager$2"); + cls.add("sun.font.TrueTypeFont"); + cls.add("sun.font.Type1Font"); + cls.add("sun.instrument.InstrumentationImpl"); + cls.add("sun.java2d.opengl.OGLRenderQueue$QueueFlusher"); + cls.add("sun.net.NetProperties"); + cls.add("sun.net.ResourceManager"); + cls.add("sun.net.ftp.impl.FtpClient"); + cls.add("sun.net.ftp.impl.FtpClient$MLSxParser"); + cls.add("sun.net.www.MimeTable"); + cls.add("sun.net.www.http.HttpClient"); + cls.add("sun.net.www.http.KeepAliveStreamCleaner"); + cls.add("sun.net.www.protocol.http.BasicAuthentication"); + cls.add("sun.net.www.protocol.http.HttpURLConnection"); + cls.add("sun.net.www.protocol.http.HttpURLConnection$ErrorStream"); + cls.add("sun.nio.ch.FileChannelImpl"); + cls.add("sun.nio.ch.SocketChannelImpl"); + cls.add("sun.rmi.registry.RegistryImpl"); + cls.add("sun.rmi.server.Activation"); + cls.add("sun.rmi.server.LoaderHandler"); + cls.add("sun.rmi.server.UnicastServerRef"); + cls.add("sun.rmi.transport.StreamRemoteCall"); + cls.add("sun.rmi.transport.Transport"); + cls.add("sun.security.jgss.GSSNameImpl"); + cls.add("sun.security.jgss.krb5.Krb5Context"); + cls.add("sun.security.jgss.krb5.Krb5NameElement"); + cls.add("sun.security.jgss.krb5.Krb5Util"); + cls.add("sun.security.jgss.spnego.SpNegoContext"); + cls.add("sun.security.jgss.wrapper.GSSNameElement"); + cls.add("sun.security.krb5.Credentials"); + cls.add("sun.security.krb5.KdcComm$KdcCommunication"); + cls.add("sun.security.krb5.KrbServiceLocator"); + cls.add("sun.security.krb5.internal.ktab.KeyTabOutputStream"); + cls.add("sun.security.krb5.internal.rcache.DflCache$Storage"); + cls.add("sun.security.pkcs.PKCS7"); + cls.add("sun.security.provider.PolicyFile"); + cls.add("sun.security.rsa.RSAPadding"); + cls.add("sun.security.tools.keytool.Main"); + cls.add("sun.security.util.KeyUtil"); + cls.add("sun.swing.SwingUtilities2"); + cls.add("sun.tools.jar.Main"); + if (USE_ASM_VERIFIER) { + // These cannot be loaded successfully via the generateClass(..) method so + // only include them if the ASM verifier is used instead of Class loading. + cls.add("com.sun.org.apache.xalan.internal.xsltc.compiler.FunctionCall"); + cls.add("java.awt.Font"); + cls.add("java.awt.datatransfer.SystemFlavorMap"); + cls.add("java.awt.font.TextLayout"); + cls.add("java.beans.Beans"); + cls.add("java.beans.PropertyDescriptor"); + cls.add("java.io.FileDescriptor"); + cls.add("java.lang.CharacterName"); + cls.add("java.lang.ClassLoader"); + cls.add("java.net.DefaultDatagramSocketImplFactory"); + cls.add("java.net.InetAddress"); + cls.add("java.net.ServerSocket"); + cls.add("java.net.SocketPermission"); + cls.add("java.net.URL"); + cls.add("java.net.URLConnection"); + cls.add("java.net.URLDecoder"); + cls.add("java.net.URLEncoder"); + cls.add("java.security.Security"); + cls.add("java.time.Month"); + cls.add("java.time.MonthDay"); + cls.add("java.time.Year"); + cls.add("java.time.YearMonth"); + cls.add("java.util.Formatter"); + cls.add("java.util.concurrent.CyclicBarrier"); + cls.add("java.util.jar.Pack200"); + cls.add("java.util.logging.FileHandler"); + cls.add("java.util.prefs.AbstractPreferences"); + cls.add("javax.security.auth.kerberos.KerberosTicket"); + } + final int NUM_CLASSES = cls.size(); + + // Run initial pass to ensure they are valid when processed without using Shimple form. + { + int success = testStdLibRun(rtJar, cls, false); + Assert.assertEquals("ORIGINAL classes (total " + NUM_CLASSES + ") with errors!", 0, NUM_CLASSES - success); + } + + // Reset Soot and process the classes but use Shimple this time to trigger bug. + { + int success = testStdLibRun(rtJar, cls, true); + Assert.assertEquals("MODIFIED classes (total " + NUM_CLASSES + ") with errors!", 0, NUM_CLASSES - success); + } + } + + private static String rtJar() throws IOException { + Path p = Paths.get(System.getProperty("java.home"), "lib", "rt.jar"); + return Files.exists(p) ? p.toRealPath().toString() : null; + } + + private static boolean isModuleJar(String rtJar) { + return (rtJar == null); + } + + private int testStdLibRun(String rtJar, List checkClasses, boolean useShimple) { + final Scene scene = customSetupLib(rtJar, checkClasses, useShimple); + int success = 0; + for (String name : checkClasses) { + try { + SootClass sc = getOrResolveSootClass(scene, name, SootClass.BODIES); + Assert.assertNotNull(sc); + Assert.assertEquals(name, sc.getName()); + + if (USE_ASM_VERIFIER) { + byte[] c = generateBytecode(sc); + StringWriter stringWriter = new StringWriter(); + CheckClassAdapter.verify(new ClassReader(c), false, new PrintWriter(stringWriter)); + String verifyMsg = stringWriter.toString(); + Assert.assertTrue(verifyMsg, verifyMsg.isEmpty()); + } else { + // If the generated bytecode does not pass JVM bytecode verifier, + // then an exception will occur when trying to obtain "declared" + // fields, methods, constructors, etc. + Class c = generateClass(sc); + Assert.assertNotNull(c.getDeclaredFields()); + Assert.assertNotNull(c.getDeclaredConstructors()); + Assert.assertNotNull(c.getDeclaredMethods()); + } + + success++; + } catch (Throwable t) { + if (DEBUG_PRINT) { + String kind = useShimple ? "ShimpleBody" : "JimpleBody"; + System.out.println("[testStdLib] ERROR in a " + kind + " in " + name + " " + t); + t.printStackTrace(System.out); + } + } + } + return success; + } + + /** + * + * @param classPath + */ + private Scene customSetupLib(String rtJar, List classNames, boolean useShimple) { + G.reset(); + + final Options opts = Options.v(); + + opts.set_whole_program(true); + opts.set_output_format(Options.output_format_none); + opts.set_allow_phantom_refs(true); + opts.set_no_bodies_for_excluded(true); + opts.set_exclude(Collections.singletonList("java.*")); + opts.set_include(classNames); + opts.set_validate(true); + + final boolean isModuleJar = isModuleJar(rtJar); + if (isModuleJar) { + opts.set_soot_modulepath(ModulePathSourceLocator.DUMMY_CLASSPATH_JDK9_FS); + } else { + opts.set_soot_classpath(rtJar); + opts.set_process_dir(Collections.singletonList(rtJar)); + } + + opts.set_via_shimple(useShimple); + // opts.setPhaseOption("bb.lp", "unsplit-original-locals:true"); + + if (DEBUG_PRINT) { + opts.setPhaseOption("jb", "use-original-names:true"); + } + + // NOTE: must obtain Scene after all options are set + Scene scene = isModuleJar ? ModuleScene.v() : Scene.v(); + scene.loadNecessaryClasses(); + runSoot(); + return scene; + } + + /** + * @param sc + * @param className + * @param resolvingLevel + * one of the constants defined in {@link SootClass} + * + * @return the {@link SootClass} with the given name + * + * @see SootClass#DANGLING + * @see SootClass#HIERARCHY + * @see SootClass#SIGNATURES + * @see SootClass#BODIES + */ + private static SootClass getOrResolveSootClass(Scene sc, String className, int resolvingLevel) { + Assert.assertNotNull(className); + if (sc.containsClass(className)) { + SootClass retVal = sc.getSootClass(className); + if (retVal.resolvingLevel() >= resolvingLevel && !retVal.isPhantom()) { + assertPostConditions(retVal, resolvingLevel); + return retVal; + } else { + // The forceResolve(..) will not make any change if the class is + // phantom or the resolving level is already high enough, so ensure + // those two conditions will be false before trying the resolution. + retVal.setResolvingLevel(SootClass.DANGLING); + retVal.setLibraryClass(); + } + } + SootClass retVal = sc.forceResolve(className, resolvingLevel); + retVal.setApplicationClass(); + assertPostConditions(retVal, resolvingLevel); + return retVal; + } + + private static void assertPostConditions(SootClass c, int expectLvl) { + Assert.assertNotNull(c); + Assert.assertFalse("phantom class: " + c, c.isPhantom()); + Assert.assertTrue("insufficiently resolved: (" + c.resolvingLevel() + ") " + c, c.resolvingLevel() >= expectLvl); + + for (SootMethod m : c.getMethods()) { + Assert.assertFalse("phantom method: " + m, m.isPhantom()); + Assert.assertTrue("concrete method without method body/source: " + m, + !m.isConcrete() || m.hasActiveBody() || m.getSource() != null); + } + } +} diff --git a/src/systemTest/targets/soot/shimple/PhiNodeTestInput.java b/src/systemTest/targets/soot/shimple/PhiNodeTestInput.java new file mode 100644 index 00000000000..5476625f45d --- /dev/null +++ b/src/systemTest/targets/soot/shimple/PhiNodeTestInput.java @@ -0,0 +1,65 @@ +package soot.shimple; + +/*- + * #%L + * Soot - a J*va Optimization Framework + * %% + * Copyright (C) 2021 Timothy Hoffman + * %% + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation, either version 2.1 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Lesser Public License for more details. + * + * You should have received a copy of the GNU General Lesser Public + * License along with this program. If not, see + * . + * #L% + */ +import java.io.FileInputStream; +import java.io.IOException; + +/** + * @author Timothy Hoffman + */ +public class PhiNodeTestInput { + + public boolean sync() throws Exception { + boolean success = false; + IOException exc; + for (int retry = 0; !success && retry < 2; retry++) { + FileInputStream file = null; + try { + try { + file = new FileInputStream("delete_me.txt"); + success = true; + } finally { + if (file != null) { + file.close(); + } + } + } catch (IOException ioe) { + exc = ioe; + Thread.sleep(5); + } + } + return success; + } + + /** + * Run this test from the command line as "java -cp soot\target\systemTest-target-classes soot.shimple.PhiNodeTestInput" + * and observe that it runs without error and prints "false" to the command line. + * + * @param args + * + * @throws Exception + */ + public static void main(String[] args) throws Exception { + System.out.println(new PhiNodeTestInput().sync()); + } +} From 63dd799b4f2315875b13550bc7b3ab142555736b Mon Sep 17 00:00:00 2001 From: Timothy Hoffman <4001421+tim-hoffman@users.noreply.github.com> Date: Wed, 23 Jun 2021 21:21:54 -0500 Subject: [PATCH 02/14] add a simpler example to PhiNodeTest --- .../java/soot/shimple/PhiNodeTest.java | 53 ++++++++++++++++--- .../soot/shimple/PhiNodeTestInput.java | 15 +++++- 2 files changed, 59 insertions(+), 9 deletions(-) diff --git a/src/systemTest/java/soot/shimple/PhiNodeTest.java b/src/systemTest/java/soot/shimple/PhiNodeTest.java index 40b95c88d1e..3fc2602a837 100644 --- a/src/systemTest/java/soot/shimple/PhiNodeTest.java +++ b/src/systemTest/java/soot/shimple/PhiNodeTest.java @@ -57,8 +57,8 @@ @PowerMockIgnore({ "com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "org.w3c.*" }) public class PhiNodeTest extends AbstractTestingFramework { - private static final boolean DEBUG_PRINT = false; - private static final boolean USE_ASM_VERIFIER = true; + private static final boolean DEBUG_PRINT = true; + private static final boolean USE_ASM_VERIFIER = false; @Override protected void setupSoot() { @@ -73,15 +73,15 @@ protected void setupSoot() { } @Test - public void testComplexPhi() throws Exception { - final String TEST_TARGET_CLASS = "soot.shimple.PhiNodeTestInput"; - final String TEST_METHOD_NAME = "sync"; + public void testComplexPhi_A() throws Exception { + final String TEST_CLASS = "soot.shimple.PhiNodeTestInput"; + final String TEST_METHOD = "sync"; - SootMethod m = prepareTarget(methodSigFromComponents(TEST_TARGET_CLASS, "boolean", TEST_METHOD_NAME), TEST_TARGET_CLASS); + SootMethod m = prepareTarget(methodSigFromComponents(TEST_CLASS, "boolean", TEST_METHOD), TEST_CLASS); Body b = m.retrieveActiveBody(); if (DEBUG_PRINT) { - System.out.println("[testComplexPhi] " + b.getClass().getName() + " = " + b); + System.out.println("[testComplexPhi_A] " + b.getClass().getName() + " = " + b); } Assert.assertTrue(b instanceof JimpleBody); @@ -105,10 +105,47 @@ public void testComplexPhi() throws Exception { // an exception will occur when trying to create a new instance. Object cInstance = c.newInstance(); - Object retVal = c.getMethod(TEST_METHOD_NAME).invoke(cInstance); + Object retVal = c.getMethod(TEST_METHOD).invoke(cInstance); Assert.assertEquals(Boolean.FALSE, retVal); } + @Test + public void testComplexPhi_B() throws Exception { + final String TEST_CLASS = "soot.shimple.PhiNodeTestInput"; + final String TEST_METHOD = "hasMethod"; + + SootMethod m = prepareTarget(methodSigFromComponents(TEST_CLASS, "java.lang.Class", TEST_METHOD), TEST_CLASS); + + Body b = m.retrieveActiveBody(); + if (DEBUG_PRINT) { + System.out.println("[testComplexPhi_B] " + b.getClass().getName() + " = " + b); + } + Assert.assertTrue(b instanceof JimpleBody); + + // Ensure that the Soot validators pass + { + List exceptions = new ArrayList<>(); + CheckInitValidator.v().validate(b, exceptions); + UsesValidator.v().validate(b, exceptions); + if (DEBUG_PRINT) { + for (ValidationException e : exceptions) { + System.out.println(e); + } + } + Assert.assertTrue(exceptions.isEmpty()); + } + + // Convert the body to a runnable classfile, run, and test output. + Class c = generateClass(m.getDeclaringClass()); + + // If the generated bytecode does not pass JVM bytecode verifier, then + // an exception will occur when trying to create a new instance. + Object cInstance = c.newInstance(); + + Object retVal = c.getMethod(TEST_METHOD).invoke(cInstance); + Assert.assertEquals(c, retVal); + } + /** * TODO: on Java9 and Java11, only the java.* classes are being loaded. All of the others are not located in the * "java.base" module but are in different standard modules. I'm not sure how to get Soot to load other modules. diff --git a/src/systemTest/targets/soot/shimple/PhiNodeTestInput.java b/src/systemTest/targets/soot/shimple/PhiNodeTestInput.java index 5476625f45d..26bb5536e16 100644 --- a/src/systemTest/targets/soot/shimple/PhiNodeTestInput.java +++ b/src/systemTest/targets/soot/shimple/PhiNodeTestInput.java @@ -51,9 +51,21 @@ public boolean sync() throws Exception { return success; } + public Class hasMethod() { + Class clazz = null; + try { + if (clazz == null) { + clazz = PhiNodeTestInput.class; + } + clazz.getDeclaredMethod("toString"); + } catch (NoSuchMethodException ex) { + } + return clazz; + } + /** * Run this test from the command line as "java -cp soot\target\systemTest-target-classes soot.shimple.PhiNodeTestInput" - * and observe that it runs without error and prints "false" to the command line. + * and observe that it runs without error and prints "false" and then "true" to the command line. * * @param args * @@ -61,5 +73,6 @@ public boolean sync() throws Exception { */ public static void main(String[] args) throws Exception { System.out.println(new PhiNodeTestInput().sync()); + System.out.println(new PhiNodeTestInput().hasMethod() == PhiNodeTestInput.class); } } From b1c1dab6219cd2797310bca3ca997c4d9108a0be Mon Sep 17 00:00:00 2001 From: Timothy Hoffman <4001421+tim-hoffman@users.noreply.github.com> Date: Fri, 25 Jun 2021 17:37:17 -0500 Subject: [PATCH 03/14] fix the Shimple initialization bug for most test cases --- .../scalar/DeadAssignmentEliminator.java | 6 +- .../soot/shimple/DefaultShimpleFactory.java | 3 +- .../toolkits/graph/ExceptionalUnitGraph.java | 2 +- .../graph/FullExceptionalUnitGraph.java | 96 +++++++++++++++++++ 4 files changed, 104 insertions(+), 3 deletions(-) create mode 100644 src/main/java/soot/toolkits/graph/FullExceptionalUnitGraph.java diff --git a/src/main/java/soot/jimple/toolkits/scalar/DeadAssignmentEliminator.java b/src/main/java/soot/jimple/toolkits/scalar/DeadAssignmentEliminator.java index ac35885ab7b..7560748bec3 100644 --- a/src/main/java/soot/jimple/toolkits/scalar/DeadAssignmentEliminator.java +++ b/src/main/java/soot/jimple/toolkits/scalar/DeadAssignmentEliminator.java @@ -72,6 +72,9 @@ import soot.jimple.RemExpr; import soot.jimple.Stmt; import soot.options.Options; +import soot.shimple.ShimpleBody; +import soot.toolkits.graph.ExceptionalUnitGraph; +import soot.toolkits.graph.FullExceptionalUnitGraph; import soot.toolkits.scalar.LocalDefs; import soot.toolkits.scalar.LocalUses; import soot.toolkits.scalar.UnitValueBoxPair; @@ -237,7 +240,8 @@ protected void internalTransform(Body b, String phaseName, Map o // Add all the statements which are used to compute values // for the essential statements, recursively - final LocalDefs localDefs = G.v().soot_toolkits_scalar_LocalDefsFactory().newLocalDefs(b); + final LocalDefs localDefs = G.v().soot_toolkits_scalar_LocalDefsFactory() + .newLocalDefs(b instanceof ShimpleBody ? new FullExceptionalUnitGraph(b) : new ExceptionalUnitGraph(b)); if (!allEssential) { Set essential = new HashSet(units.size()); diff --git a/src/main/java/soot/shimple/DefaultShimpleFactory.java b/src/main/java/soot/shimple/DefaultShimpleFactory.java index 347bf029dbb..d4251434bb9 100644 --- a/src/main/java/soot/shimple/DefaultShimpleFactory.java +++ b/src/main/java/soot/shimple/DefaultShimpleFactory.java @@ -35,6 +35,7 @@ import soot.toolkits.graph.DominatorsFinder; import soot.toolkits.graph.ExceptionalBlockGraph; import soot.toolkits.graph.ExceptionalUnitGraph; +import soot.toolkits.graph.FullExceptionalUnitGraph; import soot.toolkits.graph.HashReversibleGraph; import soot.toolkits.graph.ReversibleGraph; import soot.toolkits.graph.SimpleDominatorsFinder; @@ -144,7 +145,7 @@ public UnitGraph getUnitGraph() { if (ug == null) { Body body = getBody(); UnreachableCodeEliminator.v().transform(body); - ug = new ExceptionalUnitGraph(body); + ug = new FullExceptionalUnitGraph(body); this.ug = ug; } return ug; diff --git a/src/main/java/soot/toolkits/graph/ExceptionalUnitGraph.java b/src/main/java/soot/toolkits/graph/ExceptionalUnitGraph.java index 32ebac07cf4..581a1f7a4b3 100644 --- a/src/main/java/soot/toolkits/graph/ExceptionalUnitGraph.java +++ b/src/main/java/soot/toolkits/graph/ExceptionalUnitGraph.java @@ -322,7 +322,7 @@ protected Map> buildExceptionDests(ThrowAnalysis * @return a Map which whose contents are equivalent to the input map, plus the information that * u throws caught to t. */ - private Map> addDestToMap(Map> map, Unit u, Trap t, + protected Map> addDestToMap(Map> map, Unit u, Trap t, ThrowableSet caught) { Collection dests = (map == null ? null : map.get(u)); if (dests == null) { diff --git a/src/main/java/soot/toolkits/graph/FullExceptionalUnitGraph.java b/src/main/java/soot/toolkits/graph/FullExceptionalUnitGraph.java new file mode 100644 index 00000000000..28a3dc00720 --- /dev/null +++ b/src/main/java/soot/toolkits/graph/FullExceptionalUnitGraph.java @@ -0,0 +1,96 @@ +package soot.toolkits.graph; + +/*- + * #%L + * Soot - a J*va Optimization Framework + * %% + * Copyright (C) 2021 Timothy Hoffman + * %% + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation, either version 2.1 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Lesser Public License for more details. + * + * You should have received a copy of the GNU General Lesser Public + * License along with this program. If not, see + * . + * #L% + */ +import java.util.Collection; +import java.util.Collections; +import java.util.Iterator; +import java.util.Map; + +import soot.Body; +import soot.RefType; +import soot.Trap; +import soot.Unit; +import soot.toolkits.exceptions.PedanticThrowAnalysis; +import soot.toolkits.exceptions.ThrowAnalysis; +import soot.toolkits.exceptions.ThrowableSet; +import soot.util.Chain; + +/** + * Extension of {@link ExceptionalUnitGraph} that aligns more closely with the representation used by the JVM bytecode + * verifier. The standard {@link ExceptionalUnitGraph} will not add an exception edge for an exception table entry if an + * earlier entry already caught a broader exception type (i.e. the edge for the later entry will never actually execute + * during runtime). However, the JVM bytecode verifier considers all exceptional edges verbatim from the exception table and + * thus, may consider more possible paths in the CFG. Furthermore, this graph uses a {@link PedanticThrowAnalysis} to ensure + * that all Units covered by an exception table entry will have an edge to the exception handler which forces phi-node + * removal to back-propagate assignments all the way back to their original location to avoid "uninitialized register" errors + * from the JVM bytecode verifier. + * + * @author Timothy Hoffman + */ +public class FullExceptionalUnitGraph extends ExceptionalUnitGraph { + + public FullExceptionalUnitGraph(Body body) { + super(body); + // Set the 'omitExceptingUnitEdges' parameter to false and use a ThrowAnalysis + // based on the PedanticThrowAnalysis so that all units (except for AssignStmt) + // will have an edge into exception handler blocks. + initialize(PedanticThrowAnalysis.v(), false); + } + + @Override + protected Map> buildExceptionDests(ThrowAnalysis throwAnalysis) { + // Identical to the original except it doesn't track the uncaught + // throwables when multiple Traps cover the same Unit. That way, the full + // effect of all traps is reflected in the graph, even if some edges + // will never be used because an earlier trap subsumes a later one. + // + Map> result = null; + + final Chain traps = body.getTraps(); + if (!traps.isEmpty()) { + final ThrowableSet EMPTY = ThrowableSet.Manager.v().EMPTY; + final Chain units = body.getUnits(); + + // Record the caught exceptions. + for (Trap trap : traps) { + RefType catcher = trap.getException().getType(); + for (Iterator it = units.iterator(trap.getBeginUnit(), units.getPredOf(trap.getEndUnit())); it.hasNext();) { + Unit unit = it.next(); + ThrowableSet thrownSet = throwAnalysis.mightThrow(unit); + ThrowableSet.Pair catchableAs = thrownSet.whichCatchableAs(catcher); + if (!EMPTY.equals(catchableAs.getCaught())) { + result = addDestToMap(result, unit, trap, catchableAs.getCaught()); + } else { + assert (thrownSet.equals(catchableAs.getUncaught())) : + "ExceptionalUnitGraph.buildExceptionDests(): " + + "catchableAs.caught == EMPTY, but catchableAs.uncaught != thrownSet" + System.getProperty("line.separator") + + body.getMethod().getSubSignature() + " Unit: " + unit.toString() + System.getProperty("line.separator") + + " catchableAs.getUncaught() == " + catchableAs.getUncaught().toString() + + System.getProperty("line.separator") + " thrownSet == " + thrownSet.toString(); + } + } + } + } + return result == null ? Collections.emptyMap() : result; + } +} From 598f69a6e293a5f8ac3833b2b9a24f394d3f4451 Mon Sep 17 00:00:00 2001 From: Timothy Hoffman <4001421+tim-hoffman@users.noreply.github.com> Date: Mon, 28 Jun 2021 13:25:46 -0500 Subject: [PATCH 04/14] add another small test method based on one of the remaining JDK method failures --- .../java/soot/shimple/PhiNodeTest.java | 39 ++++++++++++++++++- .../soot/shimple/PhiNodeTestInput.java | 15 +++++++ 2 files changed, 53 insertions(+), 1 deletion(-) diff --git a/src/systemTest/java/soot/shimple/PhiNodeTest.java b/src/systemTest/java/soot/shimple/PhiNodeTest.java index 3fc2602a837..0f3d19a5d0d 100644 --- a/src/systemTest/java/soot/shimple/PhiNodeTest.java +++ b/src/systemTest/java/soot/shimple/PhiNodeTest.java @@ -57,7 +57,7 @@ @PowerMockIgnore({ "com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "org.w3c.*" }) public class PhiNodeTest extends AbstractTestingFramework { - private static final boolean DEBUG_PRINT = true; + private static final boolean DEBUG_PRINT = false; private static final boolean USE_ASM_VERIFIER = false; @Override @@ -146,6 +146,43 @@ public void testComplexPhi_B() throws Exception { Assert.assertEquals(c, retVal); } + @Test + public void testComplexPhi_C() throws Exception { + final String TEST_CLASS = "soot.shimple.PhiNodeTestInput"; + final String TEST_METHOD = "readProp"; + + SootMethod m = prepareTarget(methodSigFromComponents(TEST_CLASS, "java.io.InputStream", TEST_METHOD), TEST_CLASS); + + Body b = m.retrieveActiveBody(); + if (DEBUG_PRINT) { + System.out.println("[testComplexPhi_C] " + b.getClass().getName() + " = " + b); + } + Assert.assertTrue(b instanceof JimpleBody); + + // Ensure that the Soot validators pass + { + List exceptions = new ArrayList<>(); + CheckInitValidator.v().validate(b, exceptions); + UsesValidator.v().validate(b, exceptions); + if (DEBUG_PRINT) { + for (ValidationException e : exceptions) { + System.out.println(e); + } + } + Assert.assertTrue(exceptions.isEmpty()); + } + + // Convert the body to a runnable classfile, run, and test output. + Class c = generateClass(m.getDeclaringClass()); + + // If the generated bytecode does not pass JVM bytecode verifier, then + // an exception will occur when trying to create a new instance. + Object cInstance = c.newInstance(); + + Object retVal = c.getMethod(TEST_METHOD).invoke(cInstance); + Assert.assertNull(retVal); + } + /** * TODO: on Java9 and Java11, only the java.* classes are being loaded. All of the others are not located in the * "java.base" module but are in different standard modules. I'm not sure how to get Soot to load other modules. diff --git a/src/systemTest/targets/soot/shimple/PhiNodeTestInput.java b/src/systemTest/targets/soot/shimple/PhiNodeTestInput.java index 26bb5536e16..6cbdc344852 100644 --- a/src/systemTest/targets/soot/shimple/PhiNodeTestInput.java +++ b/src/systemTest/targets/soot/shimple/PhiNodeTestInput.java @@ -21,8 +21,11 @@ * . * #L% */ +import java.io.File; import java.io.FileInputStream; +import java.io.FileNotFoundException; import java.io.IOException; +import java.io.InputStream; /** * @author Timothy Hoffman @@ -63,6 +66,18 @@ public Class hasMethod() { return clazz; } + public InputStream readProp() { + InputStream is = null; + try { + synchronized (this) { + File f = new File("in.properties"); + is = new FileInputStream(f); + } + } catch (FileNotFoundException ex) { + } + return is; + } + /** * Run this test from the command line as "java -cp soot\target\systemTest-target-classes soot.shimple.PhiNodeTestInput" * and observe that it runs without error and prints "false" and then "true" to the command line. From d16f32293d06ce645ff99d518eb72a10976ce602 Mon Sep 17 00:00:00 2001 From: Timothy Hoffman <4001421+tim-hoffman@users.noreply.github.com> Date: Mon, 28 Jun 2021 13:26:17 -0500 Subject: [PATCH 05/14] Fix the bug in the remaining test cases --- .../graph/FullExceptionalUnitGraph.java | 5 ++--- .../java/soot/toolkits/scalar/FastColorer.java | 17 +++++++---------- 2 files changed, 9 insertions(+), 13 deletions(-) diff --git a/src/main/java/soot/toolkits/graph/FullExceptionalUnitGraph.java b/src/main/java/soot/toolkits/graph/FullExceptionalUnitGraph.java index 28a3dc00720..f4c0523ba0a 100644 --- a/src/main/java/soot/toolkits/graph/FullExceptionalUnitGraph.java +++ b/src/main/java/soot/toolkits/graph/FullExceptionalUnitGraph.java @@ -51,9 +51,8 @@ public class FullExceptionalUnitGraph extends ExceptionalUnitGraph { public FullExceptionalUnitGraph(Body body) { super(body); - // Set the 'omitExceptingUnitEdges' parameter to false and use a ThrowAnalysis - // based on the PedanticThrowAnalysis so that all units (except for AssignStmt) - // will have an edge into exception handler blocks. + // Set 'omitExceptingUnitEdges' as false and use PedanticThrowAnalysis + // so that all units will have an edge into exception handler blocks. initialize(PedanticThrowAnalysis.v(), false); } diff --git a/src/main/java/soot/toolkits/scalar/FastColorer.java b/src/main/java/soot/toolkits/scalar/FastColorer.java index cc7211a51ce..23ace60ae0c 100644 --- a/src/main/java/soot/toolkits/scalar/FastColorer.java +++ b/src/main/java/soot/toolkits/scalar/FastColorer.java @@ -38,9 +38,8 @@ import soot.Unit; import soot.Value; import soot.ValueBox; -import soot.options.Options; -import soot.toolkits.exceptions.PedanticThrowAnalysis; import soot.toolkits.graph.ExceptionalUnitGraph; +import soot.toolkits.graph.FullExceptionalUnitGraph; import soot.util.ArraySet; /** @@ -58,10 +57,9 @@ private FastColorer() { public static void unsplitAssignColorsToLocals(Body unitBody, Map localToGroup, Map localToColor, Map groupToColorCount) { - // To understand why a pedantic throw analysis is required, see comment - // in assignColorsToLocals method - final ExceptionalUnitGraph unitGraph = - new ExceptionalUnitGraph(unitBody, PedanticThrowAnalysis.v(), Options.v().omit_excepting_unit_edges()); + // Build a FullExceptionalUnitGraph to prevent JVM bytecode verifier errors + // like "java.lang.VerifyError: Incompatible argument to function". + final ExceptionalUnitGraph unitGraph = new FullExceptionalUnitGraph(unitBody); final UnitInterferenceGraph intGraph = new UnitInterferenceGraph(unitBody, localToGroup, new SimpleLiveLocals(unitGraph), unitGraph); @@ -150,10 +148,9 @@ public static void unsplitAssignColorsToLocals(Body unitBody, Map public static void assignColorsToLocals(Body unitBody, Map localToGroup, Map localToColor, Map groupToColorCount) { - // Build a CFG using a pedantic throw analysis to prevent JVM - // "java.lang.VerifyError: Incompatible argument to function" errors. - final ExceptionalUnitGraph unitGraph = - new ExceptionalUnitGraph(unitBody, PedanticThrowAnalysis.v(), Options.v().omit_excepting_unit_edges()); + // Build a FullExceptionalUnitGraph to prevent JVM bytecode verifier errors + // like "java.lang.VerifyError: Incompatible argument to function". + final ExceptionalUnitGraph unitGraph = new FullExceptionalUnitGraph(unitBody); final UnitInterferenceGraph intGraph = new UnitInterferenceGraph(unitBody, localToGroup, new SimpleLiveLocals(unitGraph), unitGraph); From 094a22951891a818c8b64f98711bdbeefa34ede7 Mon Sep 17 00:00:00 2001 From: Timothy Hoffman <4001421+tim-hoffman@users.noreply.github.com> Date: Mon, 28 Jun 2021 13:53:14 -0500 Subject: [PATCH 06/14] change test runner to always run ASM verifier --- .../java/soot/shimple/PhiNodeTest.java | 114 +++++++++--------- 1 file changed, 59 insertions(+), 55 deletions(-) diff --git a/src/systemTest/java/soot/shimple/PhiNodeTest.java b/src/systemTest/java/soot/shimple/PhiNodeTest.java index 0f3d19a5d0d..d291cca441d 100644 --- a/src/systemTest/java/soot/shimple/PhiNodeTest.java +++ b/src/systemTest/java/soot/shimple/PhiNodeTest.java @@ -58,7 +58,6 @@ public class PhiNodeTest extends AbstractTestingFramework { private static final boolean DEBUG_PRINT = false; - private static final boolean USE_ASM_VERIFIER = false; @Override protected void setupSoot() { @@ -194,9 +193,14 @@ public void testStdLib() throws Exception { final String rtJar = rtJar(); final boolean isModuleJar = isModuleJar(rtJar); - final List cls = new ArrayList<>(185); + // Run both ASM and JVM verifier on these classes. + final List cls = new ArrayList<>(148); + // Run only the ASM verifier on these classes because they cannot + // be loaded successfully via the generateClass(..) method. + final List clsASM = new ArrayList<>(37); if (!isModuleJar) { // These are not present in JDK 11 + // cls.add("com.sun.corba.se.impl.corba.ServerRequestImpl"); cls.add("com.sun.corba.se.impl.corba.TCUtility"); cls.add("com.sun.corba.se.impl.dynamicany.DynEnumImpl"); @@ -253,19 +257,16 @@ public void testStdLib() throws Exception { cls.add("sun.misc.URLClassPath"); cls.add("sun.rmi.transport.proxy.HttpSendSocket"); cls.add("sun.tracing.ProviderSkeleton"); - if (USE_ASM_VERIFIER) { - // These cannot be loaded successfully via the generateClass(..) method so - // only include them if the ASM verifier is used instead of Class loading. - cls.add("com.sun.corba.se.impl.dynamicany.DynAnyComplexImpl"); - cls.add("com.sun.corba.se.impl.dynamicany.DynUnionImpl"); - cls.add("com.sun.corba.se.impl.encoding.CDRInputStream_1_0"); - cls.add("com.sun.corba.se.impl.transport.SelectorImpl"); - cls.add("com.sun.xml.internal.bind.v2.runtime.property.SingleElementLeafProperty"); - cls.add("java.awt.KeyboardFocusManager$5"); - cls.add("java.util.ServiceLoader$LazyIterator"); - cls.add("javax.xml.bind.ContextFinder"); - cls.add("sun.management.Agent"); - } + // + clsASM.add("com.sun.corba.se.impl.dynamicany.DynAnyComplexImpl"); + clsASM.add("com.sun.corba.se.impl.dynamicany.DynUnionImpl"); + clsASM.add("com.sun.corba.se.impl.encoding.CDRInputStream_1_0"); + clsASM.add("com.sun.corba.se.impl.transport.SelectorImpl"); + clsASM.add("com.sun.xml.internal.bind.v2.runtime.property.SingleElementLeafProperty"); + clsASM.add("java.awt.KeyboardFocusManager$5"); + clsASM.add("java.util.ServiceLoader$LazyIterator"); + clsASM.add("javax.xml.bind.ContextFinder"); + clsASM.add("sun.management.Agent"); } cls.add("com.sun.imageio.plugins.png.PNGImageReader"); cls.add("com.sun.jmx.remote.util.EnvHelp"); @@ -359,50 +360,50 @@ public void testStdLib() throws Exception { cls.add("sun.security.util.KeyUtil"); cls.add("sun.swing.SwingUtilities2"); cls.add("sun.tools.jar.Main"); - if (USE_ASM_VERIFIER) { - // These cannot be loaded successfully via the generateClass(..) method so - // only include them if the ASM verifier is used instead of Class loading. - cls.add("com.sun.org.apache.xalan.internal.xsltc.compiler.FunctionCall"); - cls.add("java.awt.Font"); - cls.add("java.awt.datatransfer.SystemFlavorMap"); - cls.add("java.awt.font.TextLayout"); - cls.add("java.beans.Beans"); - cls.add("java.beans.PropertyDescriptor"); - cls.add("java.io.FileDescriptor"); - cls.add("java.lang.CharacterName"); - cls.add("java.lang.ClassLoader"); - cls.add("java.net.DefaultDatagramSocketImplFactory"); - cls.add("java.net.InetAddress"); - cls.add("java.net.ServerSocket"); - cls.add("java.net.SocketPermission"); - cls.add("java.net.URL"); - cls.add("java.net.URLConnection"); - cls.add("java.net.URLDecoder"); - cls.add("java.net.URLEncoder"); - cls.add("java.security.Security"); - cls.add("java.time.Month"); - cls.add("java.time.MonthDay"); - cls.add("java.time.Year"); - cls.add("java.time.YearMonth"); - cls.add("java.util.Formatter"); - cls.add("java.util.concurrent.CyclicBarrier"); - cls.add("java.util.jar.Pack200"); - cls.add("java.util.logging.FileHandler"); - cls.add("java.util.prefs.AbstractPreferences"); - cls.add("javax.security.auth.kerberos.KerberosTicket"); - } - final int NUM_CLASSES = cls.size(); + // + clsASM.add("com.sun.org.apache.xalan.internal.xsltc.compiler.FunctionCall"); + clsASM.add("java.awt.Font"); + clsASM.add("java.awt.datatransfer.SystemFlavorMap"); + clsASM.add("java.awt.font.TextLayout"); + clsASM.add("java.beans.Beans"); + clsASM.add("java.beans.PropertyDescriptor"); + clsASM.add("java.io.FileDescriptor"); + clsASM.add("java.lang.CharacterName"); + clsASM.add("java.lang.ClassLoader"); + clsASM.add("java.net.DefaultDatagramSocketImplFactory"); + clsASM.add("java.net.InetAddress"); + clsASM.add("java.net.ServerSocket"); + clsASM.add("java.net.SocketPermission"); + clsASM.add("java.net.URL"); + clsASM.add("java.net.URLConnection"); + clsASM.add("java.net.URLDecoder"); + clsASM.add("java.net.URLEncoder"); + clsASM.add("java.security.Security"); + clsASM.add("java.time.Month"); + clsASM.add("java.time.MonthDay"); + clsASM.add("java.time.Year"); + clsASM.add("java.time.YearMonth"); + clsASM.add("java.util.Formatter"); + clsASM.add("java.util.concurrent.CyclicBarrier"); + clsASM.add("java.util.jar.Pack200"); + clsASM.add("java.util.logging.FileHandler"); + clsASM.add("java.util.prefs.AbstractPreferences"); + clsASM.add("javax.security.auth.kerberos.KerberosTicket"); + + final int NUM_CLASSES = cls.size() + clsASM.size(); // Run initial pass to ensure they are valid when processed without using Shimple form. { - int success = testStdLibRun(rtJar, cls, false); - Assert.assertEquals("ORIGINAL classes (total " + NUM_CLASSES + ") with errors!", 0, NUM_CLASSES - success); + int pass1 = testStdLibRun(rtJar, cls, false, false); + int pass2 = testStdLibRun(rtJar, clsASM, false, true); + Assert.assertEquals("ORIGINAL classes (total " + NUM_CLASSES + ") with errors!", 0, NUM_CLASSES - pass1 - pass2); } // Reset Soot and process the classes but use Shimple this time to trigger bug. { - int success = testStdLibRun(rtJar, cls, true); - Assert.assertEquals("MODIFIED classes (total " + NUM_CLASSES + ") with errors!", 0, NUM_CLASSES - success); + int pass1 = testStdLibRun(rtJar, cls, true, false); + int pass2 = testStdLibRun(rtJar, clsASM, true, true); + Assert.assertEquals("MODIFIED classes (total " + NUM_CLASSES + ") with errors!", 0, NUM_CLASSES - pass1 - pass2); } } @@ -415,7 +416,7 @@ private static boolean isModuleJar(String rtJar) { return (rtJar == null); } - private int testStdLibRun(String rtJar, List checkClasses, boolean useShimple) { + private int testStdLibRun(String rtJar, List checkClasses, boolean useShimple, boolean onlyASM) { final Scene scene = customSetupLib(rtJar, checkClasses, useShimple); int success = 0; for (String name : checkClasses) { @@ -424,13 +425,16 @@ private int testStdLibRun(String rtJar, List checkClasses, boolean useSh Assert.assertNotNull(sc); Assert.assertEquals(name, sc.getName()); - if (USE_ASM_VERIFIER) { + { + // Run ASM verifier and ensure the message is empty byte[] c = generateBytecode(sc); StringWriter stringWriter = new StringWriter(); CheckClassAdapter.verify(new ClassReader(c), false, new PrintWriter(stringWriter)); String verifyMsg = stringWriter.toString(); Assert.assertTrue(verifyMsg, verifyMsg.isEmpty()); - } else { + } + + if (!onlyASM) { // If the generated bytecode does not pass JVM bytecode verifier, // then an exception will occur when trying to obtain "declared" // fields, methods, constructors, etc. From 4d20cb62b6e1e15bcc0c0bb610bec5fa40d92d6d Mon Sep 17 00:00:00 2001 From: Timothy Hoffman <4001421+tim-hoffman@users.noreply.github.com> Date: Tue, 29 Jun 2021 16:11:57 -0500 Subject: [PATCH 07/14] rename tests and add another that shows a Jimple optimization still causes problems --- .../{PhiNodeTest.java => Shimple1Test.java} | 19 ++-- .../java/soot/shimple/Shimple2Test.java | 101 ++++++++++++++++++ ...deTestInput.java => ShimpleTestInput.java} | 10 +- 3 files changed, 115 insertions(+), 15 deletions(-) rename src/systemTest/java/soot/shimple/{PhiNodeTest.java => Shimple1Test.java} (97%) create mode 100644 src/systemTest/java/soot/shimple/Shimple2Test.java rename src/systemTest/targets/soot/shimple/{PhiNodeTestInput.java => ShimpleTestInput.java} (89%) diff --git a/src/systemTest/java/soot/shimple/PhiNodeTest.java b/src/systemTest/java/soot/shimple/Shimple1Test.java similarity index 97% rename from src/systemTest/java/soot/shimple/PhiNodeTest.java rename to src/systemTest/java/soot/shimple/Shimple1Test.java index d291cca441d..da8762722a4 100644 --- a/src/systemTest/java/soot/shimple/PhiNodeTest.java +++ b/src/systemTest/java/soot/shimple/Shimple1Test.java @@ -55,10 +55,12 @@ * @author Timothy Hoffman */ @PowerMockIgnore({ "com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "org.w3c.*" }) -public class PhiNodeTest extends AbstractTestingFramework { +public class Shimple1Test extends AbstractTestingFramework { private static final boolean DEBUG_PRINT = false; + private static final String TEST_CLASS = "soot.shimple.ShimpleTestInput"; + @Override protected void setupSoot() { final Options opts = Options.v(); @@ -72,15 +74,14 @@ protected void setupSoot() { } @Test - public void testComplexPhi_A() throws Exception { - final String TEST_CLASS = "soot.shimple.PhiNodeTestInput"; + public void testComplexPhi_1A() throws Exception { final String TEST_METHOD = "sync"; SootMethod m = prepareTarget(methodSigFromComponents(TEST_CLASS, "boolean", TEST_METHOD), TEST_CLASS); Body b = m.retrieveActiveBody(); if (DEBUG_PRINT) { - System.out.println("[testComplexPhi_A] " + b.getClass().getName() + " = " + b); + System.out.println("[testComplexPhi_1A] " + b.getClass().getName() + " = " + b); } Assert.assertTrue(b instanceof JimpleBody); @@ -109,15 +110,14 @@ public void testComplexPhi_A() throws Exception { } @Test - public void testComplexPhi_B() throws Exception { - final String TEST_CLASS = "soot.shimple.PhiNodeTestInput"; + public void testComplexPhi_1B() throws Exception { final String TEST_METHOD = "hasMethod"; SootMethod m = prepareTarget(methodSigFromComponents(TEST_CLASS, "java.lang.Class", TEST_METHOD), TEST_CLASS); Body b = m.retrieveActiveBody(); if (DEBUG_PRINT) { - System.out.println("[testComplexPhi_B] " + b.getClass().getName() + " = " + b); + System.out.println("[testComplexPhi_1B] " + b.getClass().getName() + " = " + b); } Assert.assertTrue(b instanceof JimpleBody); @@ -146,15 +146,14 @@ public void testComplexPhi_B() throws Exception { } @Test - public void testComplexPhi_C() throws Exception { - final String TEST_CLASS = "soot.shimple.PhiNodeTestInput"; + public void testComplexPhi_1C() throws Exception { final String TEST_METHOD = "readProp"; SootMethod m = prepareTarget(methodSigFromComponents(TEST_CLASS, "java.io.InputStream", TEST_METHOD), TEST_CLASS); Body b = m.retrieveActiveBody(); if (DEBUG_PRINT) { - System.out.println("[testComplexPhi_C] " + b.getClass().getName() + " = " + b); + System.out.println("[testComplexPhi_1C] " + b.getClass().getName() + " = " + b); } Assert.assertTrue(b instanceof JimpleBody); diff --git a/src/systemTest/java/soot/shimple/Shimple2Test.java b/src/systemTest/java/soot/shimple/Shimple2Test.java new file mode 100644 index 00000000000..7a36ffcd18b --- /dev/null +++ b/src/systemTest/java/soot/shimple/Shimple2Test.java @@ -0,0 +1,101 @@ +package soot.shimple; + +/*- + * #%L + * Soot - a J*va Optimization Framework + * %% + * Copyright (C) 2021 Timothy Hoffman + * %% + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation, either version 2.1 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Lesser Public License for more details. + * + * You should have received a copy of the GNU General Lesser Public + * License along with this program. If not, see + * . + * #L% + */ +import java.util.ArrayList; +import java.util.List; + +import org.junit.Assert; +import org.junit.Test; +import org.powermock.core.classloader.annotations.PowerMockIgnore; + +import soot.Body; +import soot.SootMethod; +import soot.jimple.JimpleBody; +import soot.options.Options; +import soot.testing.framework.AbstractTestingFramework; +import soot.validation.CheckInitValidator; +import soot.validation.UsesValidator; +import soot.validation.ValidationException; + +/** + * @author Timothy Hoffman + */ +@PowerMockIgnore({ "com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "org.w3c.*" }) +public class Shimple2Test extends AbstractTestingFramework { + + private static final boolean DEBUG_PRINT = true; + + private static final String TEST_CLASS = "soot.shimple.ShimpleTestInput"; + + @Override + protected void setupSoot() { + final Options opts = Options.v(); + + // Ensure Shimple form is generated to trigger the bug + opts.set_via_shimple(true); + + // Enable Jimple optimization pack to demonstrate that some combination of + // optimizations can still cause a java.lang.VerifyError. + opts.setPhaseOption("jop", "enabled:true"); + + if (DEBUG_PRINT) { + opts.setPhaseOption("jb", "use-original-names:true"); + } + } + + @Test + public void testComplexPhi_2A() throws Exception { + final String TEST_METHOD = "sync"; + + SootMethod m = prepareTarget(methodSigFromComponents(TEST_CLASS, "boolean", TEST_METHOD), TEST_CLASS); + + Body b = m.retrieveActiveBody(); + if (DEBUG_PRINT) { + System.out.println("[testComplexPhi_2A] " + b.getClass().getName() + " = " + b); + } + Assert.assertTrue(b instanceof JimpleBody); + + // Ensure that the Soot validators pass + { + List exceptions = new ArrayList<>(); + CheckInitValidator.v().validate(b, exceptions); + UsesValidator.v().validate(b, exceptions); + if (DEBUG_PRINT) { + for (ValidationException e : exceptions) { + System.out.println(e); + } + } + Assert.assertTrue(exceptions.isEmpty()); + } + + // Convert the body to a runnable classfile, run, and test output. + Class c = generateClass(m.getDeclaringClass()); + + // If the generated bytecode does not pass JVM bytecode verifier, then + // an exception will occur when trying to create a new instance. + Object cInstance = c.newInstance(); + + Object retVal = c.getMethod(TEST_METHOD).invoke(cInstance); + Assert.assertEquals(Boolean.FALSE, retVal); + } +} diff --git a/src/systemTest/targets/soot/shimple/PhiNodeTestInput.java b/src/systemTest/targets/soot/shimple/ShimpleTestInput.java similarity index 89% rename from src/systemTest/targets/soot/shimple/PhiNodeTestInput.java rename to src/systemTest/targets/soot/shimple/ShimpleTestInput.java index 6cbdc344852..ba0cdcdc4e8 100644 --- a/src/systemTest/targets/soot/shimple/PhiNodeTestInput.java +++ b/src/systemTest/targets/soot/shimple/ShimpleTestInput.java @@ -30,7 +30,7 @@ /** * @author Timothy Hoffman */ -public class PhiNodeTestInput { +public class ShimpleTestInput { public boolean sync() throws Exception { boolean success = false; @@ -58,7 +58,7 @@ public Class hasMethod() { Class clazz = null; try { if (clazz == null) { - clazz = PhiNodeTestInput.class; + clazz = ShimpleTestInput.class; } clazz.getDeclaredMethod("toString"); } catch (NoSuchMethodException ex) { @@ -79,7 +79,7 @@ public InputStream readProp() { } /** - * Run this test from the command line as "java -cp soot\target\systemTest-target-classes soot.shimple.PhiNodeTestInput" + * Run this test from the command line as "java -cp soot\target\systemTest-target-classes soot.shimple.ShimpleTestInput" * and observe that it runs without error and prints "false" and then "true" to the command line. * * @param args @@ -87,7 +87,7 @@ public InputStream readProp() { * @throws Exception */ public static void main(String[] args) throws Exception { - System.out.println(new PhiNodeTestInput().sync()); - System.out.println(new PhiNodeTestInput().hasMethod() == PhiNodeTestInput.class); + System.out.println(new ShimpleTestInput().sync()); + System.out.println(new ShimpleTestInput().hasMethod() == ShimpleTestInput.class); } } From d32a3cb55060f1bf036ff8fa27fef88f8c5ea172 Mon Sep 17 00:00:00 2001 From: Timothy Hoffman <4001421+tim-hoffman@users.noreply.github.com> Date: Tue, 29 Jun 2021 19:35:34 -0500 Subject: [PATCH 08/14] make validators use "Full" graph to align with JVM verifier logic --- .../graph/FullExceptionalUnitGraph.java | 29 +++++++++++++++++-- .../soot/validation/CheckInitValidator.java | 3 +- .../java/soot/validation/UsesValidator.java | 14 ++++----- 3 files changed, 35 insertions(+), 11 deletions(-) diff --git a/src/main/java/soot/toolkits/graph/FullExceptionalUnitGraph.java b/src/main/java/soot/toolkits/graph/FullExceptionalUnitGraph.java index f4c0523ba0a..d83c7f295d3 100644 --- a/src/main/java/soot/toolkits/graph/FullExceptionalUnitGraph.java +++ b/src/main/java/soot/toolkits/graph/FullExceptionalUnitGraph.java @@ -50,10 +50,35 @@ public class FullExceptionalUnitGraph extends ExceptionalUnitGraph { public FullExceptionalUnitGraph(Body body) { - super(body); // Set 'omitExceptingUnitEdges' as false and use PedanticThrowAnalysis // so that all units will have an edge into exception handler blocks. - initialize(PedanticThrowAnalysis.v(), false); + this(body, PedanticThrowAnalysis.v(), false); + } + + /** + * IMPORTANT: This constructor should be used with care because the {@link ThrowAnalysis} should normally be + * {@link PedanticThrowAnalysis} for the most accurate result (this is what the recommended constructor + * {@link #FullExceptionalUnitGraph(soot.Body)} uses). + * + * @param body + * @param ta + */ + public FullExceptionalUnitGraph(Body body, ThrowAnalysis ta) { + this(body, ta, false); + } + + /** + * IMPORTANT: This constructor should be used with care because the {@link ThrowAnalysis} should normally be + * {@link PedanticThrowAnalysis} and 'omitExceptingUnitEdges' should normally be 'false' for the most accurate result (this + * is what the recommended constructor {@link #FullExceptionalUnitGraph(soot.Body)} uses). + * + * @param body + * @param ta + * @param omitExceptingUnitEdges + */ + public FullExceptionalUnitGraph(Body body, ThrowAnalysis ta, boolean omitExceptingUnitEdges) { + super(body); + initialize(ta, omitExceptingUnitEdges); } @Override diff --git a/src/main/java/soot/validation/CheckInitValidator.java b/src/main/java/soot/validation/CheckInitValidator.java index f28c85d128e..02af47f053d 100644 --- a/src/main/java/soot/validation/CheckInitValidator.java +++ b/src/main/java/soot/validation/CheckInitValidator.java @@ -31,6 +31,7 @@ import soot.ValueBox; import soot.toolkits.exceptions.ThrowAnalysisFactory; import soot.toolkits.graph.ExceptionalUnitGraph; +import soot.toolkits.graph.FullExceptionalUnitGraph; import soot.toolkits.scalar.FlowSet; import soot.toolkits.scalar.InitAnalysis; @@ -43,7 +44,7 @@ public static CheckInitValidator v() { @Override public void validate(Body body, List exception) { - ExceptionalUnitGraph g = new ExceptionalUnitGraph(body, ThrowAnalysisFactory.checkInitThrowAnalysis(), false); + ExceptionalUnitGraph g = new FullExceptionalUnitGraph(body, ThrowAnalysisFactory.checkInitThrowAnalysis()); InitAnalysis analysis = new InitAnalysis(g); for (Unit s : body.getUnits()) { diff --git a/src/main/java/soot/validation/UsesValidator.java b/src/main/java/soot/validation/UsesValidator.java index 14d272269a6..f7357b34693 100644 --- a/src/main/java/soot/validation/UsesValidator.java +++ b/src/main/java/soot/validation/UsesValidator.java @@ -22,8 +22,9 @@ * #L% */ -import java.util.Collection; +import java.util.HashSet; import java.util.List; +import java.util.Set; import soot.Body; import soot.G; @@ -31,9 +32,7 @@ import soot.Unit; import soot.Value; import soot.ValueBox; -import soot.toolkits.exceptions.PedanticThrowAnalysis; -import soot.toolkits.exceptions.ThrowAnalysis; -import soot.toolkits.graph.ExceptionalUnitGraph; +import soot.toolkits.graph.FullExceptionalUnitGraph; import soot.toolkits.graph.UnitGraph; import soot.toolkits.scalar.LocalDefs; @@ -74,11 +73,10 @@ public void validate(Body body, List exception) { // Note that unreachable traps can be removed by setting jb.uce's // "remove-unreachable-traps" option to true. - ThrowAnalysis throwAnalysis = PedanticThrowAnalysis.v(); - UnitGraph g = new ExceptionalUnitGraph(body, throwAnalysis, false); - LocalDefs ld = G.v().soot_toolkits_scalar_LocalDefsFactory().newLocalDefs(g, true); + final UnitGraph g = new FullExceptionalUnitGraph(body); + final LocalDefs ld = G.v().soot_toolkits_scalar_LocalDefsFactory().newLocalDefs(g, true); + final Set locals = new HashSet<>(body.getLocals()); - Collection locals = body.getLocals(); for (Unit u : body.getUnits()) { for (ValueBox box : u.getUseBoxes()) { Value v = box.getValue(); From b8ded6d97f775ee8c8cfa2a53f9e3b8e9c1ec9b8 Mon Sep 17 00:00:00 2001 From: Timothy Hoffman <4001421+tim-hoffman@users.noreply.github.com> Date: Tue, 29 Jun 2021 19:35:58 -0500 Subject: [PATCH 09/14] Fix CopyProp and DAE to resolve the failed test --- .../toolkits/scalar/CopyPropagator.java | 235 +++++++++--------- .../scalar/DeadAssignmentEliminator.java | 6 +- .../java/soot/shimple/Shimple2Test.java | 4 +- 3 files changed, 119 insertions(+), 126 deletions(-) diff --git a/src/main/java/soot/jimple/toolkits/scalar/CopyPropagator.java b/src/main/java/soot/jimple/toolkits/scalar/CopyPropagator.java index 2b067a2494c..4810bb39cf4 100644 --- a/src/main/java/soot/jimple/toolkits/scalar/CopyPropagator.java +++ b/src/main/java/soot/jimple/toolkits/scalar/CopyPropagator.java @@ -57,7 +57,7 @@ import soot.tagkit.SourceLnPosTag; import soot.tagkit.Tag; import soot.toolkits.exceptions.ThrowAnalysis; -import soot.toolkits.graph.ExceptionalUnitGraph; +import soot.toolkits.graph.FullExceptionalUnitGraph; import soot.toolkits.graph.PseudoTopologicalOrderer; import soot.toolkits.graph.UnitGraph; import soot.toolkits.scalar.LocalDefs; @@ -65,19 +65,20 @@ public class CopyPropagator extends BodyTransformer { private static final Logger logger = LoggerFactory.getLogger(CopyPropagator.class); - protected ThrowAnalysis throwAnalysis = null; - protected boolean forceOmitExceptingUnitEdges = false; + protected final ThrowAnalysis throwAnalysis; + protected final boolean forceOmitExceptingUnitEdges; public CopyPropagator(Singletons.Global g) { + this(null, false); } public CopyPropagator(ThrowAnalysis ta) { - this.throwAnalysis = ta; + this(ta, false); } public CopyPropagator(ThrowAnalysis ta, boolean forceOmitExceptingUnitEdges) { this.throwAnalysis = ta; - this.forceOmitExceptingUnitEdges = forceOmitExceptingUnitEdges; + this.forceOmitExceptingUnitEdges = forceOmitExceptingUnitEdges ? true : Options.v().omit_excepting_unit_edges(); } public static CopyPropagator v() { @@ -104,7 +105,6 @@ protected void internalTransform(Body b, String phaseName, Map o if (Options.v().verbose()) { logger.debug("[" + b.getMethod().getName() + "] Propagating copies..."); } - if (Options.v().time()) { Timers.v().propagatorTimer.start(); } @@ -123,149 +123,144 @@ protected void internalTransform(Body b, String phaseName, Map o } } - if (throwAnalysis == null) { - throwAnalysis = Scene.v().getDefaultThrowAnalysis(); - } + // Go through the definitions, building the webs + int fastCopyPropagationCount = 0; + int slowCopyPropagationCount = 0; - if (!forceOmitExceptingUnitEdges) { - forceOmitExceptingUnitEdges = Options.v().omit_excepting_unit_edges(); + ThrowAnalysis ta = this.throwAnalysis; + if (ta == null) { + // NOTE: the CopyPropagator constructor should not call "Scene.v()" + // thus, this condition check must remain here. + ta = Scene.v().getDefaultThrowAnalysis(); } - - { - // Go through the definitions, building the webs - int fastCopyPropagationCount = 0; - int slowCopyPropagationCount = 0; - - UnitGraph graph = new ExceptionalUnitGraph(b, throwAnalysis, forceOmitExceptingUnitEdges); - LocalDefs localDefs = G.v().soot_toolkits_scalar_LocalDefsFactory().newLocalDefs(graph); - CPOptions options = new CPOptions(opts); - // Perform a local propagation pass. - for (Unit u : (new PseudoTopologicalOrderer()).newList(graph, false)) { - for (ValueBox useBox : u.getUseBoxes()) { - Value value = useBox.getValue(); - if (value instanceof Local) { - Local l = (Local) value; - - // We force propagating nulls. If a target can only be - // null due to typing, we always inline that constant. - if (!(l.getType() instanceof NullType)) { - if (options.only_regular_locals() && l.getName().startsWith("$")) { - continue; - } - if (options.only_stack_locals() && !l.getName().startsWith("$")) { - continue; - } + UnitGraph graph = new FullExceptionalUnitGraph(b, ta, forceOmitExceptingUnitEdges); + LocalDefs localDefs = G.v().soot_toolkits_scalar_LocalDefsFactory().newLocalDefs(graph); + CPOptions options = new CPOptions(opts); + // Perform a local propagation pass. + for (Unit u : (new PseudoTopologicalOrderer()).newList(graph, false)) { + for (ValueBox useBox : u.getUseBoxes()) { + Value value = useBox.getValue(); + if (value instanceof Local) { + Local l = (Local) value; + + // We force propagating nulls. If a target can only be + // null due to typing, we always inline that constant. + if (!(l.getType() instanceof NullType)) { + if (options.only_regular_locals() && l.getName().startsWith("$")) { + continue; } + if (options.only_stack_locals() && !l.getName().startsWith("$")) { + continue; + } + } - // We can propagate the definition if we either only have one definition - // or all definitions are side-effect free and equal. For starters, we - // only support constants in the case of multiple definitions. - List defsOfUse = localDefs.getDefsOfAt(l, u); - boolean propagateDef = defsOfUse.size() == 1; - if (!propagateDef && defsOfUse.size() > 0) { - boolean agrees = true; - Constant constVal = null; - for (Unit defUnit : defsOfUse) { - boolean defAgrees = false; - if (defUnit instanceof AssignStmt) { - Value rightOp = ((AssignStmt) defUnit).getRightOp(); - if (rightOp instanceof Constant) { - if (constVal == null) { - constVal = (Constant) rightOp; - defAgrees = true; - } else if (constVal.equals(rightOp)) { - defAgrees = true; - } + // We can propagate the definition if we either only have one definition + // or all definitions are side-effect free and equal. For starters, we + // only support constants in the case of multiple definitions. + List defsOfUse = localDefs.getDefsOfAt(l, u); + boolean propagateDef = defsOfUse.size() == 1; + if (!propagateDef && defsOfUse.size() > 0) { + boolean agrees = true; + Constant constVal = null; + for (Unit defUnit : defsOfUse) { + boolean defAgrees = false; + if (defUnit instanceof AssignStmt) { + Value rightOp = ((AssignStmt) defUnit).getRightOp(); + if (rightOp instanceof Constant) { + if (constVal == null) { + constVal = (Constant) rightOp; + defAgrees = true; + } else if (constVal.equals(rightOp)) { + defAgrees = true; } } - agrees &= defAgrees; } - propagateDef = agrees; + agrees &= defAgrees; } + propagateDef = agrees; + } - if (propagateDef) { - final DefinitionStmt def = (DefinitionStmt) defsOfUse.get(0); - final Value rightOp = def.getRightOp(); + if (propagateDef) { + final DefinitionStmt def = (DefinitionStmt) defsOfUse.get(0); + final Value rightOp = def.getRightOp(); - if (rightOp instanceof Constant) { - if (useBox.canContainValue(rightOp)) { - useBox.setValue(rightOp); - copyLineTags(useBox, def); - } - } else if (rightOp instanceof CastExpr) { - CastExpr ce = (CastExpr) rightOp; - if (ce.getCastType() instanceof RefLikeType) { - Value op = ce.getOp(); - if ((op instanceof IntConstant && ((IntConstant) op).value == 0) - || (op instanceof LongConstant && ((LongConstant) op).value == 0)) { - if (useBox.canContainValue(NullConstant.v())) { - useBox.setValue(NullConstant.v()); - copyLineTags(useBox, def); - } - } - } - } else if (rightOp instanceof Local) { - Local m = (Local) rightOp; - if (l != m) { - Integer defCount = localToDefCount.get(m); - if (defCount == null || defCount == 0) { - throw new RuntimeException("Variable " + m + " used without definition!"); - } else if (defCount == 1) { - useBox.setValue(m); + if (rightOp instanceof Constant) { + if (useBox.canContainValue(rightOp)) { + useBox.setValue(rightOp); + copyLineTags(useBox, def); + } + } else if (rightOp instanceof CastExpr) { + CastExpr ce = (CastExpr) rightOp; + if (ce.getCastType() instanceof RefLikeType) { + Value op = ce.getOp(); + if ((op instanceof IntConstant && ((IntConstant) op).value == 0) + || (op instanceof LongConstant && ((LongConstant) op).value == 0)) { + if (useBox.canContainValue(NullConstant.v())) { + useBox.setValue(NullConstant.v()); copyLineTags(useBox, def); - fastCopyPropagationCount++; - continue; } + } + } + } else if (rightOp instanceof Local) { + Local m = (Local) rightOp; + if (l != m) { + Integer defCount = localToDefCount.get(m); + if (defCount == null || defCount == 0) { + throw new RuntimeException("Variable " + m + " used without definition!"); + } else if (defCount == 1) { + useBox.setValue(m); + copyLineTags(useBox, def); + fastCopyPropagationCount++; + continue; + } - List path = graph.getExtendedBasicBlockPathBetween(def, u); - if (path == null) { - // no path in the extended basic block - continue; - } + List path = graph.getExtendedBasicBlockPathBetween(def, u); + if (path == null) { + // no path in the extended basic block + continue; + } - { - boolean isRedefined = false; + { + boolean isRedefined = false; - Iterator pathIt = path.iterator(); - // Skip first node - pathIt.next(); - // Make sure that m is not redefined along path - while (pathIt.hasNext()) { - Stmt s = (Stmt) pathIt.next(); + Iterator pathIt = path.iterator(); + // Skip first node + pathIt.next(); + // Make sure that m is not redefined along path + while (pathIt.hasNext()) { + Stmt s = (Stmt) pathIt.next(); - if (u == s) { - // Don't look at the last statement - // since it is evaluated after the uses. + if (u == s) { + // Don't look at the last statement + // since it is evaluated after the uses. + break; + } + if (s instanceof DefinitionStmt) { + if (((DefinitionStmt) s).getLeftOp() == m) { + isRedefined = true; break; } - if (s instanceof DefinitionStmt) { - if (((DefinitionStmt) s).getLeftOp() == m) { - isRedefined = true; - break; - } - } - } - - if (isRedefined) { - continue; } } - useBox.setValue(m); - slowCopyPropagationCount++; + if (isRedefined) { + continue; + } } + + useBox.setValue(m); + slowCopyPropagationCount++; } } } } } - - if (Options.v().verbose()) { - logger.debug("[" + b.getMethod().getName() + "] Propagated: " + fastCopyPropagationCount + " fast copies " - + slowCopyPropagationCount + " slow copies"); - } } + if (Options.v().verbose()) { + logger.debug("[" + b.getMethod().getName() + "] Propagated: " + fastCopyPropagationCount + " fast copies " + + slowCopyPropagationCount + " slow copies"); + } if (Options.v().time()) { Timers.v().propagatorTimer.end(); } diff --git a/src/main/java/soot/jimple/toolkits/scalar/DeadAssignmentEliminator.java b/src/main/java/soot/jimple/toolkits/scalar/DeadAssignmentEliminator.java index 7560748bec3..4a0be779bbb 100644 --- a/src/main/java/soot/jimple/toolkits/scalar/DeadAssignmentEliminator.java +++ b/src/main/java/soot/jimple/toolkits/scalar/DeadAssignmentEliminator.java @@ -72,8 +72,6 @@ import soot.jimple.RemExpr; import soot.jimple.Stmt; import soot.options.Options; -import soot.shimple.ShimpleBody; -import soot.toolkits.graph.ExceptionalUnitGraph; import soot.toolkits.graph.FullExceptionalUnitGraph; import soot.toolkits.scalar.LocalDefs; import soot.toolkits.scalar.LocalUses; @@ -240,8 +238,8 @@ protected void internalTransform(Body b, String phaseName, Map o // Add all the statements which are used to compute values // for the essential statements, recursively - final LocalDefs localDefs = G.v().soot_toolkits_scalar_LocalDefsFactory() - .newLocalDefs(b instanceof ShimpleBody ? new FullExceptionalUnitGraph(b) : new ExceptionalUnitGraph(b)); + final LocalDefs localDefs = + G.v().soot_toolkits_scalar_LocalDefsFactory().newLocalDefs(new FullExceptionalUnitGraph(b)); if (!allEssential) { Set essential = new HashSet(units.size()); diff --git a/src/systemTest/java/soot/shimple/Shimple2Test.java b/src/systemTest/java/soot/shimple/Shimple2Test.java index 7a36ffcd18b..899f287aabc 100644 --- a/src/systemTest/java/soot/shimple/Shimple2Test.java +++ b/src/systemTest/java/soot/shimple/Shimple2Test.java @@ -54,8 +54,8 @@ protected void setupSoot() { // Ensure Shimple form is generated to trigger the bug opts.set_via_shimple(true); - // Enable Jimple optimization pack to demonstrate that some combination of - // optimizations can still cause a java.lang.VerifyError. + // Enable Jimple optimization pack to demonstrate that both the DeadAssignmentEliminator and CopyPropagator can still + // cause a java.lang.VerifyError when the exception table contains subsumed exceptions and -via-shimple was used. opts.setPhaseOption("jop", "enabled:true"); if (DEBUG_PRINT) { From 33b54b382df0178a45a5cfd6487a6601edce5a75 Mon Sep 17 00:00:00 2001 From: Timothy Hoffman <4001421+tim-hoffman@users.noreply.github.com> Date: Tue, 29 Jun 2021 19:53:45 -0500 Subject: [PATCH 10/14] disable printing --- src/systemTest/java/soot/shimple/Shimple2Test.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/systemTest/java/soot/shimple/Shimple2Test.java b/src/systemTest/java/soot/shimple/Shimple2Test.java index 899f287aabc..8db9799b98b 100644 --- a/src/systemTest/java/soot/shimple/Shimple2Test.java +++ b/src/systemTest/java/soot/shimple/Shimple2Test.java @@ -43,7 +43,7 @@ @PowerMockIgnore({ "com.sun.org.apache.xerces.*", "javax.xml.*", "org.xml.*", "org.w3c.*" }) public class Shimple2Test extends AbstractTestingFramework { - private static final boolean DEBUG_PRINT = true; + private static final boolean DEBUG_PRINT = false; private static final String TEST_CLASS = "soot.shimple.ShimpleTestInput"; From ba37c59883476d112e649fc9a694ec23bc1e3e8a Mon Sep 17 00:00:00 2001 From: Timothy Hoffman <4001421+tim-hoffman@users.noreply.github.com> Date: Tue, 29 Jun 2021 20:44:54 -0500 Subject: [PATCH 11/14] simplify message --- src/main/java/soot/validation/CheckInitValidator.java | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/main/java/soot/validation/CheckInitValidator.java b/src/main/java/soot/validation/CheckInitValidator.java index 02af47f053d..3564ae00ff3 100644 --- a/src/main/java/soot/validation/CheckInitValidator.java +++ b/src/main/java/soot/validation/CheckInitValidator.java @@ -54,9 +54,8 @@ public void validate(Body body, List exception) { if (v instanceof Local) { Local l = (Local) v; if (!init.contains(l)) { - exception.add( - new ValidationException(s, "Local variable " + l.getName() + " is not definitively defined at this point", - "Warning: Local variable " + l + " not definitely defined at " + s + " in " + body.getMethod())); + String pfx = "Local variable " + l.getName() + " is not definitively defined at "; + exception.add(new ValidationException(s, pfx + "this point", "Warning: " + pfx + s + " in " + body.getMethod())); } } } From 7421bb2b626e0888c03a7643780b11698bc6caf9 Mon Sep 17 00:00:00 2001 From: Timothy Hoffman <4001421+tim-hoffman@users.noreply.github.com> Date: Thu, 1 Jul 2021 16:38:19 -0500 Subject: [PATCH 12/14] remove redundant list creation and modernize FastColorer --- .../soot/toolkits/scalar/FastColorer.java | 36 +++++++++---------- 1 file changed, 17 insertions(+), 19 deletions(-) diff --git a/src/main/java/soot/toolkits/scalar/FastColorer.java b/src/main/java/soot/toolkits/scalar/FastColorer.java index 23ace60ae0c..5f240b4fc90 100644 --- a/src/main/java/soot/toolkits/scalar/FastColorer.java +++ b/src/main/java/soot/toolkits/scalar/FastColorer.java @@ -63,10 +63,10 @@ public static void unsplitAssignColorsToLocals(Body unitBody, Map final UnitInterferenceGraph intGraph = new UnitInterferenceGraph(unitBody, localToGroup, new SimpleLiveLocals(unitGraph), unitGraph); - Map localToOriginalName = new HashMap(); + Map localToOriginalName = new HashMap<>(); // Map each local variable to its original name - for (Local local : intGraph.getLocals()) { + for (Local local : unitBody.getLocals()) { String name = local.getName(); int signIndex = name.indexOf('#'); if (signIndex >= 0) { @@ -76,12 +76,12 @@ public static void unsplitAssignColorsToLocals(Body unitBody, Map } // maps an original name to the colors being used for it - Map> originalNameAndGroupToColors = new HashMap>(); + Map> originalNameAndGroupToColors = new HashMap<>(); // Assign a color for each local. { int[] freeColors = new int[10]; - for (Local local : intGraph.getLocals()) { + for (Local local : unitBody.getLocals()) { if (localToColor.containsKey(local)) { // Already assigned, probably a parameter continue; @@ -115,7 +115,7 @@ public static void unsplitAssignColorsToLocals(Body unitBody, Map StringGroupPair key = new StringGroupPair(localToOriginalName.get(local), group); List originalNameColors = originalNameAndGroupToColors.get(key); if (originalNameColors == null) { - originalNameColors = new ArrayList(); + originalNameColors = new ArrayList<>(); originalNameAndGroupToColors.put(key, originalNameColors); } @@ -157,7 +157,7 @@ public static void assignColorsToLocals(Body unitBody, Map localTo // Sort the locals first to maximize the locals per color. We first // assign those locals that have many conflicts and then assign the // easier ones to those color groups. - List sortedLocals = new ArrayList(intGraph.getLocals()); + List sortedLocals = new ArrayList<>(unitBody.getLocals()); Collections.sort(sortedLocals, new Comparator() { @Override public int compare(Local o1, Local o2) { @@ -208,18 +208,18 @@ public int compare(Local o1, Local o2) { } } - /** Implementation of a unit interference graph. */ + /** + * Implementation of a unit interference graph. + */ private static class UnitInterferenceGraph { // Maps a local to its interfering locals. final Map> localToLocals; - final List locals; public UnitInterferenceGraph(Body body, Map localToGroup, LiveLocals liveLocals, ExceptionalUnitGraph unitGraph) { - this.locals = new ArrayList(body.getLocals()); - this.localToLocals = new HashMap>(body.getLocalCount() * 2 + 1, 0.7f); + this.localToLocals = new HashMap<>(body.getLocalCount() * 2 + 1, 0.7f); // Go through code, noting interferences for (Unit unit : body.getUnits()) { @@ -259,7 +259,7 @@ public UnitInterferenceGraph(Body body, Map localToGrou if (defValue instanceof Local) { Local defLocal = (Local) defValue; - Set liveLocalsAtUnit = new HashSet(); + Set liveLocalsAtUnit = new HashSet<>(); for (Unit succ : unitGraph.getSuccsOf(unit)) { liveLocalsAtUnit.addAll(liveLocals.getLiveLocalsBefore(succ)); } @@ -274,16 +274,12 @@ public UnitInterferenceGraph(Body body, Map localToGrou } } - public List getLocals() { - return locals; - } - - public void setInterference(Local l1, Local l2) { + private void setInterference(Local l1, Local l2) { // We need the mapping in both directions // l1 -> l2 Set locals = localToLocals.get(l1); if (locals == null) { - locals = new ArraySet(); + locals = new ArraySet<>(); localToLocals.put(l1, locals); } locals.add(l2); @@ -291,7 +287,7 @@ public void setInterference(Local l1, Local l2) { // l2 -> l1 locals = localToLocals.get(l2); if (locals == null) { - locals = new ArraySet(); + locals = new ArraySet<>(); localToLocals.put(l2, locals); } locals.add(l1); @@ -312,7 +308,9 @@ public Local[] getInterferencesOf(Local l) { } } - /** Binds together a String and a Group. */ + /** + * Binds together a String and a Group. + */ private static class StringGroupPair { private final String string; private final Object group; From 38b3d414ddce4927e54e90b5a14a450974729ed3 Mon Sep 17 00:00:00 2001 From: Timothy Hoffman <4001421+tim-hoffman@users.noreply.github.com> Date: Tue, 6 Jul 2021 12:06:16 -0500 Subject: [PATCH 13/14] remove incorrect comment --- src/systemTest/java/soot/shimple/Shimple1Test.java | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/systemTest/java/soot/shimple/Shimple1Test.java b/src/systemTest/java/soot/shimple/Shimple1Test.java index da8762722a4..7e05242b442 100644 --- a/src/systemTest/java/soot/shimple/Shimple1Test.java +++ b/src/systemTest/java/soot/shimple/Shimple1Test.java @@ -455,10 +455,6 @@ private int testStdLibRun(String rtJar, List checkClasses, boolean useSh return success; } - /** - * - * @param classPath - */ private Scene customSetupLib(String rtJar, List classNames, boolean useShimple) { G.reset(); From 5c8df49cbe53d231d0ac56af0038bdb71e9ce872 Mon Sep 17 00:00:00 2001 From: Timothy Hoffman <4001421+tim-hoffman@users.noreply.github.com> Date: Tue, 6 Jul 2021 13:55:42 -0500 Subject: [PATCH 14/14] remove methods from Shimple1Test that moved to AbstractTestingFramework --- .../java/soot/shimple/Shimple1Test.java | 46 ------------------- 1 file changed, 46 deletions(-) diff --git a/src/systemTest/java/soot/shimple/Shimple1Test.java b/src/systemTest/java/soot/shimple/Shimple1Test.java index 7e05242b442..41ea7ec1394 100644 --- a/src/systemTest/java/soot/shimple/Shimple1Test.java +++ b/src/systemTest/java/soot/shimple/Shimple1Test.java @@ -489,50 +489,4 @@ private Scene customSetupLib(String rtJar, List classNames, boolean useS runSoot(); return scene; } - - /** - * @param sc - * @param className - * @param resolvingLevel - * one of the constants defined in {@link SootClass} - * - * @return the {@link SootClass} with the given name - * - * @see SootClass#DANGLING - * @see SootClass#HIERARCHY - * @see SootClass#SIGNATURES - * @see SootClass#BODIES - */ - private static SootClass getOrResolveSootClass(Scene sc, String className, int resolvingLevel) { - Assert.assertNotNull(className); - if (sc.containsClass(className)) { - SootClass retVal = sc.getSootClass(className); - if (retVal.resolvingLevel() >= resolvingLevel && !retVal.isPhantom()) { - assertPostConditions(retVal, resolvingLevel); - return retVal; - } else { - // The forceResolve(..) will not make any change if the class is - // phantom or the resolving level is already high enough, so ensure - // those two conditions will be false before trying the resolution. - retVal.setResolvingLevel(SootClass.DANGLING); - retVal.setLibraryClass(); - } - } - SootClass retVal = sc.forceResolve(className, resolvingLevel); - retVal.setApplicationClass(); - assertPostConditions(retVal, resolvingLevel); - return retVal; - } - - private static void assertPostConditions(SootClass c, int expectLvl) { - Assert.assertNotNull(c); - Assert.assertFalse("phantom class: " + c, c.isPhantom()); - Assert.assertTrue("insufficiently resolved: (" + c.resolvingLevel() + ") " + c, c.resolvingLevel() >= expectLvl); - - for (SootMethod m : c.getMethods()) { - Assert.assertFalse("phantom method: " + m, m.isPhantom()); - Assert.assertTrue("concrete method without method body/source: " + m, - !m.isConcrete() || m.hasActiveBody() || m.getSource() != null); - } - } }