search

soot-oss / SootUp

A new version of Soot with a completely overhauled architecture
https://soot-oss.github.io/SootUp/
GNU Lesser General Public License v2.1
586 stars 78 forks source link

A runtime crash bug caused by analyzing a class file #897

Closed kitty-1998 closed 7 months ago

kitty-1998 commented 7 months ago

Bug Description

I use SootUp to analyze a class kotlin.reflect.jvm.internal.impl.descriptors.runtime.structure.ReflectClassUtilKt in jar file (https://mvnrepository.com/artifact/org.jetbrains.kotlin/kotlin-reflect/1.9.20) and find a runtime crash. Kotlin-reflect is a popular and fundamental library for Kotlin programming language.

The minimized example is listed below:

The input class is attached here: Class.zip

package org.example
import kotlin.reflect.jvm.internal.impl.name.*;
val Class<*>.classId: ClassId
  get() = when {
      else -> declaringClass?.classId?.createNestedClassId(Name.identifier(simpleName)) ?: ClassId.topLevel(FqName(name))
  }

SootUp Setup

AnalysisInputLocation<JavaSootClass> classInput = new JavaClassPathAnalysisInputLocation("Path_To_Compiled_Class", SourceType.Application);
JavaProject project = JavaProject.builder(new JavaLanguage(8))
          .addInputLocation(classInput)
          .addInputLocation(javaBaseInputLocation)
          .build();
JavaView view = project.createView();

To reproduce Run SootUp with the above setup and class file.

Stacktrace

java.lang.RuntimeException: Failed to convert <org.example.MainKt: kotlin.reflect.jvm.internal.impl.name.ClassId getClassId(java.lang.Class)>
        at sootup.java.bytecode.frontend.AsmMethodSource.resolveBody(AsmMethodSource.java:216)
        at sootup.core.model.SootMethod.lazyBodyInitializer(SootMethod.java:98)
        at com.google.common.base.Suppliers$NonSerializableMemoizingSupplier.get(Suppliers.java:186)
        at sootup.core.model.SootMethod.getBody(SootMethod.java:177)
        at sootup.callgraph.AbstractCallGraphAlgorithm.resolveAllCallsFromSourceMethod(AbstractCallGraphAlgorithm.java:197)
        at sootup.callgraph.AbstractCallGraphAlgorithm.processWorkList(AbstractCallGraphAlgorithm.java:159)
        at sootup.callgraph.AbstractCallGraphAlgorithm.constructCompleteCallGraph(AbstractCallGraphAlgorithm.java:83)
        at sootup.callgraph.ClassHierarchyAnalysisAlgorithm.initialize(ClassHierarchyAnalysisAlgorithm.java:63)
        at edu.ssrlab.analysis.SootUpExecutor.runCHA(SootUpExecutor.java:125)
        at edu.ssrlab.TestMutiFolder.testSootUpCHA(TestMutiFolder.java:70)
        at java.base/java.lang.reflect.Method.invoke(Method.java:568)
        at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)
        at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)
......
swissiety commented 7 months ago

Hi @kitty-1998, which version of SootUp do you use?

kitty-1998 commented 7 months ago

Hi @kitty-1998, which version of SootUp do you use?

Hi, @swissiety I used the lastest version 1.1.2.

swissiety commented 7 months ago

Ok, please try the latest develop state - It should work with it - in other words: I was not able to reproduce the error with your input from the zip.

JonasKlauke commented 7 months ago

I assume that it crashes because of the empty if branch in the if operator. I dont know kotlin but "?:" is probaly the if operator or? could you fill in something in the if branch and test it again

kitty-1998 commented 7 months ago

Thanks for your reply, it seems that the bug has been fixed in the develop branch 5af272dcda that was released on Apr 4. So, I close the issue.