Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix the bug java.lang.IllegalArgumentException: Opcode: IPUT_OBJECT_VOLATILE #2141

Closed
wants to merge 4 commits into from
Closed

Fix the bug java.lang.IllegalArgumentException: Opcode: IPUT_OBJECT_VOLATILE #2141

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b7fe975
Fix the bug java.lang.IllegalArgumentException: Opcode: IPUT_OBJECT_V…
Jan 24, 2025
8d82016
fix the problem of stop create jimple because of :new RuntimeExceptio…
Jan 24, 2025
86ca1fe
Fix the java.util.ConcurrentModificationException during the create j…
Jan 24, 2025
06fee56
Translated Comment
Jan 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 6 additions & 11 deletions src/main/java/soot/SootClass.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1322,18 +1322,13 @@ public boolean isOpenedByModule() {
* @return the methods
*/
public Collection<SootMethod> getMethodsByNameAndParamCount(String name, int paramCount) {
List<SootMethod> result = null;
for (SootMethod m : getMethods()) {
if (m.getParameterCount() == paramCount && m.getName().equals(name)) {
if (result == null) {
result = new ArrayList<>();
List<SootMethod> result = new ArrayList<>();
// Create a copy to avoid concurrent modification
List<SootMethod> methodsCopy = new ArrayList<>(this.getMethods());
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This isn't a proper fix. The copy constructor internally iterates over the list, which can trigger the same ConcurrentModificationException. If you have a problem with concurrent modification, you need to fix the root cause.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This problem occurs when calling soot to generate jimples from jar. The current random scenario is when processing the latest version of pixel9proxl /system/framework/services.jar. This problem causes the jimple to fail to generate.

for (SootMethod m : methodsCopy) {
if (m.getName().equals(name) && m.getParameterCount() == paramCount) {
result.add(m);
}
result.add(m);
}
}

if (result == null) {
return Collections.emptyList();
}
return result;
}
Expand Down
2 changes: 2 additions & 0 deletions src/main/java/soot/dexpler/instructions/InstructionFactory.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -201,6 +201,7 @@ public static DexlibAbstractInstruction fromOpcode(Opcode op, Instruction instru

case IGET:
case IGET_OBJECT:
case IGET_OBJECT_VOLATILE:
case IGET_BOOLEAN:
case IGET_BYTE:
case IGET_CHAR:
Expand All @@ -209,6 +210,7 @@ public static DexlibAbstractInstruction fromOpcode(Opcode op, Instruction instru
return new IgetInstruction(instruction, codeAddress);
case IPUT:
case IPUT_OBJECT:
case IPUT_OBJECT_VOLATILE:
case IPUT_BOOLEAN:
case IPUT_BYTE:
case IPUT_CHAR:
Expand Down
5 changes: 4 additions & 1 deletion src/main/java/soot/jimple/toolkits/scalar/CopyPropagator.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -218,7 +218,10 @@ protected void internalTransform(Body b, String phaseName, Map<String, String> o
if (l != m) {
Integer defCount = localToDefCount.get(m);
if (defCount == null || defCount == 0) {
throw new RuntimeException("Variable " + m + " used without definition!");
if (Options.v().verbose()) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't just ignore errors. If we generate invalid code, we need to know that. Keep in mind that Soot can also write out DEX code again. If we have wrong code, the output will be invalid as well. These sanity checks are highly important.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK.I will close the PR.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I print the code of the error
Exception in thread "main" java.lang.RuntimeException: Undefined variable $u-1 in method: <com.android.server.policy.PhoneWindowManager$SwitchKeyboardLayoutMessageObject: int hashCode()>
Class: com.android.server.policy.PhoneWindowManager$SwitchKeyboardLayoutMessageObject

Method body:
1: this := @this: com.android.server.policy.PhoneWindowManager$SwitchKeyboardLayoutMessageObject
2: this.<android.apex.ApexInfo: boolean isFactory> = $u0
3: $u0 = $u0
4: $u0 = $u-1
5: return $u0

logger.debug("[" + b.getMethod().getName() + "] Skipping undefined variable: " + m);
}
continue;
} else if (defCount == 1) {
useBox.setValue(m);
copyLineTags(useBox, def);
Expand Down