[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Soot bugs when first Unit is a target

To: Archie Cobbs <archie@dellroad.org>, soot-list@sable.mcgill.ca
Subject: Re: Soot bugs when first Unit is a target
From: Venkatesh Prasad Ranganath <vranganath@sbcglobal.net>
Date: Thu, 15 Jul 2004 18:25:49 -0500
In-reply-to: <200407152204.i6FM4oV9003236@arch20m.dellroad.org>
References: <200407152204.i6FM4oV9003236@arch20m.dellroad.org>
Sender: owner-soot-list@sable.mcgill.ca
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040116

Archie Cobbs wrote:

There is a rare (?) but plausible situation where the first Jimple statement in a body is also a target of a branch. This causes problems because there is some code that assumes that for targets, target.getPredOf() always returns non-null, which of course is not the case when the target is also the first Unit.

Apparently this only happens after method inlining. Not sure why.


Here's further information about this bug. I see what's happening
but still don't understand what the right fix is.

1. In ArrayBoundsCheckerAnalysis, the method buildEdgeSet() creates
  "edgeSet". In particular, it finds each node in the block graph
  with no predecessors and creates a FlowGraphEdge from that node
  to itself.

2. Later, in doAnalysis(), an entry is added in the map "edgeMap"
  corresponding to each edge in "edgeSet" (line 356). This section
  is commented "Set initial values and nodes to visit".

3. Just after that, in the section commented "perform customized
  initialization" (line 368), each "head" in the block graph is
  examined and the corresponding entry in "edgeSet" retrieved.
  When the first block in the method is retrieved, it has no
  corresponding entry in "edgeSet" and we get a NullPointerException.

The bug is that step #3 makes the assumption that a "head" in the
block graph has zero predecessors; this is not true when the first
block in the body is also a target, because while it has predecessors,
it is also a "head" (because it's the first block in the body).

Any insights into the right way to fix this are appreciated.

Thanks,
-Archie

__________________________________________________________________________
Archie Cobbs      *        CTO, Awarix        *      http://www.awarix.com

When I encountered this error while building a basic block graph in Indus, I picked the head basic block to be the one enclosing the first statement in the sequence of statement representing the body of the method. If the first statement of the method is not represented in the basic block, then all bet's are off. That is, if the graph is tweaked (as it is possible in Soot) then it is possible that this fix will yield null.

In short, it would be "right" to pick the block containing the first statement of the method as the "head" node, but this need not always be "right".

--

Venkatesh Prasad Ranganath,
Dept. Computing and Information Science,
Kansas State University, US.
web: http://www.cis.ksu.edu/~rvprasad

Follow-Ups:
- Re: Soot bugs when first Unit is a target
  - From: Archie Cobbs <archie@dellroad.org>

References:
- Re: Soot bugs when first Unit is a target
  - From: Archie Cobbs <archie@dellroad.org>

Prev by Date: Re: Soot bugs when first Unit is a target
Next by Date: Re: Soot bugs when first Unit is a target
Previous by thread: Re: Soot bugs when first Unit is a target
Next by thread: Re: Soot bugs when first Unit is a target
Index(es):
- Date
- Thread