Advanced Debugging Using Java Bytecodes

ADVANCED DEBUGGING USING JAVA BYTECODES Ganesh Samarthyam (ganesh@codeops.tech)

Don’t understand what’s under the hood?

How to debug without source code?

Java Bytecodes But this low level stuff is scary - do I wanna learn it?

Did Rose knew how to use an axe when trying to free Jack?

So, come, let’s explore the bytecodes!

(1 - (2 / 3)) + ((4 % 5) * 6) Draw the expression tree

Perform post-order traversal of the tree

1 2 3 / - 4 5 % 6 * + post-order traversal result

Use a stack for evaluating this postfix expression 1 2 3 / - 4 5 % 6 * +

1 2 3 / - 4 5 % 6 * + 1 1 2 1 2 3 1 0 Initial empty push 1 push 2 push 3 pop 3 pop 2 push 2 / 3 1 pop 0 pop 1 push 1 - 0 1 push 4 4 1 push 5 4 5 1 pop 5 pop 4 push 4 % 5 4 1 push 6 4 6 1 pop 6 pop 4 push 6 * 4 24 25 pop 24 pop 1 push 24 + 1

1 2 3 / - 4 5 % 6 * + Initial empty

1 2 3 / - 4 5 % 6 * + 1 push 1

1 2 3 / - 4 5 % 6 * + 1 2 push 2

1 2 3 / - 4 5 % 6 * + 1 2 3 push 3

1 2 3 / - 4 5 % 6 * + 1 0 pop 3 pop 2 push 2 / 3

1 2 3 / - 4 5 % 6 * + 1 pop 0 pop 1 push 1 - 0

1 2 3 / - 4 5 % 6 * + 1 push 4 4

1 2 3 / - 4 5 % 6 * + 1 push 5 4 5

1 2 3 / - 4 5 % 6 * + 1 pop 5 pop 4 push 4 % 5 4

1 2 3 / - 4 5 % 6 * + 1 push 6 4 6

1 2 3 / - 4 5 % 6 * + 1 pop 6 pop 4 push 6 * 4 24

1 2 3 / - 4 5 % 6 * + 25 pop 24 pop 1 push 24 + 1

1 2 3 / - 4 5 % 6 * + Let us give names to these operations push 1 push 2 push 3 div sub push 4 push 5 mod push 6 mul add

int a = 1, b = 2, c = 3, d = 4, e = 5, f = 6; int r = (a - (b / c)) + ((d % e) * f); This is what a Java compiler generates iload_1 iload_2 iload_3 idiv isub iload 4 iload 5 irem iload 6 imul iadd istore 7 push 1 push 2 push 3 div sub push 4 push 5 mod push 6 mul add ourbytecode Javabytecodes

(1 - (2 / 3)) + ((4 % 5) * 6)Source code Java Compiler JavaBytecode JVM iload_1 iload_2 iload_3 idiv isub iload 4 iload 5 irem iload 6 imul iadd istore 7

Java bytecodes supports object oriented programming Typed intermediate language Supports primitive types (int, float, double, …) and reference types (arrays, strings, objects, …) Instructions can be classified into various types such as: loading (*load*) storing (*store*) method invocation arithmetic operations logical operations control flow memory allocation exception handling …

:% ! xxd in vim Viewing hex values of the .class ﬁles

$ cat Expr.java class Expr { public static void main(String []args) { int a = 1, b = 2, c = 3, d = 4, e = 5, f = 6; int r = (a - (b / c)) + ((d % e) * f); System.out.println("" + r); } } $ javac Expr.java $ java Expr 25 $ javap -c Expr.class Compiled from "Expr.java" class Expr { Expr(); Code: 0: aload_0 1: invokespecial #1 // Method java/lang/Object."<init>":()V 4: return public static void main(java.lang.String[]); Code: 0: iconst_1 1: istore_1 ... Java compiler JavaVM Java disassembler Use java tool for disassembling

Using Dr. Garbage’s Bytecode Visualizer and Debugger http://www.drgarbage.com/bytecode-visualizer/

System.out.println(“Hello World"); Java bytecodes // disassembled code using javap tool 0: getstatic #2 // Field java/lang/System.out:Ljava/io/PrintStream; 3: ldc #3 // String Hello World 5: invokevirtual #4 // Method java/io/PrintStream.println:(Ljava/lang/String;)V

int i = 10; if(i != 20) i = i*20; System.out.println(i); javap -c 0: bipush 10 2: istore_1 3: iload_1 4: bipush 20 6: if_icmpeq 14 9: iload_1 10: bipush 20 12: imul 13: istore_1 14: getstatic #2 // Field java/lang/System.out:Ljava/io/PrintStream; 17: iload_1 18: invokevirtual #3 // Method java/io/PrintStream.println:(I)V 21: return

public static void main(java.lang.String[]); descriptor: ?? flags: ??, ?? Code: stack=??, locals=??, args_size=?? Pop Quiz public static void main(String []args) { int a = 1, b = 2, c = 3, d = 4, e = 5, f = 6; int r = (a - (b / c)) + ((d % e) * f); System.out.println("" + r); }

public static void main(java.lang.String[]); descriptor: ([Ljava/lang/String;)V flags: ACC_PUBLIC, ACC_STATIC Code: stack=3, locals=8, args_size=1 Answer

1 2 3 / - 4 5 % 6 * + 1 1 2 1 2 3 1 0 Initial empty push 1 push 2 push 3 pop 3 pop 2 push 2 / 3 1 pop 0 pop 1 push 1 - 0 1 push 4 4 1 push 5 4 5 1 pop 5 pop 4 push 4 % 5 4 1 push 6 4 6 1 pop 6 pop 4 push 6 * 4 24 25 pop 24 pop 1 push 24 + 1 Answer: max stack value is 3

Supplier<String> s = () -> "hello world"; System.out.println(s.get()); Pop Quiz What bytecode instruction would s.get() generate?

Pop Quiz 0: iconst_0 1: istore_1 2: iconst_0 3: istore_2 4: iload_2 5: bipush 10 7: if_icmpge 20 10: iload_1 11: iload_2 12: iadd 13: istore_1 14: iinc 2, 1 17: goto 4 20: getstatic #2 // Field java/lang/System.out:Ljava/io/PrintStream; 23: iload_1 24: invokevirtual #3 // Method java/io/PrintStream.println:(I)V 27: return Decompile this assembly code

Answer public static void main(String []args) { int sum = 0; for(int i = 0; i < 10; i++) { sum += i; } System.out.println(sum); } 0: iconst_0 1: istore_1 2: iconst_0 3: istore_2 4: iload_2 5: bipush 10 7: if_icmpge 20 10: iload_1 11: iload_2 12: iadd 13: istore_1 14: iinc 2, 1 17: goto 4 20: getstatic #2 // Field java/lang/System.out:Ljava/io/PrintStream; 23: iload_1 24: invokevirtual #3 // Method java/io/PrintStream.println:(I)V 27: return

What is the “magic number" of Java’s “.class” files? Pop Quiz A. 0xDEADBEEF B. 0xCAFEBABE C. 0xC0DEC0DA D. 0xBAADF00D

class URL { public static void main(String []args) { http://www.google.com System.out.println("Hello"); } } http: is a label and // is start of a comment!! public static void main(java.lang.String[]); Code: 0: getstatic #2 // Field java/lang/System.out:Ljava/io/PrintStream; 3: ldc #3 // String Hello 5: invokevirtual #4 // Method java/io/PrintStream.println:(Ljava/lang/String;)V 8: return

Question What will be the output of this program? class Color { int red, green, blue; void Color() { red = 10; green = 10; blue = 10; } void printColor() { System.out.println("red: " + red + " green: " + green + " blue: " + blue); } public static void main(String [] args) { Color color= new Color(); color.printColor(); } } A. Compiler error: no constructor provided for the class B. Compiles fine, and when run, it prints the following: red: 0 green: 0 blue: 0 C. Compiles fine, and when run, it prints the following: red: 10 green: 10 blue: 10 D. Compiles fine, and when run, crashes by throwing NullPointerException

Answer What will be the output of this program? class Color { int red, green, blue; void Color() { red = 10; green = 10; blue = 10; } void printColor() { System.out.println("red: " + red + " green: " + green + " blue: " + blue); } public static void main(String [] args) { Color color= new Color(); color.printColor(); } } A. Compiler error: no constructor provided for the class B. Compiles fine, and when run, it prints the following: red: 0 green: 0 blue: 0 C. Compiles fine, and when run, it prints the following: red: 10 green: 10 blue: 10 D. Compiles fine, and when run, crashes by throwing NullPointerException

$ javap Color.class Compiled from "Color.java" class Color { int red; int green; int blue; Color(); void Color(); void printColor(); public static void main(java.lang.String[]); } Color(); Code: 0: aload_0 1: invokespecial #1 // Method java/lang/Object."<init>":()V 4: return void Color(); Code: 0: aload_0 1: bipush 10 3: putfield #2 // Field red:I 6: aload_0 7: bipush 10 9: putfield #3 // Field green:I 12: aload_0 13: bipush 10 15: putfield #4 // Field blue:I 18: return Aha! The generated code doesn’t look right! void Color() { red = 10; green = 10; blue = 10; }

abstract class Printer { private Integer portNumber = getPortNumber(); abstract Integer getPortNumber(); public static void main(String[]s) { Printer p = new LPDPrinter(); System.out.println(p.portNumber); } } class LPDPrinter extends Printer { /* Line Printer Deamon port no is 515 */ private Integer defaultPortNumber = 515; Integer getPortNumber() { return defaultPortNumber; } }

abstract class Printer { private Integer portNumber = getPortNumber(); abstract Integer getPortNumber(); public static void main(String[]s) { Printer p = new LPDPrinter(); System.out.println(p.portNumber); } } class LPDPrinter extends Printer { /* Line Printer Deamon port no is 515 */ private Integer defaultPortNumber = 515; Integer getPortNumber() { return defaultPortNumber; } } $ javap -c LPDPrinter.class Compiled from "Printer.java" class LPDPrinter extends Printer { LPDPrinter(); Code: 0: aload_0 1: invokespecial #1 // Method Printer."<init>":()V 4: aload_0 5: sipush 515 8: invokestatic #2 // Method java/lang/Integer.valueOf:(I)Ljava/ lang/Integer; 11: putfield #3 // Field defaultPortNumber:Ljava/lang/Integer; 14: return java.lang.Integer getPortNumber(); Code: 0: aload_0 1: getfield #3 // Field defaultPortNumber:Ljava/lang/Integer; 4: areturn } Initialisation happens *after* the base class constructor got

javap can get you lost in details! int ch = 0; while((ch = inputFile.read()) != 0) { System.out.print(ch); } 48: iconst_0 49: istore 7 51: aload 5 53: invokevirtual #8 // Method java/io/FileReader.read:()I 56: dup 57: istore 7 59: ifeq 73 62: getstatic #9 // Field java/lang/System.out:Ljava/io/PrintStream 65: iload 7 67: invokevirtual #10 // Method java/io/PrintStream.print:(I)V

• Difficult to debug when reflection and runtime class generation is involved • Obfuscated bytecodes are extremely difficult to debug

FUN PROJECT The best way to learn Java bytecodes is to implement a Java disassembler on your own! For implementation, read the documentation of Java bytecodes (in the JVM specification) and use javap tool as the reference implementation.

BOOKSTO READ Free download here: https://docs.oracle.com/javase/specs/jvms/se8/jvms8.pdf

IMAGE CREDITS • https://pixabay.com/static/uploads/photo/2015/12/28/15/58/ferrari-1111582_960_720.jpg • http://i.dailymail.co.uk/i/pix/2014/08/29/article-0-0296355F000004B0-113_634x421.jpg • http://blogs.shell.com/climatechange/wp-content/uploads/2015/01/Check-under-the-hood.jpg • https://diaryofabusymumdotcom.files.wordpress.com/2015/01/1369952540_be029c8337.jpg • http://trentarthur.ca/wp-content/uploads/2013/05/gatsby.jpg • http://cdn.playbuzz.com/cdn/84b94651-08da-4191-9b45-069535cf523f/9c35f887-a6fc-4c8d-861a-f323078709e8.jpg • http://pad2.whstatic.com/images/thumb/5/54/Draw-a-Simple-Tree-Step-2.jpg/aid594851-728px-Draw-a-Simple-Tree-Step-2.jpg • http://www.seabreeze.com.au/Img/Photos/Windsurfing/5350271.jpg • https://d.gr-assets.com/hostedimages/1380222758ra/461081.gif • http://cdn.shopify.com/s/files/1/0021/6982/products/GW-7693274_large.jpg?v=1283553128 • http://www.fisher-price.com/en_IN/Images/RMA_RWD_rock_a_stack_tcm222-163387.jpg • http://www.njfamily.com/NJ-Family/January-2011/Learn-How-to-Spot-a-Learning-Disability/Boy-learning-disability.jpg • https://teens.drugabuse.gov/sites/default/files/styles/medium/public/NIDA-News-What-was-down-the-hole-Alice.jpg?itok=DH19L7F2 • http://archivedemo.cnx.org/resources/4df9b85136bb00ee04456b031aa0c344e54f282e/CNX_Psych_08_04_Knuckles.jpg • http://archivedemo.cnx.org/resources/4df9b85136bb00ee04456b031aa0c344e54f282e/CNX_Psych_08_04_Knuckles.jpg • http://www.urbanspaces.co.uk/image/error-message-error-us.jpg • http://conservationmagazine.org/wordpress/wp-content/uploads/2013/05/dig-deeper.jpg • http://4.bp.blogspot.com/-BAZm9rddEhQ/TWy441M-p1I/AAAAAAAAAQg/_SKF8PMkVHA/s1600/ mr%2Bfixit.tif%2B%2528Converted%2529--6.jpg

Advanced Debugging Using Java Bytecodes

More Related Content

What's hot

Viewers also liked

Similar to Advanced Debugging Using Java Bytecodes

More from Ganesh Samarthyam

Recently uploaded

Advanced Debugging Using Java Bytecodes