bytecode-viewer icon indicating copy to clipboard operation
bytecode-viewer copied to clipboard

Published 20 hours ago verified publisher icon Konloch

Auto Decompiler Ranking

Open Manouchehri opened this issue 9 years ago • 9 comments

PMD could be used to compare the output of different decompilers, and automatically pick which one to use based on the complexity score. Other metrics can probably be used as well, but that would be the most basic.

Manouchehri avatar Dec 24 '15 12:12 Manouchehri

Oh wow this is really cool, I'd totally be interested in support for this.

Konloch avatar Dec 24 '15 13:12 Konloch

@Konloch Is there anything already in place to check if the current decompiled code can actually be recompiled? If not, I should do that first.

Manouchehri avatar Dec 24 '15 13:12 Manouchehri

Nah, I rely on simply calling 'javac', then if there's no classfile produced it assumes theres an error and returns the system.out/system.err logs.

Konloch avatar Dec 24 '15 13:12 Konloch

One problem with using errors from javac is that in theory it could recompile to a function that behaves differently. I think the bytecode should probably be compared instead.

There might be changes in the bytecode if the compiler major/minor version is different, so it'd be up to the user to make sure they're using the same one.

Manouchehri avatar Dec 24 '15 13:12 Manouchehri

@Manouchehri that's difficult because you will need CFG analysis to compare the actual logic of functions in bytecode.

Another way could just be searching for "couldn't be decompiled" or error messages

ghost avatar Jan 02 '16 13:01 ghost

@afffsdd Shouldn't the bytecode be identical if the same compiler is used? I don't see the need for CFG here.

Manouchehri avatar Jan 03 '16 01:01 Manouchehri

you can't rely on that, changes in the way the source code is laid out can affect the compiled bytecode.

ghost avatar Jan 03 '16 13:01 ghost

If the source code changes, then the code is no longer equivalent and the user should be warned (or offered a different decompiler if possible). That's intended.

Manouchehri avatar Jan 03 '16 13:01 Manouchehri

It's basically impossible to decompile to source code which will produce the same classfile, even in ideal circumstances. If you want roundtripping, you need to use the Krakatau diassembler.

If you're doing code complexity, you'll probably want to add a check that the method isn't just comments or an error message.

As for verifying the correctness of the code, that's obviously a Turing Hard problem. For arbitrary bytecode, you're most likely to get accurate results from Krakatau for a certain definition of accurate. If you don't, you should file a bug.

Storyyeller avatar Feb 03 '16 03:02 Storyyeller