This document discusses advanced Java debugging using bytecode. It explains that bytecode is the low-level representation of Java programs that is executed by the Java Virtual Machine (JVM). It shows examples of decompiling Java source code to bytecode instructions and evaluating bytecode on a stack. Various bytecode visualization and debugging tools are demonstrated. Key topics like object-oriented aspects of bytecode and the ".class" file format are also covered at a high-level.

1. ADVANCED DEBUGGING USING
JAVA BYTECODES
Ganesh Samarthyam (ganesh@codeops.tech)

2. Don’t understand what’s under the
hood?

3. How to debug without source code?

4. Java Bytecodes
But this low level stuff is scary -
do I wanna learn it?

5. Did Rose knew how to use an axe
when trying to free Jack?

6. “On the job training!!”

7. So, come, let’s explore the bytecodes!

8. (1 - (2 / 3)) + ((4 % 5) * 6)
Draw the
expression tree

9. (1 - (2 / 3)) + ((4 % 5) * 6)

10. Perform post-order
traversal of the tree

11. 1 2 3 / - 4 5 % 6 * +
post-order
traversal
result

12. Use a stack for
evaluating this
postfix expression
1 2 3 / - 4 5 % 6 * +

14. 1 2 3 / - 4 5 % 6 * +
1 1
2
1
2
3
1
0
Initial
empty
push 1 push 2 push 3
pop 3
pop 2
push 2 / 3
1
pop 0
pop 1
push 1 - 0
1
push 4
4
1
push 5
4
5
1
pop 5
pop 4
push 4 % 5
4
1
push 6
4
6
1
pop 6
pop 4
push 6 * 4
24
25
pop 24
pop 1
push 24 + 1

15. 1 2 3 / - 4 5 % 6 * +
Initial
empty

16. 1 2 3 / - 4 5 % 6 * +
1
push 1

17. 1 2 3 / - 4 5 % 6 * +
1
2
push 2

18. 1 2 3 / - 4 5 % 6 * +
1
2
3
push 3

19. 1 2 3 / - 4 5 % 6 * +
1
0
pop 3
pop 2
push 2 / 3

20. 1 2 3 / - 4 5 % 6 * +
1
pop 0
pop 1
push 1 - 0

21. 1 2 3 / - 4 5 % 6 * +
1
push 4
4

22. 1 2 3 / - 4 5 % 6 * +
1
push 5
4
5

23. 1 2 3 / - 4 5 % 6 * +
1
pop 5
pop 4
push 4 % 5
4

24. 1 2 3 / - 4 5 % 6 * +
1
push 6
4
6

25. 1 2 3 / - 4 5 % 6 * +
1
pop 6
pop 4
push 6 * 4
24

26. 1 2 3 / - 4 5 % 6 * +
25
pop 24
pop 1
push 24 + 1

27. 1 2 3 / - 4 5 % 6 * +
Let us give
names to these
operations
push 1
push 2
push 3
div
sub
push 4
push 5
mod
push 6
mul
add

28. int a = 1, b = 2, c = 3, d = 4, e = 5, f = 6;
int r = (a - (b / c)) + ((d % e) * f);
This is what a Java
compiler generates
iload_1
iload_2
iload_3
idiv
isub
iload 4
iload 5
irem
iload 6
imul
iadd
istore 7
push 1
push 2
push 3
div
sub
push 4
push 5
mod
push 6
mul
add
ourbytecode
Javabytecodes

29. (1 - (2 / 3)) + ((4 % 5) * 6)Source code
Java
Compiler
JavaBytecode
JVM
iload_1
iload_2
iload_3
idiv
isub
iload 4
iload 5
irem
iload 6
imul
iadd
istore 7

30. Java bytecodes supports object oriented programming
Typed intermediate language
Supports primitive types (int, float, double, …) and
reference types (arrays, strings, objects, …)
Instructions can be classified into various types such as:
loading (*load*)
storing (*store*)
method invocation
arithmetic operations
logical operations
control flow
memory allocation
exception handling
…

31. :% ! xxd in
vim
Viewing hex values of
the .class files

33. $ cat Expr.java
class Expr {
public static void main(String []args) {
int a = 1, b = 2, c = 3, d = 4, e = 5, f = 6;
int r = (a - (b / c)) + ((d % e) * f);
System.out.println("" + r);
}
}
$ javac Expr.java
$ java Expr
25
$ javap -c Expr.class
Compiled from "Expr.java"
class Expr {
Expr();
Code:
0: aload_0
1: invokespecial #1 // Method java/lang/Object."<init>":()V
4: return
public static void main(java.lang.String[]);
Code:
0: iconst_1
1: istore_1
...
Java
compiler
JavaVM
Java
disassembler
Use java tool for
disassembling

34. Using Dr. Garbage’s Bytecode
Visualizer and Debugger
http://www.drgarbage.com/bytecode-visualizer/

35. Using Dr. Garbage’s Bytecode
Visualizer and Debugger
http://www.drgarbage.com/bytecode-visualizer/

36. System.out.println(“Hello World");
Java bytecodes
// disassembled code using javap tool
0: getstatic #2 // Field java/lang/System.out:Ljava/io/PrintStream;
3: ldc #3 // String Hello World
5: invokevirtual #4 // Method java/io/PrintStream.println:(Ljava/lang/String;)V

37. int i = 10;
if(i != 20)
i = i*20;
System.out.println(i);
javap -c
0: bipush 10
2: istore_1
3: iload_1
4: bipush 20
6: if_icmpeq 14
9: iload_1
10: bipush 20
12: imul
13: istore_1
14: getstatic #2 // Field java/lang/System.out:Ljava/io/PrintStream;
17: iload_1
18: invokevirtual #3 // Method java/io/PrintStream.println:(I)V
21: return

38. public static void
main(java.lang.String[]);
descriptor: ??
flags: ??, ??
Code:
stack=??, locals=??, args_size=??
Pop
Quiz
public static void main(String []args) {
int a = 1, b = 2, c = 3, d = 4, e = 5, f = 6;
int r = (a - (b / c)) + ((d % e) * f);
System.out.println("" + r);
}

39. public static void
main(java.lang.String[]);
descriptor: ([Ljava/lang/String;)V
flags: ACC_PUBLIC, ACC_STATIC
Code:
stack=3, locals=8, args_size=1
Answer

40. 1 2 3 / - 4 5 % 6 * +
1 1
2
1
2
3
1
0
Initial
empty
push 1 push 2 push 3
pop 3
pop 2
push 2 / 3
1
pop 0
pop 1
push 1 - 0
1
push 4
4
1
push 5
4
5
1
pop 5
pop 4
push 4 % 5
4
1
push 6
4
6
1
pop 6
pop 4
push 6 * 4
24
25
pop 24
pop 1
push 24 + 1
Answer:
max stack
value is 3

41. Supplier<String> s = () -> "hello world";
System.out.println(s.get());
Pop
Quiz
What bytecode
instruction would
s.get() generate?

42. invokedynamic
Answer

43. Pop
Quiz
0: iconst_0
1: istore_1
2: iconst_0
3: istore_2
4: iload_2
5: bipush 10
7: if_icmpge 20
10: iload_1
11: iload_2
12: iadd
13: istore_1
14: iinc 2, 1
17: goto 4
20: getstatic #2 // Field java/lang/System.out:Ljava/io/PrintStream;
23: iload_1
24: invokevirtual #3 // Method java/io/PrintStream.println:(I)V
27: return
Decompile this
assembly code

44. Answer
public static void main(String []args) {
int sum = 0;
for(int i = 0; i < 10; i++) {
sum += i;
}
System.out.println(sum);
}
0: iconst_0
1: istore_1
2: iconst_0
3: istore_2
4: iload_2
5: bipush 10
7: if_icmpge 20
10: iload_1
11: iload_2
12: iadd
13: istore_1
14: iinc 2, 1
17: goto 4
20: getstatic #2 // Field java/lang/System.out:Ljava/io/PrintStream;
23: iload_1
24: invokevirtual #3 // Method java/io/PrintStream.println:(I)V
27: return

45. What is the “magic number"
of Java’s “.class” files?
Pop
Quiz
A. 0xDEADBEEF
B. 0xCAFEBABE
C. 0xC0DEC0DA
D. 0xBAADF00D

46. CAFEBABE

47. Let’s fix it

48. class URL {
public static void main(String []args) {
http://www.google.com
System.out.println("Hello");
}
}
http: is a label and // is start
of a comment!!
public static void main(java.lang.String[]);
Code:
0: getstatic #2 // Field java/lang/System.out:Ljava/io/PrintStream;
3: ldc #3 // String Hello
5: invokevirtual #4 // Method java/io/PrintStream.println:(Ljava/lang/String;)V
8: return

49. Question
What will be the output of this program?
class Color {
int red, green, blue;
void Color() {
red = 10; green = 10; blue = 10;
}
void printColor() {
System.out.println("red: " + red + " green: " + green + " blue: " + blue);
}
public static void main(String [] args) {
Color color= new Color();
color.printColor();
}
}
A. Compiler error: no constructor provided for the class
B. Compiles fine, and when run, it prints the following: red: 0 green: 0 blue: 0
C. Compiles fine, and when run, it prints the following: red: 10 green: 10 blue: 10
D. Compiles fine, and when run, crashes by throwing NullPointerException

50. Answer
What will be the output of this program?
class Color {
int red, green, blue;
void Color() {
red = 10; green = 10; blue = 10;
}
void printColor() {
System.out.println("red: " + red + " green: " + green + " blue: " + blue);
}
public static void main(String [] args) {
Color color= new Color();
color.printColor();
}
}
A. Compiler error: no constructor provided for the class
B. Compiles fine, and when run, it prints the following: red: 0 green: 0 blue: 0
C. Compiles fine, and when run, it prints the following: red: 10 green: 10 blue: 10
D. Compiles fine, and when run, crashes by throwing NullPointerException

51. $ javap Color.class
Compiled from "Color.java"
class Color {
int red;
int green;
int blue;
Color();
void Color();
void printColor();
public static void main(java.lang.String[]);
}
Color();
Code:
0: aload_0
1: invokespecial #1 // Method java/lang/Object."<init>":()V
4: return
void Color();
Code:
0: aload_0
1: bipush 10
3: putfield #2 // Field red:I
6: aload_0
7: bipush 10
9: putfield #3 // Field green:I
12: aload_0
13: bipush 10
15: putfield #4 // Field blue:I
18: return
Aha! The generated code
doesn’t look right!
void Color() {
red = 10; green = 10; blue = 10;
}

52. abstract class Printer {
private Integer portNumber = getPortNumber();
abstract Integer getPortNumber();
public static void main(String[]s) {
Printer p = new LPDPrinter();
System.out.println(p.portNumber);
}
}
class LPDPrinter extends Printer {
/* Line Printer Deamon port no is 515 */
private Integer defaultPortNumber = 515;
Integer getPortNumber() {
return defaultPortNumber;
}
}

53. abstract class Printer {
private Integer portNumber = getPortNumber();
abstract Integer getPortNumber();
public static void main(String[]s) {
Printer p = new LPDPrinter();
System.out.println(p.portNumber);
}
}
class LPDPrinter extends Printer {
/* Line Printer Deamon port no is 515 */
private Integer defaultPortNumber = 515;
Integer getPortNumber() {
return defaultPortNumber;
}
}
$ javap -c LPDPrinter.class
Compiled from "Printer.java"
class LPDPrinter extends Printer {
LPDPrinter();
Code:
0: aload_0
1: invokespecial #1 // Method Printer."<init>":()V
4: aload_0
5: sipush 515
8: invokestatic #2 // Method java/lang/Integer.valueOf:(I)Ljava/
lang/Integer;
11: putfield #3 // Field defaultPortNumber:Ljava/lang/Integer;
14: return
java.lang.Integer getPortNumber();
Code:
0: aload_0
1: getfield #3 // Field defaultPortNumber:Ljava/lang/Integer;
4: areturn
}
Initialisation happens *after*
the base class constructor got

54. javap can get you lost in
details!
int ch = 0;
while((ch = inputFile.read()) != 0) {
System.out.print(ch);
}
48: iconst_0
49: istore 7
51: aload 5
53: invokevirtual #8 // Method java/io/FileReader.read:()I
56: dup
57: istore 7
59: ifeq 73
62: getstatic #9 // Field java/lang/System.out:Ljava/io/PrintStream
65: iload 7
67: invokevirtual #10 // Method java/io/PrintStream.print:(I)V

55. • Difficult to debug when reflection and runtime class
generation is involved
• Obfuscated bytecodes are extremely difficult to debug

56. FUN PROJECT
The best way to learn Java bytecodes is to implement a Java
disassembler on your own!
For implementation, read the documentation of Java
bytecodes (in the JVM specification) and use javap tool as
the reference implementation.

57. BOOKSTO READ
Free download here: https://docs.oracle.com/javase/specs/jvms/se8/jvms8.pdf

58. BOOKSTO READ

59. BOOKSTO READ

60. IMAGE CREDITS
• https://pixabay.com/static/uploads/photo/2015/12/28/15/58/ferrari-1111582_960_720.jpg
• http://i.dailymail.co.uk/i/pix/2014/08/29/article-0-0296355F000004B0-113_634x421.jpg
• http://blogs.shell.com/climatechange/wp-content/uploads/2015/01/Check-under-the-hood.jpg
• https://diaryofabusymumdotcom.files.wordpress.com/2015/01/1369952540_be029c8337.jpg
• http://trentarthur.ca/wp-content/uploads/2013/05/gatsby.jpg
• http://cdn.playbuzz.com/cdn/84b94651-08da-4191-9b45-069535cf523f/9c35f887-a6fc-4c8d-861a-f323078709e8.jpg
• http://pad2.whstatic.com/images/thumb/5/54/Draw-a-Simple-Tree-Step-2.jpg/aid594851-728px-Draw-a-Simple-Tree-Step-2.jpg
• http://www.seabreeze.com.au/Img/Photos/Windsurfing/5350271.jpg
• https://d.gr-assets.com/hostedimages/1380222758ra/461081.gif
• http://cdn.shopify.com/s/files/1/0021/6982/products/GW-7693274_large.jpg?v=1283553128
• http://www.fisher-price.com/en_IN/Images/RMA_RWD_rock_a_stack_tcm222-163387.jpg
• http://www.njfamily.com/NJ-Family/January-2011/Learn-How-to-Spot-a-Learning-Disability/Boy-learning-disability.jpg
• https://teens.drugabuse.gov/sites/default/files/styles/medium/public/NIDA-News-What-was-down-the-hole-Alice.jpg?itok=DH19L7F2
• http://archivedemo.cnx.org/resources/4df9b85136bb00ee04456b031aa0c344e54f282e/CNX_Psych_08_04_Knuckles.jpg
• http://archivedemo.cnx.org/resources/4df9b85136bb00ee04456b031aa0c344e54f282e/CNX_Psych_08_04_Knuckles.jpg
• http://www.urbanspaces.co.uk/image/error-message-error-us.jpg
• http://conservationmagazine.org/wordpress/wp-content/uploads/2013/05/dig-deeper.jpg
• http://4.bp.blogspot.com/-BAZm9rddEhQ/TWy441M-p1I/AAAAAAAAAQg/_SKF8PMkVHA/s1600/
mr%2Bfixit.tif%2B%2528Converted%2529--6.jpg