[Soot-list] how does infoFlowAnalysis handle interfaceinvoke ?
jiangfan shi
jiangfan.shi at gmail.com
Tue Aug 19 10:36:29 EDT 2008
Thanks Eric for the explanation. There is one extra question.
> uses no points-to sets. That makes it faster but much less precise as
> you can see in your example.
Should the "less precise" mean that these edges should appear in the
produced call graph?
That is, the start() to open3() should appear in the call graph?
Jiangfan
>>>>
>>>> In case we can not attach a file to the mail list. I put all source
>>>> files in the following:
>>>>
>>>>
>>>> ============cg exploration===============
>>>> package mytransformer;
>>>>
>>>> import soot.*;
>>>>
>>>> import java.io.BufferedWriter;
>>>> import java.io.FileWriter;
>>>> import java.util.*;
>>>>
>>>> import soot.jimple.toolkits.callgraph.*;
>>>>
>>>> public class TestMyTransformer extends SceneTransformer {
>>>>
>>>> public static void main(String[] args) {
>>>> if (args.length == 0)
>>>> System.exit(-1);
>>>> PackManager.v().getPack("wjtp").add(
>>>> new Transform("wjtp.mytransform", TestMyTransformer.v()));
>>>> soot.Main.main(args);
>>>> }
>>>>
>>>> private static TestMyTransformer instance = null;
>>>>
>>>> public static TestMyTransformer v() {
>>>> if (instance == null)
>>>> return (instance = new TestMyTransformer());
>>>> return instance;
>>>> }
>>>>
>>>> protected void internalTransform(String phaseName, Map options) {
>>>> CallGraph cg = Scene.v().getCallGraph();
>>>> System.out.println("Call graph + " + cg);
>>>> }
>>>>
>>>> public void writetofile(CallGraph cg) {
>>>> try {
>>>> // Create file
>>>> FileWriter fstream = new FileWriter("out22.txt");
>>>> BufferedWriter out = new BufferedWriter(fstream);
>>>> out.write(cg.toString());
>>>> // Close the output stream
>>>> out.close();
>>>> } catch (Exception e) {// Catch exception if any
>>>> System.err.println("Error: " + e.getMessage());
>>>> }
>>>> }
>>>>
>>>> }
>>>>
>>>> =======main class helloworld ====
>>>> package hello;
>>>> public class helloworld {
>>>> helloworld3 tmp;
>>>>
>>>> helloworld(helloworld3 hw3){
>>>> tmp=hw3;
>>>> }
>>>>
>>>> public void start(){
>>>> System.out.println("start");
>>>>
>>>> if(tmp.hw3tmp!=null)
>>>> tmp.hw3tmp.open3();
>>>> }
>>>>
>>>> public static void main(String[] args){
>>>>
>>>> helloworld3 hw33=new helloworld3();
>>>> helloworld hw=new helloworld(hw33);
>>>> hw.start();
>>>> }
>>>> }
>>>>
>>>> class helloworld3 {
>>>> myInter hw3tmp;
>>>>
>>>> helloworld3(){
>>>> hw3tmp=null;
>>>> }
>>>>
>>>> void setup(myInter mi){
>>>> hw3tmp=mi;
>>>> }
>>>> }
>>>>
>>>> =======Interface myInter ====
>>>> package hello;
>>>> public interface myInter {
>>>> public void open3();
>>>>
>>>> }
>>>> ==========One implementation impl1========
>>>> package hello;
>>>> public class myinter1 implements myInter{
>>>> public void open3(){
>>>> System.out.println("myinter1");
>>>>
>>>> }
>>>> }
>>>> ==========One implementation impl2========
>>>> package hello;
>>>> public class myinter2 implements myInter {
>>>>
>>>> public void open3() {
>>>> // TODO Auto-generated method stub
>>>> System.out.println("myinter2");
>>>> }
>>>>
>>>> }
>>>>
>>>> ==============source code over===================
>>>>
>>>>
>>>>
>>>> On Tue, Aug 19, 2008 at 7:50 AM, Eric Bodden <eric.bodden at mail.mcgill.ca> wrote:
>>>>> Hi.
>>>>>
>>>>> Which call edge exactly do you find missing from the example below? I
>>>>> need a concrete and complete runnable example to be able to decide if
>>>>> this is or is not a bug.
>>>>>
>>>>> Eric
>>>>>
>>>>> 2008/8/18 jiangfan shi <jiangfan.shi at gmail.com>:
>>>>>> Thanks, Li xin.
>>>>>>
>>>>>> I have tried to use spark and cha (default option) to construct the
>>>>>> call graph. As you said, the generated call graph does not have
>>>>>> related interfaceInvoke edges. That is, there is not edge which
>>>>>> connects the main function to impl1.open() or impl2.open(). And even,
>>>>>> there is no edge between the main function and the interface
>>>>>> Inter1.open().
>>>>>>
>>>>>> My options are following:
>>>>>>
>>>>>> spark:
>>>>>>
>>>>>> -w -main-class helloworld -p cg.spark rta:true;on-fly-cg:true -f
>>>>>> jimple --app helloworld
>>>>>>
>>>>>> cha:
>>>>>>
>>>>>> -w -main-class helloworld -p cg.cha on -f jimple --app helloworld
>>>>>>
>>>>>> The following is my simplifiedcode.
>>>>>>
>>>>>> =======main class helloworld ====
>>>>>>
>>>>>> public class helloworld {
>>>>>> helloworld3 tmp;
>>>>>>
>>>>>> helloworld(helloworld3 hw3){
>>>>>> tmp=hw3;
>>>>>> }
>>>>>>
>>>>>> public void start(){
>>>>>> System.out.println("start");
>>>>>>
>>>>>> if(tmp.hw3tmp!=null)
>>>>>> tmp.hw3tmp.open3();
>>>>>> }
>>>>>>
>>>>>> public static void main(String[] args){
>>>>>>
>>>>>> helloworld3 hw33=new helloworld3();
>>>>>> helloworld hw=new helloworld(hw33);
>>>>>> hw.start();
>>>>>> }
>>>>>> }
>>>>>>
>>>>>> =============Another Class helloworld3============
>>>>>> class helloworld3 {
>>>>>> myInter hw3tmp;
>>>>>>
>>>>>> helloworld3(){
>>>>>> hw3tmp=null;
>>>>>> }
>>>>>>
>>>>>> void setup(myInter mi){
>>>>>> hw3tmp=mi;
>>>>>> }
>>>>>> }
>>>>>>
>>>>>> =======Interface myInter ====
>>>>>> public interface myInter {
>>>>>> public void open3();
>>>>>>
>>>>>> }
>>>>>> ==========One implementation impl1========
>>>>>>
>>>>>> public class myinter1 implements myInter{
>>>>>> public void open3(){
>>>>>> System.out.println("myinter1");
>>>>>>
>>>>>> }
>>>>>> }
>>>>>> ==========One implementation impl2========
>>>>>>
>>>>>> public class myinter2 implements myInter {
>>>>>>
>>>>>> public void open3() {
>>>>>> // TODO Auto-generated method stub
>>>>>> System.out.println("myinter2");
>>>>>> }
>>>>>>
>>>>>> }
>>>>>>
>>>>>> Any ideas? Thanks.
>>>>>> Jiangfan
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mon, Aug 18, 2008 at 9:35 AM, li xin <li-xin at jaist.ac.jp> wrote:
>>>>>>> Hello,
>>>>>>>
>>>>>>> I am wondering it is the issue of whether the underlying points-to analysis
>>>>>>> properly handle InterfaceInvoke.
>>>>>>>
>>>>>>> FYI:
>>>>>>> This question reminds me a related problem I ever encountered. I run
>>>>>>> cg.spark (with default options on mind) on some package, but edges of
>>>>>>> InterfaceInvoke are lost in the generated call graph (while CHA handles them
>>>>>>> properly).
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Thanks and Best Regards, LI
>>>>>>>
>>>>>>> On Mon, Aug 18, 2008 at 10:45 PM, jiangfan shi <jiangfan.shi at gmail.com>
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> I found the infoFlowAnalysis does not do dynamic bindings for the
>>>>>>>> interfaceinvoke statement. Am I right?
>>>>>>>>
>>>>>>>> For exmaple, I have an interface Interf1, which defines a method
>>>>>>>> open(). Two implementations impl1 and impl2 implement the Interf1.
>>>>>>>> Then I have following simplified statements;
>>>>>>>>
>>>>>>>> ==============
>>>>>>>> Interf1 tmp1;
>>>>>>>>
>>>>>>>> if(tmp1!=null){
>>>>>>>> tmp1.open().
>>>>>>>> }
>>>>>>>>
>>>>>>>> ==============
>>>>>>>>
>>>>>>>> For this piece of code, the infoFlowAnalysis does not give two
>>>>>>>> possible method invocations, impl1.open() and impl2.open().
>>>>>>>> Furthermore the infoFlowAnalysis does not compute flow Summary for
>>>>>>>> these two methods.
>>>>>>>>
>>>>>>>> For the following piece of code, the infoFlowAnalysis does work
>>>>>>>> because there are explicitly assignments from impl1 or impl2 to the
>>>>>>>> Interf1.
>>>>>>>>
>>>>>>>> ==============
>>>>>>>> Interf1 tmp1;
>>>>>>>> if(args[0]=1){
>>>>>>>> tmp1=new impl1();
>>>>>>>> else
>>>>>>>> tmp1=new impl2();
>>>>>>>>
>>>>>>>> tmp1.open().
>>>>>>>> }
>>>>>>>>
>>>>>>>> ==============
>>>>>>>> In this case, the infoFlowAnalysis will compute summaries for the two
>>>>>>>> methods, impl1.open() and impl2.open().
>>>>>>>>
>>>>>>>> So my question is that if the infoFlowAnalysis handle the
>>>>>>>> interfaceinvoke statement. Maybe I did not find some configurations of
>>>>>>>> the infoFlowAnalsysis, or I miss some other options.
>>>>>>>>
>>>>>>>> Thanks you in advance!
>>>>>>>>
>>>>>>>> Jiangfan
>>>>>>>> _______________________________________________
>>>>>>>> Soot-list mailing list
>>>>>>>> Soot-list at sable.mcgill.ca
>>>>>>>> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> _______________________________________________
>>>>>> Soot-list mailing list
>>>>>> Soot-list at sable.mcgill.ca
>>>>>> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Eric Bodden
>>>>> Sable Research Group
>>>>> McGill University, Montréal, Canada
>>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> Eric Bodden
>>> Sable Research Group
>>> McGill University, Montréal, Canada
>>>
>>
>
>
>
> --
> Eric Bodden
> Sable Research Group
> McGill University, Montréal, Canada
>
More information about the Soot-list
mailing list