[Soot-list] How to get field object in Jimple code?

[Sai Zhang]

Hi all:

I am a bit confused on how to extract "field object" from Jimple code (used
in a field-sensitive dynamic analysis).

For instance, consider the following simple class and the corresponding
jimple code:

class A {
  Object s  = "string";
}

//client code:
A a1 = new A();
a1.s = "hello";
A a2 = a;
a2.s = "world";      // a2.i should be the same field as a1.i


//(roughly) corresponding jimple code for client code
1.   $r1 = new A;
2.   r2 = $r1
3.   r2.<A: string s> = "hello";
4.   r3 = $r1
5.   r3.<A: string s> = "world"


Is there a way to fetch the object of "A.s" (not the field reference, e.g.
SootField , SootFieldRef) from line 3 and line 5?

For instance, could I could insert some instrumentation code after line 5,
like:
Tracer.record( .....r3.<A:string s> (// get the object of A.s),...);


In other words, is there anyway to decide a2.s and a1.s are pointing to the
same memory location in a dynamic analysis? In my intuition,
it should not be that hard, since r2 and r3 seem to share the same
JimpleLocal object, right? but how to get the state of "A.s" seems
to be a problem. Is there any good way to overcome that? or am i in a wrong
direction?


Thanks so much.


- Sai
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.cs.mcgill.ca/pipermail/soot-list/attachments/20100427/1747f427/attachment.html