[Soot-list] Building a context-sensitive call graph by using Paddle.

Samuel Son samuel at cs.utexas.edu
Wed Oct 6 17:45:12 EDT 2010 

I tired to build a context-sensitive call graph by using Paddle. It
dies in 10 minutes with the following message.

I could not figure out the reason why Paddle died. I suspected the
lack of heap space but I set my heap space as 2giga bytes (Maximum
Amount).

#
# A fatal error has been detected by the Java Runtime Environment:
#
#  SIGSEGV (0xb) at pc=0x2fb4df05, pid=21764, tid=3066882960
#
# JRE version: 6.0_20-b02
# Java VM: Java HotSpot(TM) Client VM (16.3-b01 mixed mode linux-x86 )
# Problematic frame:
# C  [libjeddbuddy.so+0x26f05]  bdd_makenode+0x75

Here I attached my source code which is used to generate a call graph
and a target java class.

public class CGexample {

       public static void main(String[] args) {

               System.out.println("Let's Start Call graph example.");

               Options.v().set_whole_program(true);
               Options.v().set_app(true);
               Options.v().set_time(true);
               Options.v().set_verbose(false);
               Options.v().set_debug(true);
               Options.v().set_debug_resolver(true);
               Options.v().set_allow_phantom_refs(true);

               Options.v().set_omit_excepting_unit_edges(true);
               Options.v().set_throw_analysis(1);
               Scene.v().loadBasicClasses();

               SootClass cl = Scene.v().loadClassAndSupport("HelloWorldApp");
           cl.setApplicationClass();


           Scene.v().loadNecessaryClasses();
           String thePhaseName = "cg";

           HashMap theOptions = new HashMap();
           theOptions.put("enabled", "true");
           theOptions.put("verbose","true");
           theOptions.put("all-reachable","false");
           theOptions.put("on-fly-cg", "true");
           theOptions.put("set-impl", "double");
           theOptions.put("verbose", "true");
           theOptions.put("implicit-entry", "false");

           System.out.println("Setting options...");
           SceneTransformer sctform;

           if ( true )
           {
               theOptions.put("q", "auto");
               theOptions.put("order", "32");
               theOptions.put("bdd", "true");
               theOptions.put("backend", "buddy");
               theOptions.put("enabled", "true");
                   theOptions.put("verbose","true");
                   theOptions.put("context", "1cfa");
                   theOptions.put("k", "2");
                   theOptions.put("conf", "ofcg");//cha-context");
                   theOptions.put("pre-jimplify", "false");
                   theOptions.put("set-impl", "double" );
                   theOptions.put("double-set-old", "hybrid");
                   theOptions.put("double-set-new", "hybrid");
                   theOptions.put("propagator", "auto");

                   PaddleTransformer pt = new PaddleTransformer();
                   PaddleOptions paddle_opt = new PaddleOptions(theOptions);
                   pt.setup(paddle_opt);
                   pt.solve(paddle_opt);
                   soot.jimple.paddle.Results.v().makeStandardSootResults();

          }
           else
           {
               sctform = CustomCHATransformer.v();
                   sctform.transform(thePhaseName, theOptions);
           }


           System.out.println("Retrieving call graph.....");

           CallGraph cg = Scene.v().getCallGraph();
  }
}



class HelloWorldApp {

       public static void main(String[] args) {

       System.out.println("Hello World!"); // Display the string.
       HelloWorldApp pApp = new HelloWorldApp();
       pApp.functionA( 3, 12 );

               String strClassName = "HelloWorldApp";

               try{

                 Class c = Class.forName( strClassName );
                 java.lang.reflect.Method[] m = c.getDeclaredMethods();

                 Object arglist[] = new Object[2];
                 arglist[0] = new Integer(37);
                 arglist[1] = new Integer(47);

                 for (int i = 0; i < m.length; i++)
                 {
                           System.out.println( m[i].toString() );
                                if( m[i].toString().contains("refCall") )
                                       m[i].invoke( pApp, arglist);
                 }

                 Class partypes[] = new Class[2];

                 partypes[0] = Integer.TYPE;
         partypes[1] = Integer.TYPE;

                 System.out.println( "Final Reflective Call Checking.." );

                 java.lang.reflect.Method meth = c.getMethod(
"refCall", partypes );

                 meth.invoke( pApp, arglist );

               }catch( Exception e )
               {
                       System.out.println("Sorry, Failed to call
reflective calls");
               }

   }

   public int functionA( int a, int b )
   {
       System.out.println("[!] functionA is called..");

       int ret = add( 3, 5 );

       String strEx = "hello" ;

       strEx = strEx + "GOOD BYE";

       ret = add( strEx.length(), 6 );

       return ret;
   }

   public int add( int a, int b )
   {
       return a+b;
   }

   public void error()
   {
       System.out.println("Hello: It is time to exit! Srry.");
       System.exit(0);
   }

       public int refCall( int a, int b )
       {
               System.out.println("[!] function refCall is called! " );

               int ret = functionA( 3, 1 );

               System.out.println("Function : Result=> " + ret );

               return ret;
       }
}

More information about the Soot-list mailing list