[Soot-list] Exception and Method Analysis
Ondrej Lhotak
olhotak at uwaterloo.ca
Fri Feb 11 13:29:24 EST 2011
On Fri, Feb 11, 2011 at 04:23:59PM +0000, Richard Warburton wrote:
> > I may be wrong but to the best of my knowledge there's no such
> > analysis already built into Soot. But there's all the necessary
> > component, of course. There's a ThrowsAnalysis that can tell you which
> > exceptions a statement may throw. Then of course there are method
> > signatures that tell you which checked exceptions a method may throw.
> > You can accumulate these using a call graph to get results for the
> > transitive closure of a method call.
> >
> > So in a nutshell I think this will require a bit of manual labor but
> > it should certainly be doable. Whether it's efficient in the end
> > depends on the perspective I would say. Whole-program analyses like
> > the one you are proposing tend to take a few minutes for realistic
> > programs. That's just a matter of intrinsic complexity of the problem.
>
> Thanks for your prompt reply. I was thinking about this issue more
> and I can probably get away with just a callgraph with additional
> edges for exception throws. Is there any analysis like that? Also is
> the architecture of the CallGraph extraction documented anywhere? I
> can see that "Scene.v().getCallGraph()" will give me a callgraph, but
> if I wish to hook into the process in order to say annotate edges with
> what exceptions may propagate back up that method invocation where
> would I start. Or is it easier for me to simply copy the CallGraph
> Analyses and rewrite it with a custom Edge representation that allows
> for exceptional information to be annotated?
The CallGraph (and Edge) classes are responsible for storing and
communicating a computed call graph. They do not compute the call graph
themselves. They were designed as a common interface between call graph
construction code, and code that makes use of a call graph. Thus, given
alternative call graph construction code, it should be easy to construct
a CallGraph from its output.
You could start with an existing call graph, do additional analysis, and
store your additional analysis results in a customized call graph. It
should be possible to subclass Edge to add information.
There are three implementations of call graph construction in Soot:
class hierarchy analysis, Spark, and Paddle (in order from simplest to
most complicated, from least to most precise, and from cheapest to most
costly). Spark and Paddle are documented in my masters and PhD theses,
respectively, which you can find at:
http://plg.uwaterloo.ca/~olhotak/pubs/thesis-olhotak-msc.ps
http://plg.uwaterloo.ca/~olhotak/pubs/thesis-olhotak-phd.ps
Ondrej
> kind regards,
>
> Richard
> _______________________________________________
> Soot-list mailing list
> Soot-list at sable.mcgill.ca
> http://mailman.cs.mcgill.ca/mailman/listinfo/soot-list
>
More information about the Soot-list
mailing list