[Soot-list] context sensitive allocation site for specjbb
Tony Yan
yan at cse.ohio-state.edu
Wed Oct 3 15:01:24 EDT 2012
Thanks for the clarification, Eric!
It seems that inlining a few important calls that we know in advance
is quite a useful feature. I've been wanting to do so in many cases.
So, is there any easy and reliable way that we can inline calls before
anything happens (or at least before whole program analysis)?
By the way, it seems that hacking Spark to add manually AllocNode's
for Class.newInstance() is a way to make points-to analysis work for
such allocation sites, under the context of developing software
engineering tools rather than doing compiler optimization.
Tony
On Wed, Oct 3, 2012 at 8:05 AM, Eric Bodden <eric.bodden at ec-spride.de> wrote:
> Hi Tony.
>
>
>> I have a follow-up question: how does TamiFlex handle reflections in
>> factory methods?
>>
>> Here's an example:
>>
>> Object create(Class c) {
>> return c.newInstance();
>> }
>>
>> A a = (A) create(A.class);
>> B b = (B) create(B.class);
>>
>> What exactly would happen if I use TamiFlex for this sample code? Is
>> create() specialized and inlined?
>
> No. On this case you would get two log entries, stating that the
> newInstance call within create once instantiates an A object and once
> a B object. During its points-to analysis, Soot will then create the
> appropriate two allocation nodes for this newInstance-call. In other
> words, there is no context-sensitivity involved there if that's what
> you are after. If you want any better then your only chance is to
> inline such calls before running TamiFlex.
>
> Eric
More information about the Soot-list
mailing list