[Soot-list] Missing call graph edges

Steven Arzt Steven.Arzt at cased.de
Mon Feb 9 03:40:37 EST 2015 

Hi Peter,

 

Can you please send me a more complete minimal example with which I can reproduce the issue?

 

Best regards,

  Steven

 

Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA] Im Auftrag von Peter Kim
Gesendet: Sonntag, 8. Februar 2015 19:05
An: Steven Arzt
Cc: soot-list at cs.mcgill.ca
Betreff: Re: [Soot-list] Missing call graph edges

 

eliminateDeadCode() is *not* being called and I'm still running into the problem. Thanks in advance for your help.

 

On Sun, Feb 8, 2015 at 5:37 PM, Peter Kim <chpkim at gmail.com> wrote:

Hi Steven,

 

I'm still running into the same problem after pulling from Github.

 

 

On Fri, Feb 6, 2015 at 9:24 AM, Steven Arzt <Steven.Arzt at cased.de> wrote:

Hi Peter,

 

that might have to do with an optimization I added recently. In short, FlowDroid removes these callgraph edges for which it can easily decide that having them does not influence the outcome of the taint analysis. I can however fully understand that this might lead to surprising results if you are using the FlowDroid components for other analyses, so I decided to make this optimization optional and turn it off by default.

 

The new code is on Github and a new nightly build will be available tomorrow.

 

Best regards,

  Steven

 

 

M.Sc. M.Sc. Steven Arzt

Secure Software Engineering Group (SSE)

European Center for Security and Privacy by Design (EC SPRIDE) 

Rheinstraße 75

D-64293 Darmstadt

Phone: +49 61 51 869-336

Fax: +49 61 51 16-72118 <tel:%2B49%2061%2051%2016-72118> 

eMail:  <mailto:steven.arzt at ec-spride.de> steven.arzt at ec-spride.de

Web: http://sse.ec-spride.de <http://sse.ec-spride.de/> 

 

 

 

Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA] Im Auftrag von Peter Kim
Gesendet: Freitag, 6. Februar 2015 00:05
An: soot-list at cs.mcgill.ca
Betreff: [Soot-list] Missing call graph edges

 

Hi,

 

I'm extending FlowDroid to construct an Android app's call graph. More specifically, I get the call graph by modifying Infoflow.runAnalysis(final ISourceSinkManager sourcesSinks, final Set<String> additionalSeeds) to call Scene.v().getCallGraph(). The call graph is missing edges in an odd way - for a function, the graph has some outgoing edges but is missing ones that should be there. Namely, given the following function (shown in Java rather than jimple for readability), the called methods should be "get()", "isFinished()", "remove()", "free()", "size()", "update()", but I'm only getting "get()", "size()", and "remove()". I don't understand why "remove()" is included but "free()" is not since they are in the same basic block. I'm using soot.jimple.toolkits.callgraph.TransitiveTargets to analyze the call graph.

 

public void update(float x) {

  for (...size()..) {

      get();

      if (isFinished()) {

        remove();

        free();

      }

  }

 

  if (y) {

    if (x) {

      for (... size()...)  get().update(x);

    } else {

      for (...size()...)  get().update(x);

    }

  }

}

 

Thank you for your help.

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20150209/4cc516cf/attachment.html

More information about the Soot-list mailing list