[Soot-list] Missing call graph edges
Steven Arzt
Steven.Arzt at cased.de
Mon Feb 9 03:40:37 EST 2015
Hi Peter,
Can you please send me a more complete minimal example with which I can reproduce the issue?
Best regards,
Steven
Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA] Im Auftrag von Peter Kim
Gesendet: Sonntag, 8. Februar 2015 19:05
An: Steven Arzt
Cc: soot-list at cs.mcgill.ca
Betreff: Re: [Soot-list] Missing call graph edges
eliminateDeadCode() is *not* being called and I'm still running into the problem. Thanks in advance for your help.
On Sun, Feb 8, 2015 at 5:37 PM, Peter Kim <chpkim at gmail.com> wrote:
Hi Steven,
I'm still running into the same problem after pulling from Github.
On Fri, Feb 6, 2015 at 9:24 AM, Steven Arzt <Steven.Arzt at cased.de> wrote:
Hi Peter,
that might have to do with an optimization I added recently. In short, FlowDroid removes these callgraph edges for which it can easily decide that having them does not influence the outcome of the taint analysis. I can however fully understand that this might lead to surprising results if you are using the FlowDroid components for other analyses, so I decided to make this optimization optional and turn it off by default.
The new code is on Github and a new nightly build will be available tomorrow.
Best regards,
Steven
M.Sc. M.Sc. Steven Arzt
Secure Software Engineering Group (SSE)
European Center for Security and Privacy by Design (EC SPRIDE)
Rheinstraße 75
D-64293 Darmstadt
Phone: +49 61 51 869-336
Fax: +49 61 51 16-72118 <tel:%2B49%2061%2051%2016-72118>
eMail: <mailto:steven.arzt at ec-spride.de> steven.arzt at ec-spride.de
Web: http://sse.ec-spride.de <http://sse.ec-spride.de/>
Von: soot-list-bounces at CS.McGill.CA [mailto:soot-list-bounces at CS.McGill.CA] Im Auftrag von Peter Kim
Gesendet: Freitag, 6. Februar 2015 00:05
An: soot-list at cs.mcgill.ca
Betreff: [Soot-list] Missing call graph edges
Hi,
I'm extending FlowDroid to construct an Android app's call graph. More specifically, I get the call graph by modifying Infoflow.runAnalysis(final ISourceSinkManager sourcesSinks, final Set<String> additionalSeeds) to call Scene.v().getCallGraph(). The call graph is missing edges in an odd way - for a function, the graph has some outgoing edges but is missing ones that should be there. Namely, given the following function (shown in Java rather than jimple for readability), the called methods should be "get()", "isFinished()", "remove()", "free()", "size()", "update()", but I'm only getting "get()", "size()", and "remove()". I don't understand why "remove()" is included but "free()" is not since they are in the same basic block. I'm using soot.jimple.toolkits.callgraph.TransitiveTargets to analyze the call graph.
public void update(float x) {
for (...size()..) {
get();
if (isFinished()) {
remove();
free();
}
}
if (y) {
if (x) {
for (... size()...) get().update(x);
} else {
for (...size()...) get().update(x);
}
}
}
Thank you for your help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20150209/4cc516cf/attachment.html
More information about the Soot-list
mailing list