[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: spark newbie question

To: Nikhil Swamy <nswamy@cs.umd.edu>
Subject: Re: spark newbie question
From: Ondrej Lhotak <olhotak@sable.mcgill.ca>
Date: Wed, 5 Nov 2003 11:48:08 -0500
Cc: soot-list@sable.mcgill.ca
In-reply-to: <3FA88A44.40107@cs.umd.edu>; from nswamy@cs.umd.edu on Wed, Nov 05, 2003 at 12:27:32AM -0500
References: <3FA88A44.40107@cs.umd.edu>
Sender: owner-soot-list@sable.mcgill.ca
User-agent: Mutt/1.2.5i

I haven't studied what Spark computes for this example in much detail,
but at first glance, I think this is what is happening:

In SampleClass.method1(), the call to method2() is implicitly
this.method1(). However, nowhere in the program do you create an object
that is assigned to method1().this. That is, although you list method1()
as an entry point, there is no actual call to method1(), so there is no
assignment to its this pointer. Therefore, the points-to set of
method1().this is empty, and the call this.method2() does not resolve to
any actual targets.

This same problem applies in general to any methods you put in the entry
points: you need to somehow tell Spark where their arguments come from
(including the implicit argument this). I haven't thought much about
the best way to do this. The arguments for the standard entry points are
hard-coded into Spark. Probably the most flexible way to do it for your
own user-defined entry point methods would be to somehow use the native
method simulation framework. But I haven't thought much about it, and
there could be various snags along the way.

Ondrej

On Wed, Nov 05, 2003 at 12:27:32AM -0500, Nikhil Swamy wrote:
> I'm using the SparkTransformer to create the callgraph using the PAG 
> Points-to framework. I find that the resulting call-graph does not 
> contain all the methods.
> 
> This is how I call the transformer :
> 
> SootClass c = Scene.v().loadClassAndSupport("SampleClass");
> Scene.v().setEntryPoints(c.getMethods());
> Map sparkOptions = new HashMap();
> sparkOptions.put("enabled", "true");
> sparkOptions.put("on-fly-cg", "true");
> sparkOptions.put("set-impl", "hybrid");
> sparkOptions.put("propagator", "worklist");
> sparkOptions.put("verbose", "true");
> SparkTransformer.v().transform("cg", sparkOptions);
> 
> 
> Here are my input classes:
> 
> public class SampleClass {
>     Object fld;
> 
>     void method1() {
>         fld = "TEST STRING 1";
>         SampleClass2 sc2 = new SampleClass2();
>         sc2.testMethod();
>         method2();
>     }
> 
>     void method2() {
>         fld = new java.util.ArrayList();
>     }
> }
> 
> public class SampleClass2{
>     Object fld;
> 
>     public SampleClass2() {}
> 
>     public void testMethod() {
>         fld = "TESTMETHOD";
>     }
> }
> 
> 
> The call graph that I get as output does not contain an edge from 
> SampleClass.method1() to SampleClass.method2() although it does contain 
> the edge from SampleClass.method1() to both SampleClass2.(testMethod() + 
> <init>).
> 
> If I use the DumbPointerAnalysis (i.e. just Scene.v().getCallGraph()) I 
> do actually get all the edges.
> 
> Given the extreme simplicity of this example I assume this is expected 
> behavior from SPARK. Is there an explanation for why this is so?
> 
> Thanks in advance,
> Nikhil
>

References:
- spark newbie question
  - From: Nikhil Swamy <nswamy@cs.umd.edu>

Prev by Date: SootField referencing in a method body
Next by Date: Re: SootField referencing in a method body
Previous by thread: spark newbie question
Next by thread: Spark newbie question
Index(es):
- Date
- Thread