soot.jimple.InstanceInvokeExpr Java Examples
The following examples show how to use
soot.jimple.InstanceInvokeExpr.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: TypeStateMachineWeightFunctions.java From SPDS with Eclipse Public License 2.0 | 6 votes |
|
protected Collection<Val> generateAtConstructor(SootMethod m, Unit unit, Collection<SootMethod> calledMethod,
MatcherTransition initialTrans) {
boolean matches = false;
for (SootMethod method : calledMethod) {
if (initialTrans.matches(method)) {
matches = true;
}
}
if (!matches)
return Collections.emptySet();
if (unit instanceof Stmt) {
Stmt stmt = (Stmt) unit;
if (stmt.containsInvokeExpr())
if (stmt.getInvokeExpr() instanceof InstanceInvokeExpr) {
InstanceInvokeExpr iie = (InstanceInvokeExpr) stmt.getInvokeExpr();
if (iie.getBase() instanceof Local) {
Local l = (Local) iie.getBase();
Set<Val> out = new HashSet<>();
out.add(new Val(l, m));
return out;
}
}
}
return Collections.emptySet();
}
Example #2
| Source File: CopyConstantAnalysis.java From vasco with GNU Lesser General Public License v2.1 | 6 votes |
|
@Override
public Map<Local, Constant> callEntryFlowFunction(Context<SootMethod, Unit, Map<Local, Constant>> context, SootMethod calledMethod, Unit unit, Map<Local, Constant> inValue) {
// Initialise result to empty map
Map<Local, Constant> entryValue = topValue();
// Map arguments to parameters
InvokeExpr ie = ((Stmt) unit).getInvokeExpr();
for (int i = 0; i < ie.getArgCount(); i++) {
Value arg = ie.getArg(i);
Local param = calledMethod.getActiveBody().getParameterLocal(i);
assign(param, arg, inValue, entryValue);
}
// And instance of the this local
if (ie instanceof InstanceInvokeExpr) {
Value instance = ((InstanceInvokeExpr) ie).getBase();
Local thisLocal = calledMethod.getActiveBody().getThisLocal();
assign(thisLocal, instance, inValue, entryValue);
}
// Return the entry value at the called method
return entryValue;
}
Example #3
| Source File: AbstractBoomerangSolver.java From SPDS with Eclipse Public License 2.0 | 6 votes |
|
public boolean isParameter(Val value, Stmt u) {
if (u.containsInvokeExpr()) {
InvokeExpr invokeExpr = u.getInvokeExpr();
if (invokeExpr instanceof InstanceInvokeExpr) {
InstanceInvokeExpr iie = (InstanceInvokeExpr) invokeExpr;
if (iie.getBase().equals(value.value()))
return true;
}
for (Value arg : invokeExpr.getArgs()) {
if (arg.equals(value.value())) {
return true;
}
}
}
return false;
}
Example #4
| Source File: SignAnalysis.java From vasco with GNU Lesser General Public License v2.1 | 6 votes |
|
@Override
public Map<Local, SignAnalysis.Sign> callEntryFlowFunction(
Context<SootMethod, Unit, Map<Local, SignAnalysis.Sign>> context, SootMethod calledMethod, Unit unit,
Map<Local, SignAnalysis.Sign> inValue) {
// Initialise result to empty map
Map<Local, SignAnalysis.Sign> entryValue = topValue();
// Map arguments to parameters
InvokeExpr ie = ((Stmt) unit).getInvokeExpr();
for (int i = 0; i < ie.getArgCount(); i++) {
Value arg = ie.getArg(i);
Local param = calledMethod.getActiveBody().getParameterLocal(i);
assign(param, arg, inValue, entryValue);
}
// And instance of the this local
if (ie instanceof InstanceInvokeExpr) {
Value instance = ((InstanceInvokeExpr) ie).getBase();
Local thisLocal = calledMethod.getActiveBody().getThisLocal();
assign(thisLocal, instance, inValue, entryValue);
}
// Return the entry value at the called method
return entryValue;
}
Example #5
| Source File: HasNextStateMachine.java From SPDS with Eclipse Public License 2.0 | 6 votes |
|
@Override
public Set<WeightedForwardQuery<TransitionFunction>> generateSeed(SootMethod method, Unit unit) {
Iterator<Edge> edIt = Scene.v().getCallGraph().edgesOutOf(unit);
while (edIt.hasNext()) {
SootMethod m = edIt.next().getTgt().method();
if (retrieveIteratorConstructors().contains(m)) {
Stmt stmt = ((Stmt) unit);
InvokeExpr invokeExpr = stmt.getInvokeExpr();
if (stmt instanceof AssignStmt) {
AssignStmt assignStmt = (AssignStmt) stmt;
InstanceInvokeExpr iie = (InstanceInvokeExpr) invokeExpr;
return Collections
.singleton(new WeightedForwardQuery<>(
new Statement(stmt, method), new AllocVal(assignStmt.getLeftOp(), method,
assignStmt.getLeftOp(), new Statement((Stmt) unit, m)),
initialTransition()));
}
}
}
return Collections.emptySet();
}
Example #6
| Source File: GeomPointsTo.java From JAADAS with GNU General Public License v3.0 | 6 votes |
|
/**
* Obtain the set of possible call targets at given @param callsite.
*/
private void getCallTargets(IVarAbstraction pn, SootMethod src,
Stmt callsite, ChunkedQueue<SootMethod> targetsQueue)
{
InstanceInvokeExpr iie = (InstanceInvokeExpr)callsite.getInvokeExpr();
Local receiver = (Local)iie.getBase();
NumberedString subSig = iie.getMethodRef().getSubSignature();
// We first build the set of possible call targets
for (AllocNode an : pn.get_all_points_to_objects()) {
Type type = an.getType();
if (type == null) continue;
VirtualCalls.v().resolve(type,
receiver.getType(), subSig, src,
targetsQueue);
}
}
Example #7
| Source File: TypeStateMachineWeightFunctions.java From SPDS with Eclipse Public License 2.0 | 6 votes |
|
public TransitionFunction callToReturn(Node<Statement, Val> curr, Node<Statement, Val> succ,
InvokeExpr invokeExpr) {
Set<Transition> res = Sets.newHashSet();
if (invokeExpr instanceof InstanceInvokeExpr) {
SootMethod method = invokeExpr.getMethod();
InstanceInvokeExpr e = (InstanceInvokeExpr) invokeExpr;
if (e.getBase().equals(succ.fact().value())) {
for (MatcherTransition trans : transition) {
if (trans.matches(method) && (trans.getType().equals(Type.OnCallToReturn)
|| trans.getType().equals(Type.OnCallOrOnCallToReturn))) {
res.add(trans);
}
}
}
}
return (res.isEmpty() ? getOne() : new TransitionFunction(res, Collections.singleton(succ.stmt())));
}
Example #8
| Source File: ExprTranslator.java From JAADAS with GNU General Public License v3.0 | 6 votes |
|
boolean handleSpecialCall(InstanceInvokeExpr expr, SootMethod target) {
String mn = target.getName();
int np = target.getParameterCount();
SootClass dc = target.getDeclaringClass();
// Is it a method in a Foo object?
if (isFoo(dc)) {
if (mn.equals("foo") && np == 1){
Variable lvar = new Variable(Variable.Type.FOO);
Method foo = new Method("foo", new Variable[0]);
FooMethodCall fmc = new FooMethodCall(foo);
fmc.setAssignmentTarget(lvar);
st.addStatement(fmc);
return true;
}
// Unknown Foo method
return false;
}
// Not a special call
return false;
}
Example #9
| Source File: FunctionFactoryUtils.java From DroidRA with GNU Lesser General Public License v2.1 | 6 votes |
|
/**
* Determines if an instance field should be propagated through a method call. This method only
* checks propagation rule for the field base. It does not check if the field points to an
* argument, which should be done outside this method.
*
* @param instanceFieldRef An instance field reference.
* @param invokeExpr An invoke expression for the called method.
* @return True if the field should be propagated.
*/
public static boolean shouldPropagateInstanceField(InstanceFieldRef instanceFieldRef,
InvokeExpr invokeExpr) {
Value fieldBase = instanceFieldRef.getBase();
List<Value> argList = invokeExpr.getArgs();
// A field reference should be propagated if the base of the field points to a method argument.
for (int i = 0; i < argList.size(); ++i) {
if (sourcePointsToArgument(fieldBase, argList.get(i))) {
return true;
}
}
// A field reference should be propagated if the base of the field points to the base of the
// method call for an instance call.
if (invokeExpr instanceof InstanceInvokeExpr) {
Value invokeExprBase = ((InstanceInvokeExpr) invokeExpr).getBase();
if (sourcePointsToArgument(fieldBase, invokeExprBase)) {
return true;
}
}
return false;
}
Example #10
| Source File: EasyTaintWrapper.java From JAADAS with GNU General Public License v3.0 | 6 votes |
|
@Override
public boolean supportsCallee(Stmt callSite) {
// We need an invocation expression
if (!callSite.containsInvokeExpr())
return false;
SootMethod method = callSite.getInvokeExpr().getMethod();
if (!supportsCallee(method))
return false;
// We need a method that can create a taint
if (!aggressiveMode) {
// Check for a cached wrap type
final MethodWrapType wrapType = methodWrapCache.getUnchecked(method);
if (wrapType != MethodWrapType.CreateTaint)
return false;
}
// We need at least one non-constant argument or a tainted base
if (callSite.getInvokeExpr() instanceof InstanceInvokeExpr)
return true;
for (Value val : callSite.getInvokeExpr().getArgs())
if (!(val instanceof Constant))
return true;
return false;
}
Example #11
| Source File: EasyTaintWrapper.java From JAADAS with GNU General Public License v3.0 | 6 votes |
|
@Override
public boolean isExclusiveInternal(Stmt stmt, AccessPath taintedPath) {
SootMethod method = stmt.getInvokeExpr().getMethod();
// Do we have an entry for at least one entry in the given class?
if (hasWrappedMethodsForClass(method.getDeclaringClass(), true, true, true))
return true;
// In aggressive mode, we always taint the return value if the base
// object is tainted.
if (aggressiveMode && stmt.getInvokeExpr() instanceof InstanceInvokeExpr) {
InstanceInvokeExpr iiExpr = (InstanceInvokeExpr) stmt.getInvokeExpr();
if (iiExpr.getBase().equals(taintedPath.getPlainValue()))
return true;
}
final MethodWrapType wrapType = methodWrapCache.getUnchecked(method);
return wrapType != MethodWrapType.NotRegistered;
}
Example #12
| Source File: MethodReturnValueManager.java From DroidRA with GNU Lesser General Public License v2.1 | 6 votes |
|
/**
* Registers default method return value analyses.
*/
public void registerDefaultMethodReturnValueAnalyses() {
registerMethodReturnValueAnalysis("java.lang.String getName()",
new MethodReturnValueAnalysis() {
@Override
public Set<Object> computeMethodReturnValues(Call call) {
InvokeExpr invokeExpr = call.stmt.getInvokeExpr();
if (invokeExpr instanceof InstanceInvokeExpr) {
InstanceInvokeExpr instanceInvokeExpr = (InstanceInvokeExpr) invokeExpr;
if (invokeExpr.getMethod().getDeclaringClass().getName().equals("java.lang.Class")) {
return ArgumentValueManager.v()
.getArgumentValueAnalysis(Constants.DefaultArgumentTypes.Scalar.CLASS)
.computeVariableValues(instanceInvokeExpr.getBase(), call.stmt);
}
}
return null;
}
});
}
Example #13
| Source File: TypeStateMachineWeightFunctions.java From SPDS with Eclipse Public License 2.0 | 5 votes |
|
protected Collection<WeightedForwardQuery<TransitionFunction>> generateThisAtAnyCallSitesOf(SootMethod m, Unit unit,
Collection<SootMethod> invokesMethod) {
if (unit instanceof Stmt) {
if (((Stmt) unit).containsInvokeExpr() && ((Stmt) unit).getInvokeExpr() instanceof InstanceInvokeExpr) {
InstanceInvokeExpr iie = (InstanceInvokeExpr) ((Stmt) unit).getInvokeExpr();
if (invokesMethod.contains(iie.getMethod())) {
Local thisLocal = (Local) iie.getBase();
return Collections.singleton(new WeightedForwardQuery<>(new Statement((Stmt) unit, m),
new AllocVal(thisLocal, m, iie, new Statement((Stmt) unit, m)), initialTransition()));
}
}
}
return Collections.emptySet();
}
Example #14
| Source File: MethodInvocationInstruction.java From JAADAS with GNU General Public License v3.0 | 5 votes |
|
public void finalize(DexBody body, DexlibAbstractInstruction successor) {
// defer final jimplification to move result
if (successor instanceof MoveResultInstruction) {
// MoveResultInstruction i = (MoveResultInstruction)successor;
// i.setExpr(invocation);
// if (lineNumber != -1)
// i.setTag(new SourceLineNumberTag(lineNumber));
assign = Jimple.v().newAssignStmt(body.getStoreResultLocal(), invocation);
setUnit(assign);
addTags(assign);
body.add(assign);
unit = assign;
// this is a invoke statement (the MoveResult had to be the direct successor for an expression)
} else {
InvokeStmt invoke = Jimple.v().newInvokeStmt(invocation);
setUnit(invoke);
addTags(invoke);
body.add(invoke);
unit = invoke;
}
if (IDalvikTyper.ENABLE_DVKTYPER) {
Debug.printDbg(IDalvikTyper.DEBUG, "constraint special invoke: "+ assign);
if (invocation instanceof InstanceInvokeExpr) {
Type t = invocation.getMethodRef().declaringClass().getType();
DalvikTyper.v().setType(((InstanceInvokeExpr) invocation).getBaseBox(), t, true);
//DalvikTyper.v().setObjectType(assign.getLeftOpBox());
}
int i = 0;
for (Type pt: (List<Type>)invocation.getMethodRef().parameterTypes()) {
DalvikTyper.v().setType(invocation.getArgBox(i++), pt, true);
}
int op = (int)instruction.getOpcode().value;
if (assign != null) {
DalvikTyper.v().setType(assign.getLeftOpBox(), invocation.getType(), false);
}
}
}
Example #15
| Source File: Model.java From DroidRA with GNU Lesser General Public License v2.1 | 5 votes |
|
/**
* Returns the arguments associated with a method descriptor.
*
* @param signatureToMethodDescriptionMap A map from signatures to method descriptors.
* @param invokeExpr An invoke expression.
* @return An array of arguments if arguments are found for the method descriptor, null otherwise.
*/
private Argument[] getArgumentsFromMethodDescription(
Map<String, MethodDescription> signatureToMethodDescriptionMap, InvokeExpr invokeExpr) {
SootMethod method = invokeExpr.getMethod();
String signature = method.getSignature();
MethodDescription methodDescription = signatureToMethodDescriptionMap.get(signature);
if (methodDescription != null) {
return methodDescription.getArguments();
}
signature = method.getSubSignature();
methodDescription = signatureToMethodDescriptionMap.get(signature);
if (methodDescription == null) {
return null;
}
String superclassName = methodDescription.getBaseClass();
if (superclassName == null || !Scene.v().containsClass(superclassName)
|| invokeExpr instanceof InterfaceInvokeExpr) {
return null;
}
SootClass superclass = Scene.v().getSootClass(superclassName);
String baseType;
if (invokeExpr instanceof InstanceInvokeExpr) {
Value baseValue = ((InstanceInvokeExpr) invokeExpr).getBase();
baseType = baseValue.getType().toString();
} else {
baseType = invokeExpr.getMethod().getDeclaringClass().getName();
}
if (Scene.v().containsClass(baseType)
&& Scene.v().getActiveHierarchy()
.isClassSubclassOfIncluding(Scene.v().getSootClass(baseType), superclass)) {
return methodDescription.getArguments();
} else {
return null;
}
}
Example #16
| Source File: ObservableDynamicICFG.java From SPDS with Eclipse Public License 2.0 | 5 votes |
|
private void queryForCallees(Unit unit) {
// Construct BackwardQuery, so we know which types the object might have
logger.debug("Queried for callees of '{}'.", unit);
Stmt stmt = (Stmt) unit;
InvokeExpr invokeExpr = stmt.getInvokeExpr();
Value value = ((InstanceInvokeExpr) invokeExpr).getBase();
Val val = new Val(value, getMethodOf(stmt));
for (Unit pred : getPredsOf(stmt)) {
Statement statement = new Statement((Stmt) pred, getMethodOf(unit));
BackwardQuery query = new BackwardQuery(statement, val);
// Execute that query
solver.solve(query, false);
forAnyAllocationSiteOfQuery(query, invokeExpr, stmt);
// Go through possible types an add edges to implementations in possible types
// Set<ForwardQuery> keySet = results.getAllocationSites().keySet();
// for (ForwardQuery forwardQuery : keySet) {
//
// }
// Fallback on Precompute if set was empty
// if (options.fallbackOnPrecomputedOnEmpty() && keySet.isEmpty()) {
// Iterator<Edge> precomputedCallers = precomputedCallGraph.edgesOutOf(unit);
// while (precomputedCallers.hasNext()) {
// Edge methodCall = precomputedCallers.next();
// if (methodCall.srcUnit() == null)
// continue;
// addCallIfNotInGraph(methodCall.srcUnit(), methodCall.tgt(), methodCall.kind());
// }
// }
}
}
Example #17
| Source File: ObservableDynamicICFG.java From SPDS with Eclipse Public License 2.0 | 5 votes |
|
@Override
public void addCalleeListener(CalleeListener<Unit, SootMethod> listener) {
if (!calleeListeners.put(listener.getObservedCaller(), listener)) {
return;
}
// Notify the new listener about edges we already know
Unit unit = listener.getObservedCaller();
Stmt stmt = (Stmt) unit;
Iterator<Edge> edgeIterator = demandDrivenCallGraph.edgesOutOf(unit);
while (edgeIterator.hasNext()) {
Edge edge = edgeIterator.next();
listener.onCalleeAdded(unit, edge.tgt());
}
InvokeExpr ie = stmt.getInvokeExpr();
// Now check if we need to find new edges
if ((ie instanceof InstanceInvokeExpr)) {
// If it was invoked on an object we might find new instances
if (ie instanceof SpecialInvokeExpr) {
// If it was a special invoke, there is a single target
addCallIfNotInGraph(unit, ie.getMethod(), Kind.SPECIAL);
// If the precomputed graph has more edges than our graph, there may be more edges to find
} else if (precomputedCallGraph != null && potentiallyHasMoreEdges(precomputedCallGraph.edgesOutOf(unit),
demandDrivenCallGraph.edgesOutOf(unit))) {
// Query for callees of the unit and add edges to the graph
queryForCallees(unit);
}
} else {
// Call was not invoked on an object. Must be static
addCallIfNotInGraph(unit, ie.getMethod(), Kind.STATIC);
}
}
Example #18
| Source File: SourceMethodReturnValueAnalysis.java From DroidRA with GNU Lesser General Public License v2.1 | 5 votes |
|
@Override
public Set<Object> computeMethodReturnValues(Call call) {
Stmt stmt = call.stmt;
if (!stmt.containsInvokeExpr() || !(stmt.getInvokeExpr() instanceof InstanceInvokeExpr)) {
return Collections.singleton((Object) "(.*)");
} else {
return Collections.singleton((Object) new SourceDescriptor(((InstanceInvokeExpr) stmt
.getInvokeExpr()).getBase(), stmt));
}
}
Example #19
| Source File: BackwardBoomerangSolver.java From SPDS with Eclipse Public License 2.0 | 5 votes |
|
@Override
protected Collection<? extends State> computeReturnFlow(SootMethod method, Stmt curr, Val value, Stmt callSite,
Stmt returnSite) {
Statement returnSiteStatement = new Statement(returnSite, icfg.getMethodOf(returnSite));
Set<State> out = Sets.newHashSet();
if (!method.isStatic()) {
if (method.getActiveBody().getThisLocal().equals(value.value())) {
if (callSite.containsInvokeExpr()) {
if (callSite.getInvokeExpr() instanceof InstanceInvokeExpr) {
InstanceInvokeExpr iie = (InstanceInvokeExpr) callSite.getInvokeExpr();
out.add(new CallPopNode<Val, Statement>(new Val(iie.getBase(), icfg.getMethodOf(callSite)),
PDSSystem.CALLS, returnSiteStatement));
}
}
}
}
int index = 0;
for (Local param : method.getActiveBody().getParameterLocals()) {
if (param.equals(value.value())) {
if (callSite.containsInvokeExpr()) {
InvokeExpr ie = callSite.getInvokeExpr();
out.add(new CallPopNode<Val, Statement>(new Val(ie.getArg(index), icfg.getMethodOf(callSite)),
PDSSystem.CALLS, returnSiteStatement));
}
}
index++;
}
if (value.isStatic()) {
out.add(new CallPopNode<Val, Statement>(
new StaticFieldVal(value.value(), ((StaticFieldVal) value).field(), icfg.getMethodOf(callSite)),
PDSSystem.CALLS, returnSiteStatement));
}
return out;
}
Example #20
| Source File: ForwardBoomerangSolver.java From SPDS with Eclipse Public License 2.0 | 5 votes |
|
public Collection<? extends State> computeCallFlow(SootMethod caller, Statement callSite, InvokeExpr invokeExpr,
Val fact, SootMethod callee, Stmt calleeSp) {
if (!callee.hasActiveBody() || callee.isStaticInitializer()) {
return Collections.emptySet();
}
Body calleeBody = callee.getActiveBody();
Set<State> out = Sets.newHashSet();
if (invokeExpr instanceof InstanceInvokeExpr) {
InstanceInvokeExpr iie = (InstanceInvokeExpr) invokeExpr;
if (iie.getBase().equals(fact.value()) && !callee.isStatic()) {
out.add(new PushNode<Statement, Val, Statement>(new Statement(calleeSp, callee),
new Val(calleeBody.getThisLocal(), callee), callSite, PDSSystem.CALLS));
}
}
int i = 0;
List<Local> parameterLocals = calleeBody.getParameterLocals();
for (Value arg : invokeExpr.getArgs()) {
if (arg.equals(fact.value()) && parameterLocals.size() > i) {
Local param = parameterLocals.get(i);
out.add(new PushNode<Statement, Val, Statement>(new Statement(calleeSp, callee), new Val(param, callee),
callSite, PDSSystem.CALLS));
}
i++;
}
if (fact.isStatic()) {
out.add(new PushNode<Statement, Val, Statement>(new Statement(calleeSp, callee),
new StaticFieldVal(fact.value(), ((StaticFieldVal) fact).field(), callee), callSite,
PDSSystem.CALLS));
}
return out;
}
Example #21
| Source File: ArgumentValueAnalysis.java From DroidRA with GNU Lesser General Public License v2.1 | 5 votes |
|
/**
* Computes the possible argument values for a given statement and a given argument.
*
* By default this simply calls {@link #computeArgumentValues(Argument, Unit)}.
*
* @param argument An {@link Argument}.
* @param callSite A call statement.
* @return The set of possible values for the argument.
*/
public Set<Object> computeArgumentValues(Argument argument, Unit callSite) {
if (argument.getArgnum() == null) {
return null;
}
if (AnalysisParameters.v().useShimple()) {
// Shimple is not supported.
return Collections.singleton((Object) getTopValue());
} else {
Stmt stmt = (Stmt) callSite;
if (!stmt.containsInvokeExpr()) {
throw new RuntimeException("Statement " + stmt + " does not contain an invoke expression");
}
InvokeExpr invokeExpr = stmt.getInvokeExpr();
int argnum = argument.getArgnum()[0];
Value value = null;
if (argnum == Constants.INSTANCE_INVOKE_BASE_INDEX) {
if (invokeExpr instanceof InstanceInvokeExpr) {
value = ((InstanceInvokeExpr) invokeExpr).getBase();
} else {
throw new RuntimeException("Invoke expression has no base: " + invokeExpr);
}
} else {
value = stmt.getInvokeExpr().getArg(argnum);
}
return computeVariableValues(value, stmt);
}
}
Example #22
| Source File: UnitThrowAnalysis.java From JAADAS with GNU General Public License v3.0 | 5 votes |
|
private void caseInstanceInvokeExpr(InstanceInvokeExpr expr) {
result = result.add(mgr.RESOLVE_METHOD_ERRORS);
result = result.add(mgr.NULL_POINTER_EXCEPTION);
for (int i = 0; i < expr.getArgCount(); i++) {
result = result.add(mightThrow(expr.getArg(i)));
}
result = result.add(mightThrow(expr.getBase()));
result = result.add(mightThrow(expr.getMethodRef()));
}
Example #23
| Source File: ExprVisitor.java From JAADAS with GNU General Public License v3.0 | 5 votes |
|
private List<Register> getInstanceInvokeArgumentRegs(InstanceInvokeExpr iie) {
constantV.setOrigStmt(origStmt);
List<Register> argumentRegs = getInvokeArgumentRegs(iie);
// always add reference to callee as first parameter (instance != static)
Value callee = iie.getBase();
Register calleeRegister = regAlloc.asLocal(callee);
argumentRegs.add(0, calleeRegister);
return argumentRegs;
}
Example #24
| Source File: OnTheFlyJimpleBasedICFG.java From JAADAS with GNU General Public License v3.0 | 5 votes |
|
@Override
public Set<SootMethod> load(Unit u) throws Exception {
Stmt stmt = (Stmt)u;
InvokeExpr ie = stmt.getInvokeExpr();
FastHierarchy fastHierarchy = Scene.v().getFastHierarchy();
//FIXME Handle Thread.start etc.
if(ie instanceof InstanceInvokeExpr) {
if(ie instanceof SpecialInvokeExpr) {
//special
return Collections.singleton(ie.getMethod());
} else {
//virtual and interface
InstanceInvokeExpr iie = (InstanceInvokeExpr) ie;
Local base = (Local) iie.getBase();
RefType concreteType = bodyToLMNAA.getUnchecked(unitToOwner.get(u)).concreteType(base, stmt);
if(concreteType!=null) {
//the base variable definitely points to a single concrete type
SootMethod singleTargetMethod = fastHierarchy.resolveConcreteDispatch(concreteType.getSootClass(), iie.getMethod());
return Collections.singleton(singleTargetMethod);
} else {
SootClass baseTypeClass;
if(base.getType() instanceof RefType) {
RefType refType = (RefType) base.getType();
baseTypeClass = refType.getSootClass();
} else if(base.getType() instanceof ArrayType) {
baseTypeClass = Scene.v().getSootClass("java.lang.Object");
} else if(base.getType() instanceof NullType) {
//if the base is definitely null then there is no call target
return Collections.emptySet();
} else {
throw new InternalError("Unexpected base type:"+base.getType());
}
return fastHierarchy.resolveAbstractDispatch(baseTypeClass, iie.getMethod());
}
}
} else {
//static
return Collections.singleton(ie.getMethod());
}
}
Example #25
| Source File: UseChecker.java From JAADAS with GNU General Public License v3.0 | 5 votes |
|
private void handleInvokeExpr(InvokeExpr ie, Stmt stmt)
{
SootMethodRef m = ie.getMethodRef();
if ( ie instanceof InstanceInvokeExpr )
{
InstanceInvokeExpr iie = (InstanceInvokeExpr)ie;
iie.setBase(this.uv.visit(
iie.getBase(),m.declaringClass().getType(), stmt));
}
for ( int i = 0; i < ie.getArgCount(); i++ )
ie.setArg(i, this.uv.visit(
ie.getArg(i), m.parameterType(i), stmt));
}
Example #26
| Source File: NullnessAnalysis.java From JAADAS with GNU General Public License v3.0 | 5 votes |
|
private void handleInvokeExpr(InvokeExpr invokeExpr,AnalysisInfo out) {
if(invokeExpr instanceof InstanceInvokeExpr) {
InstanceInvokeExpr instanceInvokeExpr = (InstanceInvokeExpr) invokeExpr;
//here we know that the receiver must point to an object
Value base = instanceInvokeExpr.getBase();
out.put(base,NON_NULL);
}
}
Example #27
| Source File: NullnessAssumptionAnalysis.java From JAADAS with GNU General Public License v3.0 | 5 votes |
|
private void handleInvokeExpr(InvokeExpr invokeExpr,AnalysisInfo out) {
if(invokeExpr instanceof InstanceInvokeExpr) {
InstanceInvokeExpr instanceInvokeExpr = (InstanceInvokeExpr) invokeExpr;
//here we know that the receiver must point to an object
Value base = instanceInvokeExpr.getBase();
out.put(base,NON_NULL);
}
//but the returned object might point to everything
// out.put(invokeExpr, TOP);
}
Example #28
| Source File: OfflineProcessor.java From JAADAS with GNU General Public License v3.0 | 5 votes |
|
public void defaultFeedPtsRoutines()
{
switch (Parameters.seedPts) {
case Constants.seedPts_allUser:
setAllUserCodeVariablesUseful();
break;
case Constants.seedPts_all:
// All pointers will be processed
for (int i = 0; i < n_var; ++i) {
IVarAbstraction pn = int2var.get(i);
if ( pn != null &&
pn.getRepresentative() == pn )
pn.willUpdate = true;
}
return;
}
// We always refine the callsites that have multiple call targets
Set<Node> multiBaseptrs = new HashSet<Node>();
for (Stmt callsite : geomPTA.multiCallsites) {
InstanceInvokeExpr iie =
(InstanceInvokeExpr) callsite.getInvokeExpr();
VarNode vn = geomPTA.findLocalVarNode(iie.getBase());
multiBaseptrs.add(vn);
}
addUserDefPts(multiBaseptrs);
}
Example #29
| Source File: ValueTemplatePrinter.java From JAADAS with GNU General Public License v3.0 | 5 votes |
|
private void printInvokeExpr(InvokeExpr v) {
p.openBlock();
String oldName = varName;
SootMethodRef method = v.getMethodRef();
SootMethod m = method.resolve();
if(!m.isStatic()) {
Local base= (Local)((InstanceInvokeExpr)v).getBase();
p.println("Local base = localByName(b,\"" + base.getName()+ "\");");
}
p.println("List<Type> parameterTypes = new LinkedList<Type>();");
int i=0;
for(Type t: (List<Type>)m.getParameterTypes()) {
ttp.setVariableName("type"+i);
t.apply(ttp);
p.println("parameterTypes.add(type"+i+");");
i++;
}
ttp.setVariableName("returnType");
m.getReturnType().apply(ttp);
p.print("SootMethodRef methodRef = ");
p.printNoIndent("Scene.v().makeMethodRef(");
String className = m.getDeclaringClass().getName();
p.printNoIndent("Scene.v().getSootClass(\""+className+"\"),");
p.printNoIndent("\""+m.getName()+"\",");
p.printNoIndent("parameterTypes,");
p.printNoIndent("returnType,");
p.printlnNoIndent(m.isStatic()+");");
printExpr(v, "base", "methodRef");
varName = oldName;
p.closeBlock();
}
Example #30
| Source File: JavaTranslator.java From JAADAS with GNU General Public License v3.0 | 5 votes |
|
public List<SootMethod> getTargetsOf(InvokeExpr expr) {
if (expr instanceof InstanceInvokeExpr) {
return getTargetsOf(((InstanceInvokeExpr)expr).getBase(), expr.getMethod());
}
List<SootMethod> targets = new ArrayList(1);
targets.add(expr.getMethod());
return targets;
}
