soot.jimple.VirtualInvokeExpr Java Examples

@Override
public void caseVirtualInvokeExpr(VirtualInvokeExpr virtualInvokeExpr) {
	//is the invokeExpr a source method?
	if(isSourceMethod(virtualInvokeExpr)) {
		StringConstant newSourceValue = StringConstant.v("loggingPoint");
		SMTBinding binding = stmtVisitor.createNewBindingForValue(newSourceValue);
		stmtVisitor.addValueBindingToVariableDeclaration(newSourceValue, binding);				
		//no smt-statement required, just return the binding
		this.result = binding;
		
		// Additionally check whether the source method need special treatment
		if(isExpressionThatNeedsToBeConvertedToSMT(virtualInvokeExpr)) {
			convertSpecialExpressionsToSMT(virtualInvokeExpr, currentStatement);
		}
		
	} else {
		if(isStringOperationSupportedBySMT(virtualInvokeExpr))
			convertStringOperationToSMT(virtualInvokeExpr, virtualInvokeExpr.getBase());
		else if(isExpressionThatNeedsToBeConvertedToSMT(virtualInvokeExpr))
			convertSpecialExpressionsToSMT(virtualInvokeExpr, currentStatement);
		else
			convertAPIMethodToSMT(virtualInvokeExpr);
	}
}
 

@Override
public void caseVirtualInvokeExpr(VirtualInvokeExpr vie) {
	/*
	 * for final methods we build an invoke-virtual opcode, too, although the dex spec says that a virtual method is not final.
	 * An alternative would be the invoke-direct opcode, but this is inconsistent with dx's output...
	 */
	BuilderMethodReference method = DexPrinter.toMethodReference
			(vie.getMethodRef(), dexFile);
	List<Register> argumentRegs = getInstanceInvokeArgumentRegs(vie);
       stmtV.addInsn(buildInvokeInsn("INVOKE_VIRTUAL", method, argumentRegs), origStmt);
}
 

public void caseVirtualInvokeExpr(VirtualInvokeExpr expr) {
	caseInstanceInvokeExpr(expr);
}
 

public void caseVirtualInvokeExpr(VirtualInvokeExpr v) {
	printInvokeExpr(v);		
}
 

public static void main(String[] args) {
	PackManager.v().getPack("wjtp").add(new Transform("wjtp.onflyicfg", new SceneTransformer() {
		
		@Override
		protected void internalTransform(String phaseName, Map<String, String> options) {
			if(Scene.v().hasCallGraph()) throw new RuntimeException("call graph present!");
			
			loadAllClassesOnClassPathToSignatures();
			
			SootMethod mainMethod = Scene.v().getMainMethod();
			OnTheFlyJimpleBasedICFG icfg = new OnTheFlyJimpleBasedICFG(mainMethod);
			Set<SootMethod> worklist = new LinkedHashSet<SootMethod>();
			Set<SootMethod> visited = new HashSet<SootMethod>();
			worklist.add(mainMethod);
			int monomorphic = 0, polymorphic = 0;
			while(!worklist.isEmpty()) {
				Iterator<SootMethod> iter = worklist.iterator();
				SootMethod currMethod = iter.next();
				iter.remove();
				visited.add(currMethod);
				System.err.println(currMethod);
				//MUST call this method to initialize ICFG for every method 
				Body body = currMethod.getActiveBody();
				if(body==null) continue;
				for(Unit u: body.getUnits()) {
					Stmt s = (Stmt)u;
					if(s.containsInvokeExpr()) {
						Set<SootMethod> calleesOfCallAt = icfg.getCalleesOfCallAt(s);
						if(s.getInvokeExpr() instanceof VirtualInvokeExpr || s.getInvokeExpr() instanceof InterfaceInvokeExpr) {
							if(calleesOfCallAt.size()<=1) monomorphic++; else polymorphic++;
							System.err.println("mono: "+monomorphic+"   poly: "+polymorphic);
						}
						for (SootMethod callee : calleesOfCallAt) {
							if(!visited.contains(callee)) {
								System.err.println(callee);
								//worklist.add(callee);
							}
						}
					}
				}
			}
		}

	}));
	Options.v().set_on_the_fly(true);
	soot.Main.main(args);
}
 

public void caseVirtualInvokeExpr(VirtualInvokeExpr expr) {
    caseInstanceInvokeExpr(expr);
}
 

/**
 * Computes the targets of an invoke expression using a given points-to graph.
 * 
 * <p>For static invocations, there is only target. For instance method
 * invocations, the targets depend on the type of receiver objects pointed-to
 * by the instance variable whose method is being invoked.</p>
 * 
 * <p>If the instance variable points to a summary node, then the returned
 * value is <tt>null</tt> signifying a <em>default</em> call-site.</p>
 */
private Set<SootMethod> getTargets(SootMethod callerMethod, Stmt callStmt, InvokeExpr ie, PointsToGraph ptg) {
	Set<SootMethod> targets = new HashSet<SootMethod>();
	SootMethod invokedMethod = ie.getMethod();
	String subsignature = invokedMethod.getSubSignature();
	
	// Static and special invocations refer to the target method directly
	if (ie instanceof StaticInvokeExpr || ie instanceof SpecialInvokeExpr) {
		targets.add(invokedMethod);
		return targets;
	} else {
		assert (ie instanceof InterfaceInvokeExpr || ie instanceof VirtualInvokeExpr);
		// Get the receiver
		Local receiver = (Local) ((InstanceInvokeExpr) ie).getBase();
		// Get what objects the receiver points-to
		Set<AnyNewExpr> heapNodes = ptg.getTargets(receiver);
		if (heapNodes != null) {
			// For each object, find the invoked method for the declared type
			for (AnyNewExpr heapNode : heapNodes) {
				if (heapNode == PointsToGraph.SUMMARY_NODE) {						
					// If even one pointee is a summary node, then this is a default site
					return null;
				} else if (heapNode instanceof NewArrayExpr) {
					// Probably getClass() or something like that on an array
					return null;
				}
				// Find the top-most class that declares a method with the given
				// signature and add it to the resulting targets
				SootClass sootClass = ((RefType) heapNode.getType()).getSootClass();
				do {
					if (sootClass.declaresMethod(subsignature)) {
						targets.add(sootClass.getMethod(subsignature));
						break;
					} else if (sootClass.hasSuperclass()) {
						sootClass = sootClass.getSuperclass();
					} else {
						sootClass = null;
					}
				} while (sootClass != null);
			}
		}
		if (targets.isEmpty()) {
			// System.err.println("Warning! Null call at: " + callStmt+ " in " + callerMethod);
		}
		return targets;
	}
}