Example 61 with AllocNode
use of soot.jimple.spark.pag.AllocNode in project soot by Sable.
the class TypeManager method get.
public final BitVector get(Type type) {
if (type == null)
return null;
while (allocNodeListener.hasNext()) {
AllocNode n = allocNodeListener.next();
for (final Type t : Scene.v().getTypeNumberer()) {
if (!(t instanceof RefLikeType))
continue;
if (t instanceof AnySubType)
continue;
if (isUnresolved(t))
continue;
if (castNeverFails(n.getType(), t)) {
BitVector mask = typeMask.get(t);
if (mask == null) {
typeMask.put(t, mask = new BitVector());
for (final AllocNode an : pag.getAllocNodeNumberer()) {
if (castNeverFails(an.getType(), t)) {
mask.set(an.getNumber());
}
}
continue;
}
mask.set(n.getNumber());
}
}
}
BitVector ret = (BitVector) typeMask.get(type);
if (ret == null && fh != null) {
// If we have a phantom class and have no type mask, we assume that
// it is not cast-compatible to anything
SootClass curClass = ((RefType) type).getSootClass();
if (type instanceof RefType && curClass.isPhantom())
return new BitVector();
else {
// Scan through the hierarchy. We might have a phantom class higher up
while (curClass.hasSuperclass()) {
curClass = curClass.getSuperclass();
if (type instanceof RefType && curClass.isPhantom())
return new BitVector();
}
throw new RuntimeException("Type mask not found for type " + type);
}
}
return ret;
}
Also used :
RefLikeType(soot.RefLikeType)
RefType(soot.RefType)
BitVector(soot.util.BitVector)
RefType(soot.RefType)
AnySubType(soot.AnySubType)
NullType(soot.NullType)
RefLikeType(soot.RefLikeType)
ArrayType(soot.ArrayType)
Type(soot.Type)
AllocNode(soot.jimple.spark.pag.AllocNode)
AnySubType(soot.AnySubType)
SootClass(soot.SootClass)
Example 62 with AllocNode
use of soot.jimple.spark.pag.AllocNode in project soot by Sable.
the class FullSensitiveNode method injectPts.
/**
* We transfer the SPARK results to current pointer if this pointer is not involved in the geometric analysis.
* Note that, the unreachable objects will not be inserted.
*/
@Override
public void injectPts() {
final GeomPointsTo geomPTA = (GeomPointsTo) Scene.v().getPointsToAnalysis();
pt_objs = new HashMap<AllocNode, GeometricManager>();
me.getP2Set().forall(new P2SetVisitor() {
@Override
public void visit(Node n) {
if (geomPTA.isValidGeometricNode(n))
pt_objs.put((AllocNode) n, (GeometricManager) stubManager);
}
});
new_pts = null;
}
Also used :
AllocNode(soot.jimple.spark.pag.AllocNode)
GeomPointsTo(soot.jimple.spark.geom.geomPA.GeomPointsTo)
SegmentNode(soot.jimple.spark.geom.dataRep.SegmentNode)
StringConstantNode(soot.jimple.spark.pag.StringConstantNode)
RectangleNode(soot.jimple.spark.geom.dataRep.RectangleNode)
ClassConstantNode(soot.jimple.spark.pag.ClassConstantNode)
LocalVarNode(soot.jimple.spark.pag.LocalVarNode)
Node(soot.jimple.spark.pag.Node)
AllocNode(soot.jimple.spark.pag.AllocNode)
P2SetVisitor(soot.jimple.spark.sets.P2SetVisitor)
Example 63 with AllocNode
use of soot.jimple.spark.pag.AllocNode in project soot by Sable.
the class FullSensitiveNode method get_all_context_sensitive_objects.
@Override
public void get_all_context_sensitive_objects(long l, long r, PtSensVisitor visitor) {
if (parent != this) {
getRepresentative().get_all_context_sensitive_objects(l, r, visitor);
return;
}
GeomPointsTo geomPTA = (GeomPointsTo) Scene.v().getPointsToAnalysis();
for (Map.Entry<AllocNode, GeometricManager> entry : pt_objs.entrySet()) {
AllocNode obj = entry.getKey();
SootMethod sm = obj.getMethod();
int sm_int = geomPTA.getIDFromSootMethod(sm);
if (sm_int == -1)
continue;
GeometricManager gm = entry.getValue();
SegmentNode[] int_entry = gm.getFigures();
for (int i = 0; i < GeometricManager.Divisions; ++i) {
// We iterate all the figures
SegmentNode p = int_entry[i];
while (p != null) {
long L = p.I1;
long R = L + p.L;
long objL = -1, objR = -1;
// Now we compute which context sensitive objects are pointed to by this pointer
if (l <= L && L < r) {
// L------------R
if (i == GeometricManager.ONE_TO_ONE) {
long d = r - L;
if (R < r)
d = p.L;
objL = p.I2;
objR = objL + d;
} else {
objL = p.I2;
objR = p.I2 + ((RectangleNode) p).L_prime;
}
} else if (L <= l && l < R) {
// L--------------------R
if (i == GeometricManager.ONE_TO_ONE) {
long d = R - l;
if (R > r)
d = r - l;
objL = p.I2 + l - L;
objR = objL + d;
} else {
objL = p.I2;
objR = p.I2 + ((RectangleNode) p).L_prime;
}
}
// Now we test which context versions this interval [objL, objR) maps to
if (objL != -1 && objR != -1)
visitor.visit(obj, objL, objR, sm_int);
p = p.next;
}
}
}
}
Also used :
AllocNode(soot.jimple.spark.pag.AllocNode)
RectangleNode(soot.jimple.spark.geom.dataRep.RectangleNode)
GeomPointsTo(soot.jimple.spark.geom.geomPA.GeomPointsTo)
SootMethod(soot.SootMethod)
HashMap(java.util.HashMap)
Map(java.util.Map)
PlainConstraint(soot.jimple.spark.geom.dataRep.PlainConstraint)
SegmentNode(soot.jimple.spark.geom.dataRep.SegmentNode)
Example 64 with AllocNode
use of soot.jimple.spark.pag.AllocNode in project soot by Sable.
the class FullSensitiveNode method print_context_sensitive_points_to.
@Override
public void print_context_sensitive_points_to(PrintStream outPrintStream) {
for (Iterator<AllocNode> it = pt_objs.keySet().iterator(); it.hasNext(); ) {
AllocNode obj = it.next();
SegmentNode[] int_entry = find_points_to(obj);
for (int j = 0; j < GeometricManager.Divisions; ++j) {
SegmentNode p = int_entry[j];
while (p != null) {
outPrintStream.print("(" + obj.toString() + ", " + p.I1 + ", " + p.I2 + ", " + p.L + ", ");
if (p instanceof RectangleNode)
outPrintStream.print(((RectangleNode) p).L_prime + ", ");
outPrintStream.println(symbols[j] + ")");
p = p.next;
}
}
}
}
Also used :
AllocNode(soot.jimple.spark.pag.AllocNode)
RectangleNode(soot.jimple.spark.geom.dataRep.RectangleNode)
PlainConstraint(soot.jimple.spark.geom.dataRep.PlainConstraint)
SegmentNode(soot.jimple.spark.geom.dataRep.SegmentNode)
Example 65 with AllocNode
use of soot.jimple.spark.pag.AllocNode in project soot by Sable.
the class FullSensitiveNode method do_before_propagation.
@Override
public void do_before_propagation() {
// We first perform the geometric merging
do_pts_interval_merge();
do_flow_edge_interval_merge();
/*
* The following code eliminates the spurious points-to relation for THIS pointer.
* For example we have two classes A and B, B is a child class of A.
* We have a virtual function foo defined in both A and B.
* We have a pointer p in type A.
* pts(p) = { o1, o2 }, where o1 is in type A and o2 is in type B.
* Therefore, the call p.foo() will be resolved to call both A::foo and B::foo.
* Then, in the points-to analysis, we have two assignments: p -> A::foo.THIS, p -> B::foo.THIS
* At this time, obviously, although with the type filter, A::foo.THIS will receive the object o2, which is definitely a fake.
* Thus, we need a new filter to guarantee that A::foo.THIS only points to o1.
* We call this filter "this pointer filter".
*/
Node wrappedNode = getWrappedNode();
if (wrappedNode instanceof LocalVarNode && ((LocalVarNode) wrappedNode).isThisPtr()) {
SootMethod func = ((LocalVarNode) wrappedNode).getMethod();
if (!func.isConstructor()) {
// We don't process the specialinvoke call edge
SootClass defClass = func.getDeclaringClass();
Hierarchy typeHierarchy = Scene.v().getActiveHierarchy();
for (Iterator<AllocNode> it = new_pts.keySet().iterator(); it.hasNext(); ) {
AllocNode obj = it.next();
if (obj.getType() instanceof RefType) {
SootClass sc = ((RefType) obj.getType()).getSootClass();
if (defClass != sc) {
try {
SootMethod rt_func = typeHierarchy.resolveConcreteDispatch(sc, func);
if (rt_func != func) {
it.remove();
// Also preclude it from propagation again
pt_objs.put(obj, (GeometricManager) deadManager);
}
} catch (RuntimeException e) {
// If the input program has a wrong type cast, resolveConcreteDispatch fails and it goes here
// We simply ignore this error
}
}
}
}
}
}
}
Also used :
RefType(soot.RefType)
Hierarchy(soot.Hierarchy)
AllocNode(soot.jimple.spark.pag.AllocNode)
SegmentNode(soot.jimple.spark.geom.dataRep.SegmentNode)
StringConstantNode(soot.jimple.spark.pag.StringConstantNode)
RectangleNode(soot.jimple.spark.geom.dataRep.RectangleNode)
ClassConstantNode(soot.jimple.spark.pag.ClassConstantNode)
LocalVarNode(soot.jimple.spark.pag.LocalVarNode)
Node(soot.jimple.spark.pag.Node)
AllocNode(soot.jimple.spark.pag.AllocNode)
SootMethod(soot.SootMethod)
SootClass(soot.SootClass)
LocalVarNode(soot.jimple.spark.pag.LocalVarNode)
Aggregations
AllocNode (soot.jimple.spark.pag.AllocNode)67
Node (soot.jimple.spark.pag.Node)37
VarNode (soot.jimple.spark.pag.VarNode)36
LocalVarNode (soot.jimple.spark.pag.LocalVarNode)28
PointsToSetInternal (soot.jimple.spark.sets.PointsToSetInternal)25
FieldRefNode (soot.jimple.spark.pag.FieldRefNode)22
P2SetVisitor (soot.jimple.spark.sets.P2SetVisitor)19
PlainConstraint (soot.jimple.spark.geom.dataRep.PlainConstraint)18
SegmentNode (soot.jimple.spark.geom.dataRep.SegmentNode)18
SootMethod (soot.SootMethod)17
ClassConstantNode (soot.jimple.spark.pag.ClassConstantNode)17
SparkField (soot.jimple.spark.pag.SparkField)16
RefType (soot.RefType)14
Type (soot.Type)13
AllocDotField (soot.jimple.spark.pag.AllocDotField)13
NewInstanceNode (soot.jimple.spark.pag.NewInstanceNode)11
HashSet (java.util.HashSet)10
GlobalVarNode (soot.jimple.spark.pag.GlobalVarNode)10
StringConstantNode (soot.jimple.spark.pag.StringConstantNode)10
SootClass (soot.SootClass)9
