[Soot-list] Get Callsites of each method from callgraph

179 views
Skip to first unread message

Stefan Gommer

unread,
Sep 9, 2014, 10:43:05 AM9/9/14
to soot...@cs.mcgill.ca, Steven Arzt
Hello,

I’m trying to visualize something like a call graph but with grouped methods for each component. For example instead of having a normal call graph like

I want to know in which component each method is called like :


But I don’t know how to get the information, where a method is called. First I tried using the call graph, traversing it by recursively looking for the outgoing edges of each node. But it seems that for each node I can only get the information in which class it is declared, its name, etc. but not the call sites( where the methods are called for example „method_2 called in Activity1: onClick()“ )

Then, instead of using the call graph, I examined the active body of the entry method (dummyMainMethod) and started looking for all invoke expressions in there. Then I wanted to use each SootMethod from InvokeExpr.getMethod() and examine the body of these methods (code below), but unfortunately it turns out, that there is no active body for these methods. Can anyone give me an advice how I can achieve my goal?

Regards, 
Stefan

private static void checkMethod(SootMethod m)
{
// don’t know if used correctly
Scene.v().forceResolve(m.getDeclaringClass().getName(), SootClass.BODIES);

try{
if(m.hasActiveBody()){

Body b = m.getActiveBody();


for(Unit u : b.getUnits()) {


Stmt s = (Stmt)u;
if(s.containsInvokeExpr()) {


InvokeExpr expr = s.getInvokeExpr();


System.out.println("Found invoke expression " + expr);
checkMethod(expr.getMethod());
}
}
} else { System.out.println("Method " + m + " has no active body");}
} finally{}
}

Steven Arzt

unread,
Sep 9, 2014, 10:43:07 AM9/9/14
to Stefan Gommer, soot...@cs.mcgill.ca

Hi Stefan,

 

The callgraph connects every call site with all possible callees. I therefore do not understand why you should not be able to find out where a method is called. You might want to look at the JimpleBasedInterproceduralCFG class which already implements a lot of queries on the callgraph such as getCalleesOfCallAt() and getCallersOf().

 

Best regards,

  Steven

image001.png
image002.png

Steven Arzt

unread,
Oct 8, 2014, 7:11:46 PM10/8/14
to Stefan Gommer, soot...@cs.mcgill.ca

Hi Stefan,

 

Sorry for the late reply. To find the component in which a certain method is called, you need to use the mapping that we have inside the AndroidEntryPointCreator. We collect all the different components and the signatures of the methods that get called inside these classes. It’s called “callbackFunctions”. Maybe you need to patch the entry point creator slightly to make this map publicly available, but this should not be too hard.

 

Best regards,

  Steven

 

Von: soot-lis...@CS.McGill.CA [mailto:soot-lis...@CS.McGill.CA] Im Auftrag von Stefan Gommer


Gesendet: Samstag, 26. Juli 2014 22:37
An: soot...@CS.McGill.CA
Cc: Steven Arzt

image001.png
image002.png
Reply all
Reply to author
Forward
0 new messages