[Wala-wala] Can wala construct CFG without dependency packages?

81 views
Skip to first unread message

WenyuanXu

unread,
Dec 2, 2019, 7:45:58 AM12/2/19
to wala-wala
Hi,

We are using WALA to do some taint flow analysis. I want to know if WALA can construct CFG from application jar without some of the dependency packagesIf yes, how to do this? 

Manu Sridharan

unread,
Dec 2, 2019, 11:44:49 AM12/2/19
to WALA discussion and Q&A
Hi there,

In general WALA should work fine when code is missing, in that it won't crash.  However, the analysis result will not reflect all possible behaviors of the missing code.  Instead, the framework (unsoundly) assumes the missing code won't affect the analysis result.

Have you run into an issue or crash when trying to perform your analysis with some dependencies missing?

Thanks,
Manu
On Mon, Dec 2, 2019 at 04:46 WenyuanXu <anem...@qq.com> wrote:
Hi,

We are using WALA to do some taint flow analysis. I want to know if WALA can construct CFG from application jar without some of the dependency packagesIf yes, how to do this? 
_______________________________________________
Wala-wala mailing list
Wala...@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wala-wala

WenyuanXu

unread,
Dec 2, 2019, 10:41:20 PM12/2/19
to wala-wala
Hi Manu,

Yes, I got an crash when building callgraph without some dependencies. 

The code to be analyzed are as follows:
```java
package org.joychou.security;

import com.alibaba.fastjson.JSON;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.MediaType;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.savedrequest.DefaultSavedRequest;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URI;
import java.util.HashMap;
import java.util.Map;

public class LoginSuccessHandler implements AuthenticationSuccessHandler {

    private final Logger logger = LoggerFactory.getLogger(this.getClass());

    /* Entry class&caller */
    @Override
    public void onAuthenticationSuccess(HttpServletRequest request,
                                        HttpServletResponse response, Authentication authentication)
                                        throws ServletException, IOException {

        logger.info("USER " + authentication.getName()+ " LOGIN SUCCESS.");
        Map<String, String> content = new HashMap<>();
        content.put("code", "0");
        content.put("message", "Login success");
        // google ajax and sendRedirect
        response.setContentType(MediaType.APPLICATION_JSON_VALUE);
        response.getWriter().write(JSON.toJSONString(content)); // callee
    }
}
```

And for that, I wrote the following analysis code:
```java
import com.ibm.wala.classLoader.Language;
import com.ibm.wala.ipa.callgraph.*;
import com.ibm.wala.ipa.callgraph.impl.DefaultEntrypoint;
import com.ibm.wala.ipa.callgraph.impl.Util;
import com.ibm.wala.ipa.callgraph.propagation.PointerAnalysis;
import com.ibm.wala.ipa.cha.ClassHierarchy;
import com.ibm.wala.ipa.cha.ClassHierarchyFactory;
import com.ibm.wala.shrikeCT.InvalidClassFileException;
import com.ibm.wala.types.Descriptor;
import com.ibm.wala.types.MethodReference;
import com.ibm.wala.types.TypeName;
import com.ibm.wala.types.TypeReference;
import com.ibm.wala.util.CancelException;
import com.ibm.wala.util.WalaException;
import com.ibm.wala.util.config.AnalysisScopeReader;
import com.ibm.wala.util.debug.Assertions;
import com.ibm.wala.util.io.FileProvider;
import com.ibm.wala.util.strings.Atom;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.IOException;
import java.util.Iterator;
import top.anemone.walaDemo.callGraph.CallGraphTestUtil;

@SuppressWarnings("Duplicates")
public class CFGWithoutDependency {

    private static final Logger LOG = LoggerFactory.getLogger(CFGWithoutDependency.class);

    public static void main(String[] args) throws CancelException, WalaException, IOException, InvalidClassFileException {
        String appJar="example_jar/java-sec-code-1.0.0.jar.original.jar";
        LOG.info("Create an analysis scope representing the appJar as a J2SE application");
        AnalysisScope scope = AnalysisScopeReader.makeJavaBinaryAnalysisScope(appJar,
                (new FileProvider()).getFile(CallGraphTestUtil.REGRESSION_EXCLUSIONS));
        ClassHierarchy cha = ClassHierarchyFactory.makeWithPhantom(scope);

        LOG.info("Set entrypoints");
        String[] srcCls = {"Lorg/joychou/security/LoginSuccessHandler"};
        String[] srcFuncs= {"onAuthenticationSuccess"};
        String[] srcRefs = {"((Ljavax/servlet/http/HttpServletRequest;Ljavax/servlet/http/HttpServletResponse;Lorg/springframework/security/core/Authentication;)V"};
        Iterable<Entrypoint> entrypoints = ()-> new Iterator<Entrypoint>() {
            private int index = 0;
            @Override
            public void remove() {   Assertions.UNREACHABLE();   }
            @Override
            public boolean hasNext() {  return index < srcCls.length;    }
            @Override
            public Entrypoint next() {
                TypeReference T =
                        TypeReference.findOrCreate(scope.getApplicationLoader(),
                                TypeName.string2TypeName(srcCls[index]));
                MethodReference mainRef =
                        MethodReference.findOrCreate(T,
                                Atom.findOrCreateAsciiAtom(srcFuncs[index]),
                                Descriptor.findOrCreateUTF8(srcRefs[index]));
                index++;
                return new DefaultEntrypoint(mainRef, cha);
            }
        };
        AnalysisOptions options = new AnalysisOptions(scope, entrypoints);

        LOG.info("Build the call graph");
        com.ibm.wala.ipa.callgraph.CallGraphBuilder cgb = Util.makeVanillaZeroOneCFABuilder(Language.JAVA, options, new AnalysisCacheImpl(), cha, scope, null, null);
        CallGraph cg = cgb.makeCallGraph(options, null);
        PointerAnalysis pa = cgb.getPointerAnalysis();
        // ...
    }
}
```

Unfortunately, I got the following exception:
```
Exception in thread "main" java.lang.IllegalStateException: Could not create a entrypoint callsites: 1. [Moderate] class com.ibm.wala.ipa.cha.ClassHierarchy$ClassExclusion : <Primordial,Ljava/applet/Applet$AccessibleApplet> null
2. [Moderate] class com.ibm.wala.ipa.cha.ClassHierarchy$ClassExclusion : <Primordial,Ljavax/accessibility/AccessibleContext> null
3. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljava/beans/PropertyChangeListener
4. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljava/rmi/Remote
5. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljava/text/AttributedCharacterIterator
6. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljava/text/CharacterIterator
7. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/Accessible
8. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/AccessibleAction
9. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/AccessibleComponent
10. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/AccessibleEditableText
11. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/AccessibleExtendedComponent
12. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/AccessibleExtendedTable
13. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/AccessibleExtendedText
14. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/AccessibleHypertext
15. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/AccessibleIcon
16. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/AccessibleKeyBinding
17. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/AccessibleSelection
18. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/AccessibleTable
19. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/AccessibleTableModelChange
20. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/AccessibleText
21. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/accessibility/AccessibleValue
22. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/crypto/SecretKey
23. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/servlet/Filter
24. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Ljavax/sound/sampled/LineListener
25. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lorg/springframework/security/web/access/AccessDeniedHandler
26. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lorg/springframework/security/web/authentication/AuthenticationFailureHandler
27. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lorg/springframework/security/web/authentication/AuthenticationSuccessHandler
28. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lorg/springframework/security/web/util/matcher/RequestMatcher
29. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$AWTEventAccessor
30. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$CheckboxMenuItemAccessor
31. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$ClientPropertyKeyAccessor
32. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$ComponentAccessor
33. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$ContainerAccessor
34. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$CursorAccessor
35. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$DefaultKeyboardFocusManagerAccessor
36. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$EventQueueAccessor
37. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$FileDialogAccessor
38. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$FrameAccessor
39. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$InputEventAccessor
40. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$InvocationEventAccessor
41. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$KeyEventAccessor
42. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$KeyboardFocusManagerAccessor
43. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$MenuAccessor
44. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$MenuBarAccessor
45. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$MenuComponentAccessor
46. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$MenuItemAccessor
47. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$MouseEventAccessor
48. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$PopupMenuAccessor
49. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$ScrollPaneAdjustableAccessor
50. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$SequencedEventAccessor
51. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$SystemTrayAccessor
52. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$ToolkitAccessor
53. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$TrayIconAccessor
54. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/AWTAccessor$WindowAccessor
55. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/DisplayChangedListener
56. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/ModalExclude
57. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/RequestFocusController
58. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/SubRegionShowable
59. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/awt/image/SunWritableRaster$DataStealer
60. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/java2d/DisposerRecord
61. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/java2d/cmm/ProfileActivator
62. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/JavaIOAccess
63. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/JavaIOFileDescriptorAccess
64. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/JavaLangAccess
65. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/JavaLangRefAccess
66. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/JavaNetAccess
67. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/JavaNetHttpCookieAccess
68. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/JavaNioAccess
69. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/JavaNioAccess$BufferPool
70. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/JavaOISAccess
71. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/JavaSecurityAccess
72. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/JavaSecurityProtectionDomainAccess
73. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/JavaSecurityProtectionDomainAccess$ProtectionDomainCache
74. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/JavaUtilJarAccess
75. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/JavaUtilZipFileAccess
76. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/ObjectInputFilter$FilterInfo
77. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/misc/SignalHandler
78. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/net/spi/nameservice/NameService
79. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/nio/ch/DirectBuffer
80. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/nio/ch/Interruptible
81. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/reflect/LangReflectAccess
82. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/security/krb5/JavaxSecurityAuthKerberosAccess
83. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/swing/FilePane$FileChooserUIAccessor
84. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/swing/SwingAccessor$JTextComponentAccessor
85. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/swing/SwingAccessor$RepaintManagerAccessor
86. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/swing/text/html/FrameEditorPaneTag
87. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/util/locale/provider/LocaleServiceProviderPool$LocalizedObjectGetter
88. [SEVERE] class com.ibm.wala.classLoader.BytecodeClass$ClassNotFoundWarning : Lsun/util/logging/LoggingProxy
89. [SEVERE] class com.ibm.wala.ipa.callgraph.impl.AbstractRootMethod$AllocationFailure : <Application,Ljavax/servlet/http/HttpServletRequest>
90. [SEVERE] class com.ibm.wala.ipa.callgraph.propagation.PropagationCallGraphBuilder$EntrypointResolutionWarning : < Application, Lorg/joychou/security/LoginSuccessHandler, onAuthenticationSuccess(Ljavax/servlet/http/HttpServletRequest;Ljavax/servlet/http/HttpServletResponse;Lorg/springframework/security/core/Authentication;)V >([<Application,Lorg/joychou/security/LoginSuccessHandler>],[<Application,Ljavax/servlet/http/HttpServletRequest>],[<Application,Ljavax/servlet/http/HttpServletResponse>],[<Application,Lorg/springframework/security/core/Authentication>])

at com.ibm.wala.ipa.callgraph.propagation.PropagationCallGraphBuilder.makeCallGraph(PropagationCallGraphBuilder.java:241)
at top.anemone.walaDemo.CFGWithoutDependency.main(CFGWithoutDependency.java:85)
```
It looks like the class(Lorg/springframework/security/core/Authentication) is not found, but I have used the ClassHierarchyFactory.makeWithPhantom() method to construct the ClassHierarchy. How to deal with it?

PS. The wala version I am using is 1.5.4, I think it should be the latest release version.

Best,
Wenyuan Xu

------------------ 原始邮件 ------------------
发件人: "Manu Sridharan"<ma...@sridharan.net>;
发送时间: 2019年12月3日(星期二) 凌晨0:15
收件人: "WALA discussion and Q&A"<wala...@lists.sourceforge.net>;
主题: Re: [Wala-wala] Can wala construct CFG without dependency packages?

Manu Sridharan

unread,
Dec 3, 2019, 12:08:59 AM12/3/19
to WALA discussion and Q&A
Hi,

I think the issue is that `DefaultEntrypoint` tries to pass in a non-null Object for each parameter of the given method.  See here:


I didn't step through the code carefully but my guess is it is failing.  In particular, for your case it wants to pass a non-null Lorg/springframework/security/core/Authentication; object.  To get around this issue, you could write a customized Entrypoint class that just passes null for any entrypoint argument that cannot be resolved.  You could probably create a subclass of DefaultEntrypoint and just override certain methods to do this.

Does that make sense?

--Manu

WenyuanXu

unread,
Dec 3, 2019, 3:21:49 AM12/3/19
to wala-wala
Hi,

Thanks a lot. I modified the makeArgument() function, and the problem seems to be solved. But then the program throws a new exception:
```
Exception in thread "main" com.ibm.wala.classLoader.NoSuperclassFoundException: No superclass found for <Primordial,Ljava/util/Locale$Cache> Superclass name Lsun/util/locale/LocaleObjectCache
at com.ibm.wala.classLoader.BytecodeClass.getSuperclass(BytecodeClass.java:281)
at com.ibm.wala.ipa.callgraph.propagation.SSAPropagationCallGraphBuilder$ConstraintVisitor.processClassInitializer(SSAPropagationCallGraphBuilder.java:1628)
at com.ibm.wala.ipa.callgraph.propagation.SSAPropagationCallGraphBuilder$ConstraintVisitor.visitNew(SSAPropagationCallGraphBuilder.java:1276)
at com.ibm.wala.ssa.SSANewInstruction.visit(SSANewInstruction.java:101)
at com.ibm.wala.ipa.callgraph.propagation.SSAPropagationCallGraphBuilder.addBlockInstructionConstraints(SSAPropagationCallGraphBuilder.java:272)
at com.ibm.wala.ipa.callgraph.propagation.SSAPropagationCallGraphBuilder.addNodeInstructionConstraints(SSAPropagationCallGraphBuilder.java:249)
at com.ibm.wala.ipa.callgraph.propagation.SSAPropagationCallGraphBuilder.unconditionallyAddConstraintsFromNode(SSAPropagationCallGraphBuilder.java:225)
at com.ibm.wala.ipa.callgraph.propagation.SSAPropagationCallGraphBuilder.addConstraintsFromNode(SSAPropagationCallGraphBuilder.java:190)
at com.ibm.wala.ipa.callgraph.propagation.PropagationCallGraphBuilder.addConstraintsFromNewNodes(PropagationCallGraphBuilder.java:311)
at com.ibm.wala.ipa.callgraph.propagation.StandardSolver.solve(StandardSolver.java:56)
at com.ibm.wala.ipa.callgraph.propagation.PropagationCallGraphBuilder.makeCallGraph(PropagationCallGraphBuilder.java:251)
at top.anemone.walaDemo.CFGWithoutDependency.main(CFGWithoutDependency.java:73)
```

The target code and analysis code have not changed. I already used ClassHierarchyFactory.makeWithPhantom() to build class hierarchy. Why it happened and how to fix this?

P.S. MyEntryPoint class are as follows:
```java
public class AppEntryPoint extends DefaultEntrypoint {
    public AppEntryPoint(IMethod method, IClassHierarchy cha) {
        super(method, cha);
    }

    public AppEntryPoint(MethodReference method, IClassHierarchy cha) {
        super(method, cha);
    }

    protected int makeArgument(AbstractRootMethod m, int i) {
        TypeReference[] p = getParameterTypes(i);
        switch (p.length) {
            case 0:
                return -1;
            case 1:
                if (p[0].isPrimitiveType()) {
                    return m.addLocal();
                } else { // differ from default
                    SSANewInstruction n = m.addAllocation(p[0]);
                    NewSiteReference ref=NewSiteReference.make(m.statements.size(),p[0]);
                    return (n == null) ? m.addPhi(new int[]{ref.getProgramCounter()}) : n.getDef();
                }
            default:
                int[] values = new int[p.length];
                int countErrors = 0;
                for (int j = 0; j < p.length; j++) {
                    SSANewInstruction n = m.addAllocation(p[j]);
                    int value = (n == null) ? -1 : n.getDef();
                    if (value == -1) {
                        countErrors++;
                    } else {
                        values[j - countErrors] = value;
                    }
                }
                if (countErrors > 0) {
                    int[] oldValues = values;
                    values = new int[oldValues.length - countErrors];
                    System.arraycopy(oldValues, 0, values, 0, values.length);
                }

                TypeAbstraction a;
                if (p[0].isPrimitiveType()) {
                    a = PrimitiveType.getPrimitive(p[0]);
                    for (i = 1; i < p.length; i++) {
                        a = a.meet(PrimitiveType.getPrimitive(p[i]));
                    }
                } else {
                    IClassHierarchy cha = m.getClassHierarchy();
                    IClass p0 = cha.lookupClass(p[0]);
                    a = new ConeType(p0);
                    for (i = 1; i < p.length; i++) {
                        IClass pi = cha.lookupClass(p[i]);
                        a = a.meet(new ConeType(pi));
                    }
                }

                return m.addPhi(values);
        }
    }
}
```


--Wenyuan Xu

 


------------------ 原始邮件 ------------------
发件人: "Manu Sridharan"<ma...@sridharan.net>;
发送时间: 2019年12月3日(星期二) 中午12:44
收件人: "WALA discussion and Q&A"<wala...@lists.sourceforge.net>;
主题: Re: [Wala-wala] 回复: Can wala construct CFG without dependency packages?

Hi,

I think the issue is that `DefaultEntrypoint` tries to pass in a non-null Object for each parameter of the given method.  See here:


I didn't step through the code carefully but my guess is it is failing.  In particular, for your case it wants to pass a non-null Lorg/springframework/security/core/Authentication; object.  To get around this issue, you could write a customized Entrypoint class that just passes null for any entrypoint argument that cannot be resolved.  You could probably create a subclass of DefaultEntrypoint and just override certain methods to do this.

Does that make sense?

--Manu
_______________________________________________

Manu Sridharan

unread,
Dec 3, 2019, 1:10:24 PM12/3/19
to WALA discussion and Q&A
This sounds like a bug.  Can you create a GitHub issue that gives steps to reproduce?  If there is a way to repro on a small example that is ideal.  Otherwise a repro case with open-source code would be best.

Thanks,
Manu

WenyuanXu

unread,
Dec 3, 2019, 10:29:35 PM12/3/19
to WALA discussion and Q&A
Yep, I created an issue on https://github.com/wala/WALA/issues/591

By the way, I noticed a "TODO" comment in com.ibm.wala.classLoader.BytecodeClass#getSuperclass. Could this be the reason of this issue? In addition, when I use `ClassHierarchyFactory.make()` to build class hierarchy, the program works fine, which is strange.
 


------------------ 原始邮件 ------------------
发件人: "Manu Sridharan"<ma...@sridharan.net>;
发送时间: 2019年12月4日(星期三) 凌晨2:09
收件人: "WALA discussion and Q&A"<wala...@lists.sourceforge.net>;
主题: Re: [Wala-wala] 回复: Can wala construct CFG without dependency packages?
This sounds like a bug.  Can you create a GitHub issue that gives steps to reproduce?  If there is a way to repro on a small example that is ideal.  Otherwise a repro case with open-source code would be best.

Thanks,
Manu
_______________________________________________
Reply all
Reply to author
Forward
0 new messages