Unexpected Clinit calls in the call graph #902
Description
Hi, I used SootUp to analyze some projects and found false positives which affect my analysis results. After, investigation, I found the following minimized code example:
package org.example;
public class C {
private static final String CName = C.class.getName();
public void foo(){}
}SootUp reports an edge from <org.example.C: void foo()> to <org.example.C: void <clinit>()>, which is incorrect. It seems that this bug is related to the initialization of method.
SootUp configuration
AnalysisInputLocation<JavaSootClass> javaBaseInputLocation = new JavaClassPathAnalysisInputLocation("Path/to/javaBase", SourceType.Library);
AnalysisInputLocation<JavaSootClass> classInput = new JavaClassPathAnalysisInputLocation("Path/to/classDir", SourceType.Application);
JavaProject project = JavaProject.builder(new JavaLanguage(8))
.addInputLocation(classInput)
.addInputLocation(javaBaseInputLocation)
.build();
JavaView view = project.createView();
CallGraph cg;
String EntrySignature="<org.example.C: void foo()>"
List<MethodSignature> entryMethods = new ArrayList<>();
for (JavaSootClass klass : classes) {
for (JavaSootMethod method : klass.getMethods()) {
if (method.getSignature().toString().equals(EntrySignature)) {
entryMethods.add(method.getSignature());
}
}
}
CallGraphAlgorithm cha = new ClassHierarchyAnalysisAlgorithm(Constants.view);
CallGraph cg = cha.initialize(entryMethods);SootUp version: 1.1.2
Metadata
Metadata
Assignees
Labels
No labels