TamiFlex 1.1 released

Eric | August 4, 2010

I am happy to announce that today we released version 1.1 of TamiFlex, our tool suite for dealing with reflection and custom class loaders in static analysis. Version 1.1 not only features several minor bug fixes but a completely new component called the Booster. Previous versions of TamiFlex required static analyses that were “TamiFlex-aware”, and at the current time the only such tool is Soot. The Booster makes TamiFlex compatible with virtually every static-analysis tool for Java bytecode: it transforms the original program into a new program version that is enriched with “materialized” versions of the originally reflective method calls, now in the form of standard Java method calls. Because these calls are now materialized in the code, static-analysis tools will discover them instead of unsoundly ignoring the calls.

Comments
Comments Off on TamiFlex 1.1 released
Categories
Research
Tags
Java, Soot, Static Analysis, TamiFlex

Using Soot and TamiFlex to analyze DaCapo

Eric | March 29, 2010

In this tutorial, I describe how to use TamiFlex to facilitate the static analysis of the DaCapo benchmarks with Soot. You can also find this tutorial on the TamiFlex website.

Also feel free to use our scripts for this purpose. You can also find many details in our Technical Report.

Step 0: Downloading the necessary components

To analyze DaCapo benchmarks with Soot, first download the following:

Read the rest of this entry »

Comments
Comments Off on Using Soot and TamiFlex to analyze DaCapo
Categories
Research
Tags
Soot, Soot Tutorial, TamiFlex

Soot 2.4.0 released

Eric | March 29, 2010

I am pleased to announce that Soot version 2.4.0 is now available at:
http://www.sable.mcgill.ca/soot/

This release contains the following additions and improvements:

  1. Hossein Sadat-Mohtasham’s implementation of program dependency graphs
  2. Support for creating sound call graphs even for programs that use reflection, custom class loaders and runtime-generated classes. For this purpose, Soot uses TamiFlex to create a runtime log file that contains information about how reflection is being used. Spark then uses the log file during call-graph and points-to graph construction. See this tutorial for details.

Also we incorporated fixes to numerous bugs. Thanks for reporting bugs and/or providing fixes! See http://www.sable.mcgill.ca/soot/CHANGES for details.

As of version 2.2.0 the Soot bugzilla is available at: http://svn.sable.mcgill.ca/bugzilla/. We encourage you to add any Soot bugs there.

Comments
5 Comments »
Categories
Research
Tags
Soot, TamiFlex

Taming Reflection – Static Analysis in the Presence of Reflection and Custom Class Loaders

Eric | March 25, 2010

I am happy to announce the first release of TamiFlex, our new tool suite for “taming reflection”. TamiFlex comes with an accompanying Technical Report. Using TamiFlex, you can, in combination with static-analysis tools such as Soot 2.4.0, analyze even such programs statically that use reflection and custom class loaders.

For instance, we describe how to use TamiFlex to statically analyze the new DaCapo “bach” release with Soot. This document gives an overview of the architecture of TamiFlex.

Read the rest of this entry »

Comments
Comments Off on Taming Reflection – Static Analysis in the Presence of Reflection and Custom Class Loaders
Categories
Research
Tags
Soot, TamiFlex