Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Question about thread-safety issues in the addEdgesByOurAnalyze method #26

Open
Noname0519 opened this issue Dec 9, 2024 · 0 comments
Open

[Bug]: Question about thread-safety issues in the addEdgesByOurAnalyze method #26

Noname0519 opened this issue Dec 9, 2024 · 0 comments
Assignees
@LightningRS
Labels
bug Something isn't working

Comments

@Noname0519
Copy link

Contact Details

No response

ICCBot Command Line

myConfig.setJimple(true); // apk_name, app_path, sdk_platforms_path, outputDir 
// ...
myConfig.setTimeLimit(timeLimit); // 90
// ...
myConfig.setCallGraphAlgorithm("SPARK");

String analyzeConfigPath = "D://MyProject/dependencies/ICCBot/config/config.json";
Path fPath = Paths.get(analyzeConfigPath);
// ...
analyzeConfig = JSON.parseObject(String.join("\n", Files.readAllLines(fPath)));
myConfig.setAnalyzeConfig(analyzeConfig);
// ...
JSONArray excArr = MyConfig.getInstance().getAnalyzeConfig().getJSONArray("SootAnalyzer.excludePackages");
// ...
SootUtils.setExcludePackages(excPkgList);
CallGraphClient client = new CallGraphClient();
TimeUtilsofProject.setTotalTimer(client);
long startTime = System.currentTimeMillis();
client.start();
CallGraph callGraph = Global.v().getAppModel().getCg();

Technical Details

When I used ICCBot as a dependency in my project, specifically while constructing and modifying the call graph, I noticed discrepancies in the generated call graph, with some critical methods (identified through manual analysis) being missed intermittently. After a module-by-module analysis, I found that the addEdgesByOurAnalyze (in the cgModify stage) correctly gets the edges related to these critical methods, but the final result still doesn't contain them.

In the addEdgesByOurAnalyze method, the callGraph.addEdge(e) operation does not seem properly synchronized in the multi-threaded environment. This lack of synchronization may result in the callGraph not being updated correctly, causing certain edges to be missed or not added at all.

Currently, I try to use synchronized to ensure that only one thread can update the callGraph at a time. This approach has yielded some positive results, as the final outcome includes the edges I hope to see.

synchronized (callGraph){ 
  callGraph.addEdge(e);
}

I would greatly appreciate it if you have any better suggestions.

APK File

No response

Version of ICCBot

1.1-SNAPSHOT

Version of Java

OpenJDK 11.0.24

Relevant log output

No response
@Noname0519 Noname0519 added the bug Something isn't working label Dec 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@LightningRS LightningRS

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Noname0519 @LightningRS