11Dear Soot Users,
22
3- We are pleased to announce that Soot version 2.4 .0 is now available
3+ We are pleased to announce that Soot version 2.5 .0 is now available
44at: http://www.sable.mcgill.ca/soot/
55
66This release contains the following additions and improvements:
77
8- 1. Hossein Sadat-Mohtasham's implementation of program dependency graphs
9-
10- 2. Support for creating sound call graphs even for programs that use
11- reflection, custom class loaders and runtime-generated classes.
12- For this purpose, Soot uses TamiFlex to create a runtime log file that
13- contains information about how refleciton is being used. Spark then
14- uses the log file during call-graph and points-to graph construction.
15- See http://code.google.com/p/tamiflex/wiki/DaCapoAndSoot for details.
16-
8+ 1. Modified SourceLocator so that it will automatically load a SootClass
9+ from Soot's own JAR file if the class cannot be found on the
10+ soot-classpath, but ONLY if the class is in package soot.rtlib.
11+ See package documentation for soot.rtlib for more details.
12+ 2. The option -process-dir how has an alias -process-path, which makes
13+ sense because Soot can also process JAR files. Also, -keep-line-numbers
14+ now defaults to true. This is because so many people ask about how to
15+ access line numbers.
16+ 3. Removed "org.apache" package from the default excludes list because
17+ that, by default, leads to Soot not analyzing anything of tomcat, for
18+ instance. This change follows the principle of least surprise.
19+ 4. Added option no-bodies-for-excluded that allows soot This
20+ option causes Soot to not load any method bodies of classes from the
21+ "exclude" packages (see -exclude option), even in whole-program mode,
22+ unless the class is explicitly as a "basic class".
23+ -no-bodies-for-excluded implies -allow-phantom-refs, as it uses the
24+ phantom-refs mechanism to model classes that are not loaded.
25+ The intent of this flag is to allow whole-program analyses to execute
26+ quickly on little toy examples, disregarding the Java runtime. Of
27+ course, such an analysis may be unsound - you get what you are asking
28+ for.
29+ 5. Added new packs "wjpp" and "wspp" for adding pre-processors.
30+ 6. ReflectiveCallsInliner now supports field set/get through reflection.
31+ 7. Integrated a novel context-sensitive points-to analysis that uses
32+ a memory-efficient geometric encoding. The analysis was presented
33+ in the following paper:
34+ Xiao Xiao and Charles Zhang. Geometric Encoding: Forging high
35+ performance context sensitive points-to analysis for Java.
36+ In ISSTA 2011: International Symposium on Software Testing and
37+ Analysis, Toronto, Canada, 2011
38+ The code was contributed to Soot by Richard (Xiao) Xiao. Thanks for
39+ this! You can find the code in soot.jimple.spark.geom. There are
40+ new phase options in cg.spark to enable and configure this
41+ analysis.
42+ 8. Improved support for custom entry points in the points-to analysis.
43+ 9. Added option allowing putiry analysis to add a "Pure" bytecode
44+ attribute for pure methods.
45+ 10.GenericAttribute instances are now automatically read from class
46+ files and stored in class files.
47+ 11.Soot now has virtually complete support for invokedynamic.
48+ See tutorial/invokedynamic for details.
49+
1750Also we incorporated fixes to numerous bugs. Thanks for reporting bugs
1851and/or providing fixes!
1952
@@ -28,7 +61,11 @@ http://svn.sable.mcgill.ca/wiki/index.php/SootProject. The Soot team
2861will be using this site for discussing upcoming work, so if you would
2962like to know what's going on look there.
3063
31- Regards,
32-
33- Eric Bodden
34- Software Technology Group, Technische Universit�t Darmstadt
64+ Have fun,
65+ Eric
66+ --
67+ Eric Bodden, Ph.D., http://bodden.de/
68+ Head of Secure Software Engineering Group at EC SPRIDE
69+ Principal Investigator in Secure Services at CASED
70+ Tel: +49 6151 16-75422� � Fax: +49 6151 16-72051
71+ Room 3.2.14, Mornewegstr. 30, 64293 Darmstadt
0 commit comments