Solar is a static analysis framework that strives to automate sound reflection analysis for Java programs (under some assumptions) introduced in our paper titled "Effective Soundness-Guided Reflection Analysis", SAS'2015. Solar is able to resolve reflection more soundly than previous approaches. In addition, it can accurately identify the places in a program where reflection is resolved unsoundly or imprecisely, enabling lightweight annotations to improve the analysis quality. Solar was developed by Yue Li and Tian Tan.
Solar can also output its reflection analysis results with the format that is supported by Soot. You can let Soot receive the results of Solar easily by following the instructions in the tutorial.
The tar.gz file includes four important files:
tutorial: a step-by-step guide to installing Solar on top of Doop (version r160113) by using the two patch files (available below). The main differences between Solar and Doop are also summarised.
solar.patch: a patch file for updating the Datalog rules and some auxiliary scripts used in Doop.
gen.patch: a patch file for updating the fact generator (version r958) provided by Doop.
_Unknown_.class: an auxiliary class which is used to introduce the Unknown type into the existing type system. In addition, this class will help Solar soundly model the pointer-affecting methods, such as getClass() and toString(), which are directly invoked on the unknown objects before reaching the LHM points. See the comments in the _Unknown_.java file for details.
The authors wish to thank the Doop team for making Doop available, and LogicBlox Inc. for providing us its Datalog engine.