public class Flow {
public static int data1=-1;
public static int flow1(int count){
data1++;
if(count<1){
count++;
}
return count;
}
public static int flow2(int count){
count=count+data1;
if(count<2){
count++;
}
return count;
}

public static void entryMethod(){
    data1=flow1(flowdata1);
    flow2(flowdata1);
}

}

Source: flow1
Sink: flow2
Entry: entryMethod
data1 is modified by flow1. data1 is used by flow2.
Flowdroid does not support taint analysis for class field? or I need add more rule for taint analysis?
Please help me figure out this problem. thanks.

How did you define your sources and sinks? If the return value of method flow1 is tainted, this will taint variable data1. The variable is never passed to a sink. In your example, I thinkyou should rather define the method that produces flowdata1 as your source.

In my code,
List sources;
List sinks;
List entryPoint=new ArrayList();
entryPoint.add("<demo.Flow: void entryMethod()>");
sources.add("<demo.Flow: int flow1(int)>");
sinks.add("<demo.Flow: int flow2(int)>");
computeInfoflow(appPath, libPath, entryPoint, sources, sinks);
I use this to compute infoflow.

You mean that flowdroid can tranfer taint variable data1 via assign stmt| call parameter | call return value instead of shared memory data1.

There is no flow from data1 to flowdata1. Keep in mind that FlowDroid is flow-sensitive, i.e., the order of statements matters. data1 is derived from flowdata1, but not the other way around.

As I wrote, you should define the method that computes flowdata1 as your source and the flow will be found.

Thanks!
I will close this issue.