Soot (software)

From Wikipedia, the free encyclopedia
  (Redirected from Soot (computer science))
Jump to: navigation, search

In static program analysis, Soot is a language manipulation and optimization framework consisting of intermediate languages for the Java programming language. It has been developed by the Sable Research Group at McGill University known for its SableVM, a Java virtual machine and the AspectBench Compiler, an open research compiler for AspectJ. In 2010, two research papers on Soot (Vallée-Rai et al. 1999 and Pominville et al. 2000) were selected as IBM CASCON First Decade High Impact Papers among 12 other papers from the 425 entries.[1]

Soot provides four intermediate representations for use through its API for other analysis programs to access and build upon:[2]

  • Baf: a near bytecode representation.
  • Jimple: a simplified version of Java source code that has a maximum of three components per statement.
  • Shimple: an SSA variation of Jimple (similar to GIMPLE).
  • Grimp: an aggregated version of Jimple suitable for decompilation and code inspection.

The current Soot software release also contains detailed program analyses that can be used out-of-the-box, such as context-sensitive flow-insensitive points-to analysis,[3] call graph analysis and domination analysis (answering the question "must event a follow event b?"). It also has a decompiler called dava.

Soot is free software available under the GNU Lesser General Public License (LGPL).

Jimple[edit]

Jimple is an intermediate representation of a Java program designed to be easier to optimize than Java bytecode. It is typed, has a concrete syntax and is based on three-address code.

Jimple It includes only 15 different operations, thus simplifying flow analysis. By contrast, java bytecode includes over 200 different operations.[4][5]

Unlike java bytecode, in Jimple local and stack variables are typed and Jimple is inherently type safe.

Converting to Jimple, or "Jimplifying" (after "simplifying"), is conversion of bytecode to three-address code. The idea behind the conversion, first investigated by Clark Verbrugge, is to associate a variable to each position in the stack. Hence stack operations become assignments involving the stack variables.

Example[edit]

Consider the following bytecode, which is from the [6]

iload 1  // load variable x1, and push it on the stack
iload 2  // load variable x2, and push it on the stack
iadd     // pop two values, and push their sum on the stack
istore 1 // pop a value from the stack, and store it in variable x1

The above translates to the following three-address code:

stack1 = x1 // iload 1
stack2 = x2 // iload 2
stack1 = stack1 + stack2 // iadd
x1 = stack1 // istore 1

In general the resulting code does not have static single assignment form.

References[edit]

  1. ^ "CASCON First Decade High Impact Papers". Dl.acm.org. Retrieved 2016-08-10. 
  2. ^ "A framework for analyzing and transforming Java and Android Applications". Sable.mcgill.ca. Retrieved 2016-08-10. 
  3. ^ "Tutorials · Sable/soot Wiki · GitHub". Sable.mcgill.ca. 2016-01-12. Retrieved 2016-08-10. 
  4. ^ Vallee-Rai, Raja (1998). "The Jimple Framework". Sable.mcgill.ca. 
  5. ^ Vallee-Rai, Raja; Hendren, Laurie J. (1998). "Jimple: Simplifying Java Bytecode for Analyses and Transformations". Sable.mcgill.ca. 
  6. ^ Vallee-Rai 1998.

Further reading[edit]

External links[edit]