Soot v4.4 releases: A framework for analyzing and transforming Java and Android applications

by do son · Published · Updated

Java optimization framework

Soot is a Java optimization framework. It provides four intermediate representations for analyzing and transforming Java bytecode:

  • Baf: a streamlined representation of bytecode which is simple to manipulate.
  • Jimple: a typed 3-address intermediate representation suitable for optimization.
  • Shimple: an SSA variation of Jimple.
  • Grimp: an aggregated version of Jimple suitable for decompilation and code inspection.

What input formats does Soot provide?

Currently, Soot can process code from the following sources:

  • Java (bytecode and source code up to Java 7), including other languages that compile to Java bytecode, e.g. Scala
  • Android bytecode
  • Jimple intermediate representation (see below)
  • Jasmin, a low-level intermediate representation.

What output formats does Soot provide?

Soot can produce (possibly transformed/instrumented/optimized) code in these output formats:

  • Java bytecode
  • Android bytecode
  • Jimple
  • Jasmin

Soot can go from any input format to any output format, i.e., for instance, allows the translation from Android to Java or Java to Jasmin.

What kind of analyses does Soot provide?

  • Call-graph construction
  • Points-to analysis
  • Def/use chains
  • Template-driven Intra-procedural data-flow analysis
  • Template-driven Inter-procedural data-flow analysis, in combination with heros
  • Taint analysis in combination with FlowDroid

How does Soot work internally?

Soot transforms programs into an intermediate representation, which can then be analyzed. Soot provides four intermediate representations for analyzing and transforming Java bytecode:

  • Baf: a streamlined representation of bytecode which is simple to manipulate.
  • Jimple: a typed 3-address intermediate representation suitable for optimization.
  • Shimple: an SSA variation of Jimple.
  • Grimp: an aggregated version of Jimple suitable for decompilation and code inspection.

Jimple is Soot’s primary IR and most analyses are implemented on the Jimple level. Custom IRs may be added when desired.

Install && Use

Copyright (C) 2018 Sable

Tags: Java optimization framework