首页 > 编程语言 > 详细

java代码优化框架 soot

时间:2016-01-05 00:08:25      阅读:350      评论:0      收藏:0      [点我收藏+]

soot是一个可以接收java source code, bytecode, 及 android apk的代码优化框架,由于其提供了四种中间表达形式,使得分析更方便,因此也用来做代码分析。

soot支持call graph construction, point to analysis等。

四种中间表达形式: baf, jimple, shimple, grimpl,这里主要了解jimple

jimple: typed, 3-address, statement based 

In Jimple, statements correspond to Soot Units and can be used as such. Jimple has 15 statements, the core statements are: NopStmt, IdentityStmt and AssignStmt. Statements for intraprocedural control-flow: IfStmt, Goto- Stmt, TableSwitchStmt(corresponds to the JVM tableswitch instruction) and LookupSwitchStmt(corresponds to the JVM lookupswitch instruction). State- ments for interprocedural control-flow: InvokeStmt, ReturnStmt and Return- VoidStmt. Monitor statements: EnterMonitorStmt and ExitMonitorStmt. The last two are: ThrowStmt, RetStmt (return from a JSR, not created when mak- ing Jimple from byte code). 

以$开头的变量代表stack positions,在原程序中不是local variables。

In Jimple, parameter values and the this reference are assigned to local vari- ables using IdentityStmt’s e.g. the statements i0 := @parameter0: int; and r0 := @this: Foo in the bar method. By using IdentityStmt’s it is ensured that all local variables have at least one definition point and so it becomes explicit in the code where this in this.m(); is defined. 据此可以得到this的类型,在处理polymorphism时有用。

soot的执行分为多个packs( 其实就是phases)。

pack naming scheme: 第一个字母表示这一步接收什么类型的IR,s for Shimple, j for Jimple, b for Baf and g for Grimp.

           第二个字母表示the role of the pack: b for body creation, t for user-defined transformation, o for optimizations and a for attribute generation(annotation).

最感兴趣的pack是允许用户自定义的tranformation pack: jtp, stp。用户定义的tranformation可以inject into these packs and they will be included in the execution of Soot.

如需进行inter-procedural analysis, soot需要在whole-program mode (设置-w 选项)。在这种模式下,soot包含另外三个步骤: cg(call graph generation), wjtp (whole jimple transformation pack),, wjap (whole jimple annotation pack)

技术分享

扩展soot的Main class来进行soot内置分析的同时加入自己的分析:取决于分析嵌入到inter or intra-procedural analysis中。若为inter-analysis, 加入到"wjtp" phase; intra-analysis则加入到"jtp" phase 中。

如:(代码取自我们的WeChecker代码)

Pack pack1=PackManager.v().getPack("wjtp");

pack1.add(new Transform("wjtp.myTrans", new CompTransfor()));

try {

soot.Main.main(soot_args);

}

catch(Exception e) {

AlarmLog.writeToAlarm("There may be some error for the Soot");

AlarmLog.writeToCommonAlarm("There may be some error for the Soot");

}

 

 

java代码优化框架 soot

原文:http://www.cnblogs.com/CarrieCui/p/5100620.html

(0)
(0)
   
举报
评论 一句话评论(0
关于我们 - 联系我们 - 留言反馈 - 联系我们:wmxa8@hotmail.com
© 2014 bubuko.com 版权所有
打开技术之扣,分享程序人生!