Skip to content

Class loading in Soot

Eric Bodden edited this page Oct 22, 2013 · 4 revisions

These are some notes on how class loading / Jimplification works in Soot 2.5.*

Loading Classes

Here are some notes from Ondrej Lhotak on how this works...

The design of coffi requires that in order to bring some class C up to level N, you must first bring all classes that C references up to level N-1. In order to know which classes C references, you need to bring C up to level N-1.

(In the above, the word "references" is overloaded: the definition of what a class "references" changes depending on which level you are trying to resolve it to.)

The system of worklists is designed to implement these rather tricky constraints.

References can be recursive: C can reference C', and C' can also reference C. The private bringToX methods are called from coffi when resolving C. If they tried to resolve C' directly, then the process of resolving of C' would then try to recursively resolve C, and you would have infinite recursion.

The original Raja/Clark design of coffi and the SootResolver required that you resolved all known classes to SIGNATURES first. It was then safe to resolve any class of interest to BODIES. As class libraries grew larger, resolving everything to SIGNATURES got very slow. (As well, phantom classes were needed vrey frequently.) Running Soot on a single class, even in non-whole-program mode, could easily take 30 seconds or more. This was deemed unacceptable for the abc project. The options were to rewrite coffi from the ground up (and possibly even change the Jimple IR), or to build this complicated resolver to work around the limitations of coffi's original design. We settled on the second option.

The -full-resolver option brings back the old resolve-everything algorithm, if you're feeling nostalgic...

Loading Bodies

Method bodies are loaded at the following locations:

  • If -w is enabled: In soot.jimple.toolkits.callgraph.OnFlyCallGraphBuilder.processNewMethod, for every method that is deemed to be reachable in the call graph, starting from the given entry points.
  • In any case: In soot.PackManager.retrieveAllBodies for all application classes. If -w is given with a single argument class then this will only load the static initializer of this class.
  • If pre-jimplify is on for Spark then in soot.jimple.spark.builder.ContextInsensitiveBuilder.preJimplify. This will
Clone this wiki locally