1

I need to chose a framework for following tasks in Java:

  • extract control flow graph
  • interprocedural and intraprocedural analysis
  • dataflow analysis
  • PDG
  • different souce code analysis tasks (like method body extraction, test code extraction)

Which framework would be a good fit for my tasks?

I came across so many different tools apart from wala, soot as well like JavaParser, Spoon, to name a few.

Which framework should I chose? Ideally I would like to adopt a tool that is easier to use. Additionally, my expectation was given the popularity of Java tools should already exist for all these tasks. Or my understanding is wrong?

I will appreciate it if anyone please point me to different resources etc.

Dmytro Mitin
  • 48,194
  • 3
  • 28
  • 66
Exploring
  • 2,493
  • 11
  • 56
  • 97
  • 1
    JavaParser and Spoon are for Java **source** code; Soot is for Java byte code (source code parsing unmaintained for years). The others I am not sure. – JMax Mar 29 '21 at 13:55
  • @JMax Unfortunately, you are not right on Soot not being maintained for years. Please check its GitHub page (https://github.com/soot-oss/soot). You might have been confused when the time it was developed/maintained in McGill. Currently, it's maintained by the University of Paderborn. – Ekin May 30 '21 at 06:47
  • 1
    @Ekin I was talking about the part of Soot that reads Java source. The part that reads/writes Java or Android byte code is still maintained, but the part that reads Java source code is more or less unusable. – JMax Jun 01 '21 at 14:58

2 Answers2

1

Spoon would be a good fit for many tasks on your list, and it is quite easy to use. It is primarily used for source code transformation and analysis with the official documentation at http://spoon.gforge.inria.fr/. For control and data flow analysis there is the spoon-control-flow package which is based on Spoon.

Andrew
  • 96
  • 1
  • are you aware of tools that support slicing? I see https://github.com/little8hwq/javaslicer though very old and supports very old jdk (java 7). Would be interested to know whether you are aware of any tools/library available? – Exploring Apr 07 '21 at 23:43
1

I used Soot many times, for different things. I am 100% sure that Soot extracts control-flow graphs, and performs intraprocedural and dataflow analysis. They really do have a good community and good people who are willing to help you out. However, I am not quite sure if you can extract PDG or SDG with Soot. I read papers that claim they did it with Soot, but there are no source codes or examples that I was able to find (maybe you have to do some modification, I don't know). But I also do know that you can perform an interprocedural analysis with Soot as well.

Here are some tutorials for Soot. If you have any questions I recommend you to join their mail group and ask questions if you have any.

For WALA, I was also in a need of a PDG since that in its wiki it says you can extract a PDGs. Even though when you import the WALA project there are some example codes in it that you might want to look at. However, I was never able to get it running, because there wasn't enough documentation. Most of its documentation is pretty old.

Here are some tutorials for WALA. Here is also a dataflow analysis test case code that they have. Maybe it can give you some insight. I strongly recommend you to look into their test cases, it might help.

Briefly, I believe you can all of the things you asked with Soot and WALA. However, personally, I was mostly able to do them with Soot. I guess it is more of a matter of how familiar get with them and how much you like one of them.

Dharman
  • 30,962
  • 25
  • 85
  • 135
Ekin
  • 407
  • 1
  • 6
  • 17
  • are you familiar with any working code example to do interprocedural analysis with Soot? You referred to a paper here. – Exploring Jun 01 '21 at 21:42
  • 1
    You might want to check this repository https://github.com/rohanpadhye/vasco . It is again based on another paper named "Interprocedural data flow analysis in Soot using value contexts". It is not a huge project, so I believe it can be easy to understand. You might find some examples in the code. For inter-procedural analysis you might need "heroes" as a dependency, but it seems these guys didn't use it. – Ekin Jun 02 '21 at 19:37
  • 1
    You might also find some simple and useful code examples of Soot from here as well. https://www.brics.dk/SootGuide/sootsurvivorsguideexamples.tar.gz – Ekin Jun 02 '21 at 19:52