Date Archives August 12, 2016

Dead code



Dead code can never be executed (unreachable code), and it only affects dead variables (written, but never read again), that is, irrelevant to the program. It needs to be deleted for several reasons.

  • It shrinks program size
  • It allows the running program to avoid executing irrelevant operations, which reduces its running time.
  • It can also enable further optimizations by simplifying program structure. (avoid confusion)


Method Inlining


Inlining is an optimization performed by the Java Just-In-Time compiler.

public int addPlusOne(int a, int b){
   return a + b + 1;

public void testAddPlusOne(){
   int v1 = addPlusOne(2, 5);
   int v2 = addPlusOne(7,13);

The compiler may decide to replace your function call with the body of the function, so the result would effectively look like this

public void testAddPlusOne(){
   int v1 = 2 + 5 + 1;
   int v2 = 7 + 13 + 1;
  • The compiler does this to save the overhead of actually making a function call, which would involve pushing each parameter on to the stack.
  • This can be done for non-virtual functions because you won’t know which code it contains if virtual function is overridden by others until runtime. Since java methods are virtual by default. You can make methods static or final to make non-virtual.

Pipe & Redirection


Difference between Pipe & Redirection

Pipe is used to pass output to another Program or Utility.

  • thing1 | thing2
    • thing1’s output s will be passed to things2 Program or Utility.

Redirect is used to pass output to either a File or Stream.

  • thing1 > thing2
    • thing1’s outputs will be placed in a file called thing2.



With Pipe, the standard output of one command is fed into the standard input of another.

$ ls | grep "java"

It will find all the file names from ls that contain “java” string.



Standard output directs its contents to the display. To redirect standard output to a file, the “>” character is used.

$ ls > file_list.txt

In this example, all the file names from ls command will be written in an file named file_list.txt. Since the output of ls was redirected to the file, no results on the display. Each time the command above is repeated, file_list.txt is overwritten (from the beginning) with the output of the command ls. If you want the new results to be appended to the file instead, use “>>“.

$ ls >> file_list.txt


Standard Input gets its contents from the keyboard, but like standard output, it can be redirected. To redirect standard input from a file instead of the keyboard, the “<” character is used.

$ sort < file_list.txt

Sort command print the contents of file_list.txt. We could redirect standard output to another file.

$ sort < file_list.txt > sorted_file_list.txt

As you can see, a command can have both its input and output redirected. The redirection operators (the “<” and “>”) must appear after the other options and arguments in the command.



  • sort: Sorts standard input then outputs the sorted result on standard output.
  • uniq: Given a sorted stream of data from standard input, it removes duplicate lines of data (i.e., it makes sure that every line is unique).
  • grep: Examines each line of data it receives from standard input and outputs every line that contains a specified pattern of characters.
  • fmt: Reads text from standard input, then outputs formatted text on standard output.
  • pr: Takes text input from standard input and splits the data into pages with page breaks, headers and footers in preparation for printing.
  • head: Outputs the first few lines of its input. Useful for getting the header of a file.
  • tail: Outputs the last few lines of its input. Useful for things like getting the most recent entries from a log file.
  • tr: Translates characters. Can be used to perform tasks such as upper/lowercase conversions or changing line termination characters from one type to another (for example, converting DOS text files into Unix style text files).
  • sed: Stream editor. Can perform more sophisticated text translations than tr.
  • awk: An entire programming language designed for constructing filters. Extremely powerful.




What is Soot

A framework for analyzing and transforming Java and Android Applications.

  • Soot can process and produce code from the following sources.
    • Java bytecode
    • Android bytecode
    • Jimple
    • Jasmin
  • This is a powerful framework that many research group use.
  • For example, Soot can transform application file(apk) to Jimple code which developers can see actual code.
  • To run Soot, you will also need the projects Jasmin and Heros.

Phantom Reference in Soot



Phantom classes are classes that are neither in the process directory nor on the Soot classpath, but that are referenced by some class / method body that Soot loads.

  • Process Directory: contains Application classes.
  • Soot Classpath: contains Library Classes.

There are several scenarios that reference classes don’t exist. A developer might leave the code to improve it later, or he got rid of some jar files that was in use but not executable. Sometimes people left such code because it will not be reachable on runtime anyway.

However there is another case that is significant. The actual reference classes can be inside of the actual device, and can be not showing until it runs. So in this case, it will be bad idea to touch or to handle this phantom classes.



  • Soot option that can handle phantom classes. (not recommended by Soot)
  • Only use this option if you know what you are doing.
  • Soot will not just abort and fail on such an unresolvable reference, but create an empty stub called a phantom class which in turn contains phanom methods to make up for the missing bits and pieces.