Dava Home

Overview

Documentation

Publications

Download

Future Work and Available Projects

Sable Home

Dava: A tool-independent decompiler for Java

Overview top

Dava is a decompiler for arbitrary Java bytecode. It can be used to decompile bytecode produced by Java compilers, compilers for other languages (AspectJ, SML, C) that generate Java bytecode and tools like Java bytecode obfuscators, instrumentors and optimizers. Dava detects Java constructs using novel Structure Encapsulation algorithms (a detailed explanation of this can be found in Jerome's Msc thesis).

To handle obfuscated code and to simplify decompiled output for program comprehension Dava employs three types of structuring algorithms.

  • Basic Transformations: These are transformation on the Abstract Syntax Tree (AST) produced by dava to make the decompiled output adhere to common programming idioms. This includes the use of shortcut increment statements (i++ instead of i = i+1) and the use of unary boolean operators (!list.isEmpty() instead of list.isEmpty() == false).
  • Simple Pattern Based Transformations: These transformations apply pattern matching to simplify the control flow of the decompiled code. Patterns implemented include aggregation of if and if-else statements using boolean && and || operators, strengthening of loop conditions, creation of for loops, removal of abrupt control flow due to break and continue statements and the simplification of control flow by minimizing labeled blocks.
  • Advanced Transformations using flow-analysis information:Pattern matching provides a limitied scope of transformations to simplify decompiler output. More sophisticated analyses are implemented in Dava using information obtained through data flow analyses. A structure-based flow analysis framework has been implemented for Dava which allows for easy implementation of common compiler optimization analyses. Information from such analyses can then be leveraged to apply more complicated transformations on Dava's AST. Common compiler analyses like reaching definitions, reaching copies, constant propagation etc have been implemented.

Detailed information on making Dava programmer-friendly is available in Nomair's Msc thesis.



Documentation top

Most of the work on Dava is documented in Jerome's Msc thesis and Nomair's Msc thesis.

Since Dava is part of Soot it is invoked by invoking Soot using the -f dava switch. Transformations implemented in Dava can be control to some level by using different Soot phase options. These include:

  • db.transformations: enable or disable all AST transformations
  • db.renamer: enable or disable the still rudimentary heuristic-based renamer in Dava
  • db.obfuscate: enable or disable analyses which make sense only when deobfuscating bytecode
  • db.force-recompile: enable transformations to ensure that decompiled code is recompilable



Publications top



Download top

To obtain Dava you need to download Soot. Install the latest Soot release or checkout the latest copy from the Subversion repository. Use java soot.Main --help for help.

For instructions on how to install soot in eclipse see Soot-in-Eclipse.

Alternately if you are a developer for Dava you might want to use Eclipse along with SVN. Soot-in-Eclipse-with-SVN



Future Work and Available Projects top

This section serves as a wishlist for features add/or improvements to Dava. Students interested in joining Professor Hendren's group should review potential research areas listed below and contact her at hendren AT cs DOT mcgill DOT ca.

To contribute to Dava or to suggest features to be added please contact Professor Hendren or Nomair at nanaeem AT uwaterloo DOT ca. Please note that Dava bugs should be reported at Soot Bugzilla