search

facebook / redex

A bytecode optimizer for Android apps
https://fbredex.com/
MIT License
6.03k stars 653 forks source link

Inconsistency found in Dex code for Landroidx/fragment/app/LDialogFragment;.show:(Landroidx/fragment/app/FragmentManager;Ljava/lang/String;)V #643

Closed codejoyfun closed 2 years ago

codejoyfun commented 3 years ago

hi, I had some problems run this command: redex SASAnroid-beta.apk -o output.apk --config ./config/sas.config

something wrong: Inconsistency found in Dex code for Landroidx/fragment/app/LDialogFragment;.show:(Landroidx/fragment/app/FragmentManager;Ljava/lang/String;)V Type error in method Landroidx/fragment/app/LDialogFragment;.show:

run result :

ERROR:root:Expecting value: line 6 column 32 (char 108) WARNING:root:Could not find an SDK jar: Could not find SDK path, searched Env, Buck Trace settings: TRACEFILE= SHOW_TIMESTAMPS= SHOW_TRACEMODULE= TRACE_METHOD_FILTER= Load classes from dexes completed in 5.8 seconds Deobfuscating dex elements completed in 1.6 seconds Process keep for whyareyoukeeping completed in 0.0 seconds Process keep for classes and members completed in 0.0 seconds Process keep for assumenosideeffects completed in 0.0 seconds Processing proguard rules completed in 0.0 seconds No Optimizations Rules completed in 0.0 seconds Mark keep-methods completed in 0.0 seconds Computing XML reachability completed in 0.0 seconds Computing native reachability completed in 0.1 seconds Analyzing reflection completed in 0.1 seconds Analyzing Serializable completed in 0.0 seconds Initializing for json serde completed in 0.0 seconds Initializing reachable classes completed in 0.2 seconds Redex_frontend completed in 7.6 seconds WARNING: Unable to find TargetApi annotation. It's either unused (okay) or been deleted (not okay) API Level Checker completed in 0.1 seconds Evaluating ReBindRefsPass... ReBindRefsPass (eval) completed in 0.4 seconds Evaluating BridgePass... BridgePass (eval) completed in 0.0 seconds Evaluating ResultPropagationPass... ResultPropagationPass (eval) completed in 0.0 seconds Evaluating FinalInlinePassV2... FinalInlinePassV2 (eval) completed in 0.0 seconds Evaluating DelSuperPass... DelSuperPass (eval) completed in 0.0 seconds Evaluating CommonSubexpressionEliminationPass... CommonSubexpressionEliminationPass (eval) completed in 0.0 seconds Evaluating MethodInlinePass... MethodInlinePass (eval) completed in 0.0 seconds Evaluating PeepholePass... PeepholePass (eval) completed in 0.0 seconds Evaluating ConstantPropagationPass... ConstantPropagationPass (eval) completed in 0.0 seconds Evaluating LocalDcePass... LocalDcePass (eval) completed in 0.0 seconds Evaluating RemoveUnreachablePass... RemoveUnreachablePass (eval) completed in 0.0 seconds Evaluating RemoveGotosPass... RemoveGotosPass (eval) completed in 0.0 seconds Evaluating DedupBlocksPass... DedupBlocksPass (eval) completed in 0.0 seconds Evaluating UpCodeMotionPass... UpCodeMotionPass (eval) completed in 0.0 seconds Evaluating SingleImplPass... SingleImplPass (eval) completed in 0.0 seconds Evaluating ReorderInterfacesDeclPass... ReorderInterfacesDeclPass (eval) completed in 0.0 seconds Evaluating RemoveEmptyClassesPass... RemoveEmptyClassesPass (eval) completed in 0.0 seconds Evaluating ShortenSrcStringsPass... ShortenSrcStringsPass (eval) completed in 0.0 seconds Evaluating CommonSubexpressionEliminationPass... CommonSubexpressionEliminationPass (eval) completed in 0.0 seconds Evaluating RegAllocPass... RegAllocPass (eval) completed in 0.0 seconds Evaluating CopyPropagationPass... CopyPropagationPass (eval) completed in 0.0 seconds Evaluating LocalDcePass... LocalDcePass (eval) completed in 0.0 seconds Evaluating ReduceGotosPass... ReduceGotosPass (eval) completed in 0.0 seconds Running IRTypeChecker... IRTypeChecker completed in 10.8 seconds Inconsistency found in Dex code for Landroidx/fragment/app/LDialogFragment;.show:(Landroidx/fragment/app/FragmentManager;Ljava/lang/String;)V Type error in method Landroidx/fragment/app/LDialogFragment;.show:(Landroidx/fragment/app/FragmentManager;Ljava/lang/String;)V at instruction 'IPUT_BOOLEAN v0, v1, Landroidx/fragment/app/LDialogFragment;.mDismissed:Z' @ 0x7fa4b326ee20 for illegal access to private Landroidx/fragment/app/DialogFragment;.mDismissed:Z from Landroidx/fragment/app/LDialogFragment;.show:(Landroidx/fragment/app/FragmentManager;Ljava/lang/String;)V Code: [0x7fa4b326edb0] OPCODE: IOPCODE_LOAD_PARAM_OBJECT v1 [0x7fa4b326d530] OPCODE: IOPCODE_LOAD_PARAM_OBJECT v2 [0x7fa4b326e3a0] OPCODE: IOPCODE_LOAD_PARAM_OBJECT v3 [0x7fa4a468ae00] POSITION: Landroidx/fragment/app/LDialogFragment;.show:(Landroidx/fragment/app/FragmentManager;Ljava/lang/String;)V(LDialogFragment.java:72) [0x7fa4b326d5a0] OPCODE: CONST v0, 0 [0x7fa4b326ee20] OPCODE: IPUT_BOOLEAN v0, v1, Landroidx/fragment/app/LDialogFragment;.mDismissed:Z [0x7fa4a468add0] POSITION: Landroidx/fragment/app/LDialogFragment;.show:(Landroidx/fragment/app/FragmentManager;Ljava/lang/String;)V(LDialogFragment.java:73) [0x7fa4b326e410] OPCODE: CONST v0, 1 [0x7fa4b326d610] OPCODE: IPUT_BOOLEAN v0, v1, Landroidx/fragment/app/LDialogFragment;.mShownByMe:Z [0x7fa4a468ad80] POSITION: Landroidx/fragment/app/LDialogFragment;.show:(Landroidx/fragment/app/FragmentManager;Ljava/lang/String;)V(LDialogFragment.java:74) [0x7fa4b326d680] OPCODE: INVOKE_VIRTUAL v2, Landroidx/fragment/app/FragmentManager;.beginTransaction:()Landroidx/fragment/app/FragmentTransaction; [0x7fa4b326ee90] OPCODE: MOVE_RESULT_OBJECT v0 [0x7fa4a468ad50] POSITION: Landroidx/fragment/app/LDialogFragment;.show:(Landroidx/fragment/app/FragmentManager;Ljava/lang/String;)V(LDialogFragment.java:75) [0x7fa4a468ac50] DEBUG: DBG_START_LOCAL v0 ft:Landroidx/fragment/app/FragmentTransaction; [0x7fa4b326e480] OPCODE: INVOKE_VIRTUAL v0, v1, v3, Landroidx/fragment/app/FragmentTransaction;.add:(Landroidx/fragment/app/Fragment;Ljava/lang/String;)Landroidx/fragment/app/FragmentTransaction; [0x7fa4b326e5d0] POSITION: Landroidx/fragment/app/LDialogFragment;.show:(Landroidx/fragment/app/FragmentManager;Ljava/lang/String;)V(LDialogFragment.java:76) [0x7fa4b326d6f0] OPCODE: INVOKE_VIRTUAL v0, Landroidx/fragment/app/FragmentTransaction;.commitAllowingStateLoss:()I [0x7fa4b326d8b0] POSITION: Landroidx/fragment/app/LDialogFragment;.show:(Landroidx/fragment/app/FragmentManager;Ljava/lang/String;)V(LDialogFragment.java:77) [0x7fa4b326d760] OPCODE: RETURN_VOID

(1 more issues!) If you are confident that this does not matter (e.g., because you are using MakePublicPass), turn off accessibility checking on input with -J ir_type_checker.run_on_input_ignore_access=true. You may turn off all input checking with -J ir_type_checker.run_on_input=false. Traceback (most recent call last): File "/tmp/redex.YWGjVN/redex.py", line 1236, in with_temp_cleanup(lambda: run_redex(args), args.always_clean_up) File "/tmp/redex.YWGjVN/pyredex/utils.py", line 62, in with_temp_cleanup fn() File "/tmp/redex.YWGjVN/redex.py", line 1236, in with_temp_cleanup(lambda: run_redex(args), args.always_clean_up) File "/tmp/redex.YWGjVN/redex.py", line 1215, in run_redex run_redex_binary(state, exception_formatter, output_line_handler) File "/tmp/redex.YWGjVN/redex.py", line 364, in run_redex_binary run() File "/tmp/redex.YWGjVN/redex.py", line 357, in run raise RuntimeError(msg) RuntimeError: redex-all crashed with exit code 1! You can re-run it under gdb by running /tmp/redex.YWGjVN/redex-gdb-53nckktv.sh or under lldb by running /tmp/redex.YWGjVN/redex-lldb-jcchbtvs.sh

NTillmann commented 3 years ago

On the face of it, this seems like a non-sensical error message, as the private member is seemingly defined in the same class as the referencing method.

Redex internalizes all classes by name, so it's also not an issue of somehow having loaded the same class twice.

However, looking at the code that produces the error message, it prints "deobfuscated" names. So the only explanation I have here is that we are dealing with two different classes coming into Redex, however, (at least) has been obfuscated, and yet they map to the same de-obfuscated name.

We can improve the error message (in IRTypeChecker/validate_access) to also show non-deobfuscated names. But regardless, the issue you need to address is most likely what I described above.

agampe commented 2 years ago

Reading this more carefully supersedes Nikolai's answer:

illegal access to private Landroidx/fragment/app/DialogFragment;.mDismissed:Z from Landroidx/fragment/app/LDialogFragment;.show

Accessing DialogFragment from LDialogFragment. Not the same class!

Your input code is broken. If you want to work around this, try the suggestion in the error (add -J ir_type_checker.run_on_input_ignore_access=true to the command).