search

soot-oss / soot

Soot - A Java optimization framework
GNU Lesser General Public License v2.1
2.85k stars 705 forks source link

RuntimeException when repacking Android app #1378

Open skull591 opened 4 years ago

skull591 commented 4 years ago

I use Soot to instrument an apk of a specific reversion of an Android app AnkiDroid, however it throws RuntimeException when converting from jimple to dex even when I do no transformation. This is the snippet of the code for soot:

   G.reset()
    Options.v().set_src_prec(Options.src_prec_apk)
    Options.v().set_output_format(Options.output_format_dex)
    Options.v().set_include_all(true)
    Options.v().set_android_api_version(23)
    Options.v().set_whole_program(true)
    Options.v().set_prepend_classpath(true)
    Scene.v().addBasicClass("java.lang.System", SootClass.SIGNATURES)
    Options.v().set_process_multiple_dex(true)
    Options.v().set_allow_phantom_refs(true)

    //add our own humble transformer
    //PackManager.v().getPack("jtp").add(Transform("jtp.myLogInstrumenter", APILogTransformer()))
   // PackManager.v().getPack("jtp").add(Transform("jtp.myCoverageInstrumenter", DetailTraceTransformer()))

    Main.main(arrayOf(
        "-force-android-jar", "$androidSDKAddress/platforms/android-27.0.3/android.jar",
        "-d", outApkDir,
        "-process-dir", apkFile
    ))

Note that I didn't add any transformer. The crash log is:

Exception in thread "Thread-25" java.lang.RuntimeException: Trying to cast reference type java.lang.String to a primitive
    at soot.toDex.ExprVisitor.castPrimitive(ExprVisitor.java:684)
    at soot.toDex.ExprVisitor.caseCastExpr(ExprVisitor.java:639)
    at soot.jimple.internal.AbstractCastExpr.apply(AbstractCastExpr.java:128)
    at soot.toDex.StmtVisitor.caseAssignStmt(StmtVisitor.java:497)
    at soot.jimple.internal.JAssignStmt.apply(JAssignStmt.java:242)
    at soot.toDex.DexPrinter.toInstructions(DexPrinter.java:1543)
    at soot.toDex.DexPrinter.toMethodImplementation(DexPrinter.java:1206)
    at soot.toDex.DexPrinter.toMethods(DexPrinter.java:1093)
    at soot.toDex.DexPrinter.addAsClassDefItem(DexPrinter.java:666)
    at soot.toDex.DexPrinter.add(DexPrinter.java:1677)
    at soot.PackManager.writeClass(PackManager.java:1096)
    at soot.PackManager.lambda$writeOutput$1(PackManager.java:699)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run(Thread.java:748)
java.lang.RuntimeException: Trying to cast reference type java.lang.String to a primitive
    at soot.toDex.ExprVisitor.castPrimitive(ExprVisitor.java:684)
    at soot.toDex.ExprVisitor.caseCastExpr(ExprVisitor.java:639)
    at soot.jimple.internal.AbstractCastExpr.apply(AbstractCastExpr.java:128)
    at soot.toDex.StmtVisitor.caseAssignStmt(StmtVisitor.java:497)
    at soot.jimple.internal.JAssignStmt.apply(JAssignStmt.java:242)
    at soot.toDex.DexPrinter.toInstructions(DexPrinter.java:1543)
    at soot.toDex.DexPrinter.toMethodImplementation(DexPrinter.java:1206)
    at soot.toDex.DexPrinter.toMethods(DexPrinter.java:1093)
    at soot.toDex.DexPrinter.addAsClassDefItem(DexPrinter.java:666)
    at soot.toDex.DexPrinter.add(DexPrinter.java:1677)
    at soot.PackManager.writeClass(PackManager.java:1096)
    at soot.PackManager.lambda$writeOutput$1(PackManager.java:699)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    at java.lang.Thread.run(Thread.java:748)

It seems to only happen on a specific revision of AnkDroid that build with this commit. Is it bug or I did something wrong?

mbenz89 commented 4 years ago

It seems that you are enforcing an Android 27 api jar file while setting the api version to 23. Is there a reason for this? Soot usually chooses the correct Api itself if you provided with an app. It just requires to have the android.jar for that API under the installed platforms.

Could you give the problem a quick debug to find the underlying problem if adapting the Android lib doesn’t help?

Am 05.07.2020 um 15:43 schrieb skull591 notifications@github.com:

I use Soot to instrument an apk of a specific reversion of an Android app AnkiDroid, however it throws RuntimeException when converting from jimple to dex even when I do no transformation. This is the snippet of the code for soot:

G.reset() Options.v().set_src_prec(Options.src_prec_apk) Options.v().set_output_format(Options.output_format_dex) Options.v().set_include_all(true) Options.v().set_android_api_version(23) Options.v().set_whole_program(true) Options.v().set_prepend_classpath(true) Scene.v().addBasicClass("java.lang.System", SootClass.SIGNATURES) Options.v().set_process_multiple_dex(true) Options.v().set_allow_phantom_refs(true)

//add our own humble transformer
//PackManager.v().getPack("jtp").add(Transform("jtp.myLogInstrumenter", APILogTransformer()))

// PackManager.v().getPack("jtp").add(Transform("jtp.myCoverageInstrumenter", DetailTraceTransformer()))

Main.main(arrayOf(
    "-force-android-jar", "$androidSDKAddress/platforms/android-27.0.3/android.jar",
    "-d", outApkDir,
    "-process-dir", apkFile
))

Note that I didn't add any transformer. The crash log is:

Exception in thread "Thread-25" java.lang.RuntimeException: Trying to cast reference type java.lang.String to a primitive at soot.toDex.ExprVisitor.castPrimitive(ExprVisitor.java:684) at soot.toDex.ExprVisitor.caseCastExpr(ExprVisitor.java:639) at soot.jimple.internal.AbstractCastExpr.apply(AbstractCastExpr.java:128) at soot.toDex.StmtVisitor.caseAssignStmt(StmtVisitor.java:497) at soot.jimple.internal.JAssignStmt.apply(JAssignStmt.java:242) at soot.toDex.DexPrinter.toInstructions(DexPrinter.java:1543) at soot.toDex.DexPrinter.toMethodImplementation(DexPrinter.java:1206) at soot.toDex.DexPrinter.toMethods(DexPrinter.java:1093) at soot.toDex.DexPrinter.addAsClassDefItem(DexPrinter.java:666) at soot.toDex.DexPrinter.add(DexPrinter.java:1677) at soot.PackManager.writeClass(PackManager.java:1096) at soot.PackManager.lambda$writeOutput$1(PackManager.java:699) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) java.lang.RuntimeException: Trying to cast reference type java.lang.String to a primitive at soot.toDex.ExprVisitor.castPrimitive(ExprVisitor.java:684) at soot.toDex.ExprVisitor.caseCastExpr(ExprVisitor.java:639) at soot.jimple.internal.AbstractCastExpr.apply(AbstractCastExpr.java:128) at soot.toDex.StmtVisitor.caseAssignStmt(StmtVisitor.java:497) at soot.jimple.internal.JAssignStmt.apply(JAssignStmt.java:242) at soot.toDex.DexPrinter.toInstructions(DexPrinter.java:1543) at soot.toDex.DexPrinter.toMethodImplementation(DexPrinter.java:1206) at soot.toDex.DexPrinter.toMethods(DexPrinter.java:1093) at soot.toDex.DexPrinter.addAsClassDefItem(DexPrinter.java:666) at soot.toDex.DexPrinter.add(DexPrinter.java:1677) at soot.PackManager.writeClass(PackManager.java:1096) at soot.PackManager.lambda$writeOutput$1(PackManager.java:699) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) It seems to only happen on a specific revision of AnkDroid that build with this https://github.com/ankidroid/Anki-Android/tree/237352c129ee5f45026edd24656bf369e155ed65 commit. Is it bug or I did something wrong?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/soot-oss/soot/issues/1378, or unsubscribe https://github.com/notifications/unsubscribe-auth/AB2QOCOKL4ZSJNN6MXAGZHLR2B7RRANCNFSM4OQ4EPFA.