search

testwhat / SmaliEx

A wrapper to get de-optimized dex from odex/oat/vdex.
529 stars 142 forks source link

Issue deoptimising application (Honor 7) #5

Closed paulobrien closed 8 years ago

paulobrien commented 8 years ago

I receive the following error when deoptimising a specific application from the Honor 7 (5.0.2):

(freshly built SmaliEx today)

09-28 15:05:59:971 Preparing bootclasspath from /var/bigdisk/h7/framework/arm64/odex
09-28 15:06:00:087 De-optimizing /system/app/HwWiFiDirect/HwWiFiDirect.apk
09-28 15:06:00:370 Analysis info of Lcom/huawei/android/wfdft/ftc/service/FTCService; : <clinit>:
UnresolvedOdexInstruction INVOKE_VIRTUAL_QUICK_ART Format35ms i=57

09-28 15:06:00:370 Analysis error in class=Lcom/huawei/android/wfdft/ftc/service/FTCService; method=<clinit>
Method: Lcom/huawei/android/wfdft/ftc/service/FTCService;-><clinit>()V
Opcode: invoke-virtual-quick
Code address: 114
Near line: 182

09-28 15:06:00:371 org.jf.dexlib2.analysis.AnalysisException: Could not resolve the method in class Ljava/lang/Object; at index 14, objReg=2
        at org.jf.dexlib2.analysis.MethodAnalyzer.analyzeInvokeVirtualQuick(MethodAnalyzer.java:1809)
        at org.jf.dexlib2.analysis.MethodAnalyzer.analyzeInstruction(MethodAnalyzer.java:994)
        at org.jf.dexlib2.analysis.MethodAnalyzer.analyze(MethodAnalyzer.java:211)
        at org.jf.dexlib2.analysis.MethodAnalyzer.<init>(MethodAnalyzer.java:149)
        at org.rh.smaliex.OatUtil$OatDexRewriterModule$1$1.getInstructions(OatUtil.java:592)
        at org.jf.dexlib2.immutable.ImmutableMethodImplementation.of(ImmutableMethodImplementation.java:84)
        at org.jf.dexlib2.immutable.ImmutableMethod.<init>(ImmutableMethod.java:72)
        at org.jf.dexlib2.immutable.ImmutableMethod.of(ImmutableMethod.java:102)
        at org.jf.dexlib2.immutable.ImmutableMethod$1.makeImmutable(ImmutableMethod.java:129)
        at org.jf.dexlib2.immutable.ImmutableMethod$1.makeImmutable(ImmutableMethod.java:120)
        at org.jf.util.ImmutableConverter$3.next(ImmutableConverter.java:139)
        at com.google.common.collect.ImmutableCollection$Builder.addAll(ImmutableCollection.java:301)
        at com.google.common.collect.ImmutableSet$Builder.addAll(ImmutableSet.java:522)
        at com.google.common.collect.ImmutableSortedSet$Builder.addAll(ImmutableSortedSet.java:551)
        at com.google.common.collect.ImmutableSortedSet.copyOf(ImmutableSortedSet.java:326)
        at org.jf.util.ImmutableConverter.toSortedSet(ImmutableConverter.java:137)
        at org.jf.dexlib2.immutable.ImmutableMethod.immutableSetOf(ImmutableMethod.java:116)
        at org.jf.dexlib2.immutable.ImmutableClassDef.<init>(ImmutableClassDef.java:108)
        at org.jf.dexlib2.immutable.ImmutableClassDef.of(ImmutableClassDef.java:148)
        at org.jf.dexlib2.immutable.ImmutableClassDef$3.makeImmutable(ImmutableClassDef.java:209)
        at org.jf.dexlib2.immutable.ImmutableClassDef$3.makeImmutable(ImmutableClassDef.java:200)
        at org.jf.util.ImmutableConverter$2.next(ImmutableConverter.java:105)
        at com.google.common.collect.ImmutableCollection$Builder.addAll(ImmutableCollection.java:301)
        at com.google.common.collect.ImmutableSet$Builder.addAll(ImmutableSet.java:522)
        at com.google.common.collect.ImmutableSet.copyOf(ImmutableSet.java:321)
        at org.jf.util.ImmutableConverter.toSet(ImmutableConverter.java:103)
        at org.jf.dexlib2.immutable.ImmutableClassDef.immutableSetOf(ImmutableClassDef.java:196)
        at org.jf.dexlib2.immutable.ImmutableDexFile.<init>(ImmutableDexFile.java:47)
        at org.jf.dexlib2.immutable.ImmutableDexFile.of(ImmutableDexFile.java:58)
        at org.rh.smaliex.OatUtil$OatDexRewriter.rewriteDexFile(OatUtil.java:545)
        at org.rh.smaliex.OatUtil.convertToDex(OatUtil.java:306)
        at org.rh.smaliex.OatUtil.oat2dex(OatUtil.java:163)
        at org.rh.smaliex.Main.main(Main.java:75)
Method: Lcom/huawei/android/wfdft/ftc/service/FTCService;-><clinit>()V
Opcode: invoke-virtual-quick
Code address: 114
Near line: 182

09-28 15:06:00:372 Failed to re-construct dex java.lang.ClassCastException: org.jf.dexlib2.analysis.UnresolvedOdexInstruction cannot be cast to org.jf.dexlib2.iface.instruction.formats.Instruction35ms
09-28 15:06:00:372 convertToDex: skip /system/app/HwWiFiDirect/HwWiFiDirect.apk
testwhat commented 8 years ago

Please provide the boot.oat and app odex.

paulobrien commented 8 years ago

I uploaded the boot.oat and 2 problem odex files here:

http://content.modaco.net/dropzone/smaliex.files.zip

P

testwhat commented 8 years ago

Working on cast case.

FTCService.smali .method static constructor ()V

    .line 181
    if-eqz v2, :cond_78

    instance-of v3, v2, Ljava/lang/Integer;

    if-eqz v3, :cond_78

    .line 182
    nop

    nop

    .end local v2    # "value":Ljava/lang/Object;
    invoke-virtual-quick {v2}, vtable@14

Utilities.smali .method static constructor ()V

    .line 294
    .local v2, "status":Ljava/lang/Object;
    instance-of v3, v2, Ljava/lang/Integer;

    if-eqz v3, :cond_df

    .line 295
    nop

    nop

    .end local v2    # "status":Ljava/lang/Object;
    invoke-virtual-quick {v2}, vtable@14
paulobrien commented 8 years ago

Thanks for looking at this. Could you clarify your reply? Anything else you need from me?

P

testwhat commented 8 years ago

Have a try: download

Workaround in 3ee8b5fc

Previous reply is about check-cast will be compiled to 2 nop: http://androidxref.com/5.0.0_r2/xref/art/compiler/dex/dex_to_dex_compiler.cc#175

paulobrien commented 8 years ago

Many thanks.

Using the build linked above returns the following:

10-12 17:31:13:394 Invalid elf magic: HwLauncher6.odex
10-12 17:31:13:521 De-optimizing /system/app/HwLauncher6/HwLauncher6.apk
10-12 17:31:14:725 Analysis info of Lcom/huawei/android/launcher/Utilities;-><clinit>:
Recover optimized nop-nop: cast v2 to Ljava/lang/Integer; for INVOKE_VIRTUAL_QUICK_ART at line 298
Recover optimized nop-nop: cast v0 to Ljava/lang/Integer; for INVOKE_VIRTUAL_QUICK_ART at line 304

10-12 17:31:15:069 Analysis info of Lcom/huawei/netinteractive/NetInteractiveGetJson;->getJson:
Recover optimized nop-nop: cast v3 to Ljavax/net/ssl/HttpsURLConnection; for MOVE_OBJECT at line 98
Resolve method from the nearest instance-of. method=Ljavax/net/ssl/HttpsURLConnection;->setSSLSocketFactory instr=INVOKE_VIRTUAL_QUICK_ART at line 98
Recover optimized nop-nop: cast v3 to Ljavax/net/ssl/HttpsURLConnection; for MOVE_OBJECT at line 114
Resolve method from the nearest instance-of. method=Ljavax/net/ssl/HttpsURLConnection;->setHostnameVerifier instr=INVOKE_VIRTUAL_QUICK_ART at line 114
Resolve calling object from debug info: instr=INVOKE_VIRTUAL_QUICK_ART type=Ljava/io/InputStreamReader; mIdx=11 objReg=8 at line 155
Resolve calling object from debug info: instr=INVOKE_VIRTUAL_QUICK_ART type=Ljava/io/InputStreamReader; mIdx=11 objReg=8 at line 155

10-12 17:31:15:936 Output to /var/bigdisk/h7/b121/system/app.temp/HwLauncher6/arm64/HwLauncher6.dex

Not sure where that invalid elf magic has come from!

testwhat commented 8 years ago

Please try again with latest version. Those output information can be ignored.

paulobrien commented 8 years ago

Perfect. Built a new version and after updating it to smali/baksmali 2.1.0, I was able to successfully deoptimise the two apps mentioned above. Thanks for your help, much appreciated!