Different call graphs for APK on subsequent runs #88
Comments
|
Sorry for the slow response. This is bad. Can you give a URL of an APK file on which you're observing this behavior? |
|
Here's one version of the app, however I don't know if that's the one the OP has problems with: http://www.appjenny.com/Android/App/88082/de.guh.finanzchecker/Download |
|
Sorry for the late reply. I tried narrowing down the issue to just a few classes, but was unsuccessful. The issue even occurs when analysing a freshly created Apache Cordova application. I assume it has to do with some part of the Apache Cordova framework. I compiled one for you and uploaded it here. In order to make it work with my code snippet, you have to exchange the correct path to this APK as well as drop the If you have any trouble reproducing the issue, please let me know. |
|
Ok, so I spent a bit of time on this, and one issue is there seems to be considerable non-determinism in the public static void main(String[] args)
throws IOException, ClassHierarchyException, IllegalArgumentException, CallGraphBuilderCancelException {
for (int i = 0; i < 100; i++) {
AnalysisScope scope = com.ibm.wala.dalvik.test.util.Util.makeDalvikScope(null, new File("/Users/m.sridharan/Library/Android/sdk/platforms/android-19/android.jar"),
new File("/Users/m.sridharan/Downloads/HelloCordova-debug.apk").getCanonicalPath());
ClassHierarchy cha = ClassHierarchy.make(scope);
System.out.println(cha.getNumberOfClasses() + " classes");
AnalysisCache cache = new AnalysisCache(new DexIRFactory());
Set<LocatorFlags> set = new HashSet<LocatorFlags>();
set.add(LocatorFlags.INCLUDE_CALLBACKS);
set.add(LocatorFlags.EP_HEURISTIC);
set.add(LocatorFlags.CB_HEURISTIC);
AndroidEntryPointLocator eps = new AndroidEntryPointLocator(set);
List<AndroidEntryPoint> entryPoints = eps.getEntryPoints(cha);
System.out.println(entryPoints.size() + " entrypoints");
File out = new File(entryPoints.size() + "entries.txt");
if (out.exists())
out.delete();
FileWriter fw = new FileWriter(out);
List<String> nodes = new ArrayList<String>();
for (Iterator<AndroidEntryPoint> it = entryPoints.iterator(); it.hasNext();) {
nodes.add(it.next().toString());
}
Collections.sort(nodes, new Comparator<String>() {
@Override
public int compare(String o1, String o2) {
return o1.compareTo(o2);
}
});
for (String str : nodes) {
fw.write(str + "\n");
}
fw.close();
}The entrypoint counts I see vary between 638 and 675. I'm not too familiar with this Android entrypoint code. @mohrm do you know this code better? Could you take a look? |
Added while investigating #88, but this does not fix the problem
|
I also executed the example code above and still get variations, when just using the proposed fixes. However, on the current https://github.com/joana-team/WALA master branch, there are no variations anymore. So, pull request #134 only solves part of #88. |
|
Ah, forgot to add hashCode() and equals() for DexModuleEntry. Now it works, always outputs 675. |
|
Fixed by #134 |
I am struggling to build Java call graphs from APK files in a reproducable manner. I expect the call graph to be the same every time I build it, but the number of nodes differ up to a couple hundred between subsequent runs, although the code and circumstances do not seem to differ. Does anyone have an idea of what I am doing wrong?
I added some sample code below. It runs the ZeroCFABuilder 100 times on the "de.guh.finanzchecker" Android App I downloaded from the Google Play Store, although I encountered this problem with many other apps, too. Additionally I took the android.jar from API level 19. I then print the number of nodes and write nodes from the call graph into a file for debugging purposes. When I run this on my Arch Linux machine using "openjdk version 1.8.0_51" and the latest master branch of WALA, I got at least 10 different call graphs, ranging from 6984 to 7027 nodes. I appended the delta nodes from those two examples below the code.
The text was updated successfully, but these errors were encountered: