Develop Reference

Native crashes on some devices with ProGuard

EDIT: For future devs who may be suffering from the same issues, I'm afraid I can't be of much use. The problem apparently solved itself during future versions of the app, but I have been unable to ascertain the cause.
I've been testing an application through the Google Play closed beta testing system, using my friends as beta testers. After pushing an update where the .apk was obfuscated using ProGuard, two testers started reporting crashes. The crashes are unpredictable and sporadic, and they have been unable to ascertain any reason or pattern for them. To make things worse, the crash reports I'm getting in the Dev Console contain no information at all, simply stating "Native crash at (no location available)", no stack trace, not even any device information.
I do know the device information through just asking the testers in question, and both devices are Sony phones, an Xperia Z3 and an Xperia Z3 Compact. However, I also have a Z3 Compact available for testing and have been unable to reproduce the crash while running the same obfuscated apk. We are running the same OS version as well.
I have sent one of the testers and unobfuscated apk, and he was unable to reproduce the crash running that version. This, and the fact that the crash first occurred after a patch that introduced ProGuard obfuscation, leads me to believe that to be the cause.
At first, I ran ProGuard using only the default configuration file from the SDK:
# This is a configuration file for ProGuard.
# LINK REMOVED
-dontusemixedcaseclassnames
-dontskipnonpubliclibraryclasses
-verbose
# Optimization is turned off by default. Dex does not like code run
# through the ProGuard optimize and preverify steps (and performs some
# of these optimizations on its own).
-dontoptimize
-dontpreverify
# Note that if you want to enable optimization, you cannot just
# include optimization flags in your own project configuration file;
# instead you will need to point to the
# "proguard-android-optimize.txt" file instead of this one from your
# project.properties file.
-keepattributes *Annotation*
-keep public class com.google.vending.licensing.ILicensingService
-keep public class com.android.vending.licensing.ILicensingService
# For native methods, see LINK REMOVED
-keepclasseswithmembernames class * {
native <methods>;
}
# keep setters in Views so that animations can still work.
# see http://proguard.sourceforge.net/manual/examples.html#beans
-keepclassmembers public class * extends android.view.View {
void set*(***);
*** get*();
}
# We want to keep methods in Activity that could be used in the XML attribute onClick
-keepclassmembers class * extends android.app.Activity {
public void *(android.view.View);
}
# For enumeration classes, see http://proguard.sourceforge.net/manual/examples.html#enumerations
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
-keepclassmembers class * implements android.os.Parcelable {
public static final android.os.Parcelable$Creator CREATOR;
}
-keepclassmembers class **.R$* {
public static <fields>;
}
# The support library contains references to newer platform versions.
# Don't warn about those in case this app is linking against an older
# platform version. We know about them, and they are safe.
-dontwarn android.support.**
I have since added the following lines to proguard-project.txt, which is also included in the proguard configuration variable for the project:
-keep class * extends java.util.ListResourceBundle {
protected java.lang.Object[][] getContents();
}
# Keep SafeParcelable value, needed for reflection. This is required to support backwards
# compatibility of some classes.
-keep public class com.google.android.gms.common.internal.safeparcel.SafeParcelable {
public static final *** NULL;
}
# Keep the names of classes/members we need for client functionality.
-keepnames #com.google.android.gms.common.annotation.KeepName class *
-keepclassmembernames class * {
#com.google.android.gms.common.annotation.KeepName *;
}
# Needed for Parcelable/SafeParcelable Creators to not get stripped
-keepnames class * implements android.os.Parcelable {
public static final ** CREATOR;
}
# Needed when building against the Marshmallow SDK
-dontwarn org.apache.http.**
# Needed when building against pre-Marshmallow SDK.
-dontwarn android.security.NetworkSecurityPolicy
-keep public class * extends android.app.Activity
-keep public class * extends android.app.Application
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-libraryjars D:/Docs/Android/spaceprog/spaceprogr/libs/android-support-v4.jar
-keep class com.viewpagerindicator.** { *; }
-keep class com.google.android.gms.** { *; }
-keep class com.google.example.games.basegameutils.** { *; }
-printmapping out.map
-renamesourcefileattribute SourceFile
-keepattributes SourceFile,LineNumberTable
The upper part (with comments) of these additions comes directly from the README of the Google Play Services as a recommendation to be added whenever using the library. The rest I added myself while trying to research and debug the problem.
If anyone notices any omissions or other signs of trouble in my ProGuard configuration I'd be happy to know. I'd also be greatful for any suggestions on how to further debug the problem. Keep in mind that full module testing where only one module is obfuscated at a time is impossible in this case, because I do not have a device that can reproduce the issue and I cannot ask volunteer testers to install 30+ different versions of the .apk and play until it either crashes or until they are confident it will not.

how to make an android library project obfuscate inside eclipse [duplicate]

I have seen many posts about how to obfuscate an Android application (.apk file) using ProGuard in Eclipse. Also see http://developer.android.com/guide/developing/tools/proguard.html:
"When you build your application in release mode, either by running ant release or by using the Export Wizard in Eclipse, the build system automatically checks to see if the proguard.config property is set. If it is, ProGuard automatically processes the application's bytecode before packaging everything into an .apk file."
But in case of exporting an Android project in a .jar file using Eclipse Export Wizard, following the described steps (of creating a file proguard.cfg, configuring proguard.config property to proguard.cfg in the file default.properties, using Export Wizard etc.) does not seem to work - I see no obfuscation of class names, etc. in the resulting jar file. I also have the following settings in my proguard.cfg file, but I don't see any output files in my project directory or in the proguard directory (that directory is not even created).
-dump class_files.txt
-printseeds seeds.txt
-printusage unused.txt
-printmapping mapping.txt
I have even created a file project.properties in my project directory with the following line but that did not seem to entice ProGuard into action:
proguard.config=proguard.cfg
There are no activities defined in this project. I am using Android 2.3.1 and Eclipse Galileo 3.5.2 on Windows. Same results with Android 3.0. Seems like the obfuscation step has to be somehow interjected explicitly in the Eclipse Export Wizard. I will appreciate any help or insight. Thanks.

as suggested in the comments to one of the answers above (but which i didn't notice at first because it was buried amongst one of the "additional comments") …
we simply run progruard on the command line (see the first block below) on the library outside of eclipse with the parameters in the second block below in our our proguard.cfg file (and definitely do not use -dontpreverify, or projects that use your project as an android library won't be able to properly be obfuscated due to StackMapTable problems from your project.jar).
command line:
$ java -jar $ANDROID_SDK/tools/proguard/lib/proguard.jar \
-libraryjars $ANDROID_SDK/platforms/android-18/android.jar #proguard.cfg
-outjars /tmp/project.jar -verbose
proguard.cfg:
-optimizationpasses 5
-dontusemixedcaseclassnames
-dontskipnonpubliclibraryclasses
-dontwarn our.company.project.R*
-injars bin/project.jar
-verbose
-optimizations !code/simplification/arithmetic,!field/*,!class/merging/*
-keep class org.apache.3rdparty.stuff.**
-keep public class our.company.project.ProjectAPI
-keep public class * extends android.app.Activity
-keep public class * extends android.app.Application
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-keep public class * extends android.app.backup.BackupAgentHelper
-keep public class * extends android.preference.Preference
-keepclassmembers public class our.company.project.ProjectAPI {
public static <fields>;
}
-keepclasseswithmembernames class * {
native <methods>;
}
-keepclasseswithmembers class * {
public <init>(android.content.Context, android.util.AttributeSet);
}
-keepclasseswithmembers class * {
public <init>(android.content.Context, android.util.AttributeSet, int);
}
-keepclassmembers class * extends android.app.Activity {
public void *(android.view.View);
}
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
-keep class * implements android.os.Parcelable {
public static final android.os.Parcelable$Creator *;
}
it's possible not all of the parameters and -keep items are strictly necessary (other than not using -dontpreverify as previously mentioned), but most of these make sense to me as items that need to be there if you have an Activity class extension in the library you are exporting.

I use an indirect way to generate a exported android obfuscate jar, my way is:
export a signed apk use eclipse
unzip the apk, find the classes.dex
use dex2jar.bat ,change the classes.dex to a jar
unzip the jar and delete the class you do not need,then zip it and
change the file name to XXX.jar
Then you use this jar in other project,or give it to customer, it
is obfuscate!
I am sure this will help you! Enjoy it!

java -jar proguard.jar #yourconfig.pro
yourconfig.pro (extended from http://proguard.sourceforge.net/index.html#manual/examples.html):
-injars yourjar.jar
-outjars yourjar_out.jar
-libraryjars 'C:\android\sdk\platforms\android-10\android.jar'
-printmapping mapping.txt
-verbose
-dontoptimize
-dontpreverify
-dontshrink
-dontskipnonpubliclibraryclassmembers
-dontusemixedcaseclassnames
-keepparameternames
-renamesourcefileattribute SourceFile
-keepattributes Exceptions,InnerClasses,Signature,Deprecated,
SourceFile,LineNumberTable,*Annotation*,EnclosingMethod
-keep public class * {
public protected *;
}
-keepclassmembernames class * {
java.lang.Class class$(java.lang.String);
java.lang.Class class$(java.lang.String, boolean);
}
-keepclasseswithmembernames class * {
native <methods>;
}
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
-keepclassmembers class * implements java.io.Serializable {
static final long serialVersionUID;
private static final java.io.ObjectStreamField[] serialPersistentFields;
private void writeObject(java.io.ObjectOutputStream);
private void readObject(java.io.ObjectInputStream);
java.lang.Object writeReplace();
java.lang.Object readResolve();
}
Result can be verified with jd-gui

The way to invoke ProGuard is fairly straightforward:
Add the line proguard.config=proguard.cfg to project.properties
Export the application package
A default proguard.cfg file should have been automatically created by the new project wizard.

Do not obfuscated your pure Java Jar. Skip that phase completely while producing the Jar (whether manually in Eclipse or via Ant build from command line).
Instead, setup and perform proper obfuscation in the client project, the one using the Jar, where you add the library as external Jar. Proguard will be able to obfuscate code within the Jar too.
I stumbled upon this issue, and ended up successfully as I described here.

Application is not working when enabled proguard in android

My project is working perfectly on android device and emulator.
But, If i export and taken the .apk file after enabled with proguard application getting struck, I cant install this .apk file with proguard.
My assumption, Service is not called while installing the .apk file and i did't get any error on my log.
Please kindly share your ideas.
Here is my proguard file.
-optimizationpasses 5
-dontskipnonpubliclibraryclasses
-dontskipnonpubliclibraryclassmembers
-dontpreverify
-verbose
-dontoptimize
# -optimizations !code/simplification/arithmetic,!field/*,!class/merging/*
-libraryjars /usr/local/android-sdk/add-ons/google_apis-7_r01/libs/maps.jar
-keep public class * extends android.app.Activity
-keep public class * extends android.app.Application
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-keep public class * extends android.app.backup.BackupAgentHelper
-keep public class * extends android.preference.Preference
-keep public class com.android.vending.licensing.ILicensingService
-keepattributes JavascriptInterface
-keepclasseswithmembers class * {
public <init>(android.content.Context, android.util.AttributeSet);
}
-keepclasseswithmembers class * {
public <init>(android.content.Context, android.util.AttributeSet, int);
}
-keepclassmembers class * extends android.app.Activity {
public void *(android.view.View);
}
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
-keep class * implements android.os.Parcelable {
public static final android.os.Parcelable$Creator *;
}
-keep class mypackage.MyCallbackClass {
void myCallbackMethod(java.lang.String);
}
-dontwarn android.support.**
-dontwarn org.w3c.dom.bootstrap.DOMImplementationRegistry
and my ** project.properties file**
# This file is automatically generated by Android Tools.
# Do not modify this file -- YOUR CHANGES WILL BE ERASED!
#
# This file must be checked in Version Control Systems.
#
# To customize properties used by the Ant build system edit
# "ant.properties", and override values to adapt the script to your
# project structure.
#
# To enable ProGuard to shrink and obfuscate your code, uncomment this (available properties: sdk.dir, user.home):
proguard.config=${sdk.dir}\\tools\\proguard\\proguard-android.txt:proguard-project.txt
#proguard.config=proguard.cfg
# Project target.
target=Google Inc.:Google APIs:11
android.library.reference.1=../Library1
android.library.reference.2=../Library2
Please kindly share your ideas.
Thank You.

I suppose you are signing this version with a release key.
If you have an older installation on your phone(with a debug key),please uninstall it first.(You can't have the same app with two different signatures on your device)

FAILED BINDER TRANSACTION usually occurs when you have overflowed the Binder process. If you are not using large bitmaps on your splash page (which is the most common reason for a failed binder transaction) then it might be a ParcelFormatException, since I notice you're trying to use a Parcelable in your apk.

Assuming you're keeping ADT up to date..
If you're building the release version of your application using Eclipse export, it will load Proguard settings from the file specified by the proguard.config property in project.properties.
If you are using ant release, it will load the Proguard settings from the file specified by the proguard.config property in ant.properties.
That being said, are you getting any kind of errors or warnings during your build? These are especially helpful when diagnosing Proguard since it's purpose is to remove classes and methods that it doesn't think are being used by your application.
I uninstall my apps using:
adb shell pm uninstall -k com.*example*.*app*
And reinstall using:
adb install App-release.apk
If it gives an error about compatability, I discard the previous application data by excluding the -k switch from the uninstall command:
adb shell pm uninstall com.*example*.*app*

Does Proguard remove comments from Java source

I am using the code from proguard-android.txt file below
# This is a configuration file for ProGuard.
# http://proguard.sourceforge.net/index.html#manual/usage.html
-dontusemixedcaseclassnames
-dontskipnonpubliclibraryclasses
-verbose
# Optimization is turned off by default. Dex does not like code run
# through the ProGuard optimize and preverify steps (and performs some
# of these optimizations on its own).
-dontoptimize
-dontpreverify
# Note that if you want to enable optimization, you cannot just
# include optimization flags in your own project configuration file;
# instead you will need to point to the
# "proguard-android-optimize.txt" file instead of this one from your
# project.properties file.
-keepattributes *Annotation*
-keep public class com.google.vending.licensing.ILicensingService
-keep public class com.android.vending.licensing.ILicensingService
# For native methods, see http://proguard.sourceforge.net/manual/examples.html#native
-keepclasseswithmembernames class * {
native <methods>;
}
# keep setters in Views so that animations can still work.
# see http://proguard.sourceforge.net/manual/examples.html#beans
-keepclassmembers public class * extends android.view.View {
void set*(***);
*** get*();
}
# We want to keep methods in Activity that could be used in the XML attribute onClick
-keepclassmembers class * extends android.app.Activity {
public void *(android.view.View);
}
# For enumeration classes, see http://proguard.sourceforge.net/manual/examples.html#enumerations
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
-keep class * implements android.os.Parcelable {
public static final android.os.Parcelable$Creator *;
}
-keepclassmembers class **.R$* {
public static <fields>;
}
# The support library contains references to newer platform versions.
# Don't warn about those in case this app is linking against an older
# platform version. We know about them, and they are safe.
-dontwarn android.support.**
to obfuscate Android code.
My Question Does Proguard remove all the comments from the Java source file when we use the above settings in Proguard?

ProGuard doesn't remove anything from the source files, regardless of settings. ProGuard makes sure that the compiled files have obfuscated method/class names and strips appropriate methods/classes completely when possible.
Compiled Java binaries don't include regular code comments whether you're using ProGuard or not.

How to obfuscate an Android library (.jar file) using Proguard in Eclipse

I have seen many posts about how to obfuscate an Android application (.apk file) using ProGuard in Eclipse. Also see http://developer.android.com/guide/developing/tools/proguard.html:
"When you build your application in release mode, either by running ant release or by using the Export Wizard in Eclipse, the build system automatically checks to see if the proguard.config property is set. If it is, ProGuard automatically processes the application's bytecode before packaging everything into an .apk file."
But in case of exporting an Android project in a .jar file using Eclipse Export Wizard, following the described steps (of creating a file proguard.cfg, configuring proguard.config property to proguard.cfg in the file default.properties, using Export Wizard etc.) does not seem to work - I see no obfuscation of class names, etc. in the resulting jar file. I also have the following settings in my proguard.cfg file, but I don't see any output files in my project directory or in the proguard directory (that directory is not even created).
-dump class_files.txt
-printseeds seeds.txt
-printusage unused.txt
-printmapping mapping.txt
I have even created a file project.properties in my project directory with the following line but that did not seem to entice ProGuard into action:
proguard.config=proguard.cfg
There are no activities defined in this project. I am using Android 2.3.1 and Eclipse Galileo 3.5.2 on Windows. Same results with Android 3.0. Seems like the obfuscation step has to be somehow interjected explicitly in the Eclipse Export Wizard. I will appreciate any help or insight. Thanks.

as suggested in the comments to one of the answers above (but which i didn't notice at first because it was buried amongst one of the "additional comments") …
we simply run progruard on the command line (see the first block below) on the library outside of eclipse with the parameters in the second block below in our our proguard.cfg file (and definitely do not use -dontpreverify, or projects that use your project as an android library won't be able to properly be obfuscated due to StackMapTable problems from your project.jar).
command line:
$ java -jar $ANDROID_SDK/tools/proguard/lib/proguard.jar \
-libraryjars $ANDROID_SDK/platforms/android-18/android.jar #proguard.cfg
-outjars /tmp/project.jar -verbose
proguard.cfg:
-optimizationpasses 5
-dontusemixedcaseclassnames
-dontskipnonpubliclibraryclasses
-dontwarn our.company.project.R*
-injars bin/project.jar
-verbose
-optimizations !code/simplification/arithmetic,!field/*,!class/merging/*
-keep class org.apache.3rdparty.stuff.**
-keep public class our.company.project.ProjectAPI
-keep public class * extends android.app.Activity
-keep public class * extends android.app.Application
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-keep public class * extends android.app.backup.BackupAgentHelper
-keep public class * extends android.preference.Preference
-keepclassmembers public class our.company.project.ProjectAPI {
public static <fields>;
}
-keepclasseswithmembernames class * {
native <methods>;
}
-keepclasseswithmembers class * {
public <init>(android.content.Context, android.util.AttributeSet);
}
-keepclasseswithmembers class * {
public <init>(android.content.Context, android.util.AttributeSet, int);
}
-keepclassmembers class * extends android.app.Activity {
public void *(android.view.View);
}
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
-keep class * implements android.os.Parcelable {
public static final android.os.Parcelable$Creator *;
}
it's possible not all of the parameters and -keep items are strictly necessary (other than not using -dontpreverify as previously mentioned), but most of these make sense to me as items that need to be there if you have an Activity class extension in the library you are exporting.

I use an indirect way to generate a exported android obfuscate jar, my way is:
export a signed apk use eclipse
unzip the apk, find the classes.dex
use dex2jar.bat ,change the classes.dex to a jar
unzip the jar and delete the class you do not need,then zip it and
change the file name to XXX.jar
Then you use this jar in other project,or give it to customer, it
is obfuscate!
I am sure this will help you! Enjoy it!

java -jar proguard.jar #yourconfig.pro
yourconfig.pro (extended from http://proguard.sourceforge.net/index.html#manual/examples.html):
-injars yourjar.jar
-outjars yourjar_out.jar
-libraryjars 'C:\android\sdk\platforms\android-10\android.jar'
-printmapping mapping.txt
-verbose
-dontoptimize
-dontpreverify
-dontshrink
-dontskipnonpubliclibraryclassmembers
-dontusemixedcaseclassnames
-keepparameternames
-renamesourcefileattribute SourceFile
-keepattributes Exceptions,InnerClasses,Signature,Deprecated,
SourceFile,LineNumberTable,*Annotation*,EnclosingMethod
-keep public class * {
public protected *;
}
-keepclassmembernames class * {
java.lang.Class class$(java.lang.String);
java.lang.Class class$(java.lang.String, boolean);
}
-keepclasseswithmembernames class * {
native <methods>;
}
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
-keepclassmembers class * implements java.io.Serializable {
static final long serialVersionUID;
private static final java.io.ObjectStreamField[] serialPersistentFields;
private void writeObject(java.io.ObjectOutputStream);
private void readObject(java.io.ObjectInputStream);
java.lang.Object writeReplace();
java.lang.Object readResolve();
}
Result can be verified with jd-gui

The way to invoke ProGuard is fairly straightforward:
Add the line proguard.config=proguard.cfg to project.properties
Export the application package
A default proguard.cfg file should have been automatically created by the new project wizard.

Do not obfuscated your pure Java Jar. Skip that phase completely while producing the Jar (whether manually in Eclipse or via Ant build from command line).
Instead, setup and perform proper obfuscation in the client project, the one using the Jar, where you add the library as external Jar. Proguard will be able to obfuscate code within the Jar too.
I stumbled upon this issue, and ended up successfully as I described here.