I need some help with Android log file deobfuscation .
The problem is that if I have an exception like:
...
10-16 10:03:10.488: E/AndroidRuntime(25723): Caused by: java.lang.NullPointerException
10-16 10:03:10.488: E/AndroidRuntime(25723): at proguard.test.a.a(Unknown Source)
...
the retrace return original log but if I paste to log function name and line like:
...
10-16 10:03:10.480: I/ghghghg(25723): Crash in function [proguard.test.a.a() Line : -1 ]
...
the retrace doesn't deofescates that log line.
I know that there is an -regex parameter to retrace command but I can't find any explanation or sample. The Proguard retrace manual is unavailable on http://proguard.sourceforge.net/manual/retrace/usage.html.
How can I configure the retrace to deobfuscate custom lines in log?
The ProGuard manual (online, and also included in the ProGuard distribution) contains an example. It uses java.util.regex syntax with some additional wildcards for class names, etc.
You can try recat. It's a python script based on logcat-color, made exactly for this scenario, on-the-fly logcat deobfuscation (doesn't work on Windows though).
Related
after enabling proguard,crash line number doesn show correctly
my hap has been published to google play and a user crash inside app,in my crash reporter,the crash line number is unknown and incorrect
java.lang.NullPointerException: null
at io.kuknos.messenger.fragments.NewWalletFragment$r$b.run(SourceFile:3)
at android.app.Activity.runOnUiThread(Activity.java:7154)
at io.kuknos.messenger.fragments.NewWalletFragment$r.a(SourceFile:5)
at z9.j$k0.a(SourceFile:10)
at z0.n.m(SourceFile:2)
at z0.e$b.run(SourceFile:5)
at android.os.Handler.handleCallback(Handler.java:938)
at android.os.Handler.dispatchMessage(Handler.java:99)
at android.os.Looper.loop(Looper.java:246)
at android.app.ActivityThread.main(ActivityThread.java:8653)
at java.lang.reflect.Method.invoke(Method.java)
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:602)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1130)
Add the following lines to your proguard configuration.
-renamesourcefileattribute SourceFile
-keepattributes SourceFile,LineNumberTable
Now your stack traces will include line numbers, and by using the retrace tool that ships with proguard (included in the Android SDK), you are able to debug like normal.
Note that even if you didn't use these two configuration options, retrace still can output useful information provided you have the mappings file, albeit not totally unambiguously.
Note: the file with the mappings is produced by the proguard configuration option:
-printmapping outputfile.txt
In the ant file shipped with the Android SDK, it is set to mapping.txt.
Good luck.
I have a logcat generated with the following command:
adb logcat -d -v time > logcat.log
Which results in an output formatted as follows:
01-22 09:03:53.482 D/com.mydomain.myapp.g.a.c( 5255): Some logcat message
Then I retrace with the following command :
.\retrace.bat -regex "(?:.*/)%c(?:.*)" .\mapping.txt .\test.log > .\test_retraced.log
However, the output remains the same as the original file. The manuel seems to refer only to stack trace outputs : https://www.guardsquare.com/en/proguard/manual/retrace
Is it possible to retrace whole file?
After struggling a while with the regex option I came to a simple regex which covers my case (see format above) :
.\retrace.bat -regex "(?:.*/)%c(?:.*)" .\mapping.txt .\test.log > .\test_retraced.log
This regex will only retrace the class names used as tags. You can play around with the regex for you own logging convention. For some reason the "/" is important, if removed it did not match.
The output was such :
01-22 09:03:53.482 D/com.mydomain.myapp.package.package.Class( 5255): Some logcat message
Today i've checked my crashes and ANR on my google play developer account, The thing is for every crash, The location of the error doesn't exist in my project. I'm getting something like:
nameofpackage.ui.activities.ak.a
My package called activities doesn't have any class called ak, neither a !
also:
nameofpackage.ui.chants.a.onClick
Chants also doesn't have a class called a !
is this normal?
Those names probably generated by proguard. if you have the line:
-printmapping out.map
Inside the rules file of proguard then you have file called:
out.map
In your project tree, there you can see what was the origin class of this Exception.
resolved, there is proguardgui which retrace the pile. You can fin it in:
sdk\tools\proguard\bin
I have been using the eclipse built in proguard tool to obsucate the code, which Works fine. However when I try to retrace the stack trace of the obfuscated code, retrace doesn't output an un-obfuscated stacktrace.
I have double check the mapping.txt to sure that i am using the right one.
here is my stack trace
ERROR/AndroidRuntime(19398):
FATAL EXCEPTION: Thread-35
ERROR/AndroidRuntime(19398): java.lang.NullPointerException
ERROR/AndroidRuntime(19398): at android.graphics.Canvas.throwIfRecycled(Canvas.java:954)
ERROR/AndroidRuntime(19398): at android.graphics.Canvas.drawBitmap(Canvas.java:980)
ERROR/AndroidRuntime(19398): at com.excelectronic.b.aa.a(ProGuard:535)
ERROR/AndroidRuntime(19398): at com.excelectronic.g.f.a(ProGuard:220)
ERROR/AndroidRuntime(19398): at com.excelectronic.game.GameView.a(ProGuard:198)
ERROR/AndroidRuntime(19398): at com.excelectronic.game.GameView.onDraw(ProGuard:98)
ERROR/AndroidRuntime(19398): at com.excelectronic.game.ac.run(ProGuard:121)
and using the command
retrace.bat -verbose mapping.txt obfuscated_trace.txt
ProGuard's ReTrace tool by default expects the stack traces to be nicely formatted, the way they are printed out by java. This means that it expects line breaks in the proper places and no prefixes like "ERROR/AndroidRuntime(19398)".
Alternatively, you can modify the regular expression that ReTrace uses for parsing the stack traces.
Use traceview to extract the original Java stack trace before using ReTrace.
I'am working with a large android project,very large,and we obfuscate our code when we release our apk to market,now the trouble is:
when our application crashed,actually,our application would post the crash log to our service,but the crash log make no mean,because we have obfuscated it already,we got infomation like this:a(),b(Unknown Source),c()....
so,how to deal with it?how to geting a readable crash log in obfuscate apk?Thanks!
When you obfuscate your code, a file called mapping.txt is generated. This file describes the mapping between your original symbols and their obfuscated versions.
If you save this file for your public builds, you can use the retrace tool to deobfuscate any stack traces you receive from crashes, thereby making them useable for fixing bugs! You invoke the tool as follows:
retrace.sh -verbose mapping.txt obfuscated_trace.txt