v1.3.0 - Now with Smali Debugger (sdbg)

This version has a few fixes but mostly the new new Smali Debugger tool which allows you to step through smalivm executions line by line, set breakpoints, etc. It was an experiment to see if smalivm could easily be used as a library (it's easier now) and to play with Kotlin. Check it out and let me know what you think.

Version bump to 1.3.x because of some changes to the API.

Here's the change log.

• Many small improvements to make smalivm a better library for more than just simplify
• Fix correctness bugs around invoking methods and maintaining correct state
• Updated dependencies

v1.2.1

It's been a while since the last release, and there have been quite a few changes. So, here's a release!

• Better console output by showing progress / remaining classes
• Better error handling (improved stability)
• Improved Enum and Array handling
• Updated dependencies
• Cleaned up the API for smalivm
• Modernized ObfuscatedApp's encryption obfuscation so it's a more realistic test
• Added Object.getClass emulation and peephole optimization
• Lots of little bug fixes

v1.2.0

This release fixes a lot of bugs and changes the output format to make it a little easier to read. Thanks to the many people who reported bugs. You brave souls!

Here's a quick overview of the changes:

• Visual indicator of progress through classes and methods, and some simple run time stats
• Fix for enum instantiation, objects created via reflection have more correct type
• Improved type flow, when a method can't be invoked because arguments aren't valid, don't use type from method signature unless it's more specific than type of the argument
• Improved correctness for aput ops
• Improved correctness when determining consensus type
• Improved correctness when updating argument identities during multiverse collapse
• Updated dependencies, notably dexlib updated to 2.2.1
• Updated reference framework to Android-25
• Implemented monitor-enter and monitor-exit opcodes (used to be handled by UnknownOp)

v1.1.0

New release. It's not just a point release because there were some API changes in smalivm. Here's the changelog:

• Allow static initialization of fields using literals, e.g. .field myInt:I = 0x42
• Fixed several problems with looking up inherited fields
• Better merging of states from called methods
• Better exception handling - implement throw and move-exception
• Improved correctness for instance-of and check-cast ops
• Improved correctness for java.lang.reflect.Field.get() emulated method
• API change - much of the functionality in ClassManager was moved to VirtualGeneric
• Fixed many small bugs and possibly added a few new ones
• Fixed embarrassingly large number of typos

v1.0.0

Code seems to be stable enough for a 1.0 release. The download is a little big, but there's an entire Android framework floating around in there, so there's not much that can be done without other tradeoffs.

Changes:

• Lots of correctness improvements
• Optimization output counts are multi-line and, I think, easier to read
• Improve handling of null values

v1.0.0 Milestone 1

It's been a few years since this all started, but there is finally a milestone release for v1.0. The next few milestones will be focused on fixing bugs and shaking out any issues made by some of the drastic changes in the past several commits.

Changes:

• Dynamically create JVM classes for input and framework Smali
• Speed up cloning by making a Cloner which knows about immutable Android classes meaning fewer objects need deep cloning
• Update framework reference Smali to to Android API 23
• Various bug fixes and improvements (and probably some new bugs!)

v0.9.1

Changes:

• improved execution graph manipulation
• rewrote and improved CLI
• made progress towards proper Java Class object emulation
• greatly improved test performance
• fixed lots of correctness problems
• cleaned up smalivm API by preferring simple return values and improving naming

v0.9.0

Changes:

• More robust manipulation of execution graphs
• Added optimization for ifs with constant predicates
• Added --max-execution-time for long running methods
• Added ExecutionGrapher which gives a GraphViz compatible DOT file for an execution graph. Screen shots below.
• Improved dead code detection
• Mostly eliminated method re-execution during optimization
• Many more tests and bug fixes

Here's a small example method graph to show what ExecutionGrapher does. Each node in the graph is the execution of some instruction, along with all the relevant context at that point. This is before optimization:

Graph after optimization:

v0.8.0

I ran this on some malware and it didn't crash. To celebrate, here's a release!