IGS stats not generated?

[ttben]

Hi there !

I am trying to use these software in my PhD, and currently trying to generate "IGS" anti-pattern locations.

I run the following script:

#!/bin/bash

FILENAME=$1
FILESIZE=du -k "$FILENAME" | cut -f1
SHASUM=$(shasum -a 256 "$FILENAME" | cut -f1 -d' ')
DB_LOCATION="/Desktop/tmpdir_paprika"
rm -rf $DB_LOCATION
mkdir $DB_LOCATION
PAPRIKA_LOCATION="/Downloads/paprika-master/out/artifacts/Paprika_jar/Paprika.jar"
ANDROID_PLATFORM_LOCATION="~/Library/Android/sdk/platforms/"

echo $FILENAME
echo $FILESIZE
echo $SHASUM

java -jar $PAPRIKA_LOCATION analyse $FILENAME -s $FILESIZE -r 2 -d "2017-04-12 00:00:00.0" -nd 12 -cat game -dev me -k $SHASUM -p paprika -n randomAPK -db $DB_LOCATION -a $ANDROID_PLATFORM_LOCATION

java -jar $PAPRIKA_LOCATION query -db $DB_LOCATION -r IGS
java -jar $PAPRIKA_LOCATION query -db $DB_LOCATION -r MIM
java -jar $PAPRIKA_LOCATION query -db $DB_LOCATION -r STATS

• I used the Paprika.jar in the out folder of this repository.
• I used the witness app you provide in another repository.

I give you below the execution trace of the script

$ sh paprikascript.sh /Users/benjaminbenni/Downloads/paprika-witness-app-master/app/app-release.apk

Collecting metrics
Saving into database /Users/benjaminbenni/Desktop/tmpdir_paprika
Done
Executing Queries
Resulting csv file name will start with prefix 2017_4_14_9_37
Done
Executing Queries
Resulting csv file name will start with prefix 2017_4_14_9_37
Done
Executing Queries
Resulting csv file name will start with prefix 2017_4_14_9_37
Done

The resulting files:

• 2017_4_14_9_37_IGS.csv is empty. It contains app_key,IGS, that's all.
• 2017_4_14_9_37_MIM.csv is empty. It contains app_key,MIM, that's all.

Do you have any idea why the resulting csv files are empty? I ran the same script over facebook, twitter apks and nothing comes out.

[GeoffreyHecht]

Hi,
The stats are ok ? Does it works with other code smells (like LM for example) ?
If yes, do you use the recommended android-platforms for Soot : https://github.com/Sable/android-platforms (Otherwise Paprika cannot generate the callgraph (yet) which is required to detect IGS).

[ttben]

I think so. LM seems to work well.
Here are the content of LM.csv file when analyzing the witness apk.

app_key,number_of_instructions,fuzzy_value 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,125,1 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,23,0.667 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,136,1 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,136,1 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,135,1 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,135,1 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,135,1 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,135,1 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,287,1 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,136,1 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,135,1 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,143,1 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,136,1 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,175,1

Do you have the same results?

I tried to use the recommended platform you pointed out but it fails when analyzing chrome apk, yielding "can not infer type" error or something like that.

I ran the same script using the recommended android platforms and it seems to work.
It contains:

app_key,IGS
30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,30

In fact, I am trying to have similar results to this. Is it possible using your tool?

Using such platforms means that a retro-compatibility issue can occur? Any today's app can be analyzed using these platforms?

Thank you for your quick answer!

[FrancescoMercaldo]

i confirm it is work. bye Il giorno 14/apr/2017 10:44, "Benjamin Benni" <[email protected]> ha scritto:

…

I think so. LM seems to work well. Here are the content of LM.csv file when analyzing the witness apk. app_key,number_of_instructions,fuzzy_value 30ef6f312880442ea01d177d744e65 2cc2b25c1548ba16d33b7d1b2dcfa37c60,125,1 30ef6f312880442ea01d177d744e65 2cc2b25c1548ba16d33b7d1b2dcfa37c60,23,0.667 30ef6f312880442ea01d177d744e65 2cc2b25c1548ba16d33b7d1b2dcfa37c60,136,1 30ef6f312880442ea01d177d744e65 2cc2b25c1548ba16d33b7d1b2dcfa37c60,136,1 30ef6f312880442ea01d177d744e65 2cc2b25c1548ba16d33b7d1b2dcfa37c60,135,1 30ef6f312880442ea01d177d744e65 2cc2b25c1548ba16d33b7d1b2dcfa37c60,135,1 30ef6f312880442ea01d177d744e65 2cc2b25c1548ba16d33b7d1b2dcfa37c60,135,1 30ef6f312880442ea01d177d744e65 2cc2b25c1548ba16d33b7d1b2dcfa37c60,135,1 30ef6f312880442ea01d177d744e65 2cc2b25c1548ba16d33b7d1b2dcfa37c60,287,1 30ef6f312880442ea01d177d744e65 2cc2b25c1548ba16d33b7d1b2dcfa37c60,136,1 30ef6f312880442ea01d177d744e65 2cc2b25c1548ba16d33b7d1b2dcfa37c60,135,1 30ef6f312880442ea01d177d744e65 2cc2b25c1548ba16d33b7d1b2dcfa37c60,143,1 30ef6f312880442ea01d177d744e65 2cc2b25c1548ba16d33b7d1b2dcfa37c60,136,1 30ef6f312880442ea01d177d744e65 2cc2b25c1548ba16d33b7d1b2dcfa37c60,175,1 Do you have the same results? I tried to use the recommended platform you pointed out but it fails when analyzing chrome apk, yielding "*can not infer type*" error or something like that. I ran the same script using the recommended android platforms and it seems to work. It contains: app_key,IGS 30ef6f312880442ea01d177d744e652cc2b25c1548ba16d33b7d1b2dcfa37c60,30 In fact, I am trying to have similar results to this <https://github.com/MehdiAit/spoon-processors/blob/master/igs.csv>. Is it *possible* using your tool? Using such platforms means that a retro-compatibility issue can occur? Any today's app can be analyzed using these platforms? Thank you for your quick answer! — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#3 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AH2pv770PuBgMHKO-DnCFOO6BFhwh4yOks5rvzIHgaJpZM4M9jJy> .

[GeoffreyHecht]

Everything sounds ok indeed.
To get the details of IGS (classes and methods) you can use the details option (-d true) when querying.

I never had retro-compatibility problems so far, but I guess it could happen with some apps.
It might be the case with your chrome app indeed.
Some apks cannot be analysed due to this kind of Soot errors, and there is nothing I can really do for this (you can try to update Paprika with the last versions of Soot if you are motivated, it might solve some cases).

Also note that you can generate your android-platforms for any versions in theory ( Sable/android-platforms#4) :

The full JAR files can be created by loading the system code from a phone or emulator, converting it back to Java bytecode, and packaging it as a JAR.

[ttben]

(you can try to update Paprika with the last versions of Soot if you are motivated, it might solve some cases)

The full JAR files can be created by loading the system code from a phone or emulator, converting it back to Java bytecode, and packaging it as a JAR.

That sounds like a lot of fun (joke).
I'll give it a try if I have no other choices and I will let you know.

I ran again my script with -d true option and it worked just fine.
Thanks again for your help!

[GeoffreyHecht]

Sure, let me know if you do this !