<div dir="ltr">I was able to solve my own question, and plan on posting my solution to this mailing list next week. I just wanted to tell the group so no one will investigate it unnecessarily.<div><br></div><div>Thanks</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jan 21, 2020 at 10:30 PM Moshe Rubin <<a href="mailto:moshe.rubin@gmail.com">moshe.rubin@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Using Soot I would like to instrument a subset of functions of an Android APK, by outputting the function's name on entry. I'm basing my code on the AndroidInstrument.java source file as detailed on the page "Instrumenting Android Apps with Soot" (
<a href="https://github.com/Sable/soot/wiki/Instrumenting-Android-Apps-with-Soot" target="_blank">https://github.com/Sable/soot/wiki/Instrumenting-Android-Apps-with-Soot</a>) and found at <a href="https://raw.githubusercontent.com/wiki/Sable/soot/code/androidinstr/AndroidInstrument.java_.txt" target="_blank">https://raw.githubusercontent.com/wiki/Sable/soot/code/androidinstr/AndroidInstrument.java_.txt</a>.<div><br></div><div>Building and running AndroidInstrument.java shows that the app intercepts the 'jtp' phase. inserting a trace statement before calling a function. For example, the instrumented Java code (as displayed by Jadx) looks like this:</div><div><br></div><div><snippet></div><div><font face="monospace">private boolean a(Context context, int i) {<br> <b>System.out.println("<com.foobar.matrix.trace.core.AppMethodCall: void i(int)>");</b><br> AppMethodCall.i(179814);<br> if (i > 0) {<br> String $r2 = q.d(context);<br> <b>System.out.println("<c.t.m.c.q: boolean a(java.lang.String)>");</b><br> q.a($r2);<br> String $r22 = q.h(context);<br> <b>System.out.println("<c.t.m.c.q: boolean a(java.lang.String)>");</b><br> q.a($r22);<br> <b>System.out.println("<c.t.m.c.q: void a()>");</b><br> q.a();<br> f $r3 = f.a(context);<br> <b>System.out.println("<c.t.m.c.f: void c()>");</b><br> $r3.c();<br> }<br> try {<br> DexClassLoader $r4 = f.a(context).a();<br> if ($r4 == null) {<br> <b>System.out.println("<java.lang.StringBuilder: void <init>()>");<br> System.out.println("<c.t.m.c.j: void a(java.lang.String)>");</b><br> j.a("class loader is null," + i);<br> e $r6 = e.b();<br> <b>System.out.println("<c.t.m.c.e: void a(java.lang.String,java.lang.String)>");</b><br> $r6.a("LMI", "41");<br> this.mInitStatus = 4;<br> <b>System.out.println("<com.foobar.matrix.trace.core.AppMethodCall: void o(int)>");</b><br> AppMethodCall.o(179814);<br> return false;<br> }</font><br></div><div></snippet></div><div><br></div><div>As can be seen, every <u>function call</u> is <u>preceded</u> by an instrumentation println() outputting the to-be-called function name.</div><div><br></div><div>I would like to insert a single System.out.println("<function just entered>") per function, as the first statement in the desired functions:</div><div><br></div><div>- What phase do I need intercept (e.g., 'jb', 'jtp')?<br><br></div><div>- What Soot calls need to be made to insert the trace statement as the first statement in the function?<br><div><br></div></div><div>Thanks in advance</div><div><br></div><div><br></div></div>
</blockquote></div>