[Soot-list] -allow-phantom-refs necessary for Android decompilation

[Gregor Beatson]

I've just been trying to get Soot set up in a simple program to take in an
Android APK and decompile it. I started off by following this tutorial:
https://github.com/Sable/soot/wiki/Instrumenting-Android-Apps-with-Soot

To get it working however, I had to use the -allow-phantom-refs flag --
otherwise I'd always receive things like:
"soot.SootResolver$SootClassNotFoundException: couldn't find class:
android.app.ActivityThread (is your soot-class-path set properly?)"
(The actual class not found varies depending on the APK)

I've tried going through the source code for FlowDroid and a couple of
other static analysis tools to see if they use this flag too, and found a
lot of "Options.v().set_allow_phantom_refs(true);", but since it defaults
to false, perhaps there are a lot of occasions when it doesn't use this
flag.

My question is, in the context of APK static analysis, is it
recommended/required to use this flag? From my understanding, these class
references are coming from the APK code itself, so perhaps it really isn't
necessary to go to the extra effort of including these in my
soot-class-path? Any help would be greatly appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.CS.McGill.CA/pipermail/soot-list/attachments/20181102/39853f82/attachment.html>