IllegalArgumentException in ObjectInputStream.readObject

Question

I have an android application which is showing strange behavior. I have a method which deserializes object from file. Below is the code I'm using:

public static Object readData(Context context, String fileName)
    {
        synchronized (context) {
            ObjectInputStream input = null;
            Object object = null;
            if (fileExists(context, fileName)) {
                try {
                    input = new ObjectInputStream(context.openFileInput(fileName));
                    object = input.readObject();
                    Log.v(Constant.TAG, "Writable object has been loaded from file "+fileName);
                } catch (IOException e) {
                    Log.e(Constant.TAG, e.getMessage(), e);
                } catch (ClassNotFoundException e) {
                    Log.e(Constant.TAG, e.getMessage(), e);
                } finally {
                    try {
                        if (input != null)
                            input.close();
                    } catch (IOException e) {
                        Log.e(Constant.TAG, e.getMessage(), e);
                    }
                }
            }
            return object;
        }
    }

Normally it works well, but when someone minimize my application and after sometime reopens, it crashes. From crash report I found that it's throwing IllegalArgumentException in below line from above code

object = input.readObject();

I gone through the documentation of ObjectInputStream.readObject but it doesn't state circumstances under which it can throw IllegalArgumentException.

It is only happening when user is bringing app from background. It works perfectly well when app starts (by start I mean when app was not running, not even in background).

PS: there are some crash reports which show ClassCastException on the same line, which is even stranger as I'm not casting, only reading into an Object.

Update

Stack trace

java.lang.RuntimeException: 
  at android.app.ActivityThread.performLaunchActivity (ActivityThread.java:2423)
  at android.app.ActivityThread.handleLaunchActivity (ActivityThread.java:2483)
  at android.app.ActivityThread.access$900 (ActivityThread.java:153)
  at android.app.ActivityThread$H.handleMessage (ActivityThread.java:1349)
  at android.os.Handler.dispatchMessage (Handler.java:102)
  at android.os.Looper.loop (Looper.java:148)
  at android.app.ActivityThread.main (ActivityThread.java:5441)
  at java.lang.reflect.Method.invoke (Native Method)
  at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run (ZygoteInit.java:738)
  at com.android.internal.os.ZygoteInit.main (ZygoteInit.java:628)
Caused by: java.lang.IllegalArgumentException: 
  at java.lang.reflect.Field.set (Native Method)
  at java.io.ObjectInputStream.readFieldValues (ObjectInputStream.java:1127)
  at java.io.ObjectInputStream.defaultReadObject (ObjectInputStream.java:454)
  at java.io.ObjectInputStream.readObjectForClass (ObjectInputStream.java:1345)
  at java.io.ObjectInputStream.readHierarchy (ObjectInputStream.java:1242)
  at java.io.ObjectInputStream.readNewObject (ObjectInputStream.java:1835)
  at java.io.ObjectInputStream.readNonPrimitiveContent (ObjectInputStream.java:761)
  at java.io.ObjectInputStream.readObject (ObjectInputStream.java:1983)
  at java.io.ObjectInputStream.readObject (ObjectInputStream.java:1940)
  at com.pixyfisocial.pixyfi.util.IOUtil.readData (IOUtil.java:245)
  at com.pixyfisocial.Login.getLoggedInUserInfoFromCache (Login.java:313)
  at com.pixyfisocial.Login.startApp (Login.java:124)
  at com.pixyfisocial.Login.onCreate (Login.java:98)
  at android.app.Activity.performCreate (Activity.java:6303)
  at android.app.Instrumentation.callActivityOnCreate (Instrumentation.java:1108)
  at android.app.ActivityThread.performLaunchActivity (ActivityThread.java:2376)

Answer 1

A cursory examination of the sourcecode indicates that IllegalArgumentException is typically thrown in ObjectInputStream when there is a mismatch between the serialized object representation and what the reading class is expecting. For example, you may have incompatible custom readObject and writeObject methods. Or you may have made a binary-incompatible¹ change to the object representation without changing hard-coded serialVersionUID numbers or implementing custom methods to deal with this².

There will be more clues in your stacktraces ... and in the source code of ObjectInputStream.

The ClassCastExceptions could be another manifestation of this.

---

^{1 - Changes leading to semantic incompatibility are a different matter. They won't lead to an IllegalArgumentException, but you should do something about them anyway.}

^{2 - If you want to cope with incompatibilities, then you probably don't want to change the serialVerionUID. If you do, then you will need to do "clever things" with classloading and multiple versions of the class. But the flip-side is that if your code needs to cope with multiple representations that have the same serialVersionUID, the representation version must be deducible from the representation itself. This requires planning.}

---

FOLLOW-UP

I took your stacktrace and tried to match it against the Android source code available at https://android.googlesource.com

The line numbers don't match exactly, but I thinkthe problem is happening in the method below. Specifically the line I have labeled "HERE". According to the javadoc for Field.set:

1. If the specified object argument is not an instance of the class or interface declaring the underlying field, the method throws an IllegalArgumentException.

2. If the underlying field is of a primitive type, an unwrapping conversion is attempted to convert the new value to a value of a primitive type. If this attempt fails, the method throws an IllegalArgumentException.

3. If, after possible unwrapping, the new value cannot be converted to the type of the underlying field by an identity or widening conversion, the method throws an IllegalArgumentException.

One of these three things is happening. It is not possible to say which one ... unless you provide a full working MCVE (that someone can run on an Android emulator!) ... but the indications point to you having (somehow) broken the serialization compatibility rules.

Note, since the line numbers didn't match, I cannot say with certainty that the Android you are using matches this following. If you want to be sure, you need to search the history in the GIT repo to find a matching version .... or look in the vendor specific source code bundle / repo for your device.

/**
 * Reads a collection of field values for the class descriptor
 * {@code classDesc} (an {@code ObjectStreamClass}). The
 * values will be used to set instance fields in object {@code obj}.
 * This is the default mechanism, when emulated fields (an
 * {@code GetField}) are not used. Actual values to load are stored
 * directly into the object {@code obj}.
 *
 * @param obj
 *            Instance in which the fields will be set.
 * @param classDesc
 *            A class descriptor (an {@code ObjectStreamClass})
 *            defining which fields should be loaded.
 *
 * @throws IOException
 *             If an IO exception happened when reading the field values.
 * @throws InvalidClassException
 *             If an incompatible type is being assigned to an emulated
 *             field.
 * @throws OptionalDataException
 *             If optional data could not be found when reading the
 *             exception graph
 * @throws ClassNotFoundException
 *             If a class of an object being de-serialized can not be found
 *
 * @see #readFields
 * @see #readObject()
 */
private void readFieldValues(Object obj, ObjectStreamClass classDesc) throws OptionalDataException, ClassNotFoundException, IOException {
    // Now we must read all fields and assign them to the receiver
    ObjectStreamField[] fields = classDesc.getLoadFields();
    fields = (fields == null) ? ObjectStreamClass.NO_FIELDS : fields;
    Class<?> declaringClass = classDesc.forClass();
    if (declaringClass == null && mustResolve) {
        throw new ClassNotFoundException(classDesc.getName());
    }
    for (ObjectStreamField fieldDesc : fields) {
        Field field = classDesc.getReflectionField(fieldDesc);
        if (field != null && Modifier.isTransient(field.getModifiers())) {
            field = null; // No setting transient fields! (http://b/4471249)
        }
        // We may not have been able to find the field, or it may be transient, but we still
        // need to read the value and do the other checking...
        try {
            Class<?> type = fieldDesc.getTypeInternal();
            if (type == byte.class) {
                byte b = input.readByte();
                if (field != null) {
                    field.setByte(obj, b);
                }
            } else if (type == char.class) {
                char c = input.readChar();
                if (field != null) {
                    field.setChar(obj, c);
                }
            } else if (type == double.class) {
                double d = input.readDouble();
                if (field != null) {
                    field.setDouble(obj, d);
                }
            } else if (type == float.class) {
                float f = input.readFloat();
                if (field != null) {
                    field.setFloat(obj, f);
                }
            } else if (type == int.class) {
                int i = input.readInt();
                if (field != null) {
                    field.setInt(obj, i);
                }
            } else if (type == long.class) {
                long j = input.readLong();
                if (field != null) {
                    field.setLong(obj, j);
                }
            } else if (type == short.class) {
                short s = input.readShort();
                if (field != null) {
                    field.setShort(obj, s);
                }
            } else if (type == boolean.class) {
                boolean z = input.readBoolean();
                if (field != null) {
                    field.setBoolean(obj, z);
                }
            } else {
                Object toSet = fieldDesc.isUnshared() ? readUnshared() : readObject();
                if (toSet != null) {
                    // Get the field type from the local field rather than
                    // from the stream's supplied data. That's the field
                    // we'll be setting, so that's the one that needs to be
                    // validated.
                    String fieldName = fieldDesc.getName();
                    ObjectStreamField localFieldDesc = classDesc.getField(fieldName);
                    Class<?> fieldType = localFieldDesc.getTypeInternal();
                    Class<?> valueType = toSet.getClass();
                    if (!fieldType.isAssignableFrom(valueType)) {
                        throw new ClassCastException(classDesc.getName() + "." + fieldName + " - " + fieldType + " not compatible with " + valueType);
                    }
                    if (field != null) {
                        field.set(obj, toSet);  // <<< --- HERE
                    }
                }
            }
        } catch (IllegalAccessException iae) {
            // ObjectStreamField should have called setAccessible(true).
            throw new AssertionError(iae);
        } catch (NoSuchFieldError ignored) {
        }
    }
}