Affiliation:
1. University of Central Missouri, USA
2. University of California at Riverside, USA
3. New Jersey Institute of Technology, USA
Abstract
Smartphone apps create and handle a large variety of ``instance'' data that has to persist across runs, such as the current navigation route, workout results, antivirus settings, or game state. Due to the nature of the smartphone platform, an app can be paused, sent into background, or killed at any time. If the instance data is not saved and restored between runs, in addition to data loss, partially-saved or corrupted data can crash the app upon resume or restart. While smartphone platforms offer API support for data-saving and data-retrieving operations, the use of this API is ad-hoc: left to the programmer, rather than enforced by the compiler. We have observed that several categories of bugs---including data loss, failure to resume/restart or resuming/restarting in the wrong state---are due to incorrect handling of instance data and are easily triggered by just pressing the `Home' or `Back' buttons. To help address this problem, we have constructed a tool chain for Android (the KREfinder static analysis and the KREreproducer input generator) that helps find and reproduce such incorrect handling. We have evaluated our approach by running the static analysis on 324 apps, of which 49 were further analyzed manually. Results indicate that our approach is (i) effective, as it has discovered 49 bugs, including in popular Android apps, and (ii) efficient, completing on average in 61 seconds per app. More generally, our approach helps determine whether an app saves too much or too little state.
Publisher
Association for Computing Machinery (ACM)
Subject
Computer Graphics and Computer-Aided Design,Software
Reference45 articles.
1. Uiapplicationdelegate protocol reference March 2016. Uiapplicationdelegate protocol reference March 2016.
2. https://developer.apple.com/ library/ios/documentation/UIKit/Reference/ UIApplicationDelegate_Protocol/index.html#// apple_ref/doc/uid/TP40006786. https://developer.apple.com/ library/ios/documentation/UIKit/Reference/ UIApplicationDelegate_Protocol/index.html#// apple_ref/doc/uid/TP40006786.
3. android-apktool: A tool for reverse engineering android apk files March 2016. android-apktool: A tool for reverse engineering android apk files March 2016.
4. https://code.google.com/p/ android-apktool/. https://code.google.com/p/ android-apktool/.
5. Systematic execution of Android test suites in adverse conditions
Cited by
29 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. An ML-Based Quality Features Extraction (QFE) Framework for Android Apps;Lecture Notes in Networks and Systems;2024
2. DDLDroid: A Static Analyzer for Automatically Detecting Data Loss Issues in Android Applications;Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis;2023-07-12
3. An Empirical Study of Functional Bugs in Android Apps;Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis;2023-07-12
4. DDLDroid: Efficiently Detecting Data Loss Issues in Android Apps;Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis;2023-07-12
5. Detecting Potential User-data Save & Export Losses due to Android App Termination;2023 IEEE/ACM International Conference on Automation of Software Test (AST);2023-05