Affiliation:
1. University of California, Riverside, Riverside, CA, USA
2. New Jersey Institute of Technology, Newark, NJ, USA
Abstract
Event-based races are the main source of concurrency errors in Android apps. Prior approaches for scalable detection of event-based races have been dynamic. Due to their dynamic nature, these approaches suffer from coverage and false negative issues. We introduce a precise and scalable
static
approach and tool, named SIERRA, for detecting Android event-based races. SIERRA is centered around a new concept of "concurrency action" (that reifies threads, events/messages, system and user actions) and statically-derived order (happens-before relation) between actions. Establishing action order is complicated in Android, and event-based systems in general, because of externally-orchestrated control flow, use of callbacks, asynchronous tasks, and ad-hoc synchronization. We introduce several novel approaches that enable us to infer order relations statically: auto-generated code models which impose order among lifecycle and GUI events; a novel context abstraction for event-driven programs named
action-sensitivity
and finally, on-demand path sensitivity via backward symbolic execution to further rule out false positives. We have evaluated SIERRA on 194 Android apps. Of these, we chose 20 apps for manual analysis and comparison with a state-of-the-art dynamic race detector. Experimental results show that SIERRA is effective and efficient, typically taking 960 seconds to analyze an app and revealing 43 potential races. Compared with the dynamic race detector, SIERRA discovered an average 29.5 true races with 3.5 false positives, where the dynamic detector only discovered 4 races (hence missing 25.5 races per app) -- this demonstrates the advantage of a precise static approach. We believe that our approach opens the way for precise analysis and static event race detection in other event-driven systems beyond Android.
Funder
Army Research Lab
National Science Foundation
Publisher
Association for Computing Machinery (ACM)
Subject
Computer Graphics and Computer-Aided Design,Software
Reference18 articles.
1. Android Developers. 2017. Activity Lifecycle. (2017). http://developer.android.com/reference/android/app/Activity.html Android Developers. 2017. Activity Lifecycle. (2017). http://developer.android.com/reference/android/app/Activity.html
2. Android Developers. 2017. App Components. (2017). https://developer.android.com/guide/components/index.html Android Developers. 2017. App Components. (2017). https://developer.android.com/guide/components/index.html
3. FlowDroid
4. Tanzirul Azim and Iulian Neamtiu. 2013. Targeted and Depth-first Exploration for Systematic Testing of Android Apps Proceedings of the 2013 ACM SIGPLAN International Conference on Object Oriented Programming Systems Languages & Applications (OOPSLA '13). ACM New York NY USA 641--660. 10.1145/2509136.2509549 Tanzirul Azim and Iulian Neamtiu. 2013. Targeted and Depth-first Exploration for Systematic Testing of Android Apps Proceedings of the 2013 ACM SIGPLAN International Conference on Object Oriented Programming Systems Languages & Applications (OOPSLA '13). ACM New York NY USA 641--660. 10.1145/2509136.2509549
5. Scalable race detection for Android applications
Cited by
3 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. NodeRT: Detecting Races in Node.js Applications Practically;Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis;2023-07-12
2. A Mitmproxy-based Dynamic Vulnerability Detection System For Android Applications;2022 18th International Conference on Mobility, Sensing and Networking (MSN);2022-12
3. A Mitmproxy-based Dynamic Vulnerability Detection System For Android Applications;2022 18th International Conference on Mobility, Sensing and Networking (MSN);2022-12