DDLDroid: Efficiently Detecting Data Loss Issues in Android Apps
Authors: 
Yuhao Zhou, Wei SongAuthors Info & Claims
Pages 703 - 714
Abstract
Data loss issues in Android apps triggered by activity restart or app relaunch significantly reduce the user experience and undermine the app quality. While data loss detection has received much attention, the state-of-the-art techniques still miss many data loss issues due to the inaccuracy of the static analysis or the low coverage of the dynamic exploration. To this end, we present DDLDroid, a static analysis approach and an open-source tool, to systematically and efficiently detect data loss issues based on the data flow analysis. DDLDroid is bootstrapped by a saving-restoring bipartite graph which correlates variables that need saving to the corresponding variables that need restoring according to their carrier widgets. The missed or broken saving or restoring data flows lead to data loss issues. The experimental evaluation on 66 Android apps demonstrates the effectiveness and efficiency of our approach: DDLDroid successfully detects 302 true data loss issues in 73 minutes, 180 of which are previously unknown.
References
[1]
Christoffer Quist Adamsen, Gianluca Mezzetti, and Anders Møller. 2015. Systematic execution of Android test suites in adverse conditions. In Proceedings of the 24th International Symposium on Software Testing and Analysis, ISSTA’15, Baltimore, MD, USA, July 12-17. ACM, 83–93. https://doi.org/10.1145/2771783.2771786
[2]
Steven Arzt, Siegfried Rasthofer, and Eric Bodden. 2017. The Soot-Based Toolchain for Analyzing Android Apps. In Proceedings of the 4th IEEE/ACM International Conference on Mobile Software Engineering and Systems, MOBILESoft@ICSE’17, Buenos Aires, Argentina, May 22-23. IEEE, 13–24. https://doi.org/10.1109/MOBILESoft.2017.2
[3]
Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick D. McDaniel. 2014. FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI’14, Edinburgh, United Kingdom, June 09 - 11. ACM, 259–269. https://doi.org/10.1145/2594291.2594299
[4]
Android Developers. 2022. The Activity Lifecycle. [Online]. Available: https://developer.android.com/guide/components/activities/activity-lifecycle
[5]
Android Developers. 2022. App widgets overview. [Online]. Available: https://developer.android.google.cn/develop/ui/views/appwidgets/overview?hl=en
[6]
Android Developers. 2022. Fragments. [Online]. Available: https://developer.android.com/reference/android/app/Fragment
[7]
Android Developers. 2022. Overview of memory management. [Online]. Available: https://developer.android.com/topic/performance/memory-overview
[8]
Android Developers. 2022. Processes and Application Lifecycle. [Online]. Available: https://developer.android.google.cn/guide/components/activities/process-lifecycle
[9]
Android Developers. 2022. Runtime-changes. [Online]. Available: https://developer.android.com/guide/topics/resources/runtime-changes
[10]
Android Developers. 2022. Save UI states. [Online]. Available: https://developer.android.com/topic/libraries/architecture/saving-states.html
[11]
Umar Farooq and Zhijia Zhao. 2018. RuntimeDroid: Restarting-Free Runtime Change Handling for Android Apps. In Proceedings of the 16th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys’18, Munich, Germany, June 10-15. ACM, 110–122. https://doi.org/10.1145/3210240.3210327
[12]
Umar Farooq, Zhijia Zhao, Manu Sridharan, and Iulian Neamtiu. 2020. LiveDroid: identifying and preserving mobile app state in volatile runtime environments. Proc. ACM Program. Lang., 4, OOPSLA (2020), 160:1–160:30. https://doi.org/10.1145/3428228
[13]
Mattia Fazzini, Qi Xin, and Alessandro Orso. 2019. Automated API-usage update for Android apps. In Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA’19, Beijing, China, July 15-19. ACM, 204–215. https://doi.org/10.1145/3293882.3330571
[14]
Wunan Guo, Zhen Dong, Liwei Shen, Wei Tian, Ting Su, and Xin Peng. 2022. Detecting and fixing data loss issues in Android apps. In Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA’22, Virtual Event, South Korea, July 18 - 22. ACM, 605–616. https://doi.org/10.1145/3533767.3534402
[15]
Yuyu He, Lei Zhang, Zhemin Yang, Yinzhi Cao, Keke Lian, Shuai Li, Wei Yang, Zhibo Zhang, Min Yang, Yuan Zhang, and Haixin Duan. 2020. TextExerciser: Feedback-driven Text Input Exercising for Android Applications. In Proceedings of the IEEE Symposium on Security and Privacy, SP’20, San Francisco, CA, USA, May 18-21. IEEE, 1071–1087. https://doi.org/10.1109/SP40000.2020.00071
[16]
Gang Hu, Xinhao Yuan, Yang Tang, and Junfeng Yang. 2014. Efficiently, effectively detecting mobile app bugs with AppDoctor. In Proceedings of the Ninth Eurosys Conference, EuroSys’14, Amsterdam, The Netherlands, April 13-16. ACM, 18:1–18:15. https://doi.org/10.1145/2592798.2592813
[17]
Niel Lebeck, Arvind Krishnamurthy, Henry M. Levy, and Irene Zhang. 2020. End the Senseless Killing: Improving Memory Management for Mobile Operating Systems. In Proceedings of the USENIX Annual Technical Conference, USENIX ATC’20, July 15-17. USENIX Association, 873–887. https://www.usenix.org/conference/atc20/presentation/lebeck
[18]
Forough Mehralian, Navid Salehnamadi, and Sam Malek. 2021. Data-driven accessibility repair revisited: on the effectiveness of generating labels for icons in Android apps. In Proceedings of the 29th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC/FSE’21, Athens, Greece, August 23-28. ACM, 107–118. https://doi.org/10.1145/3468264.3468604
[19]
Kevin Moran, Boyang Li, Carlos Bernal-Cárdenas, Dan Jelf, and Denys Poshyvanyk. 2018. Automated reporting of GUI design violations for mobile apps. In Proceedings of the 40th International Conference on Software Engineering, ICSE’18, Gothenburg, Sweden, May 27 - June 03. ACM, 165–175. https://doi.org/10.1145/3180155.3180246
[20]
Kevin Moran, Mario Linares Vásquez, Carlos Bernal-Cárdenas, Christopher Vendome, and Denys Poshyvanyk. 2016. Automatically Discovering, Reporting and Reproducing Android Application Crashes. In Proceedings of the IEEE International Conference on Software Testing, Verification and Validation, ICST’16, Chicago, IL, USA, April 11-15. IEEE Computer Society, 33–44. https://doi.org/10.1109/ICST.2016.34
[21]
Tuan Anh Nguyen and Christoph Csallner. 2015. Reverse Engineering Mobile Application User Interfaces with REMAUI (T). In Proceeding of the 30th IEEE/ACM International Conference on Automated Software Engineering, ASE’15, Lincoln, NE, USA, November 9-13. IEEE Computer Society, 248–259. https://doi.org/10.1109/ASE.2015.32
[22]
Vincenzo Riccio, Domenico Amalfitano, and Anna Rita Fasolino. 2018. Is this the lifecycle we really want?: an automated black-box testing approach for Android activities. In Proceedings of the Companion Proceedings for the ISSTA/ECOOP Workshops, ISSTA’18, Amsterdam, Netherlands, July 16-21. ACM, 68–77. https://doi.org/10.1145/3236454.3236490
[23]
Oliviero Riganelli, Daniela Micucci, and Leonardo Mariani. 2016. Healing Data Loss Problems in Android Apps. In Proceedings of the IEEE International Symposium on Software Reliability Engineering Workshops, ISSRE Workshops’16, Ottawa, ON, Canada, October 23-27. IEEE Computer Society, 146–152. https://doi.org/10.1109/ISSREW.2016.50
[24]
Oliviero Riganelli, Simone Paolo Mottadelli, Claudio Rota, Daniela Micucci, and Leonardo Mariani. 2020. Data loss detector: automatically revealing data loss bugs in Android apps. In Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA’20, Virtual Event, USA, July 18-22. ACM, 141–152. https://doi.org/10.1145/3395363.3397379
[25]
Rovo89. 2022. Xposed Module Repository. [Online]. Available: https://repo.xposed.info/
[26]
Zhiyong Shan, Tanzirul Azim, and Iulian Neamtiu. 2016. Finding resume and restart errors in Android applications. In Proceedings of the ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA’16, part of SPLASH, Amsterdam, The Netherlands, October 30 - November 4. ACM, 864–880. https://doi.org/10.1145/2983990.2984011
[27]
Wei Song, Jing Zhang, and Jeff Huang. 2019. ServDroid: detecting service usage inefficiencies in Android applications. In Proceedings of the ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC/SIGSOFT FSE’19, Tallinn, Estonia, August 26-30. ACM, 362–373. https://doi.org/10.1145/3338906.3338950
[28]
Ting Su, Yichen Yan, Jue Wang, Jingling Sun, Yiheng Xiong, Geguang Pu, Ke Wang, and Zhendong Su. 2021. Fully automated functional fuzzing of Android apps for detecting non-crashing logic bugs. Proc. ACM Program. Lang., 5, OOPSLA (2021), 1–31. https://doi.org/10.1145/3485533
[29]
Jingling Sun, Ting Su, Junxin Li, Zhen Dong, Geguang Pu, Tao Xie, and Zhendong Su. 2021. Understanding and finding system setting-related defects in Android apps. In Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA’21, Virtual Event, Denmark, July 11-17. ACM, 204–215. https://doi.org/10.1145/3460319.3464806
[30]
Shin Hwei Tan, Zhen Dong, Xiang Gao, and Abhik Roychoudhury. 2018. Repairing crashes in Android apps. In Proceedings of the 40th International Conference on Software Engineering, ICSE’18, Gothenburg, Sweden, May 27 - June 03. ACM, 187–198. https://doi.org/10.1145/3180155.3180243
[31]
Jue Wang, Yanyan Jiang, Ting Su, Shaohua Li, Chang Xu, Jian Lu, and Zhendong Su. 2022. Detecting non-crashing functional bugs in Android apps via deep-state differential analysis. In Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC/FSE’22, Singapore, Singapore, November 14-18. ACM, 434–446. https://doi.org/10.1145/3540250.3549170
[32]
Ryszard Wiśniewski and Connor Tumbleson. 2020. Apktool. [Online]. Available: https://ibotpeaches.github.io/Apktool/
[33]
Razieh Nokhbeh Zaeem, Mukul R. Prasad, and Sarfraz Khurshid. 2014. Automated Generation of Oracles for Testing User-Interaction Features of Mobile Apps. In Proceedings of the Seventh IEEE International Conference on Software Testing, Verification and Validation, ICST’14, Cleveland, Ohio, USA, March 31-April 4. IEEE Computer Society, 183–192. https://doi.org/10.1109/ICST.2014.31
[34]
Zhen Zhang, Yu Feng, Michael D. Ernst, Sebastian Porst, and Isil Dillig. 2021. Checking conformance of applications against GUI policies. In Proceeding of the 29th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC/FSE’21, Athens, Greece, August 23-28. ACM, 95–106. https://doi.org/10.1145/3468264.3468561
[35]
Yanjie Zhao, Li Li, Kui Liu, and John C. Grundy. 2022. Towards Automatically Repairing Compatibility Issues in Published Android Apps. In Proceedings of the 44th IEEE/ACM 44th International Conference on Software Engineering, ICSE’22, Pittsburgh, PA, USA, May 25-27. ACM, 2142–2153. https://doi.org/10.1145/3510003.3510128
Index Terms
- DDLDroid: Efficiently Detecting Data Loss Issues in Android Apps
Recommendations
DDLDroid: A Static Analyzer for Automatically Detecting Data Loss Issues in Android Applications
ISSTA 2023: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and AnalysisDDLDroid is a static analyzer for detecting data loss issues in Android apps during activity restart or app relaunch. It is bootstrapped by a saving-restoring bipartite graph which correlates variables that need saving to those that need restoring ...
Detecting and fixing data loss issues in Android apps
ISSTA 2022: Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and AnalysisAndroid apps are event-driven, and their execution is often interrupted by external events. This interruption can cause data loss issues that annoy users. For instance, when the screen is rotated, the current app page will be destroyed and recreated. If ...
A benchmark of data loss bugs for Android apps
MSR '19: Proceedings of the 16th International Conference on Mining Software RepositoriesAndroid apps must be able to deal with both stop events, which require immediately stopping the execution of the app without losing state information, and start events, which require resuming the execution of the app at the same point it was stopped. ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
July 2023
1554 pages
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 13 July 2023
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
ISSTA '23
Sponsor:
ISSTA '23: 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis
July 17 - 21, 2023
WA, Seattle, USA
Acceptance Rates
Overall Acceptance Rate 58 of 213 submissions, 27%
Upcoming Conference
ISSTA '25
- Sponsor:
- sigsoft
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 161Total Downloads
- Downloads (Last 12 months)68
- Downloads (Last 6 weeks)3
Reflects downloads up to 01 Jan 2025
Other Metrics
Citations
Cited By
View allView Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in