More Web Proxy on the site http://driver.im/

research-article

Efficiently, effectively detecting mobile app bugs with AppDoctor

Authors:

Junfeng YangAuthors Info & Claims

EuroSys '14: Proceedings of the Ninth European Conference on Computer Systems

Article No.: 18, Pages 1 - 15

https://doi.org/10.1145/2592798.2592813

Published: 14 April 2014 Publication History

Abstract

Mobile apps bring unprecedented levels of convenience, yet they are often buggy, and their bugs offset the convenience the apps bring. A key reason for buggy apps is that they must handle a vast variety of system and user actions such as being randomly killed by the OS to save resources, but app developers, facing tough competitions, lack time to thoroughly test these actions. AppDoctor is a system for efficiently and effectively testing apps against many system and user actions, and helping developers diagnose the resultant bug reports. It quickly screens for potential bugs using approximate execution, which runs much faster than real execution and exposes bugs but may cause false positives. From the reports, AppDoctor automatically verifies most bugs and prunes most false positives, greatly saving manual inspection effort. It uses action slicing to further speed up bug diagnosis. We implement AppDoctor in Android. It operates as a cloud of physical devices or emulators to scale up testing. Evaluation on 53 out of 100 most popular apps in Google Play and 11 of the most popular open-source apps shows that, AppDoctor effectively detects 72 bugs---including two bugs in the Android framework that affect all apps---with quick checking sessions, speeds up testing by 13.3 times, and vastly reduces diagnosis effort.

References

[1]

Activity Class in Android Developers Site. http://developer.android.com/reference/android/app/Activity.html.

[2]

Android Debug Bridge in Android Developers Site. http://developer.android.com/tools/help/adb.html.

[3]

Android instrumentation framework. http://developer.android.com/reference/android/app/Instrumentation.html.

[4]

Building Blocks in Android Developers Site. http://developer.android.com/design/building-blocks/.

[5]

Google Play Hits 1 Million Apps. http://mashable.com/2013/07/24/google-play-1-million.

[6]

Robotium framework for test automation. http://www.robotium.org.

[7]

Testdroid: Automated Testing Tool for Android. http://testdroid.com.

[8]

Agrawal, H., and Horgan, J. R. Dynamic program slicing. In ACM SIGPLAN Notices (1990), vol. 25, ACM, pp. 246--256.

Digital Library

[9]

Amalfitano, D., Fasolino, A. R., Tramontana, P., De Carmine, S., and Memon, A. M. Using GUI ripping for automated testing of Android applications. In Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering (2012), pp. 258--261.

Digital Library

[10]

Anand, S., Naik, M., Harrold, M. J., and Yang, H. Automated concolic testing of smartphone apps. In Proceedings of the 20th ACM SIGSOFT International Symposium on Foundations of Software Engineering (SIGSOFT '12/FSE-20).

Digital Library

[11]

Lock Screen Security Hole Found On Some Android-Powered Samsung Galaxy Phones. http://techcrunch.com/2013/03/20/tell-me-if-youve-heard-this-one-before-lock-screen-security-flaw-found-on-samsungs-android-phones.

[12]

android-apktool. http://code.google.com/p/android-apktool/.

[13]

Burguera, I., Zurutuza, U., and Nadjm-Tehrani, S. Crowdroid: behavior-based malware detection system for Android. In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices (2011), pp. 15--26.

Digital Library

[14]

Cadar, C., Dunbar, D., and Engler, D. KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs. In Proceedings of the Eighth Symposium on Operating Systems Design and Implementation (OSDI '08) (Dec. 2008), pp. 209--224.

Digital Library

[15]

Cadar, C., Ganesh, V., Pawlowski, P. M., Dill, D. L., and Engler, D. R. EXE: automatically generating inputs of death. In Proceedings of the 13th ACM conference on Computer and communications security (CCS '06) (Oct.--Nov. 2006), pp. 322--335.

Digital Library

[16]

U.S. government, military to get secure Android phones. http://www.cnn.com/2012/02/03/tech/mobile/government-android-phones.

[17]

Egele, M., Kruegel, C., Kirda, E., and Vigna, G. PiOS: Detecting privacy leaks in iOS applications. In Proceedings of the Network and Distributed System Security Symposium (NDSS '11) (2011).

[18]

Enck, W., Gilbert, P., Chun, B.-G., Cox, L. P., Jung, J., McDaniel, P., and Sheth, A. N. TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In Proceedings of the Ninth Symposium on Operating Systems Design and Implementation (OSDI '10) (2010), pp. 1--6.

Digital Library

[19]

Ganov, S., Killmar, C., Khurshid, S., and Perry, D. E. Event listener analysis and symbolic execution for testing GUI applications. In Proceedings of the 11th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering (2009), ICFEM '09.

Digital Library

[20]

Georges, A., Christiaens, M., Ronsse, M., and De Bosschere, K. JaRec: a portable record/replay environment for multi-threaded Java applications. Softw. Pract. Exper. 34, 6 (2004), 523--547.

Digital Library

[21]

Godefroid, P. Model checking for programming languages using verisoft. In Proceedings of the 24th Annual Symposium on Principles of Programming Languages (POPL '97) (Jan. 1997), pp. 174--186.

Digital Library

[22]

Godefroid, P., Klarlund, N., and Sen, K. DART: Directed automated random testing. In Proceedings of the ACM SIGPLAN 2005 Conference on Programming Language Design and Implementation (PLDI '05) (June 2005), pp. 213--223.

Digital Library

[23]

Gomez, L., Neamtiu, I., Azim, T., and Millstein, T. RERAN: timing- and touch-sensitive record and replay for Android. In Proceedings of the 35rd International Conference on Software Engineering (ICSE '13) (2013), pp. 72--81.

Digital Library

[24]

Google Play. https://play.google.com/store.

[25]

Grace, M., Zhou, Y., Zhang, Q., Zou, S., and Jiang, X. RiskRanker: scalable and accurate zero-day Android malware detection. In Proceedings of the 10th international conference on Mobile systems, applications, and services (2012), pp. 281--294.

Digital Library

[26]

Guo, H., Wu, M., Zhou, L., Hu, G., Yang, J., and Zhang, L. Practical software model checking via dynamic interface reduction. In Proceedings of the 23rd ACM Symposium on Operating Systems Principles (SOSP '11) (Oct. 2011), pp. 265--278.

Digital Library

[27]

Guo, Z., Wang, X., Tang, J., Liu, X., Xu, Z., Wu, M., Kaashoek, M. F., and Zhang, Z. R2: An application-level kernel for record and replay. In Proceedings of the Eighth Symposium on Operating Systems Design and Implementation (OSDI '08) (Dec. 2008), pp. 193--208.

Digital Library

[28]

Hu, C., and Neamtiu, I. Automating GUI testing for Android applications. In Proceedings of the 6th International Workshop on Automation of Software Test (2011), pp. 77--83.

Digital Library

[29]

Jeon, J., Micinski, K. K., and Foster, J. S. SymDroid: Symbolic execution for Dalvik bytecode.

[30]

Jhala, R., and Majumdar, R. Path slicing. In Proceedings of the ACM SIGPLAN 2005 Conference on Programming Language Design and Implementation (PLDI '05) (June 2005), pp. 38--47.

Digital Library

[31]

Khalid, H. On identifying user complaints of iOS apps. In Proceedings of the 35rd International Conference on Software Engineering (ICSE '13) (2013), pp. 1474--1476.

Digital Library

[32]

Killian, C., Anderson, J. W., Jhala, R., and Vahdat, A. Life, death, and the critical transition: Finding liveness bugs in systems code. In Proceedings of the Fourth Symposium on Networked Systems Design and Implementation (NSDI '07) (Apr. 2007), pp. 243--256.

Digital Library

[33]

Korel, B., and Laski, J. Dynamic program slicing. Inf. Process. Lett. 29, 3 (1988), 155--163.

Digital Library

[34]

Laadan, O., Viennot, N., and Nieh, J. Transparent, lightweight application execution replay on commodity multiprocessor operating systems. In Proceedings of the ACM SIGMETRICS Conference on Measurement and Modeling of Computer Systems (SIGMETRICS '10) (June 2010), pp. 155--166.

Digital Library

[35]

Lee, K., Flinn, J., Giuli, T., Noble, B., and Peplin, C. AMC: Verifying User Interface Properties for Vehicular Applications. In Proceeding of the 11th Annual International Conference on Mobile Systems, Applications, and Services (2013), MobiSys '13.

Digital Library

[36]

Ma, X., Huang, P., Jin, X., Wang, P., Park, S., Shen, D., Zhou, Y., Saul, L. K., and Voelker, G. M. eDoctor: Automatically Diagnosing Abnormal Battery Drain Issues on Smartphones. In NSDI'13 (2013).

Digital Library

[37]

Machiry, A., Tahiliani, R., and Naik, M. Dynodroid: an input generation system for android apps. In Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering (2013), ESEC/FSE 2013, pp. 224--234.

Digital Library

[38]

Mirzaei, N., Malek, S., Păsăreanu, C. S., Esfahani, N., and Mahmood, R. Testing Android apps through symbolic execution. In The Java Pathfinder Workshop 2012 (2012), JPF 2012.

[39]

Mirzaei, N., Malek, S., Păsăreanu, C. S., Esfahani, N., and Mahmood, R. Testing Android apps through symbolic execution. SIGSOFT Softw. Eng. Notes 37, 6 (Nov. 2012).

Digital Library

[40]

monkeyrunner. http://developer.android.com/tools/help/monkeyrunner_concepts.html.

[41]

Musuvathi, M., Park, D. Y., Chou, A., Engler, D. R., and Dill, D. L. CMC: A pragmatic approach to model checking real code. In Proceedings of the Fifth Symposium on Operating Systems Design and Implementation (OSDI '02) (Dec. 2002), pp. 75--88.

Digital Library

[42]

Pathak, A., Jindal, A., Hu, Y. C., and Midkiff, S. P. What is keeping my phone awake?: characterizing and detecting no-sleep energy bugs in smartphone apps. In Proceedings of the 10th international conference on Mobile systems, applications, and services (2012), pp. 267--280.

Digital Library

[43]

Ronsse, M., and De Bosschere, K. RecPlay: a fully integrated practical record/replay system. ACM Trans. Comput. Syst. 17, 2 (1999), 133--152.

Digital Library

[44]

Simsa, J., Gibson, G., and Bryant, R. dBug: Systematic Testing of Unmodified Distributed and Multi-Threaded Systems. In The 18th International SPIN Workshop on Model Checking of Software (SPIN'11) (2011), pp. 188--193.

Digital Library

[45]

Takala, T., Katara, M., and Harty, J. Experiences of system-level model-based GUI testing of an Android application. In Proceedings of the 2011 Fourth IEEE International Conference on Software Testing, Verification and Validation (2011), ICST '11.

Digital Library

[46]

Tang, Y., Ames, P., Bhamidipati, S., Bijlani, A., Geambasu, R., and Sarda, N. CleanOS: limiting mobile data exposure with idle eviction. In Proceedings of the Tenth Symposium on Operating Systems Design and Implementation (OSDI '12) (2012), pp. 77--91.

Digital Library

[47]

UI/Application Exerciser Monkey. http://developer.android.com/tools/help/monkey.html.

[48]

Weiser, M. Program slicing. In Proceedings of the 5th International Conference on Software Engineering (ICSE '81) (Mar. 1981), pp. 439--449.

Digital Library

[49]

Wu, M., Long, F., Wang, X., Xu, Z., Lin, H., Liu, X., Guo, Z., Guo, H., Zhou, L., and Zhang, Z. Language-based replay via data flow cut. In Proceedings of the 18th ACM SIGSOFT International Symposium on Foundations of Software Engineering (SIGSOFT '10/FSE-18), pp. 197--206.

Digital Library

[50]

Yang, J., Cui, A., Stolfo, S., and Sethumadhavan, S. Concurrency attacks. In the Fourth USENIX Workshop on Hot Topics in Parallelism (HOTPAR '12) (June 2012).

Digital Library

[51]

Yang, J., Sar, C., and Engler, D. Explode: a lightweight, general system for finding serious storage system errors. In Proceedings of the Seventh Symposium on Operating Systems Design and Implementation (OSDI '06) (Nov. 2006), pp. 131--146.

Digital Library

[52]

Yang, J., Twohey, P., Engler, D., and Musuvathi, M. Using model checking to find serious file system errors. In Proceedings of the Sixth Symposium on Operating Systems Design and Implementation (OSDI '04) (Dec. 2004), pp. 273--288.

Digital Library

[53]

Yang, W., Prasad, M. R., and Xie, T. A grey-box approach for automated GUI-model generation of mobile applications. In Proceedings of the 16th international conference on Fundamental Approaches to Software Engineering (2013), FASE'13.

Digital Library

[54]

Zhang, X., and Gupta, R. Cost effective dynamic program slicing. In Proceedings of the ACM SIGPLAN 2004 Conference on Programming Language Design and Implementation (PLDI '04) (2004), pp. 94--106.

Digital Library

Cited By

Hu HWang HDong RChen XChen C(2024)Enhancing GUI Exploration Coverage of Android Apps with Deep Link-Integrated MonkeyACM Transactions on Software Engineering and Methodology10.1145/366481033:6(1-31)Online publication date: 27-Jun-2024
https://dl.acm.org/doi/10.1145/3664810
Gong LLin HLiu DYang LWang HQiu JLi ZQian F(2024)Who Should We Blame for Android App Crashes? An In-Depth Study at Scale and Practical ResolutionsACM Transactions on Sensor Networks10.1145/364989520:3(1-24)Online publication date: 13-Apr-2024
https://dl.acm.org/doi/10.1145/3649895
Salma SMansur SZhang YMoran KSpinellis DConstantinou EBacchelli A(2024)GuiEvo: Automated Evolution of Mobile App UIsProceedings of the 21st International Conference on Mining Software Repositories10.1145/3643991.3644936(335-347)Online publication date: 15-Apr-2024
https://dl.acm.org/doi/10.1145/3643991.3644936
Show More Cited By

Recommendations

An Explorative Study of the Mobile App Ecosystem from App Developers' Perspective
WWW '17: Proceedings of the 26th International Conference on World Wide Web

With the prevalence of smartphones, app markets such as Apple App Store and Google Play has become the center stage in the mobile app ecosystem, with millions of apps developed by tens of thousands of app developers in each major market. This paper ...
Learning Mobile App Development: A Hands-on Guide to Building Apps with iOS and Android
How to the Smash Next Billion Mobile App Bugs?

With users increasingly dependent on their phones, tablets, and wearables, the mobile app ecosystem is more important today than ever before. Creating and distributing apps has never been more accessible. Even single developers can now reach global ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

EuroSys '14: Proceedings of the Ninth European Conference on Computer Systems

April 2014

388 pages

ISBN:9781450327046

DOI:10.1145/2592798

General Chairs:
Dick Bultermann
CWI
,
Herbert Bos
Vrije Universiteit Amsterdam
,
Program Chairs:
Ant Rowstron
Microsoft Research Cambridge
,
Peter Druschel
MPI SWS

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGOPS: ACM Special Interest Group on Operating Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 April 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Funding Sources

Conference

EuroSys 2014

Sponsor:

SIGOPS

EuroSys 2014: Ninth Eurosys Conference 2014

April 14 - 16, 2014

Amsterdam, The Netherlands

Acceptance Rates

EuroSys '14 Paper Acceptance Rate 27 of 147 submissions, 18%;

Overall Acceptance Rate 241 of 1,308 submissions, 18%

Upcoming Conference

EuroSys '25

Sponsor:
sigops

Twentieth European Conference on Computer Systems

March 30 - April 3, 2025

Rotterdam , Netherlands

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

91
Total Citations
View Citations
636
Total Downloads

Downloads (Last 12 months)23
Downloads (Last 6 weeks)1

Reflects downloads up to 13 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hu HWang HDong RChen XChen C(2024)Enhancing GUI Exploration Coverage of Android Apps with Deep Link-Integrated MonkeyACM Transactions on Software Engineering and Methodology10.1145/366481033:6(1-31)Online publication date: 27-Jun-2024
https://dl.acm.org/doi/10.1145/3664810
Gong LLin HLiu DYang LWang HQiu JLi ZQian F(2024)Who Should We Blame for Android App Crashes? An In-Depth Study at Scale and Practical ResolutionsACM Transactions on Sensor Networks10.1145/364989520:3(1-24)Online publication date: 13-Apr-2024
https://dl.acm.org/doi/10.1145/3649895
Salma SMansur SZhang YMoran KSpinellis DConstantinou EBacchelli A(2024)GuiEvo: Automated Evolution of Mobile App UIsProceedings of the 21st International Conference on Mining Software Repositories10.1145/3643991.3644936(335-347)Online publication date: 15-Apr-2024
https://dl.acm.org/doi/10.1145/3643991.3644936
Tang XTian HKong PEzzini SLiu KXia XKlein JBissyandé T(2024)App review driven collaborative bug findingEmpirical Software Engineering10.1007/s10664-024-10489-x29:5Online publication date: 26-Jul-2024
https://doi.org/10.1007/s10664-024-10489-x
Kumar PSingh S(2024)Comparative Analysis of Malware Detection Techniques and Machine-Learning Algorithms Used for Security Testing of Android ApplicationsTrends in Mechatronics Systems10.1007/978-981-97-9108-8_9(161-176)Online publication date: 8-Dec-2024
https://doi.org/10.1007/978-981-97-9108-8_9
Feng SLu HXiong TDeng YChen CChandra SBlincoe KTonella P(2023)Towards Efficient Record and Replay: A Case Study in WeChatProceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3611643.3613880(1681-1692)Online publication date: 30-Nov-2023
https://dl.acm.org/doi/10.1145/3611643.3613880
Zhou YSong WJust RFraser G(2023)DDLDroid: A Static Analyzer for Automatically Detecting Data Loss Issues in Android ApplicationsProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3604916(1471-1474)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3604916
Zhou YSong WJust RFraser G(2023)DDLDroid: Efficiently Detecting Data Loss Issues in Android AppsProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3598089(703-714)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3598089
Norval CCloete RSingh J(2023)Navigating the Audit Landscape: A Framework for Developing Transparent and Auditable XRProceedings of the 2023 ACM Conference on Fairness, Accountability, and Transparency10.1145/3593013.3594090(1418-1431)Online publication date: 12-Jun-2023
https://dl.acm.org/doi/10.1145/3593013.3594090
Chen ZShao ZAamodt TJerger NSwift M(2023)Transparent Runtime Change Handling for Android AppsProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 310.1145/3582016.3582060(756-770)Online publication date: 25-Mar-2023
https://dl.acm.org/doi/10.1145/3582016.3582060
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents