DOCSLIB.ORG

Program Analyses for Understanding the Behavior and Performance of Traditional and Mobile Object-Oriented Software

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Program Analyses for Understanding the Behavior and Performance of Traditional and Mobile Object-Oriented Software Dissertation Presented in Partial Fulfillment of the Requirements for the Degree Doctor of Philosophy in the Graduate School of The Ohio State University By Dacong Yan Graduate Program in Computer Science and Engineering The Ohio State University 2014 Dissertation Committee: Atanas Rountev, Advisor Feng Qin Michael D. Bond ABSTRACT The computing industry has experienced fast and sustained growth in the com- plexity of software functionality, structure, and behavior. Increased complexity has led to new challenges in program analyses to understand software behavior, and in particular to uncover performance inefficiencies. Performance inefficiencies can have significant impact on software quality. When an application spends a substantial amount of time performing redundant work, software performance and user experi- ence can deteriorate. Some inefficiencies can use up certain types of resources and lead to program crashes. In general, performance inefficiency is an important and challenging problem for modern software systems. It is also a shared problem for traditional and mobile object-oriented software. Static and dynamic analyses need to keep up with this trend, and this often requires novel technical approaches. One important symptom of performance inefficiencies is run-time bloat: exces- sive memory usage and work to accomplish simple tasks. Bloat significantly affects scalability and performance, and exposing it requires good diagnostic tools. As the first contribution of this dissertation, we present a novel analysis that profiles the run-time execution to help programmers uncover potential performance problems. The key idea of the proposed approach is to track object references, starting from object creation statements, through assignment statements, and eventually ending at statements that perform useful operations. An abstract view of reference propagation ii is provided with path information specific to reference producers and their run-time contexts. Several client analyses demonstrate the use of this abstract view to uncover run-time inefficiencies. Memory leaks, both for traditional and for mobile object-oriented software, present a significant problem for software quality. Static memory leak detection is challenging because it is extremely difficult to statically compute precise object liveness for large- scale applications. We bypass this difficulty by leveraging a common leak pattern. In many cases, severe leaks occur in loops where, in each iteration, some objects created by the iteration are unnecessarily referenced by objects external to the loop. These unnecessary references are never used in later loop iterations. Based on this insight, we shift our focus from computing liveness, which is very difficult to achieve precisely and efficiently for large programs, to the easier goal of identifying objects that flow out of a loop but never flow back in. We formalize this analysis using a type and effect system and present its key properties. This technique was applied on eight real-world programs, such as Eclipse, Derby, and log4j. It not only identified known leaks, but also discovered new ones whose causes were unknown beforehand, while exhibiting a false positive rate suitable for practical use. In addition to static analysis, performance testing is an effective approach to dis- cover memory leaks. For example, sustained growth in memory usage during test execution can indicate potential memory leaks. However, performance testing to ex- pose leaks for arbitrary software is very difficult, because, similar to other dynamic approaches, it also requires specific leak-triggering program inputs. As the third con- tribution of this dissertation, we introduce LeakDroid, a novel and comprehensive approach for systematic testing of resource leaks in Android applications. At the core iii of the proposed testing approach is model-based test generation that focuses specif- ically on coverage criteria aimed at resource leak defects. These criteria are based on the novel notion of neutral cycles: sequences of GUI events that should have a \neutral" effect and should not lead to increases in resource usage. Several important categories of neutral cycles are considered in the proposed test coverage criteria. As demonstrated by experimental evaluation and case studies on eight Android applica- tions, the proposed approach is very effective in exposing resource leaks. Model-based test generation such as LeakDroid depends critically on GUI models, which describe accessible GUI objects and corresponding user actions. GUI models ultimately determine the possible flow of control and data in GUI-driven applications. The ability to understand Android GUIs is critical for the reasoning of the semantics of an Android application. We introduce the first static analysis to model GUI-related Android objects, their flow through the application, and their interactions with each other via the abstractions defined by the Android platform. We first develop a formal semantics for the relevant Android constructs to provide a solid foundation for this and other analyses. Based on the semantics, we define a constraint-based reference analysis. The analysis employs a constraint graph to model the flow of GUI objects, the hierarchical structure of these objects, and the effects of relevant Android opera- tions. Experimental evaluation on real-world Android applications strongly suggests that the analysis achieves high precision with low cost. The analysis enables static modeling of control/data flow that is foundational for compiler analyses, instrumen- tation for event/interaction profiling, static error checking, security analysis, test generation, and automated debugging. It provides a key component to be used by static analysis researchers in the growing area of Android software. iv GUI applications are usually organized as a series of GUI windows containing structures of GUI widgets. User interaction with these windows (e.g., navigating from one to another and then going back) drives the control flow of the application. In Android, an activity plays the role of a GUI window, and transitions between ac- tivities are managed with the help of an activity stack. To understand this additional aspect of Android semantics, we introduce the first static analysis to model the An- droid activity stack, the changes in this stack, and the related interactions between activities. The analysis is an important step toward fully modeling the control/data flow of an Android application. It can be leveraged by other researchers to prune infeasible control flow paths in static analysis for Android, or to discover more paths that would be missing without modeling of the activity stack. In conclusion, this dissertation presents several dynamic and static program anal- ysis techniques to understand the behavior of object-oriented software systems, to uncover potential performance inefficiencies in them, and to locate the root causes of these problems. The programs studied by these techniques are all written in Java, but we believe the proposed techniques are general enough to also be applied to sys- tems written in other object-oriented languages. With these techniques, we advocate the insight that a carefully-selected subset of high-level behavioral patterns and pro- gram semantics must be leveraged in order to perform practical program analyses for modern software. v To my parents vi ACKNOWLEDGMENTS I would like to thank my advisor Nasko Rountev for his support, patience and guidance throughout the duration of my Ph.D. study. He has always been ready to help, and has devoted enormous amount of time and effort in training me to become a computer science researcher. I would also like to thank members of the PRESTO group for all the discussions and collaborations. I especially want to thank Harry Xu, who has given me a lot of useful advice and insightful comments. I thank Prof. Feng Qin and Prof. Michael D. Bond for serving on my dissertation committee. I am grateful to Wei Huang and Yi Zhao for their mentoring during my internship at Google, which helped me become a better programmer. Finally, I would like to thank my parents for their unconditional support. The material presented in this dissertation is based upon work supported by the U.S. National Science Foundation under CAREER grant CCF-0546040 and grants CCF-1017204 and CCF-1319695, by an IBM Software Quality Innovation Faculty Award, and by a Google Faculty Research Award. Any opinions, findings, and con- clusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation. vii VITA September 2009 { August 2014 . Graduate Teaching/Research Asso- ciate, The Ohio State University May 2013 . .M.S. Computer Science, The Ohio State University June 2009 . B.Eng. Software Engineering, Shang- hai Jiao Tong University PUBLICATIONS Research Publications Atanas Rountev and Dacong Yan. Static Reference Analysis for GUI Objects in Android Software. In International Symposium on Code Generation and Optimization (CGO'14), pages 143-153, February 2014. Dacong Yan, Guoqing Xu, Shengqian Yang, and Atanas Rountev. LeakChecker: Practical Static Memory Leak Detection for Managed Languages. In International Symposium on Code Generation and Optimization (CGO'14), pages 87-97, February 2014. Dacong Yan, Shengqian Yang, and Atanas Rountev. Systematic Testing for Resource Leaks in
Recommended publications
  • Android (Operating System) 1 Android (Operating System)

    Android (Operating System) 1 Android (Operating System)

    Android (operating system) 1 Android (operating system) Android Home screen displayed by Samsung Nexus S with Google running Android 2.3 "Gingerbread" Company / developer Google Inc., Open Handset Alliance [1] Programmed in C (core), C++ (some third-party libraries), Java (UI) Working state Current [2] Source model Free and open source software (3.0 is currently in closed development) Initial release 21 October 2008 Latest stable release Tablets: [3] 3.0.1 (Honeycomb) Phones: [3] 2.3.3 (Gingerbread) / 24 February 2011 [4] Supported platforms ARM, MIPS, Power, x86 Kernel type Monolithic, modified Linux kernel Default user interface Graphical [5] License Apache 2.0, Linux kernel patches are under GPL v2 Official website [www.android.com www.android.com] Android is a software stack for mobile devices that includes an operating system, middleware and key applications.[6] [7] Google Inc. purchased the initial developer of the software, Android Inc., in 2005.[8] Android's mobile operating system is based on a modified version of the Linux kernel. Google and other members of the Open Handset Alliance collaborated on Android's development and release.[9] [10] The Android Open Source Project (AOSP) is tasked with the maintenance and further development of Android.[11] The Android operating system is the world's best-selling Smartphone platform.[12] [13] Android has a large community of developers writing applications ("apps") that extend the functionality of the devices. There are currently over 150,000 apps available for Android.[14] [15] Android Market is the online app store run by Google, though apps can also be downloaded from third-party sites.
  • Android Operating System

    Android Operating System

    Software Engineering ISSN: 2229-4007 & ISSN: 2229-4015, Volume 3, Issue 1, 2012, pp.-10-13. Available online at http://www.bioinfo.in/contents.php?id=76 ANDROID OPERATING SYSTEM NIMODIA C. AND DESHMUKH H.R. Babasaheb Naik College of Engineering, Pusad, MS, India. *Corresponding Author: Email- [email protected], [email protected] Received: February 21, 2012; Accepted: March 15, 2012 Abstract- Android is a software stack for mobile devices that includes an operating system, middleware and key applications. Android, an open source mobile device platform based on the Linux operating system. It has application Framework,enhanced graphics, integrated web browser, relational database, media support, LibWebCore web browser, wide variety of connectivity and much more applications. Android relies on Linux version 2.6 for core system services such as security, memory management, process management, network stack, and driver model. Architecture of Android consist of Applications. Linux kernel, libraries, application framework, Android Runtime. All applications are written using the Java programming language. Android mobile phone platform is going to be more secure than Apple’s iPhone or any other device in the long run. Keywords- 3G, Dalvik Virtual Machine, EGPRS, LiMo, Open Handset Alliance, SQLite, WCDMA/HSUPA Citation: Nimodia C. and Deshmukh H.R. (2012) Android Operating System. Software Engineering, ISSN: 2229-4007 & ISSN: 2229-4015, Volume 3, Issue 1, pp.-10-13. Copyright: Copyright©2012 Nimodia C. and Deshmukh H.R. This is an open-access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
  • Bypassing Portability Pitfalls of High-Level Low-Level Programming

    Bypassing Portability Pitfalls of High-Level Low-Level Programming

    Bypassing Portability Pitfalls of High-level Low-level Programming Yi Lin, Stephen M. Blackburn Australian National University [email protected], [email protected] Abstract memory-safety, encapsulation, and strong abstraction over hard- Program portability is an important software engineering consider- ware [12], which are desirable goals for system programming as ation. However, when high-level languages are extended to effec- well. Thus, high-level languages are potential candidates for sys- tively implement system projects for software engineering gain and tem programming. safety, portability is compromised—high-level code for low-level Prior research has focused on the feasibility and performance of programming cannot execute on a stock runtime, and, conversely, applying high-level languages to system programming [1, 7, 10, a runtime with special support implemented will not be portable 15, 16, 21, 22, 26–28]. The results showed that, with proper ex- across different platforms. tension and restriction, high-level languages are able to undertake We explore the portability pitfall of high-level low-level pro- the task of low-level programming, while preserving type-safety, gramming in the context of virtual machine implementation tasks. memory-safety, encapsulation and abstraction. Notwithstanding the Our approach is designing a restricted high-level language called cost for dynamic compilation and garbage collection, the perfor- RJava, with a flexible restriction model and effective low-level ex- mance of high-level languages when used to implement a virtual tensions, which is suitable for different scopes of virtual machine machine is still competitive with using a low-level language [2]. implementation, and also suitable for a low-level language bypass Using high-level languages to architect large systems is bene- for improved portability.
  • History and Evolution of the Android OS

    History and Evolution of the Android OS

    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by Springer - Publisher Connector CHAPTER 1 History and Evolution of the Android OS I’m going to destroy Android, because it’s a stolen product. I’m willing to go thermonuclear war on this. —Steve Jobs, Apple Inc. Android, Inc. started with a clear mission by its creators. According to Andy Rubin, one of Android’s founders, Android Inc. was to develop “smarter mobile devices that are more aware of its owner’s location and preferences.” Rubin further stated, “If people are smart, that information starts getting aggregated into consumer products.” The year was 2003 and the location was Palo Alto, California. This was the year Android was born. While Android, Inc. started operations secretly, today the entire world knows about Android. It is no secret that Android is an operating system (OS) for modern day smartphones, tablets, and soon-to-be laptops, but what exactly does that mean? What did Android used to look like? How has it gotten where it is today? All of these questions and more will be answered in this brief chapter. Origins Android first appeared on the technology radar in 2005 when Google, the multibillion- dollar technology company, purchased Android, Inc. At the time, not much was known about Android and what Google intended on doing with it. Information was sparse until 2007, when Google announced the world’s first truly open platform for mobile devices. The First Distribution of Android On November 5, 2007, a press release from the Open Handset Alliance set the stage for the future of the Android platform.
  • Here I Led Subcommittee Reports Related to Data-Intensive Science and Post-Moore Computing) and in CRA’S Board of Directors Since 2015

    Here I Led Subcommittee Reports Related to Data-Intensive Science and Post-Moore Computing) and in CRA’S Board of Directors Since 2015

    Vivek Sarkar Curriculum Vitae Contents 1 Summary 2 2 Education 3 3 Professional Experience 3 3.1 2017-present: College of Computing, Georgia Institute of Technology . 3 3.2 2007-present: Department of Computer Science, Rice University . 5 3.3 1987-2007: International Business Machines Corporation . 7 4 Professional Awards 11 5 Research Awards 12 6 Industry Gifts 15 7 Graduate Student and Other Mentoring 17 8 Professional Service 19 8.1 Conference Committees . 20 8.2 Advisory/Award/Review/Steering Committees . 25 9 Keynote Talks, Invited Talks, Panels (Selected) 27 10 Teaching 33 11 Publications 37 11.1 Refereed Conference and Journal Publications . 37 11.2 Refereed Workshop Publications . 51 11.3 Books, Book Chapters, and Edited Volumes . 58 12 Patents 58 13 Software Artifacts (Selected) 59 14 Personal Information 60 Page 1 of 60 01/06/2020 1 Summary Over thirty years of sustained contributions to programming models, compilers and runtime systems for high performance computing, which include: 1) Leading the development of ASTI during 1991{1996, IBM's first product compiler component for optimizing locality, parallelism, and the (then) new FORTRAN 90 high-productivity array language (ASTI has continued to ship as part of IBM's XL Fortran product compilers since 1996, and was also used as the foundation for IBM's High Performance Fortran compiler product); 2) Leading the research and development of the open source Jikes Research Virtual Machine at IBM during 1998{2001, a first-of-a-kind Java Virtual Machine (JVM) and dynamic compiler implemented
  • Tutorial: Setup for Android Development

    Tutorial: Setup for Android Development

    Tutorial: Setup for Android Development Adam C. Champion, Ph.D. CSE 5236: Mobile Application Development Autumn 2019 Based on material from C. Horstmann [1], J. Bloch [2], C. Collins et al. [4], M.L. Sichitiu (NCSU), V. Janjic (Imperial College London), CSE 2221 (OSU), and other sources 1 Outline • Getting Started • Android Programming 2 Getting Started (1) • Need to install Java Development Kit (JDK) (not Java Runtime Environment (JRE)) to write Android programs • Download JDK for your OS: https://adoptopenjdk.net/ * • Alternatively, for OS X, Linux: – OS X: Install Homebrew (http://brew.sh) via Terminal, – Linux: • Debian/Ubuntu: sudo apt install openjdk-8-jdk • Fedora/CentOS: yum install java-1.8.0-openjdk-devel * Why OpenJDK 8? Oracle changed Java licensing (commercial use costs $$$); Android SDK tools require version 8. 3 Getting Started (2) • After installing JDK, download Android SDK from http://developer.android.com • Simplest: download and install Android Studio bundle (including Android SDK) for your OS • Alternative: brew cask install android- studio (Mac/Homebrew) • We’ll use Android Studio with SDK included (easiest) 4 Install! 5 Getting Started (3) • Install Android Studio directly (Windows, Mac); unzip to directory android-studio, then run ./android-studio/bin/studio64.sh (Linux) 6 Getting Started (4) • Strongly recommend testing Android Studio menu → Preferences… or with real Android device File → Settings… – Android emulator: slow – Faster emulator: Genymotion [14], [15] – Install USB drivers for your Android device! • Bring up Android SDK Manager – Install Android 5.x–8.x APIs, Google support repository, Google Play services – Don’t worry about non-x86 Now you’re ready for Android development! system images 7 Outline • Getting Started • Android Programming 8 Introduction to Android • Popular mobile device Mobile OS Market Share OS: 73% of worldwide Worldwide (Jul.
  • Techniques for Real-System Characterization of Java Virtual Machine Energy and Power Behavior Gilberto Contreras Margaret Martonosi

    Techniques for Real-System Characterization of Java Virtual Machine Energy and Power Behavior Gilberto Contreras Margaret Martonosi

    Techniques for Real-System Characterization of Java Virtual Machine Energy and Power Behavior Gilberto Contreras Margaret Martonosi Department of Electrical Engineering Princeton University 1 Why Study Power in Java Systems? The Java platform has been adopted in a wide variety of devices Java servers demand performance, embedded devices require low-power Performance is important, power/energy/thermal issues are equally important How do we study and characterize these requirements in a multi-layer platform? 2 Power/Performance Design Issues Java Application Java Virtual Machine Operating System Hardware 3 Power/Performance Design Issues Java Application Garbage Class Runtime Execution Collection LoaderJava VirtualCompiler MachineEngine Operating System Hardware How do the various software layers affect power/performance characteristics of hardware? Where should time be invested when designing power and/or thermally aware Java virtual Machines? 4 Outline Approaches for Energy/Performance Characterization of Java virtual machines Methodology Breaking the JVM into sub-components Hardware-based power/performance characterization of JVM sub-components Results Jikes & Kaffe on Pentium M Kaffe on Intel XScale Conclusions 5 Power & Performance Analysis of Java Simulation Approach √ Flexible: easy to model non-existent hardware x Simulators may lack comprehensiveness and accuracy x Thermal studies require tens of seconds granularity Accurate simulators are too slow Hardware Approach √ Able to capture full-system characteristics
  • Fedora Core, Java™ and You

    Fedora Core, Java™ and You

    Fedora Core, Java™ and You Gary Benson Software Engineer What is Java? The word ªJavaº is used to describe three things: The Java programming language The Java virtual machine The Java platform To support Java applications Fedora needs all three. What Fedora uses: GCJ and ECJ GCJ is the core of Fedora©s Java support: GCJ includes gcj, a compiler for the Java programming language. GCJ also has a runtime and class library, collectively called libgcj. The class library is separately known as GNU Classpath. ECJ is the Eclipse Compiler for Java: GCJ©s compiler gcj is not used for ªtraditionalº Java compilation. More on that later... Why libgcj? There are many free Java Virtual machines: Cacao, IKVM, JamVM, Jikes RVM, Kaffe, libgcj, Sable VM, ... There are two main reasons Fedora uses libgcj: Availability on many platforms. Ability to use precompiled native code. GNU Classpath Free core class library for Java virtual machines and compilers. The JPackage Project A collection of some 1,600 Java software packages for Linux: Distribution-agnostic RPM packages. Both runtimes/development kits and applications. Segregation between free and non-free packages. All free packages built entirely from source. Multiple runtimes/development kits may be installed. Fedora includes: JPackage-compatible runtime and development kit packages. A whole bunch of applications. JPackage JOnAS Fedora©s Java Compilers gcj can operate in several modes: Java source (.java) to Java bytecode (.class) Java source (.java) to native machine code (.o) Java bytecode (.class, .jar) to native machine code (.o) In Fedora: ECJ compiles Java source to bytecode. gcj compiles that bytecode to native machine code.
  • Java in Embedded Linux Systems

    Java in Embedded Linux Systems

    Java in Embedded Linux Systems Java in Embedded Linux Systems Thomas Petazzoni / Michael Opdenacker Free Electrons http://free-electrons.com/ Created with OpenOffice.org 2.x Java in Embedded Linux Systems © Copyright 2004-2007, Free Electrons, Creative Commons Attribution-ShareAlike 2.5 license http://free-electrons.com Sep 15, 2009 1 Rights to copy Attribution ± ShareAlike 2.5 © Copyright 2004-2008 You are free Free Electrons to copy, distribute, display, and perform the work [email protected] to make derivative works to make commercial use of the work Document sources, updates and translations: Under the following conditions http://free-electrons.com/articles/java Attribution. You must give the original author credit. Corrections, suggestions, contributions and Share Alike. If you alter, transform, or build upon this work, you may distribute the resulting work only under a license translations are welcome! identical to this one. For any reuse or distribution, you must make clear to others the license terms of this work. Any of these conditions can be waived if you get permission from the copyright holder. Your fair use and other rights are in no way affected by the above. License text: http://creativecommons.org/licenses/by-sa/2.5/legalcode Java in Embedded Linux Systems © Copyright 2004-2007, Free Electrons, Creative Commons Attribution-ShareAlike 2.5 license http://free-electrons.com Sep 15, 2009 2 Best viewed with... This document is best viewed with a recent PDF reader or with OpenOffice.org itself! Take advantage of internal
  • Tackling Runtime-Based Obfuscation in Android with TIRO

    Tackling Runtime-Based Obfuscation in Android with TIRO

    Tackling runtime-based obfuscation in Android with TIRO Michelle Y. Wong and David Lie University of Toronto Abstract analysis as well for efficiency and greater code cover- age [1,2, 12]. As a result, malware authors have increas- Obfuscation is used in malware to hide malicious activ- ingly turned to obfuscation to hide their actions and con- ity from manual or automatic program analysis. On the fuse both static and dynamic analysis tools. The presence Android platform, malware has had a history of using ob- of obfuscation does not indicate malicious intent in and fuscation techniques such as Java reflection, code pack- of itself, as many legitimate applications employ code ing and value encryption. However, more recent mal- obfuscation to protect intellectual property. However, be- ware has turned to employing obfuscation that subverts cause of its prevalence among malware, it is crucial that the integrity of the Android runtime (ART or Dalvik), a malware analyzers have the ability to deobfuscate An- technique we call runtime-based obfuscation. Once sub- droid applications in order to determine if an application verted, the runtime no longer follows the normally ex- is indeed malicious or not. pected rules of code execution and method invocation, There exist a variety of obfuscation techniques on the raising the difficulty of deobfuscating and analyzing mal- Android platform. Many common techniques, such as ware that use these techniques. Java reflection, value encryption, dynamically decrypt- In this work, we propose TIRO, a deobfuscation ing and loading code, and calling native methods have framework for Android using an approach of Target- been identified and discussed in the literature [11,22,26].
  • The Future Going Back in Time to Abuse Android's

    The Future Going Back in Time to Abuse Android's

    Back To The Future Going Back In Time To Abuse Android’s JIT !1 $ whoami • Benjamin Watson • Director of Security Research @VerSprite Security • Android • @rotlogix !2 Agenda • Inspiration and Overview • Android 4.4.4 JIT Internals & Abuse • Android 7.1.1 JIT Internals & Abuse • Android Oreo • Tools • Future Challenges • Conclusion !3 Back To The Future Going Back In Time To Abuse Android’s JIT !4 Making Android Malware Great The First Time !5 On The Shoulders Of Giants !6 On the Shoulders of Giants @mattifestation @rwincey !7 Shellcode Execution in .NET using MSIL- Based JIT Overwrite • @mattifestation discovered the CPBLK opcode, which is effectively the MSIL equivalent to memcpy • He used to this opcode to overwrite a JIT’ed .NET method with shellcode • https://www.exploit-monday.com/2013/04/ MSILbasedShellcodeExec.html !8 Java Shellcode Execution • @rwincey uses the Unsafe API to overwrite a JIT’ed Java method with shellcode • https://www.slideshare.net/RyanWincey/java- shellcodeoffice !9 On the Shoulders of Giants • After absorbing Matt and Ryan’s research, I was left with one question … “ Is this also possible in Android? “ … !10 Motivation • These techniques discussed today are post-exploitation in nature • We already have installed a malicious application or gain code execution in Java through an arbitrary application • Our goal is to execute shellcode in memory entirely through Java without loading additional shared-libraries, or utilizing JNI !11 Motivation • This means that a simple “application” can have a self- contained solution
  • Race Detection for Android Applications

    Race Detection for Android Applications

    Race Detection for Android Applications Pallavi Maiya Aditya Kanade Rupak Majumdar Indian Institute of Science Indian Institute of Science MPI-SWS [email protected] [email protected] [email protected] Abstract asynchronous tasks to each other. Asynchronous tasks running on the same thread may themselves be reordered non-deterministically Programming environments for smartphones expose a concur- subject to certain rules. While the model can effectively hide laten- rency model that combines multi-threading and asynchronous event- cies, enabling innovative features, programming is complex and pro- based dispatch. While this enables the development of efficient and grams can have many subtle bugs due to non-determinism. feature-rich applications, unforeseen thread interleavings coupled In this paper, we formalize the concurrency semantics of the An- with non-deterministic reorderings of asynchronous tasks can lead droid programming model. Coming up with this formalization re- to subtle concurrency errors in the applications. quired a thorough study of the Android framework and a careful In this paper, we formalize the concurrency semantics of the An- mapping of execution scenarios in Android to more formal execu- happens-before droid programming model. We further define the tion traces. We view an Android application as comprising multi- relation for Android applications, and develop a dynamic race de- ple asynchronous tasks that are executed on one or more threads. tection technique based on this relation. Our relation generalizes An asynchronous task, once started on a thread, runs to completion the so far independently studied happens-before relations for multi- and can make both synchronous and asynchronous procedure calls.