Detecting Data Races in Android Applications Based on Shared Variable Analysis and Constraint Solver

被引：0

作者：

Sun Q. ^{[1
,2
]}

Xu L. ^{[1
,2
]}

Xia X.-M. ^{[1
,2
]}

Zhang W.-F. ^{[3
]}

机构：

[1] State Key Laboratory for Novel Software Technology (Nanjing University), Nanjing

[2] Department of Computer Science and Technology, Nanjing University, Nanjing

[3] School of Computer Science, Nanjing University of Postsand Telecommunications, Nanjing

来源：

Ruan Jian Xue Bao/Journal of Software | 2019年 / 30卷 / 11期

基金：

中国国家自然科学基金;

关键词：

Android application; Constraint solver; Data race; Event driven model; Multi-thread model;

D O I：

10.13328/j.cnki.jos.005582

中图分类号：

学科分类号：

摘要：

The Android system has always dominated the mobile operating system. Its unique event-driven model and multi-threaded model also cause concurrency defects while enhancing the user experience and improving the program performance. In concurrent programs, the non-determinism of thread scheduling and the complexity of its reproducibility are the reasons for the difficulty of concurrency bug detection. The existing technologies mainly focus on the analysis of happens-before relationships based on the dynamic analysis, and then detect the concurrency bugs of Andriod applications (App for short). Nevertheless, there are still some problems of low coverage and high false positive (FP) due to the shortage of dynamic method. In this study, data races in Android applications are detected by the shared variable analysis and the constraint solving method, and detection tool, namely RaceDetector, is implemented. The tool firstly extracts the relevant information according to the characteristics of Android system and the definition of data race, and further expands the shared variable analysis to improve the accuracy and performance, and then it obtains a suspicious data race set with suspicious data race analyzing. Next, it identifies the feasible implementation of the path and the order of happens-before relationships according to every suspicious data race candidate through the method of constraint solving and finally detects the real data races. In experimental part, 15 popular applications with APK files are collected from Google Play and other sourcesas data sets. RaceDetector reports 340 data races on average, include 13% (44/340) of FP. Compared to existing tool, EventRacer, which triggers data races with 300 random events and reports 2 harmful data races on average, RaceDetector covers all thread schedules and event schedules, and it reports 15 harmful data races on average. © Copyright 2019, Institute of Software, the Chinese Academy of Sciences. All rights reserved.

引用

页码：3281 / 3296

页数：15

共 38 条

[1] Kahlon V., Sinha N., Kruus E., Et al., Static data race detection for concurrent programs with asynchronous calls, Proc. of the 7th Joint Meeting of the European Software Engineering Conf. and the ACM SIGSOFT Symp. on the Foundations of Software Engineering, pp. 13-22, (2009)
[2] Takala T., Katara M., Harty J., Experiences of system-level model based GUI testing of an Android application, Proc. of the 20114th IEEE Int'l Conf. on Software Testing, Verification and Validation, pp. 377-386, (2011)
[3] Yan D., Yang S., Rountev A., Systematic testing for resource leaksin Android applications, Proc. of the 23th Int'l Symp. on Software Reliability Engineering, pp. 411-420, (2013)
[4] Yang S., Yan D., Rountev A., Testing for poor responsiveness inAndroid applications, Proc. of the 1st Int'l Workshop on the Engineering of Mobile-enabled Systems, pp. 1-6, (2013)
[5] Grace M., Zhou Y.J., Zhang Q., Et al., RiskRanker: Scalable and accurate zero-day android malware detection, Proc. of the 10th Int'l Conf. on Mobile Systems, Applications, and Services, pp. 281-294, (2012)
[6] Holland B., Deering T., Kothari S., Et al., Security toolbox for detecting novel and sophisticated Android malware, Proc. of the 37th Int'l Conf. on Software Engineering, pp. 733-736, (2015)
[7] Zhou Y.J., Jiang X.X., Dissecting Android malware: Characterization and evolution, Proc. of the 2012 IEEE Symp. on Security and Privacy, pp. 95-109, (2012)
[8] Bielik P., Raychev V., Vechev M., Scalable race detection for Android applications, Proc. of the ACM SIGPLAN Int'l Conf. on Object Oriented Programming Systems Languages & Applications, pp. 332-348, (2015)
[9] Hsiao C.H., Pereira C., Yu J., Et al., Race detection for event-driven mobile applications, Proc. of the 35th Annual ACM SIGPLAN Conf. on Programming Language Design and Implementation, pp. 326-336, (2014)
[10] Maiya P., Kanade A., Majumdar R., Race detection for Android applications, ACM SIGPLAN Notices, 49, 6, pp. 316-325, (2014)

← 1 2 3 4 →