Analysis and Testing for Android Software
Android devices currently lead the smartphone marketplace worldwide.
Android also has significant presence in one of the fastest-growing
segments of the computing landscape: tablets (e.g., Google Nexus) and
media-delivery devices (e.g., Amazon Kindle Fire). The widespread use
of these mobile devices poses great demands on software quality.
However, meeting these demands is very challenging. Both the software
platforms and the accumulated developer expertise are immature
compared to older areas of computing. The available research
expertise and automated tool support are also very limited. It is
critical for researchers in software engineering and programming
languages to contribute both foundational approaches and practical
tools toward higher-quality software for mobile devices.
The current focus of our work is in two directions:
-
GATOR,
a static analysis toolkit for Android, with current emphasis on analysis of Android GUIs
[CGO14,
PhD14,
ICSE15,
ASE15,
PhD15,
SOAP16,
ICSE17,
JASE18,
FSE18]
and its applications for
error checking [CC16,
FSE18],
test generation [AST16,
ICSE17,
AST18,
SQJ20],
instrumentation,
security analysis, and automated
debugging
- LeakDroid,
a novel approach and toolset for testing and debugging of resource
leaks and jank in Android software [ISSRE13,
MOBS13,
PhD14,
MobileSoft16,
AST16]
This work is funded by two NSF grants (1319695 and
1526459) and by a Google Faculty Research Award.
- GUI Analysis
-
An Android application is driven by a graphical user interface (GUI),
with GUI objects responding to user actions. These objects and the
event handlers associated with them ultimately determine the possible
flow of control and data. We have developed the first static
analysis to model GUI-related Android objects, their flow through
the application, and their interactions with each other via the
abstractions defined by the Android platform [CGO14, PhD14]. The analysis enables
static modeling of control/data flow that is foundational for compiler
analyses, instrumentation for event/interaction profiling, static
error checking, security analysis, test generation, and automated
debugging. It provides a key component to be used by program analysis
researchers in the growing area of Android software. This work is the
first step in a long-term research agenda to develop a comprehensive
infrastructure for static analysis for Android. Our later work on
this topic builds on this GUI analysis to develop a new analysis of
control-flow due to callbacks triggered by GUI user events [ICSE15]. Both analyses are
available as part of the GATOR
analysis toolkit. A subsequent development is a generalization of the
analysis from
[ICSE15], which appeared as [ASE15,JASE18]. Based on this new approach, we
have developed a static detector of energy-related defects [CC16] and test generation
techniques for leak detection [AST16,
AST18,
SQJ20].
We have also investigated the general problem of static analysis unsoundness for Android software
[SOAP16]. Our latest efforts are focused on analysis and testing of Android applications for wearable devices [ICSE17,FSE18,SQJ20].
- Resource Leaks
- In devices with limited resources,
an application that consumes too many resources can lead to slowdowns,
crashes, and negative user experience. A common defect is a resource
leak, where some resource is not released appropriately. Leak defects
are widespread and varied. Although they can have severe effects on
software reliability, performance, and marketplace success, there does
not exist a comprehensive strategy for testing and debugging of such
leaks. We have developed the first comprehensive technique for
testing for resource leaks in Android software [ISSRE13, PhD14, LeakDroid]
and are currently working on several other problems in this area. A
recent development is an approach to automate LeakDroid's test
generation [AST16]
based on the static analysis from [ASE15].
- Poor Responsiveness
-
If an application takes too long to respond to a user event, it is
perceived to be sluggish and unresponsive, which leads to bad
perception and market ratings. This happens when the main application
thread - which processes UI events - performs heavy computations or
long-wait operations. In the Google developer community, such
operations are referred to as "jank". We proposed the first
systematic technique to uncover suspicious behavior that may lead to
poor responsiveness in Android applications [MOBS13]. Follow-up work
developed an approach to profile the responsiveness using resource
amplification [MobileSoft16].
main page