Efficiently Manifesting Asynchronous Programming Errors in Android Apps

Android, the #1 mobile app framework, enforces the single-GUI-thread model, in which a single UI thread manages GUI rendering and event dispatching. Due to this model, it is vital to avoid blocking the UI thread for responsiveness. One common practice is to offload long-running tasks into async threads. To achieve this, Android provides various async programming constructs, and leaves developers themselves to obey the rules implied by the model. However, as our study reveals, more than 25% apps violate these rules and introduce hard-to-detect, fail-stop errors, which we term as aysnc programming errors (APEs). To this end, this paper introduces APEChecker, a technique to automatically and efficiently manifest APEs. The key idea is to characterize APEs as specific fault patterns, and synergistically combine static analysis and dynamic UI exploration to detect and verify such errors. Among the 40 real-world Android apps, APEChecker unveils and processes 61 APEs, of which 51 are confirmed (83.6% hit rate). Specifically, APEChecker detects 3X more APEs than the state-of-art testing tools (Monkey, Sapienz and Stoat), and reduces testing time from half an hour to a few minutes. On a specific type of APEs, APEChecker confirms 5X more errors than the data race detection tool, EventRacer, with very few false alarms

Anchor: Locating Android Framework-specific Crashing Faults

Android framework-specific app crashes are hard to debug. Indeed, the callback-based event-driven mechanism of Android challenges crash localization techniques that are developed for traditional Java programs. The key challenge stems from the fact that the buggy code location may not even be listed within the stack trace. For example, our empirical study on 500 framework-specific crashes from an open benchmark has revealed that 37 percent of the crash types are related to bugs that are outside the stack traces. Moreover, Android programs are a mixture of code and extra-code artifacts such as the Manifest file. The fact that any artifact can lead to failures in the app execution creates the need to position the localization target beyond the code realm. In this paper, we propose Anchor, a two-phase suspicious bug location suggestion tool. Anchor specializes in finding crash-inducing bugs outside the stack trace. Anchor is lightweight and source code independent since it only requires the crash message and the apk file to locate the fault. Experimental results, collected via cross-validation and in-the-wild dataset evaluation, show that Anchor is effective in locating Android framework-specific crashing faults.Comment: 12 page

Automated Testing and Bug Reproduction of Android Apps

The large demand of mobile devices creates significant concerns about the quality of mobile applications (apps). The corresponding increase in app complexity has made app testing and maintenance activities more challenging. During app development phase, developers need to test the app in order to guarantee its quality before releasing it to the market. During the deployment phase, developers heavily rely on bug reports to reproduce failures reported by users. Because of the rapid releasing cycle of apps and limited human resources, it is difficult for developers to manually construct test cases for testing the apps or diagnose failures from a large number of bug reports. However, existing automated test case generation techniques are ineffective in exploring most effective events that can quickly improve code coverage and fault detection capability. In addition, none of existing techniques can reproduce failures directly from bug reports. This dissertation provides a framework that employs artifact intelligence (AI) techniques to improve testing and debugging of mobile apps. Specifically, the testing approach employs a Q-network that learns a behavior model from a set of existing apps and the learned model can be used to explore and generate tests for new apps. The framework is able to capture the fine-grained details of GUI events (e.g., visiting times of events, text on the widgets) and use them as features that are fed into a deep neural network, which acts as the agent to guide the app exploration. The debugging approach focuses on automatically reproducing crashes from bug reports for mobile apps. The approach uses a combination of natural language processing (NLP), deep learning, and dynamic GUI exploration to synthesize event sequences with the goal of reproducing the reported crash

Understanding and Mitigating Flaky Software Test Cases

A flaky test is a test case that can pass or fail without changes to the test case code or the code under test. They are a wide-spread problem with serious consequences for developers and researchers alike. For developers, flaky tests lead to time wasted debugging spurious failures, tempting them to ignore future failures. While unreliable, flaky tests can still indicate genuine issues in the code under test, so ignoring them can lead to bugs being missed. The non-deterministic behaviour of flaky tests is also a major snag to continuous integration, where a single flaky test can fail an entire build. For researchers, flaky tests challenge the assumption that a test failure implies a bug, an assumption that many fundamental techniques in software engineering research rely upon, including test acceleration, mutation testing, and fault localisation. Despite increasing research interest in the topic, open problems remain. In particular, there has been relatively little attention paid to the views and experiences of developers, despite a considerable body of empirical work. This is essential to guide the focus of research into areas that are most likely to be beneficial to the software engineering industry. Furthermore, previous automated techniques for detecting flaky tests are typically either based on exhaustively rerunning test cases or machine learning classifiers. The prohibitive runtime of the rerunning approach and the demonstrably poor inter-project generalisability of classifiers leaves practitioners with a stark choice when it comes to automatically detecting flaky tests. In response to these challenges, I set two high-level goals for this thesis: (1) to enhance the understanding of the manifestation, causes, and impacts of flaky tests; and (2) to develop and empirically evaluate efficient automated techniques for mitigating flaky tests. In pursuit of these goals, this thesis makes five contributions: (1) a comprehensive systematic literature review of 76 published papers; (2) a literature-guided survey of 170 professional software developers; (3) a new feature set for encoding test cases in machine learning-based flaky test detection; (4) a novel approach for reducing the time cost of rerunning-based techniques for detecting flaky tests by combining them with machine learning classifiers; and (5) an automated technique that detects and classifies existing flaky tests in a project and produces reusable project-specific machine learning classifiers able to provide fast and accurate predictions for future test cases in that project

Effective Detection of Sleep-in-Atomic-Context Bugs in the Linux Kernel

International audienceAtomic context is an execution state of the Linux kernel, in which kernel code monopolizes a CPU core. In this state, the Linux kernel may only perform operations that cannot sleep, as otherwise a system hang or crash may occur. We refer to this kind of concurrency bug as a sleep-in-atomic-context (SAC) bug. In practice, SAC bugs are hard to find, as they do not cause problems in all executions. In this paper, we propose a practical static approach named DSAC, to effectively detect SAC bugs in the Linux kernel. DSAC uses three key techniques: (1) a summary-based analysis to identify the code that may be executed in atomic context, (2) a connection-based alias analysis to identify the set of functions referenced by a function pointer, and (3) a path-check method to filter out repeated reports and false bugs. We evaluate DSAC on Linux 4.17, and find 1159 SAC bugs. We manually check all the bugs, and find that 1068 bugs are real. We have randomly selected 300 of the real bugs and sent them to kernel developers. 220 of these bugs have been confirmed, and 51 of our patches fixing 115 bugs have been applied

DSAC: Effective Static Analysis of Sleep-in-Atomic-Context Bugs in Kernel Modules

International audienceIn a modern OS, kernel modules often use spinlocks and interrupt handlers to monopolize a CPU core to execute concurrent code in atomic context. In this situation, if the kernel module performs an operation that can sleep at runtime, a system hang may occur. We refer to this kind of concurrency bug as a sleep-in-atomic-context (SAC) bug. In practice, SAC bugs have received insufficient attention and are hard to find, as they do not always cause problems in real executions. In this paper, we propose a practical static approach named DSAC, to effectively detect SAC bugs and automatically recommend patches to help fix them. DSAC uses four key techniques: (1) a hybrid of flow-sensitive and-insensitive analysis to perform accurate and efficient code analysis; (2) a heuristics-based method to accurately extract kernel interfaces that can sleep at runtime; (3) a path-check method to effectively filter out repeated reports and false bugs; (4) a pattern-based method to automatically generate recommended patches to help fix the bugs. We evaluate DSAC on kernel modules (drivers, file systems, and network modules) of the Linux kernel, and on the FreeBSD and NetBSD kernels, and in total find 401 new real bugs. 272 of these bugs have been confirmed by the relevant kernel maintainers, and 43 patches generated by DSAC have been applied by kernel maintainers

Development of an e-portfolio social network using emerging web technologies

Dissertação de mestrado em Informatics EngineeringDigital portfolios (also known as e-Portfolios) can be described as digital collections of artifacts, being both a product (a digital collection of artifacts) and a process (reflecting on those artifacts and what they represent). It is an extension of the traditional Curriculum Vitae, which tells the educational and professional milestones of someone, while the portfolio proves and qualifies them (e.g.: annually thousands of students finish a Master degree on Informatics, but only one has built Vue, Twitter or Facebook – the Portfolio goes beyond the CV milestones by specifying the person’s output throughout life and distinguishing them). e-Portfolios augment this by introducing new digital representations and workflows, exposed to a community, being both a product and a process. This approach can be useful for individual self-reflection, education or even job markets, where companies seek talented individuals, because it expands the traditional CV concept and empowers individual merit. There have been many studies, theories, and methodologies related with e-Portfolios, but transpositions to web applications have been unsuccessful, untuitive and too complex (in opposition to the CV format, which had success in various applications, for example LinkedIn). This project aims to study new approaches and develop an exploratory web/mobile application of this method ology, by exploring the potential of social networks to promote them, augmented by emergent web technologies. Its main output is the prototype of a new product (a social network of e-Portfolio) and its design decisions, with new theoretical approaches applied to web development. By the end of this project, we will have idealized a web infrastructure for interacting with networks of users, their skills, and communities seeking them. The approach to the development of this platform will be to integrate emerging technologies like WebAssembly and Rust in its development cycle and document our findings. At the end of this project, in addition to the prototype of a new product, we hope to have contributed to the State of the Art of Web Engineering and to be able to answer questions regarding new emerging web development ecosystems.Os portfólios digitais (também conhecidos como e-Portfolios) podem ser descritos como coleções digitais de artefatos, sendo tanto um produto (uma coleção digital de artefatos) quanto um processo (refletindo sobre esses artefatos e o que eles representam). É uma extensão do tradicional Curriculum Vitae, onde o primeiro conta os marcos educacionais e profissionais de alguém, enquanto que o segundo, o Portfólio, comprova-os e qualifica-os (e.g.: anualmente milhares de alunos concluem graduações em Informática, no entanto apenas um consebeu o Vue, o Twitter ou o Facebook - o Portfólio vai além dos indicadores quantitativos do CV, especificando e qualificando a produção da pessoa ao longo da vida e distinguindo-a). Os e-Portfolios expandem este conceito com a introdução de novas representações digitais e fluxos de trabalho, expostos a uma comunidade, sendo tanto um produto como um processo. Esta abordagem pode ser útil para a autorreflexão individual, educação ou mesmo mercados de trabalho, onde as empresas procuram indivíduos talentosos, porque expande o conceito tradicional de CV e potencializa o mérito individual. Existem muitos estudos, teorias e metodologias relacionadas com os e-Portfolios, mas as transposições para aplicações web têm sido mal sucedidas, pouco intuitivas e muito complexas (em oposição ao formato CV, que tem tido sucesso em várias aplicações, por exemplo no LinkedIn). Este projeto visa estudar novas abordagens neste domínio e desenvolver uma aplicação exploratória web/mobile que melhor exprima os e-Portfolios, explorando o potencial das redes sociais para os promover em conjunto com tecnologias web emergentes. As principais produções esperadadas deste trabalho são um protótipo de um novo produto (uma rede social de e-Portfolio) e documentar novas abordagens teóricas aplicadas ao desenvolvimento web. No final deste projeto, teremos idealizado uma infraestrutura web para interagir com redes de utilizadores, as suas competências e comunidades que os procurem. A abordagem ao desenvolvimento desta plataforma será integrar tecnologias emergentes como WebAssembly e Rust no seu ciclo de desenvolvimento e documentar as nossas descobertas e decisões. No final deste projeto, para além do protótipo de uma plataforma, esperamos ter contribuido para o Estado da Arte da Engenharia Web e responder a questões sobre novos ecossistemas emergentes de desenvolvimento web