Fixing Resource Leaks in Android Apps with Light-Weight Static Analysis and Low-Overhead Instrumentation

Fixing bugs according to bug reports is a labor-intensive work for developers and automatic techniques can effectively decrease the manual efforts. A feasible solution is to fix specific bugs by static analysis and code instrumentation. In this paper, we present a light-weight approach to fixing the resource leak bugs that exist widely in Android apps while guaranteeing the safety that the patches should not interrupt normal execution of the original program. This approach first performs a light-weight static analysis and then carefully designs the concise patch code that will be inserted into the byte-code. When the program is running, the patches will trace the state of leaked resources and release them in a proper place. Our experiments on dozens of real-world apps show that our approach can effectively fix resource leaks in the apps with negligible extra execution time and less than 4% extra code in a few seconds.

[1]  Martin Monperrus,et al.  Automatic repair of buggy if conditions and missing preconditions with SMT , 2014, CSTVA 2014.

[2]  Lu Zhang,et al.  Safe Memory-Leak Fixing for C Programs , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[3]  Kathryn T. Stolee,et al.  Repairing Programs with Semantic Code Search , 2015 .

[4]  Yu Lin,et al.  Retrofitting concurrency for Android applications through refactoring , 2014, FSE 2014.

[5]  Charles Zhang,et al.  Grail: context-aware fixing of concurrency bugs , 2014, SIGSOFT FSE.

[6]  Claire Le Goues,et al.  GenProg: A Generic Method for Automatic Software Repair , 2012, IEEE Transactions on Software Engineering.

[7]  Mu Zhang,et al.  AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications , 2014, NDSS.

[8]  Xin Yao,et al.  A novel co-evolutionary approach to automatic software bug fixing , 2008, 2008 IEEE Congress on Evolutionary Computation (IEEE World Congress on Computational Intelligence).

[9]  Zhendong Su,et al.  An Empirical Study on Real Bug Fixes , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[10]  Alex Shaw Program transformations to fix C buffer overflows , 2014, ICSE Companion.

[11]  Shan Lu,et al.  Automated atomicity-violation fixing , 2011, PLDI '11.

[12]  Shan Lu,et al.  CARAMEL: Detecting and Fixing Performance Problems That Have Non-Intrusive Fixes , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[13]  Jun Yan,et al.  Light-Weight, Inter-Procedural and Callback-Aware Resource Leak Detection for Android Apps , 2016, IEEE Transactions on Software Engineering.

[14]  Jun Yan,et al.  Characterizing and detecting resource leaks in Android applications , 2013, 2013 28th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[15]  Jacques Klein,et al.  IccTA: Detecting Inter-Component Privacy Leaks in Android Apps , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[16]  Martin Monperrus,et al.  Automatic Repair of Infinite Loops , 2015, ArXiv.

[17]  Yuriy Brun,et al.  Repairing Programs with Semantic Code Search (T) , 2015, 2015 30th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[18]  Jaechang Nam,et al.  Automatic patch generation learned from human-written patches , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[19]  Wei Zhang,et al.  Automated Concurrency-Bug Fixing , 2012, OSDI.