Multiple-Entry Testing of Android Applications by Constructing Activity Launching Contexts

Existing GUI testing approaches of Android apps usually test apps from a single entry. In this way, the marginal activities far away from the default entry are difficult to be covered. The marginal activities may fail to be launched due to requiring a great number of activity transitions or involving complex user operations, leading to uneven coverage on activity components. Besides, since the test space of GUI programs is infinite, it is difficult to test activities under complete launching contexts using single-entry testing approaches. In this paper, we address these issues by constructing activity launching contexts and proposing a multiple-entry testing framework. We perform an inter-procedural, flow-, context- and path-sensitive analysis to build activity launching models and generate complete launching contexts. By activity exposing and static analysis, we could launch activities directly under various contexts without performing long event sequence on GUI. Besides, to achieve an in-depth exploration, we design an adaptive exploration framework which supports the multiple-entry exploration and dynamically assigns weights to entries in each turn. Our approach is implemented in a tool called Fax, with an activity launching strategy Faxla and an exploration strategy Faxex. The experiments on 20 real-world apps show that Faxla can cover 96.4% and successfully launch 60.6% activities, based on which Faxex further achieves a relatively 19.7% improvement on method coverage compared with the most popular tool Monkey. Our tool also behaves well in revealing hidden bugs. Fax can trigger over seven hundred unique crashes, including 180 Errors and 539 Warnings, which is significantly higher than those of other tools. Among the 46 bugs reported to developers on Github, 33 have been fixed up to now.

[1]  Jan S. Rellermeyer,et al.  An empirical study of the robustness of Inter-component Communication in Android , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[2]  Xi Deng,et al.  Analyses for specific defects in android applications: a survey , 2019, Frontiers of Computer Science.

[3]  Yang Liu,et al.  Guided, stochastic model-based GUI testing of Android apps , 2017, ESEC/SIGSOFT FSE.

[4]  John Regehr,et al.  Intent fuzzer: crafting intents of death , 2014, WODA+PERTEA 2014.

[5]  Xiaoxing Ma,et al.  Automatic test-input generation for Android applications , 2019 .

[6]  Hongseok Yang,et al.  Automated concolic testing of smartphone apps , 2012, SIGSOFT FSE.

[7]  Hui Ye,et al.  DroidFuzzer: Fuzzing the Android Apps with Intent-Filter Tag , 2013, MoMM '13.

[8]  Flemming Nielson,et al.  Principles of Program Analysis , 1999, Springer Berlin Heidelberg.

[9]  Brink van der Merwe,et al.  Verifying android applications using Java PathFinder , 2012, ACM SIGSOFT Softw. Eng. Notes.

[10]  Jun Yan,et al.  Androlic: an extensible flow, context, object, field, and path-sensitive static analysis framework for Android , 2019, ISSTA.

[11]  George C. Necula,et al.  Guided GUI testing of android apps with minimal restart and approximate learning , 2013, OOPSLA.

[12]  Michael Pradel,et al.  Making Malory Behave Maliciously: Targeted Fuzzing of Android Execution Environments , 2017, 2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE).

[13]  Kun Yang,et al.  IntentFuzzer: detecting capability leaks of android applications , 2014, AsiaCCS.

[14]  Alessandra Gorla,et al.  Automated Test Input Generation for Android: Are We There Yet? (E) , 2015, 2015 30th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[15]  Porfirio Tramontana,et al.  Using GUI ripping for automated testing of Android applications , 2012, 2012 Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering.

[16]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[17]  Zhenhua Duan,et al.  Poster: Android Inter-Component Communication Analysis with Intent Revision , 2018, 2018 IEEE/ACM 40th International Conference on Software Engineering: Companion (ICSE-Companion).

[18]  Iulian Neamtiu,et al.  Targeted and depth-first exploration for systematic testing of android apps , 2013, OOPSLA.

[19]  Alireza Sadeghi,et al.  Reducing Combinatorics in GUI Testing of Android Applications , 2016, 2016 IEEE/ACM 38th International Conference on Software Engineering (ICSE).

[20]  Mukul R. Prasad,et al.  Automated testing with targeted event sequence generation , 2013, ISSTA.

[21]  Xia Zeng,et al.  Automated test input generation for Android: are we really there yet in an industrial case? , 2016, SIGSOFT FSE.

[22]  Porfirio Tramontana,et al.  MobiGUITAR: Automated Model-Based Testing of Mobile Apps , 2015, IEEE Software.

[23]  Mayur Naik,et al.  Dynodroid: an input generation system for Android apps , 2013, ESEC/FSE 2013.

[24]  Yue Jia,et al.  Sapienz: multi-objective automated testing for Android applications , 2016, ISSTA.

[25]  Sam Malek,et al.  A whitebox approach for automated security testing of Android applications on the cloud , 2012, 2012 7th International Workshop on Automation of Software Test (AST).

[26]  Xi Deng,et al.  Characterizing and Identifying Misexposed Activities in Android Applications , 2018, 2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE).

[27]  Suman Nath,et al.  PUMA: programmable UI-automation for large-scale dynamic analysis of mobile apps , 2014, MobiSys.

[28]  Xiangyu Zhang,et al.  Z3-str: a z3-based string solver for web application analysis , 2013, ESEC/FSE 2013.

[29]  Iulian Neamtiu,et al.  Automating GUI testing for Android applications , 2011, AST '11.

[30]  Xi Deng,et al.  InsDal: A safe and extensible instrumentation tool on Dalvik byte-code for Android applications , 2017, 2017 IEEE 24th International Conference on Software Analysis, Evolution and Reengineering (SANER).

[31]  Pedram Amini,et al.  Fuzzing: Brute Force Vulnerability Discovery , 2007 .

[32]  Xiang Gao,et al.  Android Testing via Synthetic Symbolic Execution , 2018, 2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE).

[33]  Jian Lu,et al.  Practical GUI Testing of Android Applications Via Model Abstraction and Refinement , 2019, 2019 IEEE/ACM 41st International Conference on Software Engineering (ICSE).

[34]  Matthew L. Dering,et al.  Composite Constant Propagation: Application to Android Inter-Component Communication Analysis , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[35]  Tao Xie,et al.  A Grey-Box Approach for Automated GUI-Model Generation of Mobile Applications , 2013, FASE.

[36]  Yan Wang,et al.  Static window transition graphs for Android , 2018, Automated Software Engineering.