Detecting and Reproducing Concurrency Errors in Android Apps

Dr. Iulian Neamtiu
Computer Science Department, NJIT


Abstract

Android, the dominant mobile platform, has been plagued by concurrency errors ever since its inception. The majority of these errors are {\em event-driven races}, a new type of races caused by nondeterministic order of events that access the same memory with at least one write access. We present an effective approach to systematically detect, reproduce, and classify event-driven races for Android apps. First, a static event-driven race detector named SIERRA; this is the {\em first precise static approach} for race detection in Android and mobile systems in general. Second, a dynamic race verification and classification approach named ERVA, which uses event causality and replay to filter out false positives; for true positives, ERVA can distinguish benign races from harmful races via state comparison. Our approach has found errors in popular apps, including Barcode Scanner, K-9 Mail, and VLC.