Object-oriented type inference
OOPSLA '91 Conference proceedings on Object-oriented programming systems, languages, and applications
Scalable propagation-based call graph construction algorithms
OOPSLA '00 Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Extended static checking for Java
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
A New Numerical Abstract Domain Based on Difference-Bound Matrices
PADO '01 Proceedings of the Second Symposium on Programs as Data Objects
Class analyses as abstract interpretations of trace semantics
ACM Transactions on Programming Languages and Systems (TOPLAS)
Using FindBugs on production software
Companion to the 22nd ACM SIGPLAN conference on Object-oriented programming systems and applications companion
Practical pluggable types for java
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
Semantic Foundations and Inference of Non-null Annotations
FMOODS '08 Proceedings of the 10th IFIP WG 6.1 international conference on Formal Methods for Open Object-Based Distributed Systems
A termination analyzer for Java bytecode based on path-length
ACM Transactions on Programming Languages and Systems (TOPLAS)
The nullness analyser of JULIA
LPAR'10 Proceedings of the 16th international conference on Logic for programming, artificial intelligence, and reasoning
Software and Systems Modeling (SoSyM)
Static analysis of Android programs
CADE'11 Proceedings of the 23rd international conference on Automated deduction
Inferring complete initialization of arrays
Theoretical Computer Science
An operational semantics for android activities
Proceedings of the ACM SIGPLAN 2014 Workshop on Partial Evaluation and Program Manipulation
Static Reference Analysis for GUI Objects in Android Software
Proceedings of Annual IEEE/ACM International Symposium on Code Generation and Optimization
Hi-index | 0.00 |
Context: Android is a programming language based on Java and an operating system for embedded and mobile devices, whose upper layers are written in the Android language itself. As a language, it features an extended event-based library and dynamic inflation of graphical views from declarative XML layout files. A static analyzer for Android programs must consider such features, for correctness and precision. Objective: Our goal is to extend the Julia static analyzer, based on abstract interpretation, to perform formally correct analyses of Android programs. This article is an in-depth description of such an extension, of the difficulties that we faced and of the results that we obtained. Method: We have extended the class analysis of the Julia analyzer, which lies at the heart of many other analyses, by considering some Android key specific features such as the potential existence of many entry points to a program and the inflation of graphical views from XML through reflection. We also have significantly improved the precision of the nullness analysis on Android programs. Results: We have analyzed with Julia most of the Android sample applications by Google and a few larger open-source programs. We have applied tens of static analyses, including classcast, dead code, nullness and termination analysis. Julia has found, automatically, bugs, flaws and inefficiencies both in the Google samples and in the open-source applications. Conclusion: Julia is the first sound static analyzer for Android programs, based on a formal basis such as abstract interpretation. Our results show that it can analyze real third-party Android applications, without any user annotation of the code, yielding formally correct results in at most 7min and on standard hardware. Hence it is ready for a first industrial use.