Abstract
Adequate handling of exceptions has proven difficult for many software engineers. Mobile app developers in particular, have to cope with compatibility, middleware, memory constraints, and battery restrictions. The goal of this paper is to obtain a thorough understanding of common exception handling bug hazards that app developers face. To that end, we first provide a detailed empirical study of over 6,000 Java exception stack traces we extracted from over 600 open source Android projects. Key insights from this study include common causes for system crashes, and common chains of wrappings between checked and unchecked exceptions. Furthermore, we provide a survey with 71 developers involved in at least one of the projects analyzed. The results corroborate the stack trace findings, and indicate that developers are unaware of frequently occurring undocumented exception handling behavior. Overall, the findings of our study call for tool support to help developers understand their own and third party exception handling and wrapping logic.
Similar content being viewed by others
Notes
K9Mail moved to GitHub but as a way of not loosing the project history it advises their users to report bugs in the Google Code issue tracker: https://github.com/k9mail/k-9/wiki/LoggingErrors.
2 Google Code used to provide a Web service to its repositories, but this was deactivated in June 2013 in what Google called a “clean-up action”.
3 In several exception stack traces, the exception frames were preceded by logging information e.g., 03-01 15:55:01.609 (7924): at android.app.ActivityThread.access$600(Activity Thread.java:127) which could not be detected by existing tools.
6 The filtering was performed in two steps: firstly, we analyzed the bytecode of the JVM and identified all runtime exceptions defined by it (e.g., java.lang.NullPointerExceptoin,java.lang.ArrayIndexOutOfBounds), then if the libraries/framework method was signaling one of such exceptions it was filtered out from the analysis.
9 A toast is an Android component that provides simple feedback about an operation in a small popup – http://developer.android.com/guide/topics/ui/notifiers/toasts.html.
This cross-type wrapping was found in several applications during the mining study as well as in some classes of the Android framework.
Brian Foote shared his opinion in a conversation with James Noble – quoted in the paper: hillside.net/plop/2008/papers/ACMVersions/coelho.pdf.
Already supported by tools such as Eclipse, IntelliJ, Android Studio 0.5.5 (release Apr. 2014) to detect potential null pointer dereferences at compile time.
References
Amalfitano D, Fasolino AR, Tramontana P, De Carmine S, Memon AM (2012) Using gui ripping for automated testing of android applications. In: Proceedings of the 27th IEEE/ACM International conference on automated software engineering. ACM, pp 258–261
Bacchelli A, Dal Sasso T, D’Ambros M, Lanza M (2012) Content classification of development emails. In: Proceedings of ICSE 2012, pp 375–385
Bavota G, Linares-Vasquez M, Bernal-Cardenas C E, Di Penta M, Oliveto R, Poshyvanyk D (2015) The impact of api change-and fault-proneness on the user ratings of android apps. IEEE Trans Softw Eng 41(4):384–407
Bettenburg N, Just S, Schröter A, Weiss C, Premraj R, Zimmermann T (2008a) What makes a good bug report? In: Proceedings of FSE 2008, pp 308–318
Bettenburg N, Premraj R, Zimmermann T, Kim S (2008b) Extracting structural information from bug reports. In: Proceedings of MSR 2008. ACM, pp 27–30
Binder R (2000) Testing object-oriented systems: models, patterns, and tools. Addison-Wesley Professional
Bloch J (2008) Effective java. Pearson Education India
Brunet J, Guerrero D, Figueiredo J (2009) Design tests: an approach to programmatically check your code against design rules. In: Proceedings of new ideas and emerging research (NIER) track at the international conference on software engineering (ICSE). IEEE, pp 255–258
Cabral B, Marques P (2007) Exception handling: a field study in Java and.Net. In: Proceedings of ECOOP 2007. Springer, pp 151–175
Charmaz K (2006) Constructing grounded theory: a practical guide through qualitative research. SagePublications Ltd, London
Jenkov Tutorials. Checked or Unchecked Exceptions? (2014) http://tutorials.jenkov.com/java-exception-handling/checked-or-unchecked-exceptions.html, online
Coelho R, Rashid A, Garcia A, Ferrari F, Cacho N, Kulesza U, von Staa A, Lucena C (2008) Assessing the impact of aspects on exception flows: An exploratory study. In: Proceedings of European conference on object-oriented programming (ECOOP). Springer-Verlag, pp 207–234
Coelho R, von Staa A, Kulesza U, Rashid A, Lucena C (2011) Unveiling and taming liabilities of aspects in the presence of exceptions: a static analysis based approach. Inf Sci 181(13):2700– 2720
Csallner C, Smaragdakis Y (2004) Jcrasher: an automatic robustness tester for Java. Softw Pract Exper 34(11):1025–1050
Dhaliwal T, Khomh F, Zou Y (2011) Classifying field crash reports for fixing bugs: A case study of mozilla firefox. In: Proceedings of international conference on software maintenance (ICSM 2011), pp 333–342
Enck W, Octeau D, McDaniel P, Chaudhuri S (2011) A study of android application security. In: USENIX security symposium, vol 2, pp 2
Fraser G, Arcuri A (2013) 1600 faults in 100 projects: automatically finding faults while achieving high coverage with evosuite. In: Empirical software engineering, pp 1–29
Garcia A, Rubira C, et al. (2007) Extracting error handling to aspects: a cookbook. In: Proceedings international conference on software maintenance (ICSM). IEEE, pp 134–143
Garcia A F, Rubira C M, Romanovsky A, Xu J (2001) A comparative study of exception handling mechanisms for building dependable object-oriented software. J Syst Softw 59(2):197–222
Goodenough J B (1975) Exception handling: issues and a proposed notation. CACM 18(12):683–696
Gosling J (2000) The Java language specification. Addison-Wesley Professional
Gousios G (2013) The GHTorrent dataset and tool suite. In: Proceedings of the international working conference on mining software repositories (MSR). IEEE, pp 233–236
Gousios G, Zaidman A, Storey MA, Van Deursen A (2015) Work practices and challenges in pull-based development: the integrator’s perspective. Tech. rep
Hindle A, Bird C, Zimmermann T, Nagappan N (2015) Do topics make sense to managers and developers? Emp Softw Eng 20(2):479–515
Jo J W, Chang B M, Yi K, Choe K M (2004) An uncaught exception analysis for java. J Syst Softw 72(1):59–69
Joorabchi M E, Mesbah A, Kruchten P (2013) Real challenges in mobile app development. In: 2013 ACM/IEEE International symposium on empirical software engineering and measurement. IEEE, pp 15–24
Kechagia M, Spinellis D (2014) Undocumented and unchecked: exceptions that spell trouble. In: Proceedings of the 11th working conference on mining software repositories. ACM, pp 312–315
Kim S, Zimmermann T, Nagappan N (2011) Crash graphs: an aggregated view of multiple crashes to improve crash triage. In: Proceedings of the IEEE/IFIP International conference on dependable systems and networks (DSN). IEEE, pp 486–493
Kim S, Zimmermann T, Premraj R, Bettenburg N, Shivaji S (2013) Predicting method crashes with bytecode operations. In: Proceedings of the 6th India software engineering conference, pp 3–12
Ko AJ, DeLine R, Venolia G (2007) Information needs in collocated software development teams. In: Proceedings of the 29th international conference on software engineering. IEEE Computer Society, pp 344–353
Kochhar PS, Thung F, Nagappan N, Zimmermann T, Lo D (2015) Understanding the test automation culture of app developers. In: 2015 IEEE 8th International conference on software testing, verification and validation (ICST). IEEE, pp 1–10
Linares-Vásquez M, Bavota G, Bernal-Cárdenas C, Di Penta M, Oliveto R, Poshyvanyk D (2013) API change and fault proneness: a threat to the success of Android apps. In: Proceedings of FSE 2013. ACM, pp 477–487. doi:10.1145/2491411.2491428
Linares-Vásquez M, Vendome C, Luo Q, Poshyvanyk D (2015) How developers detect and fix performance bottlenecks in android apps. In: 2015 IEEE International conference on software maintenance and evolution (ICSME). IEEE, pp 352–361
Maji A K, Arshad F A, Bagchi S, Rellermeyer JS (2012) An empirical study of the robustness of inter-component communication in Android. In: Proceedings of the IEEE/IFIP international conference on dependable systems and networks (DSN). IEEE, pp 1–12
Mandrioli D, Meyer B (1992) Advances in object-oriented software engineering. Prentice-Hall Inc
McDonnell T, Ray B, Kim M (2013) An empirical study of api stability and adoption in the android ecosystem. In: Proceedings international conference on software maintenance (ICSM), pp 70–79
Meyer AN, Fritz T, Murphy GC, Zimmermann T (2014) Software developers’ perceptions of productivity. In: Proceedings of the 22nd ACM SIGSOFT international symposium on foundations of software engineering. ACM, pp 19–29
Miller R, Tripathi A (1997) Issues with exception handling in object-oriented systems. In: Proceedings of ECOOP’97. Springer, pp 85–103
Nanda MG, Sinha S (2009) Accurate interprocedural null-dereference analysis for java. In: 31st International conference on software engineering, 2009. ICSE 2009. IEEE, pp 133–143
Null references:the billion dollar mistake, abstract of talk at QCon London (2009) https://qconlondon.com/london-2009/qconlondon.com/london-2009/presentation/Null%2BReferences_%2BThe%2BBillion%2BDollar%2BMistake.html, online
Pathak A, Hu YC, Zhang M (2011) Bootstrapping energy debugging on smartphones: a first look at energy bugs in mobile devices. In: Proceedings of the 10th ACM workshop on hot topics in networks. ACM, New York, HotNets-X, pp 5:1–5:6. doi:10.1145/2070562.2070567
Pham R, Singer L, Liskin O, Figueira Filho F, Schneider K (2013) Creating a shared understanding of testing culture on a social coding site. In: 2013 35th International conference on software engineering (ICSE). IEEE, pp 112–121
Robillard MP, Murphy GC (2000) Designing robust Java programs with exceptions. In: Proceedings international conference on the foundations of software engineering (FSE). pp 2–10
Ruiz I, Nagappan M, Adams B, Hassan A (2012) Understanding reuse in the Android market. In: Proceedings of the international conference on program comprehension (ICPC), pp 113–122. doi:10.1109/ICPC.2012.6240477
Sacramento P, Cabral B, Marques P (2006) Unchecked exceptions: can the programmer be trusted to document exceptions. In: International conference on innovative views of.NET technologies
Schröter A, Bettenburg N, Premraj R (2010) Do stack traces help developers fix bugs? In: Proceedings working conference on mining software repositories (MSR). IEEE, pp 118–121
Shah H B, Gorg C, Harrold M J (2010) Understanding exception handling: Viewpoints of novices and experts. IEEE Trans Soft Eng 36(2):150–161
Stackoverflow Q&A. Java: checked vs unchecked exception explanation. (2014) http://stackoverflow.com/questions/6115896/java-checked-vs-unchecked-exception-explanation, online
Singer L, Figueira Filho F, Storey MA (2014) Software engineering at the speed of light: how developers stay current using twitter. In: Proceedings of the 36th international conference on software engineering. ACM, pp 211–221
Sinha S, Shah H, Görg C, Jiang S, Kim M, Harrold MJ (2009) Fault localization and repair for Java runtime exceptions. In: Proceedings International symposium on software testing and analysis (ISSTA). ACM, pp 153–164
The Java tutorial. Unchecked exceptions: The controversy. (2014) http://docs.oracle.com/javase/tutorial/essential/exceptions/runtime.html, online
Van Dooren M, Steegmans E (2005) Combining the robustness of checked exceptions with the flexibility of unchecked exceptions using anchored exception declarations. ACM SIGPLAN Notices 40 (10):455–471
Wadler P (1995) Monads for functional programming. In: Advanced functional programming. Springer, pp 24–52
Wang S, Khomh F, Zou Y (2013) Improving bug localization using correlations in crash reports. In: Proceedings working conference on mining software repositories (MSR 2013). ACM/IEEE, pp 247–256
Wasserman AI (2010) Software engineering issues for mobile application development. In: Proceedings of the FSE/SDP workshop on future of software engineering research. ACM, pp 397–400
Wirfs-Brock R J (2006) Toward exception-handling best practices and patterns. Softw IEEE 23(5):11–13
Yuan D, Luo Y, Zhuang X, Rodrigues GR, Zhao X, Zhang Y, Jain P, Stumm M (2014) Simple testing can prevent most critical failures: An analysis of production failures in distributed data-intensive systems. In: 11th USENIX symposium on operating systems design and implementation, OSDI ’14. Broomfield, pp 249–265
Zhang P, Elbaum S (2012) Amplifying tests to validate exception handling code. In: Proceedings international conference on software engineering (ICSE). IEEE Press, Piscataway, pp 595–605. http://dl.acm.org/citation.cfm?id=2337223.2337293
Acknowledgments
This work is partially supported by the National Institute of Science and Technology for Software Engineering (INES), CNPq and FACEPE, grants 573964/2008-4, 552645/2011-7, and APQ-1037-1.03/08, CNPq Universal grant 484209/2013-2, and CAPES/PROAP.
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by: Romain Robbes, Martin Pinzger and Yasutaka Kamei
Rights and permissions
About this article
Cite this article
Coelho, R., Almeida, L., Gousios, G. et al. Exception handling bug hazards in Android. Empir Software Eng 22, 1264–1304 (2017). https://doi.org/10.1007/s10664-016-9443-7
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10664-016-9443-7