DMMPP: Constructing Dummy Main Methods for Android Apps with Path-Sensitive Predicates

Android is based on an event-driven model, which hides the main method, and is driven by the lifecycle methods and listeners from user interaction. FlowDroid, constructs a dummy main method statically emulating the lifecycle methods. The dummy main method has been widely used by FlowDroid and also other Android analyzers as their entry points. However, the existing dummy main method is not designed for path-sensitive analysis, whose paths may be unsatis able. Thus, when using original dummy main methods, path-sensitive analysis, e.g., symbolic execution, may su er from infeasible paths. In this paper, we present DMMPP, the rst dummy main method generator for Android applications with pathsensitive predicates, and the corresponding path condition is satisable. DMMPP constructs dummy main methods for the four types of components in an application with a more realistic simulation for the lifecycle methods. The experiment demonstrates the bene ts of our tool for path-sensitive analyzers, improving 28.5 times more explored paths with a low time overhead. CCS Concepts • Theory of computation → Program analysis.