Static Analysis of Event-Driven Android Applications: Detecting RxJava Anti-Patterns

Modern Android applications are fundamentally event-driven. User interactions, asynchronous callbacks, and background tasks all shape how an app behaves. While this model enables responsive and scalable applications, it also introduces complexity that is difficult to reason about, especially when reactive frameworks like RxJava are involved.

This work focuses on building and contributing to a static analysis framework designed to detect issues in event-driven Android applications written in Java, with a particular emphasis on identifying anti-patterns in RxJava usage.

The Challenge of Event-Driven Systems

Unlike traditional sequential programs, event-driven applications do not follow a single, predictable execution path. Instead, behavior emerges from:

• User inputs
• Lifecycle events
• Asynchronous streams
• Callbacks and subscriptions

This makes it difficult to answer basic questions statically:

• When does a piece of code execute?
• What data is available at that point?
• Is a stream properly handled or left dangling?

Reactive frameworks like RxJava amplify this complexity. They introduce chains of operations that transform and propagate data over time, often across threads. While powerful, this abstraction can obscure control flow and lead to subtle bugs.

Approach

The static analysis framework is designed to reason about these event-driven behaviors without executing the app. The approach combines two key ideas:

Understanding GUI-driven inputs

The system extracts information from UI components, identifying where user-provided data enters the application. This builds on the idea that many important behaviors originate from interface interactions.

Tracking data and execution flows

Using information flow analysis, the framework traces how data propagates through the application, including through asynchronous constructs.

This type of analysis is similar in spirit to prior work on detecting personal information leaks, where data flows from UI elements to sinks such as network or storage. However, the focus here is broader. It is not just about where data goes, but how event-driven structures manage and transform that data over time.

RxJava Anti-Patterns

As part of this work, the focus was placed on identifying problematic usage patterns in RxJava.

Common anti-patterns include:

Unmanaged subscriptions

Streams that are created but never properly disposed can lead to memory leaks and unintended behavior.

Improper threading assumptions

Data processed on the wrong scheduler can introduce race conditions or UI inconsistencies.

Overly complex operator chains

Long chains of transformations can obscure logic and make reasoning about execution difficult.

Hidden side effects

Operations that modify state within reactive chains can introduce behavior that is difficult to trace statically.

These issues are often not visible through standard testing. They emerge under specific timing conditions or interaction sequences, making them ideal targets for static analysis.

Why Static Analysis Matters Here

Dynamic testing can observe behavior, but only along executed paths. In event-driven systems, many problematic scenarios depend on rare interleavings or edge cases that are difficult to trigger reliably.

Static analysis, on the other hand, can:

• Examine all possible paths through reactive chains
• Identify misuse patterns without requiring execution
• Highlight risky constructs early in development

However, achieving precision is challenging. Event-driven code introduces ambiguity, and reactive abstractions further complicate analysis. The framework addresses this by focusing on detectable structural patterns rather than attempting full semantic reconstruction.

Key Insight

The main takeaway from this work is that event-driven complexity is not just a runtime problem, but a structural one.

Frameworks like RxJava allow developers to express complex behavior concisely, but they also make it easier to introduce hidden issues. These issues are not always bugs in the traditional sense. They are often design-level problems that only become visible under certain conditions.

By targeting anti-patterns, static analysis can act as an early warning system. It shifts the goal from proving correctness to identifying high-risk structures in the code.

Conclusion

As Android applications continue to rely on event-driven architectures and reactive programming, traditional analysis techniques become less effective on their own.

This work demonstrates that it is possible to statically reason about these systems by focusing on structure, flow, and patterns of misuse. By analyzing RxJava usage and identifying anti-patterns, the framework provides a way to detect issues that would otherwise remain hidden.

Understanding event-driven systems requires a different mindset. It is not about following a single execution path, but about recognizing how behavior emerges from interactions over time.