While keeping frequent application updates, Android application developers need to detect Android runtime permission (ARP) bugs as quickly as possible. Android applications cannot effectively be tested for permission-related behaviors with automated testing tools since they are rarely designed for ARP bugs. This study proposes a state transition graph guided testing approach for detecting ARP bugs in Android applications. First, it analyzes the APK file of the application under test for permission misuse, instruments the APIs that may cause ARP bugs in the APK file, and re-signs the APK file. Then, it installs the APK file and dynamically explores the application to generate its state transition graph (STG). Finally, it detects ARP bugs quickly by automated testing with the guidance of STG. To evaluate the effectiveness of the approach, the study implements a prototype tool RPBDroid and conducts comparative experiments with the ARP bug detection tools SetDroid, PermDroid, and the automated testing tool APE. The experimental results show that RPBDroid successfully detects 15 ARP bugs out of 17 applications, which detects 14, 12, and 14 more ARP bugs than APE, SetDroid, and PermDroid respectively. In addition, RPBDroid reduces the average time required to detect ARP bugs by 86.42%, 86.72%, and 86.70% in comparison with SetDroid, PermDroid, and APE.