1. Institute of Computing Jaca: a Reflective Fault Injection Tool based on Patterns Eliane Martins Cecilia Rubira Nelson Leme Institute of Computing State University of Campinas - Unicamp Brasil International Performance and Dependability Symposium — IPDS’2002 Washington, D.C., USA June 23 - 26, 2002

2. Institute of Computing 2 Contents Context Motivation and Objective Jaca Preliminary Experiments Conclusions Future Works

3. Institute of Computing 3 Fault Injection Deliberate introduction of faults into a system to observe its behavior –valuable approach to validate dependability properties –useful to evaluate impact of error recovery mechanisms into performance Approaches: –simulation-based fault injection –hardware fault injection  software fault injection (SFI)

4. Institute of Computing 4 Static injection (compile-time) –source or Assembler code alteration no extra code is needed faults triggered when altered code is accessed needs extra code: fault injector and monitor needs fault trigger mechanism SFI Approaches Dynamic injection (runtime) –special process –interrupt routines –trace mode –code insertion

5. Institute of Computing 5 Motivation Typical runtime SFI tools work at machine code level ex.: corruption of CPU registers useful to emulate consequences of hardware failures low intrusion into the target application  great effort to emulate software faults ex.: incorrect assignment of values to variables; incorrect array indexes; missing function Why is it important to emulate software faults ? software faults are major cause of system failures COTS software components use is increasing, even for critical applications

6. Institute of Computing 6 Our Goals Problem: –Runtime injection at source-code level, affecting objects’ attributes and methods –Separation of concerns: fault injection and monitoring code separated from application code Approach used: –computational reflection

7. Institute of Computing 7 Computational Reflection Capability of a system to reason about or act upon itself Reflective systems manipulate –external data –meta information: data representing system’s aspects structural reflection manipulation of structural aspects ex.: definition of a class or function behavioral reflection manipulation of system’s behavior ex.: method invocation interception Reflective systems’ architecture: – base level: system’s functions – meta level: interception and/or alteration functions

8. Institute of Computing 8 Behavioral Reflection and OO metaobject meta-level base-level object X : class attribute A : type, value method M1 : name, parameters M1 A B M2 M3 object X

9. Institute of Computing 9 Jaca Evolution of FIRE: runtime fault injection tool for applications written in C++ showed feasibility of the approach  source code dependency Main requirements: –validation of Java applications –high portability –source code independence –ability to incorporate new fault models

10. Institute of Computing 10 Design based on the Fault Injection Pattern set: – reuse of architectural solutions already used to implement fault injection tools Code is written in pure Java Use of Javassist reflection library: –extends Java reflection API –requires no modification to the standard JVM –performs reflection at bytecode level during load time Development Aspects portability source code independence modularity extensibility

11. Institute of Computing 11 Jaca’s Architecture Interface Controller Injector Manager Monitor Manager Activator Logical Injector Logical Injector Logical Monitor Logical Monitor … … Physical Injector Physical Monitor … Meta Level Base Level Target Application Fault ListLog FileClass List Jaca

12. Institute of Computing 12 Application Instrumentation Application’s Class Files Metaobjects’ ClassFiles byte code Javassist library Activator (class loader) byte code + hooks to metaobjects Metaobject Physical Injector Physical Monitor

13. Institute of Computing 13 Preliminary Experiments Experiments to show Jaca’s extensibility: –Assembler-level fault injection Physical Injector JNIEXPORT void JNICALL Java_LowLevelRoutine (JNIEnv *param1, jobject param2) { int a, b, c, d, op, num ; printf ( "\n###-> testing CPUID\n” ) ; op = 1; asm ( "cpuid" : "=a" (a), "=b" (b), "=c" (c), "=d" (d) : "a" (op)); printf ( "\n###-> Register values: - EAX: %i, EBX: %i, ECX: %i, EDX: %i\n\n", a, b, c, d ) ;... } Low Level Functions LowLevelRoutine( )

14. Institute of Computing 14 Conclusions and Future Works Jaca: –an extensible, portable software fault injector –faults affect attributes and methods of Java applications –fault injection uses computational reflection source code independent but...  dependent on reflection toolkit used Further works: –validate real world applications COTS ODBMS is being tested –extend Jaca’s functionalities –use of other reflection toolkits: Guaraná, Kava –explore Assembler-level fault injection features

15. Institute of Computing 15 Thank you ! Our emails: eliane@ic.unicamp.br cmrubira@ic.unicamp.br nleme@post.com