Jaca: a Reflective Fault Injection Tool based on Patterns

1
Jaca a Reflective Fault Injection Tool based on
Patterns

• Eliane Martins
• Cecilia Rubira
• Nelson Leme
• Institute of Computing
• State University of Campinas - Unicamp
• Brasil

International Performance and Dependability
Symposium IPDS2002 Washington, D.C., USA
June 23 - 26, 2002
2
Contents

• Context
• Motivation and Objective
• Jaca
• Preliminary Experiments
• Conclusions
• Future Works

3
Fault Injection

• Deliberate introduction of faults into a system
  to observe its behavior
• valuable approach to validate dependability
  properties
• useful to evaluate impact of error recovery
  mechanisms into performance
• Approaches
• simulation-based fault injection
• hardware fault injection
• software fault injection (SFI)

4
SFI Approaches

• Static injection (compile-time)
• source or Assembler code alteration

• no extra code is needed
• faults triggered when
• altered code is accessed

• Dynamic injection (runtime)
• special process
• interrupt routines
• trace mode
• code insertion

• needs extra code fault injector
• and monitor
• needs fault trigger mechanism

5
Motivation

• Typical runtime SFI tools work at machine code
  level
• ex. corruption of CPU registers
• useful to emulate consequences of hardware
  failures
• low intrusion into the target application
• great effort to emulate software faults
• ex. incorrect assignment of values to
  variables incorrect array indexes missing
  function
• Why is it important to emulate software faults ?
• software faults are major cause of system
  failures
• COTS software components use is increasing, even
  for critical applications

6
Our Goals

• Problem
• Runtime injection at source-code level, affecting
  objects attributes and methods
• Separation of concerns fault injection and
  monitoring code separated from application code
• Approach used
• computational reflection

7
Computational Reflection

• Capability of a system to reason about or act
  upon itself
• Reflective systems manipulate
• external data
• meta information data representing systems
  aspects

structural reflection manipulation of structural
aspects ex. definition of a class or function
behavioral reflection manipulation of systems
behavior ex. method invocation interception

• Reflective systems
• architecture
• base level systems functions
• meta level interception and/or
• alteration functions

8
Behavioral Reflection and OO
object X class attribute A type, value method
M1 name, parameters
metaobject
meta-level
base-level
M1
object X
M2
M3
9
Jaca

• Evolution of FIRE
• runtime fault injection tool for applications
  written in C
• showed feasibility of the approach
• source code dependency
• Main requirements
• validation of Java applications
• high portability
• source code independence
• ability to incorporate new fault models

10
Development Aspects

• Design based on the Fault Injection Pattern set
• reuse of architectural solutions already used to
  implement fault injection tools
• Code is written in pure Java
• Use of Javassist reflection library
• extends Java reflection API
• requires no modification to the standard JVM
• performs reflection at bytecode level during load
  time

• modularity
• extensibility

• portability
• source code
• independence

11
Jacas Architecture
Interface
Jaca
Controller
Injector Manager
Monitor Manager
Activator
Logical Injector
Logical Injector


Logical Monitor
Logical Monitor
Meta Level
Physical Injector
Physical Monitor
Base Level
Target Application

12
Application Instrumentation
byte code
byte code
Activator (class loader)
byte code hooks to metaobjects
13
Preliminary Experiments

• Experiments to show Jacas extensibility
• Assembler-level fault injection

JNIEXPORT void JNICALL Java_LowLevelRoutine
(JNIEnv param1, jobject param2) int a, b,
c, d, op, num printf ( "\n-gt testing
CPUID\n ) op 1 asm (
"cpuid" "a" (a), "b"
(b), "c" (c), "d" (d)
"a" (op)) printf ( "\n-gt Register
values - EAX i, EBX i, ECX
i, EDX i\n\n", a, b, c, d )
...
Physical Injector
Low Level Functions
LowLevelRoutine( )
14
Conclusions and Future Works

• Jaca
• an extensible, portable software fault injector
• faults affect attributes and methods of Java
  applications
• fault injection uses computational reflection
• source code independent but ...
• dependent on reflection toolkit used
• Further works
• validate real world applications
• COTS ODBMS is being tested
• extend Jacas functionalities
• use of other reflection toolkits Guaraná, Kava
• explore Assembler-level fault injection features

15
Thank you !

• Our emails
• eliane_at_ic.unicamp.br
• cmrubira_at_ic.unicamp.br
• nleme_at_post.com