DOCSLIB.ORG

Evaluation of Failures Masking Across the Software Stack

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Evaluation of Failures Masking Across the Software Stack Evaluation of Failures Masking Across the Software Stack Thiago Santini, Paolo Rech, Anderson Sartor, Ulisses B. Correa,ˆ Luigi Carro, and Flavio´ R. Wagner Instituto de Informatica´ Universitade Federal do Rio Grande do Sul Porto Alegre, RS, Brazil Email: ftcsantini, prech, alsartor, ubcorrea, carro, fl[email protected] Abstract—In this paper, we analyze how implementing an altitudes (i.e., 35,000 ft), considering only those failures that application in different software layers impacts the failure rate negatively impact the user experience [5]. When scaled to the of embedded computing systems. We investigate an ARM-based average number of passengers flying per year, which has been System-on-Chip executing an application on top of the Dalvik estimated to be three billion in 2013 by the International Air virtual machine, using Android’s Java Native Interface (JNI), and Transport Association [6], and conservatively supposing that as a native executable. The different versions are then exposed to each one uses a smartphone for an hour per trip, such a MTTF a controlled neutron beam, and the outcome of the resulting executions are logged and analyzed. We additionally classify translates to about 350,000 user-observable errors per year - observable failures based on the events observed in the logs during i.e., 0.1% of users will experience an observable failure. As the time window of each failure. Our experimental results show the complexity is expected to increase in future generations, that the Dalvik version presents the lowest failure rate followed and parallelism is becoming the new computing standard, by the JNI version and then by the native version, suggesting that software stack is going to be mandatory to ease applications the higher the software layer, the higher the failure masking. development and portability. In this scenario, software stack I. INTRODUCTION reliability needs to be carefully evaluated to understand the behaviour of applications executed in embedded systems when Nowadays, Personal Mobile Devices (PMDs), such as exposed to radiation. tablets and smartphones, are becoming the mainstream of The objective of this work is to evaluate how such large computing devices [1]. The amount of resources available software abstraction stacks impact user-observable errors. To in PMDs is continuously increasing, and it is very common reach this goal, three variants of a matrix multiplication to have PMDs powered by parallel embedded processors. To application were developed. The first variant is a full Java manage the available resources a large software platform is re- implementation, executing over the Dalvik Virtual Machine quired. PMD software platform also supports a faster time-to- (DVM). The second variant uses the Java Native Interface, market for third-part software, profoundly changing traditional in which parts of the applications code are implemented in software design development for embedded systems. a native shared library. The last variant is a native Linux For complex systems, one of the traditional approaches application. Our experimental results show that the Dalvik to speed-up the time-to-market of applications is through the version presents the lowest failure rate followed by the JNI usage of high-abstraction levels in the application design and version and then by the native version, suggesting that the implementation processes. These abstractions facilitate the em- higher the software layer, the higher the failure masking. bedded resources management and the software development This paper is organised as follows. Section II presents process, making software more readable, easier to maintain, Android software stack background, and Section III gives an and highly portable [2]. In fact, nowadays embedded systems overview of our experimental setup. Then Section IV presents projects typically include object-oriented languages, like Java and discusses the obtained experimental results. Section V and C++. These high abstraction languages are vastly applied concludes the paper and presents future works. even on resource-constrained microcontrollers platforms, such as Arduino, whose official Software Development Kit (SDK) uses C++ in an object oriented way [3]. II. ANDROID SOFTWARE STACK Android, the dominant software platform in the market for The Android platform is a software stack composed by four PMDs [4], uses a four-layer software stack to help third part levels. The lowest level is the Linux kernel, responsible for practitioners to develop applications. This software platform is task scheduling, device drivers, power management, recourse intended to be used in a broad range of devices (e.g., wear- access, and others low-level tasks. The second level com- ables, smartphones, TVs, automobile media centers). Since the prehends native libraries and the Android runtime. The An- Android platform stack abstracts several implementation de- droid runtime comprises core libraries and the Dalvik Virtual tails, code reuse becomes ubiquitous among different devices. Machine (DVM). Dalvik’s purpose is to provide a platform- With the shrinking of transistor dimensions and the exacer- independent programming environment that abstracts details of bation of the amount of resources available in modern devices, the underlying hardware and operating system. To do so, the the radiation-induced error rate cannot be considered negligible Dalvik bytecodes, called DEX, are interpreted to the target ar- even in consumer electronics and PMDs. For instance, the user- chitecture during the execution of the application. In addition, observable Apple iPhone 3 Mean Time To Failure (MTTF) can the DVM includes a trace-based Just-In-Time (JIT) compiler be as short as 1 year when operating at commercial aircraft to translate the bytecodes of frequently used execution paths into native instructions, and the result from this translation is was left unused. cached to avoid reinterpretation overhead. Moreover, the DVM was designed to run on memory-constrained environments and B. Software Under Test to allow multiple instances of the virtual machine, so every As benchmark, we selected Matrix Multiplication since it application runs a private instance, which provides security, is typically used in both safety-critical (e.g., filter and control isolation, and effective memory management. The third level operations) and user applications (e.g., media applications). is the application framework, which provides high-level ser- One application execution was defined as 200 multiplications vices in the form of Java classes accessible through the Java of 25 × 25 integer matrices to keep a tractable run-time Development Kit (JDK). The top level is the applications layer, and output throughput. A greater workload would increase where all applications available in the Android device reside, the probability of having radiation-induced errors, eventually using the resources provided by the layers below. allowing more than one neutron to generate a failure in one A developer has multiple possibilities when developing an single execution. As detailed in the next subsection, this is to Android application, each having its strengths and weaknesses. be avoided to derate the experimentally observed error rate to The application may be developed purely in Java code, with the natural radiation environment. A smaller workload would a combination of Java and native code, or purely in native impede the gathering of a statistically significant amount of code. Java applications run on the Dalvik Virtual Machine, data. therefore having portability and security provided by this As shown in Algorithm 1, after DUT initialization, the virtual machine. However, the additional software layer (i.e., application starts: all matrices are initialized, and for each of the virtual machine) may affect the application performance. the 200 sets of input matrices Ai is multiplied by Bi; the The combination of Java and native code can be done through resulting matrix is then compared to the expected result Gi the Java Native Interface (JNI) framework or through Native and, if they differ, a failure flag is raised. After the 200 matrix Activities; the former provides an interface for native methods multiplications are completed, errors are reported, and a new to be called from the Java side; the latter comprises of whole application execution is triggered. Android activities implemented in native code, which can be used along with Java activities. Through the JNI framework, ALGORITHM 1: Application under test. it is possible for Java code to interact with C or C++ code by calling methods implemented in native code. This possibility setup caches(); allows the reuse of legacy code and can be used to increase print banner(); application performance in some situations. Nevertheless, JNI while T rue do // Applications Start compromises the application’s portability and security, once F ail F alse; the code needs to be compiled to each target architecture and for i 1 to 200 do // Unrolled does not run on the DVM anymore. Furthermore, by using init(Ai;Bi;Gi); JNI, an overhead is created because of the context switches, end which involves copying of operands in memory between the for i 1 to 200 do // Unrolled Java and the native side. Applications developed purely in C Ai ∗ Bi; native code, referred to as ELF applications in this work, are if C 6= Gi then usual C or C++ applications that are compiled to run in an F ail T rue; Android device. ELF applications have low portability and end low execution overhead as the code is executed directly by the end print(F ail); processor and does not need to be interpreted by the DVM. // Application End On a radiation reliability point of view, increasing the end abstraction level may significantly modify the error rate of an application. Passing from one level of abstraction to a higher one may bring benefits to the device reliability, as In total, three variants of this application were produced: some errors could be masked. In fact, not all the failures Dalvik: The application was entirely implemented in the occurring at physical level actually propagates to the output Java language, from which an Android Application Package of an application.
Load more

Recommended publications
  • Jeannie: Granting Java Native Interface Developers Their Wishes
    Jeannie: Granting Java Native Interface Developers Their Wishes Martin Hirzel Robert Grimm IBM Watson Research Center New York University [email protected] [email protected] Abstract higher-level languages and vice versa. For example, a Java Higher-level languages interface with lower-level languages project can reuse a high-performance C library for binary such as C to access platform functionality, reuse legacy li- decision diagrams (BDDs) through the Java Native Inter- braries, or improve performance. This raises the issue of face [38] (JNI), which is the standard FFI for Java. how to best integrate different languages while also recon- FFI designs aim for productivity, safety, portability, and ciling productivity, safety, portability, and efficiency. This efficiency. Unfortunately, these goals are often at odds. For paper presents Jeannie, a new language design for integrat- instance, Sun’s original FFI for Java, the Native Method In- ing Java with C. In Jeannie, both Java and C code are nested terface [52, 53] (NMI), directly exposed Java objects as C within each other in the same file and compile down to JNI, structs and thus provided simple and fast access to object the Java platform’s standard foreign function interface. By fields. However, this is unsafe, since C code can violate Java combining the two languages’ syntax and semantics, Jean- types, notably by storing an object of incompatible type in a nie eliminates verbose boiler-plate code, enables static error field. Furthermore, it constrains garbage collectors and just- detection across the language boundary, and simplifies dy- in-time compilers, since changes to the data representation namic resource management.
    [Show full text]
  • JNI – C++ Integration Made Easy
    JNI – C++ integration made easy Evgeniy Gabrilovich Lev Finkelstein [email protected] [email protected] Abstract The Java Native Interface (JNI) [1] provides interoperation between Java code running on a Java Virtual Machine and code written in other programming languages (e.g., C++ or assembly). The JNI is useful when existing libraries need to be integrated into Java code, or when portions of the code are implemented in other languages for improved performance. The Java Native Interface is extremely flexible, allowing Java methods to invoke native methods and vice versa, as well as allowing native functions to manipulate Java objects. However, this flexibility comes at the expense of extra effort for the native language programmer, who has to explicitly specify how to connect to various Java objects (and later to disconnect from them, to avoid resource leak). We suggest a template-based framework that relieves the C++ programmer from most of this burden. In particular, the proposed technique provides automatic selection of the right functions to access Java objects based on their types, automatic release of previously acquired resources when they are no longer necessary, and overall simpler interface through grouping of auxiliary functions. Introduction The Java Native Interface1 is a powerful framework for seamless integration between Java and other programming languages (called “native languages” in the JNI terminology). A common case of using the JNI is when a system architect wants to benefit from both worlds, implementing communication protocols in Java and computationally expensive algorithmic parts in C++ (the latter are usually compiled into a dynamic library, which is then invoked from the Java code).
    [Show full text]
  • T U M a Digital Wallet Implementation for Anonymous Cash
    Technische Universität München Department of Informatics Bachelor’s Thesis in Information Systems A Digital Wallet Implementation for Anonymous Cash Oliver R. Broome Technische Universität München Department of Informatics Bachelor’s Thesis in Information Systems A Digital Wallet Implementation for Anonymous Cash Implementierung eines digitalen Wallets for anonyme Währungen Author Oliver R. Broome Supervisor Prof. Dr.-Ing. Georg Carle Advisor Sree Harsha Totakura, M. Sc. Date October 15, 2015 Informatik VIII Chair for Network Architectures and Services I conrm that this thesis is my own work and I have documented all sources and material used. Garching b. München, October 15, 2015 Signature Abstract GNU Taler is a novel approach to digital payments with which payments are performed with cryptographically generated representations of actual currencies. The main goal of GNU Taler is to allow taxable anonymous payments to non-anonymous merchants. This thesis documents the implementation of the Android version of the GNU Taler wallet, which allows users to create new Taler-based funds and perform payments with them. Zusammenfassung GNU Taler ist ein neuartiger Ansatz für digitales Bezahlen, bei dem Zahlungen mit kryptographischen Repräsentationen von echten Währungen getätigt werden. Das Hauptziel von GNU Taler ist es, versteuerbare, anonyme Zahlungen an nicht-anonyme Händler zu ermöglichen. Diese Arbeit dokumentiert die Implementation der Android-Version des Taler-Portemonnaies, der es Benutzern erlaubt, neues Taler-Guthaben zu erzeugen und mit ihnen Zahlungen zu tätigen. I Contents 1 Introduction 1 1.1 GNU Taler . .2 1.2 Goals of the thesis . .2 1.3 Outline . .3 2 Implementation prerequisites 5 2.1 Native libraries . .5 2.1.1 Libgcrypt .
    [Show full text]
  • Nacldroid: Native Code Isolation for Android Applications
    NaClDroid: Native Code Isolation for Android Applications Elias Athanasopoulos1, Vasileios P. Kemerlis2, Georgios Portokalidis3, and Angelos D. Keromytis4 1 Vrije Universiteit Amsterdam, The Netherlands [email protected] 2 Brown University, Providence, RI, USA [email protected] 3 Stevens Institute of Technology, Hoboken, NJ, USA [email protected] 4 Columbia University, New York, NY, USA [email protected] Abstract. Android apps frequently incorporate third-party libraries that contain native code; this not only facilitates rapid application develop- ment and distribution, but also provides new ways to generate revenue. As a matter of fact, one in two apps in Google Play are linked with a library providing ad network services. However, linking applications with third-party code can have severe security implications: malicious libraries written in native code can exfiltrate sensitive information from a running app, or completely modify the execution runtime, since all native code is mapped inside the same address space with the execution environment, namely the Dalvik/ART VM. We propose NaClDroid, a framework that addresses these problems, while still allowing apps to include third-party code. NaClDroid prevents malicious native-code libraries from hijacking Android applications using Software Fault Isolation. More specifically, we place all native code in a Native Client sandbox that prevents uncon- strained reads, or writes, inside the process address space. NaClDroid has little overhead; for native code running inside the NaCl sandbox the slowdown is less than 10% on average. Keywords: SFI, NaCl, Android 1 Introduction Android is undoubtedly the most rapidly growing platform for mobile devices, with estimates predicting one billion Android-based smartphones shipping in 2017 [12].
    [Show full text]
  • Developing and Benchmarking Native Linux Applications on Android
    Developing and Benchmarking Native Linux Applications on Android Leonid Batyuk, Aubrey-Derrick Schmidt, Hans-Gunther Schmidt, Ahmet Camtepe, and Sahin Albayrak Technische Universit¨at Berlin, 10587 Berlin, Germany {aubrey.schmidt,leonid.batyuk,hans-gunther.schmidt,ahmet.camtepe, sahin.albayrak}@dai-labor.de http://www.dai-labor.de Abstract. Smartphones get increasingly popular where more and more smartphone platforms emerge. Special attention was gained by the open source platform Android which was presented by the Open Handset Al- liance (OHA) hosting members like Google, Motorola, and HTC. An- droid uses a Linux kernel and a stripped-down userland with a custom Java VM set on top. The resulting system joins the advantages of both environments, while third-parties are intended to develop only Java ap- plications at the moment. In this work, we present the benefit of using native applications in Android. Android includes a fully functional Linux, and using it for heavy computational tasks when developing applications can bring in substantional performance increase. We present how to develop native applications and software components, as well as how to let Linux appli- cations and components communicate with Java programs. Additionally, we present performance measurements of native and Java applications executing identical tasks. The results show that native C applications can be up to 30 times as fast as an identical algorithm running in Dalvik VM. Java applications can become a speed-up of up to 10 times if utilizing JNI. Keywords: software, performance, smartphones, android, C, Java. 1 Introduction With the growing customer interest in smartphones the number of available platforms increases steadily.
    [Show full text]
  • Java Native Interface Application Notes
    Java Native Interface Application Notes Da Ke 4/5/2009 ECE 480 Spring 2009, Design Team 3 Department of Electrical and Computer Engineering Michigan State University Abstract Java is one of most widely used programming language today due to its openness, ability to scale up and portability. The language is design to have a simpler object model and fewer low-level facilities like pointer methods in C/C++. Sometime this could impose a limitation on what a program can do. This application note will explore various ways of implementation that will allow Java to interact with some programs that are written in lower level language. Keywords: Java, JVM, JNI, Linux, Windows, Operating System, Native interface, Native code Introduction Most modern high level programming languages today are capable of handling what once consider trivial tasks for developers like memory management. However, this doesn't come without cost. A Java application does not interact with underlying system infrastructure directly instead it first compile source code to bytecode and run on Java virtual machine which itself is an application that run on top of the operating system. The Java virtual machine acts like a mediator between the application and the operating system. Most modern implementations of Java Virtual Machine does include several interfaces and libraries that we can utilize to allow Java applications to perform some system level tasks and even speed up the execution of the program by handing over some more resource-intense operations to programs that are runs natively on the machine. Objective This application note will explain different approaches to implement system level functions using Java Programming Language.
    [Show full text]
  • Calling C Library Routines from Java Using the Java Native Interface
    Numerical Algorithms Group Title: Calling C Library Routines from Java Using the Java Native Interface Summary: This paper presents a technique for calling C library routines directly from Java, saving you the trouble of rewriting code in Java and gaining portability via Java Virtual Machines. The NAG C Library from the Numerical Algorithms Group (www.nag.com) is a mathematical and statistical library containing routines for linear algebra, optimization, quadrature, differential equations, regression analysis, and time-series analysis. Although written in C, the library’s functionality can be accessed from other languages. On PCs, DLL versions of the library can be exploited in many ways, including calling from Microsoft Excel, Visual Basic, or Borland Delphi. Consequently, NAG C Library users often ask if they can call it from Java. One way to perform numerical computations is by creating Java classes that implement the required functionality. However, this is often difficult and time consuming. In this article, I present a technique for calling C Library routines directly from Java. Apart from avoiding rewriting numerical code in Java, using existing C code has another advantage. Java is portable -- compiled programs run on any machine with a Java Virtual Machine (VM). To accomplish this, the Java compiler does not compile to a machine- dependent assembler, but to machine-independent Run-Time Error Messages bytecode that is interpreted at run time by the VM. Although the interpreter is efficient, no interpreted If you get a Java error message, such as program runs as fast as programs compiled to assembler “interface library CJavaInterface cannot be code.
    [Show full text]
  • File-Based Sharing for Dynamically Compiled Code on Dalvik Virtual Machine
    File-Based Sharing For Dynamically Compiled Code On Dalvik Virtual Machine Yao-Chih Huang, Yu-Sheng Chen, Wuu Yang, Jean Jyh-Jiun Shann Department of Computer Science National Chiao Tung University Hsinchu City 300, Taiwan fychuang, yusheng, wuuyang, [email protected] Abstract—Memory footprint is considered as an impor- Generally speaking, native code that is generated by a tant design issue for embedded systems. Sharing dynamically dynamic compiler would be stored at a memory area called compiled code among virtual machines can reduce memory code cache. In the Android platform, every virtual machine footprint and recompilation overhead. On the other hand, sharing writable native code may cause security problems, would allocate its own code cache. Thus, native code might due to support of native function call such as Java Native be duplicated in several code cache and result in wasting Interface (JNI). We propose a native-code sharing mechanism of memory. On the other hand, same native code may be that ensures the security for Dalvik virtual machine (VM) on compiled repeatedly and result in reduced performance. the Android platform. Dynamically generated code is saved in So, sharing native code in the code cache among virtual a file and is shared with memory mapping when other VMs need the same code. Protection is granted by controlling of file machines can reduce memory footprint. This sharing ap- writing permissions. To improve the security, we implement a proach also avoids repeated compilation of the same code daemon process, named Query Agent, to control all accesses and hence improve performance. to the native code and maintain all the information of traces, There exist two works about code sharing in VM : which are the units of the compilation in the Dalvik VM.
    [Show full text]
  • Box2d with Libgdx
    [ 1 ] www.allitebooks.com LibGDX Game Development By Example Learn how to create your very own game using the LibGDX cross-platform framework James Cook BIRMINGHAM - MUMBAI www.allitebooks.com LibGDX Game Development By Example Copyright © 2015 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: August 2015 Production reference: 1210815 Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK. ISBN 978-1-78528-144-0 www.packtpub.com www.allitebooks.com Credits Author Project Coordinator James Cook Mary Alex Reviewers Proofreader Pavel Czempin Safis Editing Lévêque Michel Sudarshan Shetty Indexer Monica Ajmera Mehta Acquisition Editors Subho Gupta Graphics Dan Smallman James Jones Jason Monteiro Content Development Editor Nikhil Potdukhe Production Coordinator Arvindkumar Gupta Technical Editor Abhishek R.
    [Show full text]
  • Including Native Methods in Static Analysis of Java Programs by Victor L
    Including Native Methods in Static Analysis of Java Programs by Victor L. Hernandez Submitted to the Department of Electrical Engineering and Computer Science in partial fulfillment of the requirements for the degree of Master of Engineering in Electrical Engineering and Computer Science at the MASSACHUSETTS INSTITUTE OF TECHNOLOGY June 2000 @ Massachusetts Institute of Technology 2000. All rights reserved. A uthor ........................... .... Department of Electrical Engineering and Computer Science May 22, 2000 Certified by ....................... K' hris Terman Senior Lecturer Massachusetts Institute of Technology Thesis Supervisor Accepted by ................ .. .-... 4.. Arthur C. Smith Chairman, Department Committee on Graduate Students MASSACHUSETS IST OF TECHNOLOGY ur JUL 2 7 2000 LIBRARIES Including Native Methods in Static Analysis of Java Programs by Victor L. Hernandez Submitted to the Department of Electrical Engineering and Computer Science on May 22, 2000, in partial fulfillment of the requirements for the degree of Master of Engineering in Electrical Engineering and Computer Science Abstract Most static analyses of Java programs treat native methods conservatively due the analy- ses' dependence on bytecodes or source code for the syntactic and semantic analysis of the method bodies. This thesis presents a less-conservative approach that extracts sufficient information from native methods and transforms them into a representation that facilitates their inclusion in the analysis of Java programs. The approach focuses on analyses of Java programs that are concerned with the propagation of Java object references, such as escape analysis and mutability analysis. The Java Native Interface has become the standard for including C/C++ source in Java applications. With object reference propagation being the focus, the task of extracting information from native methods becomes that of separating the Java semantics associated with calls to the Java Native Interface (JNI) from the semantics of the remainder of the C/C++ code.
    [Show full text]
  • C and C++ JNI and STL
    JNI and STL C and C++ This lecture looks at: 8. JNI and STL I Java Native Interface (JNI) as an example of the sort of techiques you need for mixed language working. C (rather than C++) is often used because of it being a “high-level assembly language”. Alan Mycroft I The Standard Template Library for C++. University of Cambridge (heavily based on previous years’ notes – thanks to Alastair Beresford and Andrew Moore) The treatment is more of an overview compared to the previous lectures (i.e. you only have to understand the large-scale issues in inter-language Michaelmas Term 2013–2014 working and the STL, rather than needing to learn all the details). 1 / 41 2 / 41 JNI — Java Native Interface Justification Java Native Interface (JNI) is the Java interface to non-Java code. I interoperate with applications and libraries written in other programming languages (e.g., C, C++, assembly) Pro: I Reuse: allow access to useful native code Examples we will look at: I Efficiency: use best language for the right task I Embedding C in Java I Using Java from C Cons: Why use JNI? I Applets: mobility makes this painful I Portability: native methods aren’t portable I Low-level specifics not provided by Java I Extra work: javah, creating shared library I Performance (java is not famous for being fast) I Legacy code wrapper 3 / 41 4 / 41 Embedding C in Java Generate JNI Header 1. Declare the method using the keyword native (without implementation) 2. (Make sure Java loads the required library) 3.
    [Show full text]
  • Identifying Java Calls in Native Code Via Binary Scanning
    Identifying Java Calls in Native Code via Binary Scanning George Fourtounis Leonidas Triantafyllou Yannis Smaragdakis University of Athens University of Athens University of Athens Athens, Greece Athens, Greece Athens, Greece [email protected] [email protected] [email protected] ABSTRACT An often-overlooked fact, however, is that platform-specific (na- Current Java static analyzers, operating either on the source or byte- tive) code is far from absent in the Java world. Advanced appli- code level, exhibit unsoundness for programs that contain native cations often complement their platform-independent, pure-Java code. We show that the Java Native Interface (JNI) specification, functionality with specialized, platform-specific libraries. In An- which is used by Java programs to interoperate with Java code, droid, for instance, Almanee et al. [1] find that 540 of the 600 top is principled enough to permit static reasoning about the effects free apps in the Google Play Store contain native libraries, at an of native code on program execution when it comes to call-backs. average of 8 libraries per app! (The architectural near-monopoly of Our approach consists of disassembling native binaries, recovering ARM in Android devices certainly does nothing to discourage the static symbol information that corresponds to Java method signa- trend.) Desktop and enterprise Java applications seem to use native tures, and producing a model for statically exercising these native code much more sparingly, but native code still creeps in. Popular call-backs with appropriate mock objects. projects such as log4j, lucene, aspectj, or tomcat use native code for The approach manages to recover virtually all Java calls in native low-level resource access [11].
    [Show full text]