Exception Handling Research Articles

Do android developers neglect error handling? a maintenance-Centric study on the relationship between android abstractions and uncaught exceptions

Abstract All the mainstream programming languages in widespread use for mobile app development provide error handling mechanisms to support the implementation of robust apps. Android apps, in particular, are usually written in the Java programming language. Java includes an exception handling mechanism that allows programs to signal the occurrence of errors by throwing exceptions and to handle these exceptions by catching them. All the Android-specific abstractions, such as activities and asynctasks, can throw exceptions when errors occur. When an app catches the exceptions that it or the libraries upon which it depends throw, it can resume its activity or, at least, fail in a graceful way. On the other hand, uncaught exceptions can lead an app to crash, particularly if they occur within the main thread. Previous work has shown that, in real Android apps available at the Play Store, uncaught exceptions thrown by Android-specific abstractions often cause these apps to fail. This paper presents an empirical study on the relationship between the usage of Android abstractions and uncaught exceptions. Our approach is quantitative and maintenance-centric. We analyzed changes to both normal and exception handling code in 112 versions extracted from 16 software projects covering a number of domains, amounting to more than 3 million LOC. Change impact analysis and exception flow analysis were performed on those versions of the projects. The main finding of this study is that, during the evolution of the analyzed apps, an increase in the use of Android abstractions exhibits a positive and statistically significant correlation with the number of uncaught exception flows. Since uncaught exceptions cause apps to crash, this result suggests that these apps are becoming potentially less robust as a consequence of exception handling misuse. Analysis of multiple versions of these apps revealed that Android developers usually employ abstractions that may throw exceptions without adding the appropriate handlers for these exceptions. This study highlights the need for better testing and verification tools with a focus on exception handling code and for a change of culture in Android development or, at least, in the design of its APIs.

PreX: A predictive model to prevent exceptions

The exception handling mechanism has been one of the most used reliability tools in programming languages in the last decades. However, this model has not changed much with time, in spite of advances in programming languages, which include concurrent programming and a shift towards more reactive paradigms, the basic principle remains the same - an exception occurs, and the mechanism reacts. We propose a new paradigm, inspired by Online Failure Prediction (OFP), to predict exceptions and possibly avert them by triggering the execution of preventive actions. The proposed model - PreX - is, thus, proactive, operating in a much finer-grained level than any other form of online failure prediction. OFP has shown promising results in predicting failures at a higher level, but has never been available to the developer, being mainly a system level technique. Thus, PreX will offer developers a new range of revitalization strategies. In this work, we describe the model and evaluate its performance by applying it to a real e-commerce solution, demonstrating how it is capable of predicting and preventing exceptions at run-time. Furthermore, we also show that PreX increases the overall availability and performance of the system under the same conditions.

Analyzing the impact of radiation-induced failures in flash-based APSoC with and without fault tolerance techniques at CERN environment

All Programmable System-on-Chip (APSoC) devices are designed to provide higher overall programmable flexibility and system performance at lower costs. Such characteristics make APSoCs very suitable and attractive for critical environments, such as the one encountered in the accelerators chain of the European Organization for Nuclear Research (CERN), where electronic components can be exposed to high-energy hadrons (protons, neutrons, pions), heavy ions, and other particles, at the same time. However, APSoCs may be prone to experience Single Event Effects (SEE). We investigate how the configuration of the Processing System (PS) influences the reliability of a FLASH-based APSoC. We experimentally study the differences in the radiation-induced error rate of the PS, under various configurations while executing an application. We also propose two approaches for increasing the reliability of programs running on the embedded processor. Furthermore, we analyze the sensitivity of the system taking into account not only the cross section, but also the system reliability and the Mean Workload Between Failures (MWBF). Preliminary results show that it is possible to double the performance and to increase the system reliability up to one order of magnitude by managing processor features such as cache memory usage, error correcting codes, and processor exception handlers.

Transparent In-Circuit Assertions for FPGAs

Commonly used in software design, assertions are statements placed into a design to ensure that its behavior matches that expected by a designer. Although assertions apply equally to hardware design, they are typically supported only for logic simulation, and discarded prior to physical implementation. We propose a new hardware design language-agnostic language for describing latency-insensitive assertions and novel methods to add such assertions transparently to an already placed-and-routed circuit without affecting the existing design. We also describe how this language and associated methods can be used to implement semi-transparent exception handling. The key to this paper is that by treating hardware assertions and exceptions as being oblivious or less sensitive to latency, assertion logic need only use spare FPGA resources. We use network-flow techniques to route necessary signals to assertions via spare flip-flops, eliminating any performance degradation, even on large designs (92% of slices in one test). Experimental evaluation shows zero impact on critical-path delay, even on large benchmarks operating above 200 MHz, at the cost of a small power penalty.

Design, Implementation and Performance Estimation of mtd64-ng, a New Tiny DNS64 Proxy

In the current phase of the IPv6 transition, it is a typical situation that IPv6 only clients should be enabled to communicate with IPv4 only servers. The DNS64+NAT64 tool suite is an excellent solution to this problem. Although several free software DNS64 implementations exist, we point out that there is room for further high performance and computation efficient multithreaded DNS64 implementations. MTD64 was designed to be able to utilize several CPU cores. Whereas MTD64 outperformed BIND more than five times, two critical issues (memory leaking and potential vulnerability to DoS attacks) were identified. Therefore MTD64 was redesigned under a new name: mtd64-ng (not capitalized). This paper is about the design, implementation and initial performance estimation of mtd64-ng. The usage of object oriented decomposition and the RAII (Resource Acquisition Is Initialization) idiom ensures that raw, sensitive resources (e.g. memory, sockets) are always released and it greatly simplifies exception handling. Using the new features of the C++11 standard enabled us to write more efficient and better readable code. The performance of mtd64-ng is compared to that of BIND and MTD64 and it is found that mtd64-ng outperforms even its predecessor, MTD64.

Preliminary exception handling analysis for the ITER plasma control system

Control of a Tokamak requires operating many sophisticated control loops in a dynamic sequence of activities. To take appropriate actions in case technical or physics conditions occur unexpectedly, the continuous control must be backed up by Exception Handling (EH) logic. To mature the Conceptual Design of the ITER Plasma Control System (PCS) with such logic for the Preliminary Design, we studied, in a formal process, how the plasma will be controlled during the 1st plasma and early operation phases of ITER and analysed the required control and EH functions and dependencies: Three classes of Exception Handling were identified which cover all use cases: modification of the control behaviour of a single control function, modification of the control structure of connected controllers, and change of the control goal which modifies the overall control system. The three classes form a EH hierarchy from low to high impact responses that can be implemented as local EH in the Pulse Continuous Control layer and as central EH in the Pulse Supervision layer of the PCS.

Beating Floating Point at its Own Game: Posit Arithmetic

A new data type called a posit is designed as a direct drop-in replacement for IEEE Standard 754 floating-point numbers (floats). Unlike earlier forms of universal number (unum) arithmetic, posits do not require interval arithmetic or variable size operands; like floats, they round if an answer is inexact. However, they provide compelling advantages over floats, including larger dynamic range, higher accuracy, better closure, bitwise identical results across systems, simpler hardware, and simpler exception handling. Posits never overflow to infinity or underflow to zero, and “Not-a-Number” (NaN) indicates an action instead of a bit pattern. A posit processing unit takes less circuitry than an IEEE float FPU. With lower power use and smaller silicon footprint, the posit operations per second (POPS) supported by a chip can be significantly higher than the FLOPS using similar hardware resources. GPU accelerators and Deep Learning processors, in particular, can do more per watt and per dollar with posits, yet deliver superior answer quality. A comprehensive series of benchmarks compares floats and posits for decimals of accuracy produced for a set precision. Low precision posits provide a better solution than “approximate computing” methods that try to tolerate decreased answer quality. High precision posits provide more correct decimals than floats of the same size; in some cases, a 32-bit posit may safely replace a 64-bit float . In other words, posits beat floats at their own game.

An Exception Management Model in Multi-Agents Systems

Multi-Agents Systems (MAS) are modern approaches that need an additional investigation to improve their reliability and adaptability levels. Exception management is one way to reach this goal and this paper is dedicated to this specific subject. The purpose of this document is to examine the exception concept in MAS domain and to suggest a model adjusted to MAS challenges such as heterogeneity, openness and particularly agents' autonomy. Previous attempts in the agent's society have concluded set of findings that demonstrated the necessity of exception handling in MAS at the system level. The handling includes management and the needed processes related to management. The attainment up to now can be applied only to special MAS type. Usually, agents are non-autonomous and the system-level strategies need an impeccable cooperation between agents in the exception handling process. In our proposed model, the agent's ability to approach exceptions by itself is considered as a prerequisite to assure agent autonomy. Then, exception handling depends on agent-level processes to deal with the limitations of contemporary attainments and thus, they are complementary. Agent preserves the ability to independently decide when to activate exception handling and when to receive system-level help or believe in its skills.

Exceptionization

Java virtual machine (JVM) has recently evolved into a general-purpose language runtime environment to execute popular programming languages such as JavaScript, Ruby, Python, and Scala. These languages have complex non-Java features, including dynamic typing and first-class function, so additional language runtimes (engines) are provided on top of the JVM to support them with bytecode extensions. Although there are high-performance JVMs with powerful just-in-time (JIT) compilers, running these languages efficiently on the JVM is still a challenge. This article introduces a simple and novel technique for the JVM JIT compiler called exceptionization to improve the performance of JVM-based language runtimes. We observed that the JVM executing some non-Java languages encounters at least 2 times more branch bytecodes than Java, most of which are highly biased to take only one target. Exceptionization treats such a highly biased branch as some implicit exception-throwing instruction. This allows the JVM JIT compiler to prune the infrequent target of the branch from the frequent control flow, thus compiling the frequent control flow more aggressively with better optimization. If a pruned path were taken, then it would run like a Java exception handler, that is, a catch block. We also devised de-exceptionization , a mechanism to cope with the case when a pruned path is executed more often than expected. Since exceptionization is a generic JVM optimization, independent of any specific language runtime, it would be generally applicable to other language runtimes on the JVM. Our experimental result shows that exceptionization accelerates the performance of several non-Java languages. For example, JavaScript-on-JVM runs faster by as much as 60% and by 6% on average, when experimented with the Octane benchmark suite on Oracle’s latest Nashorn JavaScript engine and HotSpot 1.9 JVM. Furthermore, the performance of Ruby-on-JVM shows an improvement by as much as 60% and by 6% on average, while Python-on-JVM improves by as much as 6% and by 2% on average. We found that exceptionization is more effective to apply to the branch bytecode of the language runtime itself than the bytecode corresponding to the application code or the bytecode of the Java class libraries. This implies that the performance benefit of exceptionization comes from better JIT compilation of the language runtime of non-Java languages.

Real-time data-driven monitoring in job-shop floor based on radio frequency identification

Real-time manufacturing data plays more and more important roles in today’s competitive manufacturing industry; however, many enterprises are still troubled by the lack of this timely, accurate, and consistent manufacturing data as there are no effective data collecting and process methods. The hysteretic and unmatched information flows lead to great opacity and uncertainty for production management. This paper thereby proposes a comprehensive real-time data-driven monitoring method in job-shop floor based on radio frequency identification (RFID) technology to address these issues. Firstly, a RFID configuration strategy is put forward including both RFID tag and device configuration schemas. The essence of RFID applications in job-shop floor is revealed too. Next, different levels of data collecting and monitoring models are established one by one, from single RFID reader level to process and process flow levels, wherein different types of state blocks are deployed to a decomposed process/process flow, generating a series of continuous event-driven data collecting units (EDCUs), which not only specify how to collect real-time on-site data but also point out what data should be collected. Then, three data processing methods are presented for different situations such as data preprocessing, fusion, and exception handling. Finally, a use case of a typical part is studied based on a prototype system which demonstrates how to use the proposed models and methods to monitor the production process of the part in job-shop floor and shows their feasibility simultaneously.

The Impact of Frictions in Routine Execution on Economies of Scope

Research summary: Based on a detailed database of a beverages producer‐distributor that expanded its product variety by leveraging its logistic network, we show that product diversification generates economies of scope and also higher operational costs. The result is an inverted‐U relationship between variety and productivity: When the firm offers few additional categories, productivity grows, but as the number of categories rises, the costs of executing the operational routines increase rapidly and productivity falls. The negative effect on productivity increases if the added product category is more dissimilar to previous ones, and decreases with learning from operational experience. Our results highlight how frictions at the operational level can limit the benefits of diversification, even in the absence of other sources of diseconomies, such as increased coordination needs.Managerial summary: One of the prevalent reasons for companies to expand to adjacent product lines is attaining economies of scope. However, such growth strategy also generates operational frictions, even if the day‐to‐day routines do not appear to change at all. Product diversity is disruptive for routine execution, as it requires coordination and exception handling, and may ultimately overcome any efficiency obtained from growth. We estimate the relevance of such operational friction using data from a beverages distribution network. When product variety is low, additional categories do generate efficiency, but after reaching a given threshold, friction prevails. We find that operational friction increases when products are more dissimilar, but is attenuated when workers learn from their own and other's experience. Copyright © 2017 John Wiley & Sons, Ltd.

Improvement of Transitions and Flow Visualization TFVIS for Exception Handling

Improvement of Transitions and Flow Visualization TFVIS for Exception Handling

BDI agent testability revisited

Agent-based systems are deployed to solve a wide range of problems in a wide range of domains. Before software is deployed, it is important to obtain assurance that it will function correctly. Traditionally, this assurance is obtained by testing. However, there is an intuition that agents exhibit more complex behaviour than traditional software, which raises the question: how testable are agent systems? We focus on BDI agent programs, and analyse their testability with respect to the all edges test adequacy criterion (also known as “branch coverage”). Our results augment earlier results that considered the all paths criterion to provide a richer and more nuanced understanding of the testability of BDI agents. We show that the number of tests required with respect to the all edges criterion is much lower than that required with respect to the all paths criterion. We also show that, as for the previous analysis, BDI programs are harder to test than equivalently-sized procedural programs, even if exception handling is introduced. Overall, our conclusions lend strength to the earlier work, and motivate the need for work on formal methods for agent systems.

Towards a preliminary design of the ITER plasma control system architecture

Design of the ITER plasma control system is proceeding towards its next – preliminary design – stage. During the conceptual design in 2013 an overall assessment of high-level control tasks and their relationships has been conducted. The goal of the preliminary design is to show, that a reasonable implementation of the proposed concepts exists which fulfills the high-level requirements and is suitable for realistic use cases. This verification is conducted with focus on the concrete use cases of early operation and first plasma, since these phases are mandatory for ITER startup.In particular, detailed control requirements and functions for commissioning and first plasma operation including breakdown, burn-through and ramp-up in L-mode, as well as for planned or exceptional shutdown are identified. Control functions related to those operational phases and the underlying control system architecture are modeled. The goal is to check whether the flexibility of the conceptual architectural approach is adequate also in consideration of the more elaborate definitions for control functions and their interactions. In addition, architecture shall already be prepared for extension to H-mode operation and burn-control, even if the related control functions are only roughly defined at the moment. As a consequence, the architectural design is amended where necessary and converted into base components and infrastructure services allowing to deploy control and exception handling algorithms for the concrete first-plasma operation.

Verifying integrity of exception handling in service-oriented software

In service-oriented software environments, that exceptions may not be fully handled is one of the main causes for system breakdown. Therefore, we need to verify integrity of software exception handling. At present verifying integrity of software exception handling mainly depends upon experiences of developer. Most of automatic formal verification mechanisms can only support some general features, such as equivalence, boundedness, security, etc. and easily cause state space explosion. This paper proposes an integrity verification method of exception handling in service-oriented software. We construct state spaces associated with exception handling and convert the issue of integrity verification into a model of boundedness analysis based on CPN, and reduce the size of state spaces by extending Stubborn Set and Transition Dependency Graph. An example and experimental results based on extended CPN tools confirm that our method has good generalisation abilities.

Verifying integrity of exception handling in service-oriented software

In service-oriented software environments, that exceptions may not be fully handled is one of the main causes for system breakdown. Therefore, we need to verify integrity of software exception handling. At present verifying integrity of software exception handling mainly depends upon experiences of developer. Most of automatic formal verification mechanisms can only support some general features, such as equivalence, boundedness, security, etc. and easily cause state space explosion. This paper proposes an integrity verification method of exception handling in service-oriented software. We construct state spaces associated with exception handling and convert the issue of integrity verification into a model of boundedness analysis based on CPN, and reduce the size of state spaces by extending Stubborn Set and Transition Dependency Graph. An example and experimental results based on extended CPN tools confirm that our method has good generalisation abilities.

Cognitive application area networks

Each software application, from e-commerce to a complex machine learning algorithm, is composed of a set of distributed, interacting components that collaborate to accomplish a common goal. While this application goal or the intent is well-defined and decomposed into sub-tasks to be embedded (a la Turing machine) in each composed component, the quality of the application (in terms of performance, responsiveness, availability or robustness) is strongly influenced by how and where the components are executed. This kind of information, including the meta-knowledge of the intent of the algorithm, the association of specific component to a specific machine, the temporal evolution and exception handling when the application deviates from its intent, is outside the application design and expressed in terms of non-functional requirements. In this paper, we describe how it is possible to exploit these non-functional requirements to effectively enforce the application intent while the computation is still in progress.

Cognitive application area networks

Each software application, from e-commerce to a complex machine learning algorithm, is composed of a set of distributed, interacting components that collaborate to accomplish a common goal. While this application goal or the intent is well-defined and decomposed into sub-tasks to be embedded (à la Turing machine) in each composed component, the quality of the application (in terms of performance, responsiveness, availability or robustness) is strongly influenced by how and where the components are executed. This kind of information, including the meta-knowledge of the intent of the algorithm, the association of specific component to a specific machine, the temporal evolution and exception handling when the application deviates from its intent, is outside the application design and expressed in terms of non-functional requirements. In this paper, we describe how it is possible to exploit these non-functional requirements to effectively enforce the application intent while the computation is still in progress.

Formal verification of complex business processes based on high-level Petri nets

The Business Process Modeling Notation (BPMN) has been widely used as a tool for business process modeling. However, BPMN suffers from a lack of standard formal semantics. This weakness can lead to inconsistencies, ambiguities, and incompletenesses within the developed models. In this paper, we propose a formal semantics of BPMN using recursive ECATNets. Owing to this formalism, a large set of BPMN features such as cancellation, multiple instantiation of subprocesses and exception handling can be covered while taking into account the data flow aspect. The benefits and usefulness of this modelling are illustrated through three examples. Moreover, since recursive ECATNets semantics is defined in terms of conditional rewriting logic, one can use the Maude LTL model checker to verify several behavioral properties related to BPMN models. The work presented in this document has been automated through the development of a first prototype.

Compiler-Directed Soft Error Detection and Recovery to Avoid DUE and SDC via Tail-DMR

This article presents Clover, a compiler-directed soft error detection and recovery scheme for lightweight soft error resilience. The compiler carefully generates soft-error-tolerant code based on idempotent processing without explicit checkpoints. During program execution, Clover relies on a small number of acoustic wave detectors deployed in the processor to identify soft errors by sensing the wave made by a particle strike. To cope with DUEs (detected unrecoverable errors) caused by the sensing latency of error detection, Clover leverages a novel selective instruction duplication technique called tail-DMR (dual modular redundancy) that provides a region-level error containment. Once a soft error is detected by either the sensors or the tail-DMR, Clover takes care of the error as in the case of exception handling. To recover from the error, Clover simply redirects program control to the beginning of the code region where the error is detected. The experimental results demonstrate that the average runtime overhead is only 26%, which is a 75% reduction compared to that of the state-of-the-art soft error resilience technique. In addition, this article evaluates an alternative technique called tail-wait, comparing it to Clover. According to the evaluation with the different processor configurations and the various error detection latencies, Clover turns out to be a superior technique, achieving 1.06 to 3.49 × speedup over the tail-wait.