ABSTRACT
Erlang is a concurrent functional language, especially tailored for distributed, highly concurrent and fault-tolerant software. An important part of Erlang is its support for failure recovery. A designer implements failure recovery by organising the processes of an Erlang application into tree structures, in which parent processes monitor failures of their children and are responsible for their restart. Libraries support the creation of such structures during system initialisation. We present a technique to automatically analyse that the process structure of an Erlang application is constructed in a way that guarantees recovery from process failures. First, we extract (part of) the process structure by static analysis of the initialisation code of the application. Thereafter, analysis of the process structure checks that it will recover from any process failure. We have implemented the technique in a tool, and applied it to several OTP library applications and to a subsystem of the AXD 301 ATM switch.
Supplemental Material
- G. Agrawal. Demand-driven construction of call graphs. In D.A. Watt, editor, Proceedings of the 9th International Conference on Compiler Construction (CC'00), volume 1781 of Lecture Notes in Computer Science, pages 125-140. Springer-Verlag, 2000. Google ScholarDigital Library
- V. Amiranashvili. A rewriting logic formalization of core erlang semantics. Master's thesis, Aachen University of Technology, Germany, 2002.Google Scholar
- J. Armstrong, R. Virding, C. Wikström, and M. Williams. Concurrent Programming in ERLANG. Prentice Hall, 2nd edition, 1996. Google ScholarDigital Library
- T. Arts and M. Dam. Verifying a distributed database lookup manager written in erlang. In J.M. Wing, J. Woodcock, and J. Davies, editors, FM'99- Formal Methods, Volume I, Proceedings of the 1st World Congress on Formal Methods in the Development of Computing Systems (FM'99), volume 1708 of Lecture Notes in Computer Science, pages 682-700. Springer-Verlag, 1999. Google ScholarDigital Library
- T. Arts and C.B. Earle. Development of a verified ERLANG program for resource locking. In S. Gnesi and U. Ultes-Nitsche, editors, Proceedings of the 6th International Workshop on Formal Methods for Industrial Critical Systems (FMICS'01), Paris, 2001.Google Scholar
- T. Arts and J. Giesl. Automatically proven termination where simplification orderings fail. In M. Bidoit and M. Dauchet, editors, Proceedings of TAPSOFT: 7th International Joint Conference on Theory and Practise of Software Development, volume 1214 of Lecture Notes in Computer Science. Springer-Verlag, 1997. Google ScholarDigital Library
- T. Arts and T. Noll. Verifying generic erlang client-server implementations. In M. Mohnen and P. Koopman, editors, Proceedings of the 12th International Workshop on the Implementation of Functional Languages (IFL'00), volume 2011 of Lecture Notes in Computer Science, pages 37-52. Springer-Verlag, 2001. Google ScholarDigital Library
- T. Arts, C. Earle, and J. Derrick. Deveolpment of a verified erlang program for resource locking. International Journal on Software Tools for Technology Transfer, 5(2-3):205-220, March 2004a.Google ScholarDigital Library
- T. Arts, C. Earle, and J. Penas. Translating Erlang to µCRL. In In Proceedings of the International Conference on Application of Concurrency to System Design (ACSD2004), 2004b. Google ScholarDigital Library
- J. Barklund and R. Virding. Erlang 4.7.3 reference manual, draft (0.7). Ericsson, Computer Science Laboratory, www.erlang.org/download/erl_spec47.ps.gz, 1999.Google Scholar
- S. Blau, J. Rooth, J. Axell, F. Hellstrand, M. Buhrgard, T. Westin, and G. Wicklund. AXD 301: A new generation ATM switching system. Computer Networks, 31(6):559-582, 1999. Google ScholarDigital Library
- S. Blom, W. Fokkink, J.F. Groote, I. van Langevelde, B. lisser, and J. van den Pol. µcrl: A toolset for analysing algebraic specifications. In Proceedings of the 13th International Conference on Computer Aided Verification (CAV'01), volume 2102 of Lecture Notes in Computer Science, pages 250-254. Springer-Verlag, 2001. Google ScholarDigital Library
- P. Borovansky, C. Kirchner, H. Kirchner, P. E. Moreau, and C. Ringeisen. An overview of elan. In Proceedings of the International Workshop on Rewriting Logic and its Applications, volume 15 of Electronic Notes in Theoretical Computer Science. Elsevier Science, 1998.Google ScholarCross Ref
- R. Carlsson. An introduction to core erlang. In Proceedings of PLI'01 Erlang Workshop, Florence, Italy, September, 2001. URL http://www.erlang.se/workshop/carlsson.ps.Google Scholar
- R. Carlsson, B. Gustavsson, E. Johansson, T. Lindgren, S.-O. Nyström, M. Pettersson, and R. Virding. Core ERLANG 1.0 language specification. Technical Report 2000-03, Department of Information Technology, Uppsala University, Sweden, 2000.Google Scholar
- R. Carlsson, K. Sagonas, and J. Wilhelmsson. Message analysis for concurrent programs using message passing. ACM Transactions on Programming Languages and Systems (TOPLAS), 28(4):715-746, July 2006. Google ScholarDigital Library
- K. Claessen and H. Svensson. A semantics for distributed erlang. In In Proceedings of the ACM SIGPLAN 2005 Erlang Workshop, Tallinn, Estonia, 2005. Google ScholarDigital Library
- Manuel Clavel, Francisco Durán, Steven Eker, Patrick Lincoln, Narciso Martí-Oliet, José Meseguer, and Carolyn Talcott. The maude 2.0 system. In Robert Nieuwenhuis, editor, Rewriting Techniques and Applications (RTA 2003), number 2706 in Lecture Notes in Computer Science, pages 76-87. Springer-Verlag, June 2003. Google ScholarDigital Library
- J.C. Corbett. Using shape analysis to reduce finite-state models of concurrent JAVA programs. ACM Transactions on Software Engineering and Methodology, 9(1):51-93, 2000. Google ScholarDigital Library
- OTP Documentation. Ericsson Utvecklings AB, 2000.Google Scholar
- J.-C. Fernandez, H. Garavel, A. Kerbrat, L. Mounier, R. Mateescu, and M. Sighireanu. Cadp: A protocol validation and verification toolbox. In Proceedings of the 8th International Conference on Computer Aided Verification (CAV'96), volume 1102 of Lecture Notes in Computer Science, pages 437-440. Springer-Verlag, 2000. Google ScholarDigital Library
- L.-Å. Fredlund. A Framework for Reasoning About ERLANG Code. PhD thesis, Department of Microelectronics and Information Technology, Royal Institute of Technology, Sweden, 2001.Google Scholar
- L.-Å. Fredlund and C. B. Earle. Model checking erlang programs: The functional approach. In In Proceedings of the ACM SIGPLAN 2006 Erlang Workshop, Portland, USA, 2006. Google ScholarDigital Library
- L.-Å. Fredlund and H. Svensson. Mcerlang: A model checker for a distributed functional programming language. In Proceedings of the ICFP '07 conference, volume 42 of ACM SIGPLAN Notices, pages 125-136. ACM Press, 2007. Google ScholarDigital Library
- L.-Å. Fredlund, D. Gurov, T. Noll, M. Dam, T. Arts, and G. Chugunov. A verification tool for erlang. International Journal on Software Tools for Technology Transfer, 4(4):405-420, 2003.Google ScholarDigital Library
- J. Giesl and T. Arts. Verification of erlang processes by dependency pairs. Journal of Applicable Algebra in Engineering, Communication and Computing, 12(1):39-72, 2001.Google Scholar
- J. Gosling, B. Joy, and G. Steele. The Java Language Specification. Addison-Wesley, 1996. Google ScholarDigital Library
- G.J. Holzmann. Design and Validation of Computer Protocol. Prentice-Hall International, 1991. Google ScholarDigital Library
- G.J. Holzmann. The model checker spin. IEEE Transactions on Software Engineering, 23:279-295, 1997. Google ScholarDigital Library
- G.J. Holzmann. Logic verification of ANSI-C code with SPIN. In Proceedings of the 7th International International SPIN Workshop (SPIN'00), volume 1885 of Lecture Notes in Computer Science, pages 131-148. Springer-Verlag, 2000. Google ScholarDigital Library
- G.J. Holzmann and M.H. Smith. Automating software feature verification. Bell Labs Technical Journal, 5(2):72-87, 2000.Google Scholar
- F. Huch. Verification of ERLANG programs using abstract interpretation and model checking. In Proceedings of the 4th International Conference on Functional Programming (ICFP'99), volume 34 of ACM SIGPLAN Notices, pages 261-272. ACM Press, 1999. Google ScholarDigital Library
- F. Huch. Model checking ERLANG programs - abstracting the contextfree structure. In Proceedings of the 10th International Workshop on Functional and Logic Programming (WFLP'01), 2001.Google Scholar
- F. Huch. Model checking erlang programs - ltl-propositions and abstract interpretation. In Proceedings of the 12th International Workshop on Functional and (Constraint) Logic Programming (WFLP'03), 2003.Google Scholar
- D. Kozen. Results on the propositional µ-calculus. Theoretical Computer Science, 27:333-354, 1983.Google ScholarCross Ref
- M. Leucker and T. Noll. A distributed model checking tool tailored erlang. In Proceedings of PLI'01 Erlang Workshop, Florence, Italy, September, 2001.Google Scholar
- Tobias Lindahl and Konstantinos Sagonas. Detecting software defects in telecom applications through lightweight static analysis: A war story. In Chin Wei-Ngan, editor, Programming Languages and Systems: Proceedings of the Second Asian Symposium (APLAS'04), volume 3302 of LNCS, pages 91-106. Springer, November 2004.Google Scholar
- Tobias Lindahl and Konstantinos Sagonas. Practical subtype inference based on success typings. In In Proceedings of the Eight ACM SIGPLAN International Symposium on Principles and Practice of Declarative Programming (PPDP'06), pages 167-178. ACM Press, July 2006. Google ScholarDigital Library
- A. Lindgren. A prototype of a soft type system for erlang. Master's thesis, Computing Science Department, Uppsala University, Sweden, 1996.Google Scholar
- Z. Manna and A. Pnueli. The Temporal Logic of Reactive and Concurrent Systems. Springer-Verlag, 2nd edition, 1992. Google ScholarDigital Library
- S. Marlow and P. Wadler. A practical subtyping system for erlang. In Proceedings of the 2nd International Conference on Functional Programming (ICFP'97), volume 32 of ACM SIGPLAN Notices, pages 136-149. ACM Press, 1997. Google ScholarDigital Library
- C. Mullaparthi. Third party gateway. In Proceedings of the 11th International ERLANG/OTP Users Conference (EUC'05). Ericsson Utveckling AB, 2005.Google Scholar
- M. Neuhäußer and T. Noll. Abstraction and model checking of CORE ERLANG programs in MAUDE. In G. Denker and C. Talcott, editors, Proceedings of the 6th International Workshop on Rewriting Logic and its Applications (WRLA 2006), volume 176 of Electronic Notes in Theoretical Computer Science, pages 147-163, 2007. Google ScholarDigital Library
- F. Nielson, H.R. Nielson, and C. Hankin. Principles of Program Analysis. Springer-Verlag, 1999. Google ScholarDigital Library
- H. R. Nielson, T. Amtoft, and F. Nielson. Behaviour analysis and safety conditions: A case study in CML. In Proceedings of the 1st International Conference on Fundemantal Approaches to Software Engineering (FASE'98), volume 1382 of Lecture Notes in Computer Science, pages 255-269. Springer-Verlag, 1998.Google ScholarCross Ref
- T. Noll. A rewriting logic implementation of erlang. In M. van den Brand and D. Parigot, editors, Proceedings of the 1st International Workshop on Language Descriptions, Tools and Applications (ETAPS/LDTA'01), volume 44 of Electronic Notes in Theoretical Computer Science. Elsevier Science, 2001.Google Scholar
- T. Noll. Term rewriting models of concurrency: Foundation and applications, 2003.Google Scholar
- T. Noll and C.K. Roy. Modeling erlang in the ¿-calculus. In In Proceedings of the ACM SIGPLAN 2005 Erlang Workshop, Tallinn, Estonia, 2005. Google ScholarDigital Library
- S.-O. Nyström. A soft-typing system for erlang. In In Proceedings of the ACM SIGPLAN 2003 Erlang Workshop, Uppsala, Sweden, 2003. Google ScholarDigital Library
- J.h. Reppy. Concurrent ml: Design, application and semantics. In P.E. Lauer, editor, Functional Programming, Concurrency, Simulation and Automated Reasoning, volume 693 of Lecture Notes in Computer Science, pages 165-198. Springer-Verlag, 1993. Google ScholarDigital Library
- C.K. Roy, T. Noll, B. Roy, and J.R. Cordy. Towards automatic verification of erlang programs by ¿-calculus translation. In In Proceedings of the ACM SIGPLAN 2006 Erlang Workshop, Portland, USA, 2006. Google ScholarDigital Library
- M. Sampath, R. Sengupta, S. Lafortune, K. Sinnamohideen, and D. Tekenekekzis. Diagnosability of discrete-event systems. IEEE Transactions on Automatic Control, 40(9):1555-1575, 1995.Google ScholarDigital Library
- E. Stenman. Betting on fp (and winning?). In Proceedings of the 13th International ERLANG/OTP Users Conference (EUC'06). Ericsson Utveckling AB, 2006.Google Scholar
- C. Wiklander. Verification of erlang programmes using spin. Technical report, Department Of Teleinformatics, Royal Institute of Technology, Sweden, 1999.Google Scholar
- A.G. Wouters. Manual for the µcrl toolset (version 2.07). Technical Report To appear???, CWI, Amsterdam, 2001.Google Scholar
Index Terms
- Automatic assessment of failure recovery in Erlang applications
Recommendations
Let it recover: multiparty protocol-induced recovery
CC 2017: Proceedings of the 26th International Conference on Compiler ConstructionFault-tolerant communication systems rely on recovery strategies which are often error-prone (e.g. a programmer manually specifies recovery strategies) or inefficient (e.g. the whole system is restarted from the beginning). This paper proposes a static ...
Exploring automatic, online failure recovery for scientific applications at extreme scales
SC '14: Proceedings of the International Conference for High Performance Computing, Networking, Storage and AnalysisApplication resilience is a key challenge that must be addressed in order to realize the exascale vision. Process/node failures, an important class of failures, are typically handled today by terminating the job and restarting it from the last stored ...
Comments