detection of asynchronous message passing errors using static analysis
DESCRIPTION
Detection of Asynchronous Message Passing Errors Using Static Analysis. Maria Christakis National Technical University of Athens, Greece Joint work with Kostis Sagonas. Concurrency. Interprocess communication. Synchronized shared structures Synchronous message passing on typed channels - PowerPoint PPT PresentationTRANSCRIPT
Maria Christakis
National Technical University of Athens, GreeceJoint work with
Kostis Sagonas
Detection of Asynchronous Message Passing Errors Using Static Analysis
Concurrency
Interprocess communication
Synchronized shared structuresSynchronous message passing on typed channelsAsynchronous message passing
Erlang
Strict, dynamically typed, functional
Concurrency model:User-level processesAsynchronous message passing
Agenda
Agenda
Agenda
Postman
Erlang VM
House
Process
Address
Process identifier
Mailbox
Process mailbox
Any valid Erlang term
Building a house
Pid = spawn(Fun)
Sending mail
Pid ! Msg
Receiving mail
receive p1 -> e1; … pn -> en
end
Receiving mail
receive p1 -> e1; … pn -> en
end
msg1
msg2
msg3
Receive with no messages
Possible deadlock
Receive of the wrong kind
Mailbox overflow
Receive with unneeded patterns
Unreachable code or serious functionality issue
Send nowhere received
Mailbox overflow
Message passing example
-export([hello_world/0]).
hello_world() -> Self = self(), Fun = fun() -> world(Self) end, Pid = spawn(Fun), register(world, Pid), world ! hello.
world(Parent) -> receive hello -> Parent ! hi end.
DIscrepancy AnaLYZer for ERlang
Static analysis tool for finding discrepancies
Type errors
Exception-raising code
Unsatisfiable conditions
Redundancies
Race conditions
Why Dialyzer?
The analysis: pros
Sound for defect detection
The analysis: pros
Automatic
The analysis: pros
Fast and scalable
The analysis: cons
Sound for defect detection
The analysis: a 3-step process
The analysis: a 3-step process
The analysis: a 3-step process
1. InformationCFGs
Escape analysis
Inter-modular call graph
Sharing/alias analysis
Type information
1. Information
-export([hello_world/0]).
hello_world() -> Self = self(), Fun = fun() -> world(Self) end, Pid = spawn(Fun), register(world, Pid), world ! hello.
world(Parent) -> receive hello -> Parent ! hi end.
Call graph
2. Communication graph
blah
2. Communication graph
-export([hello_world/0]).
hello_world() -> Self = self(), Fun = fun() -> world(Self) end, Pid = spawn(Fun), register(world, Pid), world ! hello.
world(Parent) -> receive hello -> Parent ! hi end.
hel l o_wor l d/ 0 Fun
hel l o
hi
3. Errors
-export([hello_world/0]).
hello_world() -> Self = self(), Fun = fun() -> world(Self) end, Pid = spawn(Fun), register(world, Pid), world ! hello.
world(Parent) -> receive hello -> Parent ! hi end.
The message will never be received
3. Errors
No messages are sent to the process
receivereceive blah
3. Errors
receive {A, 42} when is_atom(A) -> ok; foo -> …end
The pattern will never match messages sent to the process
Infimum: {gazonk, 42}
43
Optimizations
Control-flow graph minimization
Avoiding repeated traversals
Avoiding redundant traversals
False alarm avoidance
BIFsSharing/alias analysis
False negatives
-export([hello_world/0]).
hello_world() -> Self = self(), Fun = fun() -> world(Self) end, Pid = spawn(Fun), register(world, Pid), world ! hello.
world(Parent) -> receive hello -> Parent ! hi, world(Parent) end.
Experimental evaluation
Performance
Concluding remarks
Future work
Future work
Future work