Download
1 / 21
210 likes | 394 Vues
Reversibility for Recoverability. Ivan Lanese Computer Science Department FOCUS research group Univers ity of Bologna/INRIA Bologna, Italy. Roadmap. Why reversibility? Reversing concurrent systems Controlling reversibility Reversibility and compensations Conclusions. Why reversibility?.
E N D
Reversibility for Recoverability Ivan Lanese Computer Science Department FOCUS research group University of Bologna/INRIA Bologna, Italy
Roadmap • Why reversibility? • Reversing concurrent systems • Controlling reversibility • Reversibility and compensations • Conclusions
Why reversibility? • We want programming abstractions for dependable distributed systems • Different proposals in the literature • Exception handling, checkpointing, transactions, … • Unrelated proposals, difficult to combine and compose • Is there a unifying concept? • … most of them include some form of undo
What if we could undo every action? • Very low-level mechanism • Can we recover and better understand traditional recovery schemes? • Can we find new schemes or combine old ones?
Reversing concurrent systems • What does it means to go back one step for a concurrent system? • Which information is needed? • First approach in Reversible Communicating Systems. CONCUR 2004 by V. Danos and J. Krivine
j j j b b b b a c a c c ! ! : : : Process calculi • Simple algebraic models for concurrent systems • Different calculi in the literature • CCS, CSP, π-calculus, HOπ, … • Basic actions for communication on named channels • Composition operators (sequence, parallel, choice) • Semantics defining the behavior
Reversible Communicating Systems • Provides a reversible version of CCS • History information is added to each thread • Causal consistent reversibility • Transitions should be rollbacked in any order compatible with causal dependencies
Causal consistent reversibility b a a b
…and then? • Not much happened for some times • RCCS used for defining a simple transaction mechanism (2005) • Generalization from CCS to a simple rule format (2006) • Our contributions (from 2009) • Applying the technique to HOpi, a calculus with higher-order communication • An encoding of reversible HOpi into HOpi • Applying the technique to Oz abstract machine • Oz is a concurrent language with asynchronous communication • An analysis of the space overhead of reversibility in Oz
Taming reversibility • In the previous approaches reversibility is wild • They are interested in how to realize reversibility, not on how to use it • Nothing tells to the system whether it has to go backward or forward • We want reversibility for recoverability • Normal execution should be forward • Backward execution in case of errors
Roll-pi proposal • Every communication input has a label γ • The label can be used by a rollγ primitive • Go back till you undo communication γ • Undo all the causally dependent actions • Do not undo unrelated actions • Keep in mind that “undo the last action” is not meaningful in a concurrent scenario
Are we satisfied by controllable rollback? • Rollback is perfect: I go back to a previous state… • … and probably I will redo the exact same errors • We need a way to keep trace of failed attempts • We need to go to a state which is (possibly) slightly different from the previous ones
Compensations • The idea of compensations comes from database theory • Studied also in the framework of service oriented computing • A compensation is a piece of code used to manage an error • By executing the compensation the system goes back to a consistent state • Possibly different from any previous state
Mixing compensations and reversibility • We go back to a previous state as in roll-pi • We attach compensations to part of the code, so that it is changed during rollback • C%D: execute code C, in case of rollback replace it with D
Applications • Now we are expressive enough to model interesting scenarios • Transaction models • Speculative parallelism • Software Transactional Memories
Summary • A better understanding of reversibility in a concurrent scenario • An abstract machine for a concurrent reversible language • An analysis of the space overhead of reversibility • A mechanism for controlling reversibility • An integration between compensations and reversibility • A set of known patterns revisited in the new framework
Future work • A long road in front of us • On the mechanisms for controlling reversibility • Are there other possible mechanisms? • Are they equivalent? Can they be composed? • On expressive power • Which existing patterns benefit from our approach? • Do we miss some other mechanism? • On foundations • Which are the good equivalences for reversible systems?
Future work: going towards practice • Implementing the reversible Oz machine • Extended with control mechanisms and compensations • Which optimizations are possible? • An application • Reversible debugger
The REVER project • A French ANR project • Thanks to FOCUS team • Includes INRIA teams Sardes (Grenoble) and FOCUS (Bologna), PPS (Paris) and CEA (Paris) • 4 years project, started December 1st 2011 • Total funding 642k€ • Exactly on these topics
Finally Thanks! Questions?
Bibliography • V. Danos, J. Krivine: Reversible Communicating Systems. CONCUR 2004 • V. Danos, J. Krivine: Transactions in RCCS. CONCUR 2005 • I. Phillips, I. Ulidowski: Reversing Algebraic Process Calculi. FoSSaCS 2006 • H. Garcia-Molina, K. Salem: Sagas. ACM SIGMOD 1987 • R. Bruni, H. Melgratti, U. Montanari: Theoretical foundations for compensations in flow composition languages. POPL 2005 • I. Lanese, C. A. Mezzina, J.-B. Stefani: Reversing Higher-Order Pi. CONCUR 2010 • I. Lanese, C. A. Mezzina, A. Schmitt, J.-B. Stefani: Controlling Reversibility in Higher-Order Pi. CONCUR 2011
