Maria Christakis

National Technical University of Athens, GreeceJoint work with

Kostis Sagonas

Detection of Asynchronous Message Passing Errors Using Static Analysis

Concurrency

Interprocess communication

Synchronized shared structuresSynchronous message passing on typed channelsAsynchronous message passing

Erlang

Strict, dynamically typed, functional

Concurrency model:User-level processesAsynchronous message passing

Agenda

Agenda

Agenda

Postman

Erlang VM

House

Process

Address

Process identifier

Mailbox

Process mailbox

Mail

Any valid Erlang term

Building a house

Pid = spawn(Fun)

Sending mail

Pid ! Msg

Receiving mail

receive p1 -> e1; … pn -> en

end

Receiving mail

receive p1 -> e1; … pn -> en

end

msg1

msg2

msg3

Receive with no messages

Possible deadlock

Receive of the wrong kind

Mailbox overflow

Receive with unneeded patterns

Unreachable code or serious functionality issue

Send nowhere received

Mailbox overflow

Message passing example

-export([hello_world/0]).

hello_world() -> Self = self(), Fun = fun() -> world(Self) end, Pid = spawn(Fun), register(world, Pid), world ! hello.

world(Parent) -> receive hello -> Parent ! hi end.

DIscrepancy AnaLYZer for ERlang

Static analysis tool for finding discrepancies

Type errors

Exception-raising code

Unsatisfiable conditions

Redundancies

Race conditions

Why Dialyzer?

The analysis: pros

Sound for defect detection

The analysis: pros

Automatic

The analysis: pros

Fast and scalable

The analysis: cons

Sound for defect detection

The analysis: a 3-step process

The analysis: a 3-step process

The analysis: a 3-step process

1. InformationCFGs

Escape analysis

Inter-modular call graph

Sharing/alias analysis

Type information

1. Information

-export([hello_world/0]).

hello_world() -> Self = self(), Fun = fun() -> world(Self) end, Pid = spawn(Fun), register(world, Pid), world ! hello.

world(Parent) -> receive hello -> Parent ! hi end.

Call graph

2. Communication graph

blah

2. Communication graph

-export([hello_world/0]).

hello_world() -> Self = self(), Fun = fun() -> world(Self) end, Pid = spawn(Fun), register(world, Pid), world ! hello.

world(Parent) -> receive hello -> Parent ! hi end.

hel l o_wor l d/ 0 Fun

hel l o

hi

3. Errors

-export([hello_world/0]).

hello_world() -> Self = self(), Fun = fun() -> world(Self) end, Pid = spawn(Fun), register(world, Pid), world ! hello.

world(Parent) -> receive hello -> Parent ! hi end.

The message will never be received

3. Errors

No messages are sent to the process

receivereceive blah

3. Errors

receive {A, 42} when is_atom(A) -> ok; foo -> …end

The pattern will never match messages sent to the process

Infimum: {gazonk, 42}

43

Optimizations

Control-flow graph minimization

Avoiding repeated traversals

Avoiding redundant traversals

False alarm avoidance

BIFsSharing/alias analysis

False negatives

-export([hello_world/0]).

hello_world() -> Self = self(), Fun = fun() -> world(Self) end, Pid = spawn(Fun), register(world, Pid), world ! hello.

world(Parent) -> receive hello -> Parent ! hi, world(Parent) end.

Experimental evaluation

Performance

Concluding remarks

Future work

Future work

Future work