Reversibility for Recoverability Ivan Lanese Computer Science Department
Reversibility for Recoverability Ivan Lanese Computer Science Department FOCUS research group Univers ity of Bologna/INRIA Bologna, Italy 1
Roadmap l Why reversibility? l Reversing concurrent systems l Controlling reversibility l Reversibility and compensations l Conclusions
Why reversibility? l l We want programming abstractions for dependable distributed systems Different proposals in the literature – Exception handling, checkpointing, transactions, … l Unrelated proposals, difficult to combine and compose Is there a unifying concept? l … most of them include some form of undo l
What if we could undo every action? l l l Very low-level mechanism Can we recover and better understand traditional recovery schemes? Can we find new schemes or combine old ones?
Reversing concurrent systems l What does it means to go back one step for a concurrent system? Which information is needed? l First approach in l Reversible Communicating Systems. CONCUR 2004 by V. Danos and J. Krivine
Process calculi l l Simple algebraic models for concurrent systems Different calculi in the literature – CCS, CSP, π-calculus, HOπ, … l l l Basic actions for communication on named channels Composition operators (sequence, parallel, choice) Semantics defining the behavior j j ! a: b b: c a c b b: c
Reversible Communicating Systems l l l Provides a reversible version of CCS History information is added to each thread Causal consistent reversibility – Transitions should be rollbacked in any order compatible with causal dependencies
Causal consistent reversibility a b b a
…and then? l Not much happened for some times – RCCS used for defining a simple transaction mechanism (2005) – Generalization from CCS to a simple rule format (2006) l Our contributions (from 2009) – Applying the technique to HOpi, a calculus with higher-order communication – An encoding of reversible HOpi into HOpi – Applying the technique to Oz abstract machine » Oz is a concurrent language with asynchronous communication – An analysis of the space overhead of reversibility in Oz
Taming reversibility l In the previous approaches reversibility is wild – They are interested in how to realize reversibility, not on how to use it l Nothing tells to the system whether it has to go backward or forward l We want reversibility for recoverability Normal execution should be forward Backward execution in case of errors l l
Roll-pi proposal l l Every communication input has a label γ The label can be used by a roll γ primitive – Go back till you undo communication γ – Undo all the causally dependent actions – Do not undo unrelated actions l Keep in mind that “undo the last action” is not meaningful in a concurrent scenario
Are we satisfied by controllable rollback? l l Rollback is perfect: I go back to a previous state… … and probably I will redo the exact same errors We need a way to keep trace of failed attempts We need to go to a state which is (possibly) slightly different from the previous ones
Compensations l The idea of compensations comes from database theory – Studied also in the framework of service oriented computing l l A compensation is a piece of code used to manage an error By executing the compensation the system goes back to a consistent state – Possibly different from any previous state
Mixing compensations and reversibility l l We go back to a previous state as in roll-pi We attach compensations to part of the code, so that it is changed during rollback – C%D: execute code C, in case of rollback replace it with D
Applications l l Now we are expressive enough to model interesting scenarios Transaction models Speculative parallelism Software Transactional Memories
Summary l l l A better understanding of reversibility in a concurrent scenario An abstract machine for a concurrent reversible language An analysis of the space overhead of reversibility A mechanism for controlling reversibility An integration between compensations and reversibility A set of known patterns revisited in the new framework
Future work l l A long road in front of us On the mechanisms for controlling reversibility – Are there other possible mechanisms? – Are they equivalent? Can they be composed? l On expressive power – Which existing patterns benefit from our approach? – Do we miss some other mechanism? l On foundations – Which are the good equivalences for reversible systems?
Future work: going towards practice l Implementing the reversible Oz machine – Extended with control mechanisms and compensations – Which optimizations are possible? l An application – Reversible debugger
The REVER project l A French ANR project – Thanks to FOCUS team l l Includes INRIA teams Sardes (Grenoble) and FOCUS (Bologna), PPS (Paris) and CEA (Paris) 4 years project, started December 1 st 2011 Total funding 642 k€ Exactly on these topics
Finally
Bibliography l l l l V. Danos, J. Krivine: Reversible Communicating Systems. CONCUR 2004 V. Danos, J. Krivine: Transactions in RCCS. CONCUR 2005 I. Phillips, I. Ulidowski: Reversing Algebraic Process Calculi. Fo. SSa. CS 2006 H. Garcia-Molina, K. Salem: Sagas. ACM SIGMOD 1987 R. Bruni, H. Melgratti, U. Montanari: Theoretical foundations for compensations in flow composition languages. POPL 2005 I. Lanese, C. A. Mezzina, J. -B. Stefani: Reversing Higher-Order Pi. CONCUR 2010 I. Lanese, C. A. Mezzina, A. Schmitt, J. -B. Stefani: Controlling Reversibility in Higher-Order Pi. CONCUR 2011
- Slides: 21