QuickCheck Poolboy #7

Merged
merged 11 commits into from Jan 26, 2012

Projects

None yet

2 participants

Collaborator

Hopefully all the commits have understandable comments, but I also did a writeup of the whole thing here:

http://andrew.hijacked.us/article/356/quickchecking-poolboy-for-fun-and-profit

Jared Morrow and others added some commits Sep 7, 2011
Jared Morrow Update rebar version: 2 date: 20110907_012454 vcs: git 1cb1ae2 0deace6
@Vagabond Vagabond Ensure the worker supervisor terminates when you stop poolboy 17ee86c
Jared Morrow Roll version 0.3.1 to fix bz1188 211a8fa
@Vagabond Vagabond Merge branch 'master' of https://github.com/devinus/poolboy bcd6508
@Vagabond Vagabond Initial quickcheck test for poolboy
For now, only test the simplest API; start, stop, checkout nonblocking
and checkin.
44a816e
@Vagabond Vagabond Add blocking checkout to quickcheck test and fix poolboy bug
The bug discovered was that blocking checkouts that had expired were not
being removed from the list of 'waiting' checkouts, so when a checkout
had timed out and a worker was subsequently checked in, the new worker
would be sent to the expired checkout request, not any current ones.
6a53f06
@Vagabond Vagabond Add kill_worker and fix resulting bugs
kill_worker exposed some new faults in poolboy, where the maximum size
of the pool could end up smaller than it should be after a worker was
killed.

To help in debugging this, a 'status' command was added to poolboy to
look at its internal state and a dynamic_precondition function was used
to compare the expected state to the actual state.

Numerous problems were discovered by doing this, poolboy had issues
around when it changed states, like allocating the last non-overflow
worker would leave the pool in 'ready' until the next request came in,
instead of immediately changing the state.
c2ba14c
@Vagabond Vagabond Add command to kill workers after they're checked back in, and fix bugs
Extend the 'status' to check the number of monitors poolboy has on
processes that have checked out workers. When a process dies after being
checked back in, poolboy zeroes out the list of monitors for some reason.
eacf28f
@Vagabond Vagabond Add command to send poolboy EXIT messages for unrelated pids; fix bugs
Sending poolboy EXIT messages for pids that are not workers causes
invalid changes to poolboy's state. Also, legitimate processes dying
after being checked back in also would corrupt the internal state. Add
better checking in the EXIT handling code to guard against this.
e964cc5
@Vagabond Vagabond Checkin non-worker processes 10% of the time and fix resulting bugs
Checking in an invalid process corrupts the internal state similarly to
receiving EXITs from non-worker pids.
e6af0b6
@Vagabond Vagabond Add a parallel property for poolboy
To trigger some of the more interesting code, we need to truly do things
in parallel, so blocking checkouts can actually happen while other
requests are being made. This commit adds a parallel property for
poolboy, based on the original serial one.

One hack that was needed was to add a trailing call to erlang:self() to
the end of each parallel branch so that we could filter out workers
checked out by that particular branch from the model. This is necessary
because poolboy monitors the process holding the worker and will destroy
any workers held by a process and re-start them, if necessary, to
maintain the right number of workers in the pool. This filtering is done
in the next_state command, and all elements in the checked_out list in
the model are tuples of {Worker, self()} so the list can be filtered.

Happily, although this exercises more core, no additional bugs were
found.
fce0d9f
@devinus devinus merged commit 75572c2 into devinus:master Jan 26, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment