Skip to content

Commit

Permalink
demo how TLA+ model checking helps to find raft issue
Browse files Browse the repository at this point in the history
  • Loading branch information
@joshuazh-x
joshuazh-x committed Mar 26, 2024
1 parent 7f35117 commit 6aefcc8
Show file tree
Hide file tree
Showing 3 changed files with 206 additions and 114 deletions.
8 changes: 6 additions & 2 deletions tla/etcdraft.cfg
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,11 @@ CONSTANTS
s4 = 4
s5 = 5

InitServer = {s1, s2, s3}
Server = {s1, s2, s3}
\* InitServer = {s1, s2, s3}
\* Server = {s1, s2, s3}

InitServer = {s1}
Server = {s1}

Nil = 0

Expand Down Expand Up @@ -52,3 +55,4 @@ INVARIANTS
QuorumLogInv
MoreUpToDateCorrectInv
LeaderCompletenessInv
CommittedIsDurableInv

This comment has been minimized.

Sign in to view

Copy link
@serathius

serathius Mar 26, 2024

Would this invariant be useful to upstream when we have tla+ PR merged?

This comment has been minimized.

Sign in to view

Copy link
@joshuazh-x

joshuazh-x Mar 26, 2024

Author Owner

Yes, I think that is useful to avoid similar issue from happing again. Invariants act as correctness checks. We probably need to add more in future.

This comment has been minimized.

Sign in to view

Copy link
@serathius

serathius Mar 26, 2024

Sounds good, after we merge we should create an issue for that with list of proposed invariants to implement
Loading

0 comments on commit 6aefcc8

Please sign in to comment.