Proving the Safety of Highly-Available Distributed Objects

Nair, Sreeja; Petri, Gustavo; Shapiro, Marc

doi:10.1007/978-3-030-44914-8_20

Cited by 12 publications

(4 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several works have looked at the problem of reasoning about the correctness of applications executing under weak isolation and introducing additional synchronization when necessary [Balegas et al 2015;Li et al 2014;Nair et al 2020]. As in the previous case, our work based on testing has the advantage that it can scale to real sized applications (as opposed to these techniques which are based on static analysis or logical proof arguments), but it cannot prove that an application is correct.…”

Section: Related Workmentioning

confidence: 95%

See 1 more Smart Citation

MonkeyDB: effectively testing correctness under weak isolation levels

Biswas¹,

Kakwani

Vedurada

et al. 2021

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

Modern applications, such as social networking systems and e-commerce platforms are centered around using large-scale storage systems for storing and retrieving data. In the presence of concurrent accesses, these storage systems trade off isolation for performance. The weaker the isolation level, the more behaviors a storage system is allowed to exhibit and it is up to the developer to ensure that their application can tolerate those behaviors. However, these weak behaviors only occur rarely in practice and outside the control of the application, making it difficult for developers to test the robustness of their code against weak isolation levels. This paper presents MonkeyDB, a mock storage system for testing storage-backed applications. MonkeyDB supports a key-value interface as well as SQL queries under multiple isolation levels. It uses a logical specification of the isolation level to compute, on a read operation, the set of all possible return values. MonkeyDB then returns a value randomly from this set. We show that MonkeyDB provides good coverage of weak behaviors, which is complete in the limit. We test a variety of applications for assertions that fail only under weak isolation. MonkeyDB is able to break each of those assertions in a small number of attempts.

show abstract

Section: Related Workmentioning

confidence: 95%

“…Courseware [Nair et al 2020]. This is an application for managing students and courses, allowing students to register, de-register and enroll for courses.…”

Section: Applicationsmentioning

confidence: 99%

MonkeyDB: effectively testing correctness under weak isolation levels

Biswas¹,

Kakwani

Vedurada

et al. 2021

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

show abstract

“…Wang et al [2019] propose replication-aware linearizability, a criterion that enables sequential reasoning to prove the correctness of CRDT implementations. Nair et al [2020] focus on the verification of program invariants for state-based replicated objects. These works verify RDTs based on some specification but cannot derive correct RDTs from that specification.…”

Section: Related Workmentioning

confidence: 99%

ECROs: building global scale systems from sequential code

Porre

Ferreira

Preguiça

et al. 2021

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

To ease the development of geo-distributed applications, replicated data types (RDTs) offer a familiar programming interface while ensuring state convergence, low latency, and high availability. However, RDTs are still designed exclusively by experts using ad-hoc solutions that are error-prone and result in brittle systems. Recent works statically detect conflicting operations on existing data types and coordinate those at runtime to guarantee convergence and preserve application invariants. However, these approaches are too conservative, imposing coordination on a large number of operations. In this work, we propose a principled approach to design and implement efficient RDTs taking into account application invariants. Developers extend sequential data types with a distributed specification, which together form an RDT. We statically analyze the specification to detect conflicts and unravel their cause. This information is then used at runtime to serialize concurrent operations safely and efficiently. Our approach derives a correct RDT from any sequential data type without changes to the data type's implementation and with minimal coordination. We implement our approach in Scala and develop an extensive portfolio of RDTs. The evaluation shows that our approach provides performance similar to conflict-free replicated data types for commutative operations, and considerably improves the performance of non-commutative operations, compared to existing solutions.

show abstract

“…Therefore, follow-up projects revived the integrity property. CISE [29] and Soteria [41] present proof techniques to verify the integrity properties of a replicated object. Sieve [36], Indigo [10] and Hamsaz [30] translate the given high-level integrity properties to hybrid models.…”

Section: Introductionmentioning

confidence: 99%

Hampa: Solver-Aided Recency-Aware Replication

Houshmand

Lesani

2020

Computer Aided Verification

View full text Add to dashboard Cite

Replication is a common technique to build reliable and scalable systems. Traditional strong consistency maintains the same total order of operations across replicas. This total order is the source of multiple desirable consistency properties: integrity, convergence and recency. However, maintaining the total order has proven to inhibit availability and performance. Weaker notions exhibit responsiveness and scalability; however, they forfeit the total order and hence its favorable properties. This project revives these properties with as little coordination as possible. It presents a tool called that given a sequential object with the declaration of its integrity and recency requirements, automatically synthesizes a correct-by-construction replicated object that simultaneously guarantees the three properties. It features a relational object specification language and a syntax-directed analysis that infers optimum staleness bounds. Further, it defines coordination-avoidance conditions and the operational semantics of replicated systems that provably guarantees the three properties. It characterizes the computational power and presents a protocol for recency-aware objects. uses automatic solvers statically and embeds them in the runtime to dynamically decide the validity of coordination-avoidance conditions. The experiments show that recency-aware objects reduce coordination and response time.

show abstract

Proving the Safety of Highly-Available Distributed Objects

Cited by 12 publications

References 20 publications

MonkeyDB: effectively testing correctness under weak isolation levels

MonkeyDB: effectively testing correctness under weak isolation levels

ECROs: building global scale systems from sequential code

Hampa: Solver-Aided Recency-Aware Replication

Contact Info

Product

Resources

About