Safe replication through bounded concurrency verification
Gowtham Kaki,Kapil Earanky,KC Sivaramakrishnan,Suresh Jagannathan +3 more
- Vol. 2, pp 164
TLDR
A novel programming framework for replicated data types (RDTs) equipped with an automatic (bounded) verification technique that discovers and fixes weak consistency anomalies and shows that in practice, proving bounded safety guarantees typically generalize to the unbounded case.Abstract:
High-level data types are often associated with semantic invariants that must be preserved by any correct implementation. While having implementations enforce strong guarantees such as linearizability or serializability can often be used to prevent invariant violations in concurrent settings, such mechanisms are impractical in geo-distributed replicated environments, the platform of choice for many scalable Web services. To achieve high-availability essential to this domain, these environments admit various forms of weak consistency that do not guarantee all replicas have a consistent view of an application's state. Consequently, they often admit difficult-to-understand anomalous behaviors that violate a data type's invariants, but which are extremely challenging, even for experts, to understand and debug. In this paper, we propose a novel programming framework for replicated data types (RDTs) equipped with an automatic (bounded) verification technique that discovers and fixes weak consistency anomalies. Our approach, implemented in a tool called Q9, involves systematically exploring the state space of an application executing on top of an eventually consistent data store, under an unrestricted consistency model but with a finite concurrency bound. Q9 uncovers anomalies (i.e., invariant violations) that manifest as finite counterexamples, and automatically generates repairs for such anamolies by selectively strengthening consistency guarantees for specific operations. Using Q9, we have uncovered a range of subtle anomalies in implementations of well-known benchmarks, and have been able to apply the repairs it mandates to effectively eliminate them. Notably, these benchmarks were written adopting best practices suggested to manage distributed replicated state (e.g., they are composed of provably convergent RDTs (CRDTs), avoid mutable state, etc.). While the safety guarantees offered by our technique are constrained by the concurrency bound, we show that in practice, proving bounded safety guarantees typically generalize to the unbounded case.read more
Citations
More filters
Book ChapterDOI
Proving the Safety of Highly-Available Distributed Objects
TL;DR: This work proposes a proof methodology for establishing that a given object maintains a given invariant, taking into account any concurrency control, for the subclass of state-based distributed systems.
Journal ArticleDOI
CLOTHO: directed test generation for weakly consistent database systems
TL;DR: This paper presents a novel testing framework for detecting serializability violations in (SQL) database-backed Java applications executing on weakly-consistent storage systems and is the first automated test generation facility for identifyingserializability anomalies of Java applications intended to operate in geo-replicated distributed environments.
Posted Content
Automated Parameterized Verification of CRDTs
Kartik Nagar,Suresh Jagannathan +1 more
TL;DR: A framework for automatically verifying convergence of CRDTs under different weak-consistency policies is presented and a proof rule parameterized by a consistency specification based on the concepts of commutativity modulo consistency policy and non-interference to Commutativity is developed.
Proceedings ArticleDOI
Abstraction for conflict-free replicated data types
Hongjin Liang,Xinyu Feng +1 more
TL;DR: The Abstract Converging Consistency (ACC) as discussed by the authors is a new correctness formulation for Conflict-Free Replicated Data Types (CRDTs) to specify both data consistency and functional correctness.
References
More filters
Journal ArticleDOI
Symbolic execution for software testing: three decades later
Cristian Cadar,Koushik Sen +1 more
TL;DR: The challenges---and great promise---of modern symbolic execution techniques, and the tools to help implement them.
Journal Article
Conflict-free Replicated Data Types
TL;DR: This paper formalises two popular approaches (state- and operation-based) and their relevant sufficient conditions and studies a number of useful CRDTs, such as sets with clean semantics, supporting both add and remove operations, and considers in depth the more complex Graph data type.
Proceedings ArticleDOI
Finding and reproducing Heisenbugs in concurrent programs
Madanlal Musuvathi,Shaz Qadeer,Thomas Ball,Gerard Basler,Piramanayagam Arumuga Nainar,Iulian Neamtiu +5 more
TL;DR: For each bug, CHESS consistently reproduces an erroneous execution manifesting the bug, thereby making it significantly easier to debug the problem.
Proceedings ArticleDOI
Iterative context bounding for systematic testing of multithreaded programs
Madanlal Musuvathi,Shaz Qadeer +1 more
TL;DR: This paper proposes iterative context-bounding, a new search algorithm that systematically explores the executions of a multithreaded program in an order that prioritizes executions with fewer context switches, and shows both theoretically and empirically that context-bounded search is an effective method for exploring the behaviors of multith readed programs.
Proceedings ArticleDOI
Session guarantees for weakly consistent replicated data
Douglas B. Terry,Alan J. Demers,Karin Petersen,Mike Spreitzer,Marvin M. Theimer,Brent B. Welch +5 more
TL;DR: Four per-session guarantees are proposed to aid users and applications of weakly consistent replicated data: "read your writes", "monotonic reads", "writes follow reads", and " monotonic writes".
Related Papers (5)
Brewer's conjecture and the feasibility of consistent, available, partition-tolerant web services
Seth Gilbert,Nancy Lynch +1 more