Proving the Safety of Highly-Available Distributed Objects

To provide high availability in distributed systems, object replicas allow concurrent updates. Although replicas eventually converge, they may diverge temporarily, for instance when the network fails. This makes it difficult for the developer to reason about the object’s properties, and in particular, to prove invariants over its state. For the subclass of state-based distributed systems, we propose a proof methodology for establishing that a given object maintains a given invariant, taking into account any concurrency control. Our approach allows reasoning about individual operations separately. We demonstrate that our rules are sound, and we illustrate their use with some representative examples. We automate the rule using Boogie, an SMT-based tool.

[1]  Suresh Jagannathan,et al.  Declarative programming over eventually consistent data stores , 2015, PLDI.

[2]  Hongseok Yang,et al.  The CISE tool: proving weakly-consistent applications correct , 2016, PaPoC@EuroSys.

[3]  Joseph M. Hellerstein,et al.  Keeping CALM , 2019, Commun. ACM.

[4]  Mohsen Lesani,et al.  Hamsaz: replication coordination analysis and synthesis , 2019, Proc. ACM Program. Lang..

[5]  Cliff B. Jones,et al.  Specification and Design of (Parallel) Programs , 1983, IFIP Congress.

[6]  Marc Shapiro,et al.  Conflict-Free Replicated Data Types , 2011, SSS.

[7]  Radha Jagadeesan,et al.  Eventual Consistency for CRDTs , 2018, ESOP.

[8]  Ali Shoker,et al.  Delta state replicated data types , 2016, J. Parallel Distributed Comput..

[9]  Marc Shapiro,et al.  Consistency in 3D , 2016, CONCUR.

[10]  Sebastian Burckhardt,et al.  Replicated data types: specification, verification, optimality , 2014, POPL.

[11]  Sreeja Nair,et al.  Improving the "Correct Eventual Consistency" Tool , 2018, ArXiv.

[12]  K. Rustan M. Leino,et al.  Reasoning about comprehensions with first-order SMT solvers , 2009, SAC '09.

[13]  Sreeja Nair,et al.  Invariant Safety for Distributed Applications , 2019, PaPoC@EuroSys.

[14]  Suresh Jagannathan,et al.  Safe replication through bounded concurrency verification , 2018, Proc. ACM Program. Lang..

[15]  Alastair R. Beresford,et al.  A framework for establishing Strong Eventual Consistency for Conflict-free Replicated Datatypes , 2017, Arch. Formal Proofs.

[16]  Suresh Jagannathan,et al.  Alone together: compositional reasoning and inference for weak isolation , 2017, Proc. ACM Program. Lang..

[17]  Sebastian Burckhardt,et al.  Principles of Eventual Consistency , 2014, Found. Trends Program. Lang..

[18]  Bor-Yuh Evan Chang,et al.  Boogie: A Modular Reusable Verifier for Object-Oriented Programs , 2005, FMCO.

[19]  Francisco Moura,et al.  Using structural characteristics for autonomous operation , 1999, OPSR.

[20]  Paulo Sérgio Almeida,et al.  Composition in State-based Replicated Data Types , 2017, Bull. EATCS.

[21]  Hongseok Yang,et al.  'Cause I'm strong enough: Reasoning about consistency choices in distributed systems , 2016, POPL.

[22]  Carla Ferreira,et al.  Bringing Hybrid Consistency Closer to Programmers , 2017, PaPoC@EuroSys.

[23]  Peter W. O'Hearn,et al.  Concurrent separation logic , 2016, SIGL.

[24]  Ali Ghodsi,et al.  Coordination Avoidance in Database Systems , 2014, Proc. VLDB Endow..