research-article

'Cause I'm strong enough: Reasoning about consistency choices in distributed systems

Authors:

Alexey Gotsman,

Carla Ferreira,

Mahsa Najafzadeh,

Marc ShapiroAuthors Info & Claims

POPL '16: Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages

Pages 371 - 384

https://doi.org/10.1145/2837614.2837625

Published: 11 January 2016 Publication History

Abstract

Large-scale distributed systems often rely on replicated databases that allow a programmer to request different data consistency guarantees for different operations, and thereby control their performance. Using such databases is far from trivial: requesting stronger consistency in too many places may hurt performance, and requesting it in too few places may violate correctness. To help programmers in this task, we propose the first proof rule for establishing that a particular choice of consistency guarantees for various operations on a replicated database is enough to ensure the preservation of a given data integrity invariant. Our rule is modular: it allows reasoning about the behaviour of every operation separately under some assumption on the behaviour of other operations. This leads to simple reasoning, which we have automated in an SMT-based tool. We present a nontrivial proof of soundness of our rule and illustrate its use on several examples.

References

[1]

https://github.com/Z3Prover/z3.

[2]

D. Abadi. Consistency tradeoffs in modern distributed database system design: CAP is only part of the story. IEEE Computer, 45(2), 2012.

Digital Library

[3]

P. A. Abdulla, M. F. Atig, and N. T. Phong. The best of both worlds: Trading efficiency and optimality in fence insertion for TSO. In ESOP, 2015.

Digital Library

[4]

J. Alglave, D. Kroening, V. Nimal, and D. Poetzl. Don’t sit on the fence - A static analysis approach to automatic fence insertion. In CAV, 2014.

[5]

J. Alglave, D. Kroening, V. Nimal, and M. Tautschnig. Software verification for weak memory via program transformation. In ESOP, 2013.

Digital Library

[6]

Amazon. Supported operations in DynamoDB. http://docs.aws.amazon.com/amazondynamodb/latest/ developerguide/APISummary.html, 2015.

[7]

P. Bailis, A. Fekete, M. J. Franklin, A. Ghodsi, J. M. Hellerstein, and I. Stoica. Coordination avoidance in database systems. PVLDB, 2015.

Digital Library

[8]

P. Bailis, A. Fekete, A. Ghodsi, J. M. Hellerstein, and I. Stoica. Scalable atomic visibility with RAMP transactions. In SIGMOD, 2014.

Digital Library

[9]

V. Balegas, N. Preguic¸a, R. Rodrigues, S. Duarte, C. Ferreira, M. Najafzadeh, and M. Shapiro. Putting the consistency back into eventual consistency. In EuroSys, 2015.

Digital Library

[10]

Basho Inc. Using strong consistency in Riak. http://docs.basho.com/riak/latest/dev/advanced/strong-consistency/, 2015.

[11]

M. Batty, S. Owens, S. Sarkar, P. Sewell, and T. Weber. Mathematizing C++ concurrency. In POPL, 2011.

Digital Library

[12]

H. Berenson, P. Bernstein, J. Gray, J. Melton, E. O’Neil, and P. O’Neil. A critique of ANSI SQL isolation levels. In SIGMOD, 1995.

Digital Library

[13]

A. Bouajjani, E. Derevenetc, and R. Meyer. Checking and enforcing robustness against TSO. In ESOP, 2013.

Digital Library

[14]

M. Bravo, N. Diegues, J. Zeng, P. Romano, and L. E. T. Rodrigues. On the use of clocks to enforce consistency in the cloud. IEEE Data Eng. Bull., 38(1), 2015.

[15]

S. Burckhardt, A. Gotsman, H. Yang, and M. Zawirski. Replicated data types: specification, verification, optimality. In POPL, 2014.

Digital Library

[16]

S. Burckhardt, D. Leijen, M. Fähndrich, and M. Sagiv. Eventually consistent transactions. In ESOP, 2012.

Digital Library

[17]

A. Cerone, G. Bernardi, and A. Gotsman. A framework for transactional consistency models with atomic visibility. In CONCUR, 2015.

[18]

A. M. Dan, Y. Meshman, M. T. Vechev, and E. Yahav. Predicate abstraction for relaxed memory models. In SAS, 2013.

[19]

A. M. Dan, Y. Meshman, M. T. Vechev, and E. Yahav. Effective abstractions for verification under relaxed memory models. In VMCAI, 2015.

Digital Library

[20]

T. Dinsdale-Young, M. Dodds, P. Gardner, M. J. Parkinson, and V. Vafeiadis. Concurrent abstract predicates. In ECOOP, 2010.

Digital Library

[21]

M. Dodds, X. Feng, M. Parkinson, and V. Vafeiadis. Deny-guarantee reasoning. In ESOP, 2009.

Digital Library

[22]

A. Fekete. Allocating isolation levels to transactions. In PODS, 2005.

Digital Library

[23]

M. Fu, Y. Li, X. Feng, Z. Shao, and Y. Zhang. Reasoning about optimistic concurrency using a program logic for history. In CONCUR, 2010.

Digital Library

[24]

S. Gilbert and N. Lynch. Brewer’s conjecture and the feasibility of consistent, available, partition-tolerant web services. SIGACT News, 33(2), 2002.

Digital Library

[25]

A. Gotsman, N. Rinetzky, and H. Yang. Verifying concurrent memory reclamation algorithms with grace. In ESOP, 2013.

Digital Library

[26]

C. B. Jones. Specification and design of (parallel) programs. In IFIP Congress. North-Holland, 1983.

[27]

D. Kim and M. C. Rinard. Verification of semantic commutativity conditions and inverse operations on linked data structures. In PLDI, 2011.

Digital Library

[28]

L. Lamport. How to make a multiprocessor computer that correctly executes multiprocess programs. IEEE Trans. Comput., 28(9), 1979.

Digital Library

[29]

C. Li, J. Leit˜ao, A. Clement, N. Preguic¸a, and R. Rodrigues. Minimizing coordination in replicated systems. In Workshop on Principles and Practice of Consistency for Distributed Data (PaPoC), 2015.

Digital Library

[30]

C. Li, J. Leit˜ao, A. Clement, N. M. Preguic¸a, R. Rodrigues, and V. Vafeiadis. Automating the choice of consistency levels in replicated systems. In USENIX ATC, 2014.

Digital Library

[31]

C. Li, D. Porto, A. Clement, R. Rodrigues, N. Preguic¸a, and J. Gehrke. Making geo-replicated systems fast if possible, consistent when necessary. In OSDI, 2012.

Digital Library

[32]

W. Lloyd, M. J. Freedman, M. Kaminsky, and D. G. Andersen. Don’t settle for eventual: scalable causal consistency for wide-area storage with COPS. In SOSP, 2011.

Digital Library

[33]

S. Lu, A. J. Bernstein, and P. M. Lewis. Correct execution of transactions at different isolation levels. IEEE Trans. Knowl. Data Eng., 16(9), 2004.

Digital Library

[34]

Microsoft. Consistency levels in DocumentDB. http://azure.microsoft.com/en-us/documentation/articles/ documentdb-consistency-levels/, 2015.

[35]

P. W. O’Hearn. Resources, concurrency and local reasoning. Theor. Comput. Sci., 375(1-3), 2007.

Digital Library

[36]

F. Pedone and A. Schiper. Generic broadcast. In DISC, 1999.

Digital Library

[37]

M. Saeida Ardekani, P. Sutra, and M. Shapiro. Non-monotonic snapshot isolation: Scalable and strong consistency for geo-replicated transactional systems. In SRDS, 2013.

Digital Library

[38]

M. Shapiro, N. Preguic¸a, C. Baquero, and M. Zawirski. A comprehensive study of Convergent and Commutative Replicated Data Types. Technical Report 7506, INRIA, 2011.

Digital Library

[39]

M. Shapiro, N. M. Preguic¸a, C. Baquero, and M. Zawirski. Conflictfree replicated data types. In SSS, 2011.

Digital Library

[40]

K. Sivaramakrishnan, G. Kaki, and S. Jagannathan. Declarative programming over eventually consistent data stores. In PLDI, 2015.

Digital Library

[41]

Y. Sovran, R. Power, M. K. Aguilera, and J. Li. Transactional storage for geo-replicated systems. In SOSP, 2011.

Digital Library

[42]

D. Terry. Replicated data consistency explained through baseball. Commun. ACM, 56(12), 2013.

Digital Library

[43]

D. B. Terry, V. Prabhakaran, R. Kotla, M. Balakrishnan, M. K. Aguilera, and H. Abu-Libdeh. Consistency-based service level agreements for cloud storage. In SOSP, 2013.

Digital Library

[44]

A. Turon, V. Vafeiadis, and D. Dreyer. GPS: Navigating weak memory with ghosts, protocols, and separation. In OOPSLA, 2014.

Digital Library

[45]

V. Vafeiadis and C. Narayan. Relaxed separation logic: A program logic for C11 concurrency. In OOPSLA, 2013.

Digital Library

[46]

W. Vogels. Eventually consistent. CACM, 52(1), 2009. Introduction Consistency Model, Informally Causal Consistency and Its Implementation Strengthening Consistency Formal Semantics State-based Proof Rule Event-based Proof Rule and Soundness Examples and Automation Auction Service Courseware Parallel Snapshot Isolation Automation Related Work Conclusion and Future Work

Digital Library

Cited By

Haas JMogk RYanakieva EBieniusa AMezini M(2024)LoRe: A Programming Model for Verifiably Safe Local-first SoftwareACM Transactions on Programming Languages and Systems10.1145/363376946:1(1-26)Online publication date: 15-Jan-2024
https://dl.acm.org/doi/10.1145/3633769
Bouajjani AEnea CRomán-Calvo E(2023)Dynamic Partial Order Reduction for Checking Correctness against Transaction Isolation LevelsProceedings of the ACM on Programming Languages10.1145/35912437:PLDI(565-590)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591243
Kokociński MKobus TWojciechowski P(2023)On the correctness of highly available systems in the presence of failuresJournal of Parallel and Distributed Computing10.1016/j.jpdc.2023.04.008180(104707)Online publication date: Oct-2023
https://doi.org/10.1016/j.jpdc.2023.04.008
Show More Cited By

Index Terms

'Cause I'm strong enough: Reasoning about consistency choices in distributed systems

Recommendations

Verifying strong eventual consistency in distributed systems

Data replication is used in distributed systems to maintain up-to-date copies of shared data across multiple computers in a network. However, despite decades of research, algorithms for achieving consistency in replicated systems are still poorly ...
'Cause I'm strong enough: Reasoning about consistency choices in distributed systems
POPL '16

Large-scale distributed systems often rely on replicated databases that allow a programmer to request different data consistency guarantees for different operations, and thereby control their performance. Using such databases is far from trivial: ...
Strict Timed Causal Consistency as a Hybrid Consistency Model in the Cloud Environment
Abstract
Cloud computing is a model of distributed systems. This system allows users to access virtual resources including the processing power, storage, applications, etc. Storage as a Service (SaaS) is one of the cloud computing services. ...
Highlights
- Cloud storage systems provide the storage service for the end-users.
- Cloud ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

POPL '16: Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages

January 2016

815 pages

ISBN:9781450335492

DOI:10.1145/2837614

General Chair:
Rastislav Bodik
UC Berkeley, USA
,
Program Chair:
Rupak Majumdar
MPI-SWS, Germany

ACM SIGPLAN Notices Volume 51, Issue 1
POPL '16
January 2016
815 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/2914770
Editor:
Andy Gill
University of Kansas, Lawrence, KS
Issue’s Table of Contents

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGPLAN: ACM Special Interest Group on Programming Languages

In-Cooperation

SIGACT: ACM Special Interest Group on Algorithms and Computation Theory

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 January 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

POPL '16

Sponsor:

SIGPLAN

POPL '16: The 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages

January 20 - 22, 2016

FL, St. Petersburg, USA

Acceptance Rates

Overall Acceptance Rate 824 of 4,130 submissions, 20%

Upcoming Conference

POPL '25

Sponsor:
sigplan

The 52nd Annual ACM SIGPLAN Symposium on Principles of Programming Languages

January 19 - 25, 2025

Denver , CO , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

108
Total Citations
View Citations
986
Total Downloads

Downloads (Last 12 months)103
Downloads (Last 6 weeks)4

Reflects downloads up to 10 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Haas JMogk RYanakieva EBieniusa AMezini M(2024)LoRe: A Programming Model for Verifiably Safe Local-first SoftwareACM Transactions on Programming Languages and Systems10.1145/363376946:1(1-26)Online publication date: 15-Jan-2024
https://dl.acm.org/doi/10.1145/3633769
Bouajjani AEnea CRomán-Calvo E(2023)Dynamic Partial Order Reduction for Checking Correctness against Transaction Isolation LevelsProceedings of the ACM on Programming Languages10.1145/35912437:PLDI(565-590)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591243
Kokociński MKobus TWojciechowski P(2023)On the correctness of highly available systems in the presence of failuresJournal of Parallel and Distributed Computing10.1016/j.jpdc.2023.04.008180(104707)Online publication date: Oct-2023
https://doi.org/10.1016/j.jpdc.2023.04.008
Laddad SPower CMilano MCheung ACrooks NHellerstein J(2022)Keep CALM and CRDT OnProceedings of the VLDB Endowment10.14778/3574245.357426816:4(856-863)Online publication date: 1-Dec-2022
https://dl.acm.org/doi/10.14778/3574245.3574268
Laddad SPower CMilano MCheung AHellerstein J(2022)Katara: synthesizing CRDTs with verified liftingProceedings of the ACM on Programming Languages10.1145/35633366:OOPSLA2(1349-1377)Online publication date: 31-Oct-2022
https://dl.acm.org/doi/10.1145/3563336
Soundarapandian VKamath ANagar KSivaramakrishnan KJhala RDillig I(2022)Certified mergeable replicated data typesProceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3519939.3523735(332-347)Online publication date: 9-Jun-2022
https://dl.acm.org/doi/10.1145/3519939.3523735
Kaki GPrahladan PLewchenko NJhala RDillig I(2022)RunTime-assisted convergence in replicated data typesProceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3519939.3523724(364-378)Online publication date: 9-Jun-2022
https://dl.acm.org/doi/10.1145/3519939.3523724
Houshmand FSaberlatibari JLesani MJhala RDillig I(2022)Hamband: RDMA replicated data typesProceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3519939.3523426(348-363)Online publication date: 9-Jun-2022
https://dl.acm.org/doi/10.1145/3519939.3523426
Kallas KNiksic FStanford CAlur RLee JAgrawal KSpear M(2022)Stream processing with dependency-guided synchronizationProceedings of the 27th ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming10.1145/3503221.3508413(1-16)Online publication date: 2-Apr-2022
https://dl.acm.org/doi/10.1145/3503221.3508413
Kleppmann MMulligan DGomes VBeresford A(2022)A Highly-Available Move Operation for Replicated TreesIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2021.311860333:7(1711-1724)Online publication date: 1-Jul-2022
https://doi.org/10.1109/TPDS.2021.3118603
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents