Extreme modelling in practice

Davis, A. Jesse Jiryu; Hirschhorn, Max; Schvimer, Judah

doi:10.14778/3397230.3397233

Cited by 17 publications

(9 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We will also investigate whether the IPA framework can be used to reduce the cost of code-level model checking of distributed system implementations. Given sufficient application of the IPA framework in realistic scenarios, we will investigate how to integrate the IPA framework into the extreme modeling [13] paradigm of distributed system design and implementation.…”

Section: Discussionmentioning

confidence: 99%

“…PolarFS is using TLA+ to precisely document the design of its ParallelRaft protocol, in order to effectively guarantee the reliability and maintainability of the protocol design and implementation [16]. MongoDB further leverages the formally specified design, verified by model checking, to conduct model-based test case generation and model-based trace checking on large scale system implementations [13].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Compositional Model Checking of Consensus Protocols Specified in TLA+ via Interaction-Preserving Abstraction

Gu¹,

Cao²,

Zhu³

et al. 2022

Preprint

View full text Add to dashboard Cite

Section: Discussionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Compositional Model Checking of Consensus Protocols Specified in TLA+ via Interaction-Preserving Abstraction

Gu¹,

Cao²,

Zhu³

et al. 2022

Preprint

View full text Add to dashboard Cite

“…First, for simplicity, we have assumed that each procedure executes atomically. However, the implementation of MongoDB is highly concurrent [12], and needs to be modelled and verified more carefully. Second, MongoDB also supports non-transactional consistency, including tunable consistency [21] and causal consistency [26].…”

Section: Discussionmentioning

confidence: 99%

Verifying Transactional Consistency of MongoDB

Ouyang¹,

Wei²,

Huang³

et al. 2021

Preprint

View full text Add to dashboard Cite

MongoDB is a popular general-purpose, document-oriented, distributed NoSQL database. It supports transactions in three different deployments: single-document transactions utilizing the WiredTiger storage engine in a standalone node, multi-document transactions in a replica set which consists of a primary node and several secondary nodes, and distributed transactions in a sharded cluster which is a group of multiple replica sets, among which data is sharded. A natural and fundamental question about Mon-goDB transactions is: What transactional consistency guarantee do MongoDB Transactions in each deployment provide? However, it lacks both concise pseudocode of MongoDB transactions in each deployment and formal specification of the consistency guarantees which MongoDB claimed to provide. In this work, we formally specify and verify the transactional consistency protocols of MongoDB. Specifically, we provide a concise pseudocode for the transactional consistency protocols in each MongoDB deployment, namely WiredTiger, ReplicaSet, and ShardedCluster, based on the official documents and source code. We then prove that WiredTiger, ReplicaSet, and ShardedCluster satisfy different variants of snapshot isolation, namely StrongSI, RealtimeSI, and SessionSI, respectively. We also propose and evaluate efficient white-box checking algorithms for MongoDB transaction protocols against their consistency guarantees, effectively circumventing the NP-hard obstacle in theory.

show abstract

“…We also propose an optimization concerning the model checking trace. We did not let the TLC model checker output the whole state transition graph like the work in [21]. Instead we let the CRDT models output only the final states.…”

Section: Threats From Systemmentioning

confidence: 99%

“…MongoDB uses Model-Based Test Case Generation (MBTCG) to ensure the equivalence between the C++ and the Golang versions of the operational transformation (OT) implementations in MongoDB Realm Sync [21]. Met is inspired by the MBTCG technique of MongoDB.…”

Section: Related Workmentioning

confidence: 99%