Natural proofs for asynchronous programs using almost-synchronous reductions

Desai, Ankush; Garg, Pranav; Madhusudan, P.

doi:10.1145/2660193.2660211

Cited by 23 publications

(27 citation statements)

References 59 publications

(54 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, actor languages often have only one incoming message queue, making it difficult to prove properties about them via canonical sequentialization. Alternatively, one can reduce complex parallel programs into relatively simpler programs, or use representative program traces that are sufficient for reasoning about the properties of the original parallel program [Lipton 1975;Godefroid 1996;Flanagan and Godefroid 2005;Abdulla et al 2014;Desai et al 2014]. Sequentialization approaches such as Lal and Reps [2008]; La Torre et al [2009] reduce parallel programs to sequential versions to provide bounded guarantees.…”

Section: Related Workmentioning

confidence: 99%

Verifying safety and accuracy of approximate parallel programs via canonical sequentialization

Fernando

Joshi

Misailovíc

2019

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

We present Parallely, a programming language and a system for verification of approximations in parallel message-passing programs. Parallely's language can express various software and hardware level approximations that reduce the computation and communication overheads at the cost of result accuracy. Parallely's safety analysis can prove the absence of deadlocks in approximate computations and its type system can ensure that approximate values do not interfere with precise values. Parallely's quantitative accuracy analysis can reason about the frequency and magnitude of error. To support such analyses, Parallely presents an approximation-aware version of canonical sequentialization, a recently proposed verification technique that generates sequential programs that capture the semantics of well-structured parallel programs (i.e., ones that satisfy a symmetric nondeterminism property). To the best of our knowledge, Parallely is the first system designed to analyze parallel approximate programs. We demonstrate the effectiveness of Parallely on eight benchmark applications from the domains of graph analytics, image processing, and numerical analysis. We also encode and study five approximation mechanisms from literature. Our implementation of Parallely automatically and efficiently proves type safety, reliability, and accuracy properties of the approximate benchmarks. CCS Concepts: • Computing methodologies → Parallel programming languages; • Software and its engineering → Formal software verification.

show abstract

Section: Related Workmentioning

confidence: 99%

Verifying safety and accuracy of approximate parallel programs via canonical sequentialization

Fernando

Joshi

Misailovíc

2019

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

show abstract

“…Our work exploits the insights from [Lipton 1975] in order to rewrite programs into their canonical sequentialization. The work in [Desai et al 2014] is similar to ours in that our rules explore traces where buffers are small (by moving receives right after sends). However, our work checks global system configurations whereas [Desai et al 2014] is concerned with local states, only and hence cannot account for deadlocks.…”

Section: Session Types the Session Typesmentioning

confidence: 99%

“…The work in [Desai et al 2014] is similar to ours in that our rules explore traces where buffers are small (by moving receives right after sends). However, our work checks global system configurations whereas [Desai et al 2014] is concerned with local states, only and hence cannot account for deadlocks. Moreover, [Desai et al 2014] does not consider unbounded numbers of processes.…”

Section: Session Types the Session Typesmentioning

confidence: 99%

“…However, our work checks global system configurations whereas [Desai et al 2014] is concerned with local states, only and hence cannot account for deadlocks. Moreover, [Desai et al 2014] does not consider unbounded numbers of processes. A condition for transforming asynchronous finite-state programs into synchronous programs is presented in [Basu et al 2012], however, it is too restrictive for our benchmarks.…”

Section: Session Types the Session Typesmentioning

confidence: 99%

See 1 more Smart Citation

Verifying distributed programs via canonical sequentialization

Bakst

Gleissenthall

Kıcı

et al. 2017

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

We introduce canonical sequentialization, a new approach to verifying unbounded, asynchronous, messagepassing programs at compile-time. Our approach builds upon the following observation: due the combinatorial explosion in complexity, programmers do not reason about their systems by case-splitting over all the possible execution orders. Instead, correct programs tend to be well-structured so that the programmer can reason about a small number of representative executions, which we call the program's canonical sequentialization. We have implemented our approach in a tool called Brisk that synthesizes canonical sequentializations for programs written in Haskell, and evaluated it on a wide variety of distributed systems including benchmarks from the literature and implementations of MapReduce, two-phase commit, and a version of the Disco distributed file-system. Brisk verifies unbounded versions of the benchmarks in tens of milliseconds, yielding the first concurrency verification tool that is fast enough to be integrated into a design-implement-check cycle. is limited to finite systems: when the number of processes is unbounded, e.g., if processes are spawned based on input parameters, model checking cannot guarantee correctness as the state space, and hence, the number of executions, is infinite. Consequently, the distributed systems developer is bereft of development-and compile-time tools that guarantee the absence of concurrency errors.Our Approach In this paper, we propose canonical sequentialization, a new approach to verifying concurrency properties of unbounded, asynchronous, message-passing programs at compile-time. Our approach builds upon the following observation: due the combinatorial explosion in complexity, programmers do not reason about their systems by case-splitting over all the possible execution orders. Instead, correct programs tend to be well-structured so that the programmer can reason about a small number of representative executions which we call the program's canonical sequentialization.Example: Two-Phase Commit Consider the classic two-phase commit protocol [Lampson and Sturgis 1976], which consists of a leader process trying to commit a transaction to a number of database nodes. The protocol proceeds in two phases. In the first phase, the leader issues a tentative transaction. The leader then waits for answers from the nodes who may decide to either accept or abort the transaction. This initiates the second phase: if all nodes agreed, the leader sends them a commit message; otherwise, it sends an abort message. Finally, each node sends its acknowledgement of the final decision.Even though leader and database nodes execute in parallel, the concurrency is well-structured. First, due to the lack of a shared memory, most actions executed by different nodes are independent of each other, and thus commute. For example, a tentative proposal sent to one of the database nodes is independent of the messages other database nodes might send or receive. Thus, in the spirit of Lipton's movers [Lipto...

show abstract

“…The semantics is based on the event-driven automata formalism from [7] Figure 1. Graphical representation of a master-worker asynchronous system in P#.…”

Section: Language and Semanticsmentioning

confidence: 99%

Asynchronous programming, analysis and testing with state machines

et al. 2015

View full text Add to dashboard Cite

Programming efficient asynchronous systems is challenging because it can often be hard to express the design declaratively, or to defend against data races and interleaving-dependent assertion violations. Previous work has only addressed these challenges in isolation, by either designing a new declarative language, a new data race detection tool or a new testing technique. We present P#, a language for high-reliability asynchronous programming co-designed with a static data race analysis and systematic concurrency testing infrastructure. We describe our experience using P# to write several distributed protocols and port an industrial-scale system internal to Microsoft, showing that the combined techniques, by leveraging the design of P#, are effective in finding bugs.

show abstract

Natural proofs for asynchronous programs using almost-synchronous reductions

Cited by 23 publications

References 59 publications

Verifying safety and accuracy of approximate parallel programs via canonical sequentialization

Verifying safety and accuracy of approximate parallel programs via canonical sequentialization

Verifying distributed programs via canonical sequentialization

Asynchronous programming, analysis and testing with state machines

Contact Info

Product

Resources

About