Séminaire Regal

RSS

On Verifying Causal Consistency

Tuesday, February 28, 2017
Constantin Enea (U. Paris Diderot)

Causal consistency is one of the most adopted consistency criteria in distributed implementations of data structures. It ensures that operations are executed at all sites according to their causal precedence.

We address the problem of verifying whether the executions of an implementation of a data structure are causally consistent. We consider two problems: (1) checking whether one single (finite) execution is causally consistent, which is relevant for developing testing and bug finding algorithms, and (2) verifying whether all the executions of an implementation are causally consistent.

We show that the first problem is NP-complete. This holds even for the read-write memory abstraction, which is a building block of many today’s implementations. In particular, key-value stores, that are omnipresent in distributed implementations, are instances of the read-write memory abstraction. Moreover, we prove that the second problem is undecidable, and again this holds even for the read-write memory abstraction.

We prove however that for the read-write memory abstraction, these negative results can be circumvented if we assume data independence, i.e., that the behaviors of implementations do not depend on the data values that are written or read at each moment, which is a realistic assumption. We prove that in this case, checking the correctness of a single execution w.r.t. the read-write memory abstraction is polynomial time. Furthermore, we show that the set of non-causally consistent executions can be represented by means of a finite number of state machines (register automata). Using these machines as observers (in parallel with the implementation) allows to reduce polynomially the problem of checking causal consistency to a state reachability problem. This reduction holds regardless of the class of programs used for the implementation, the number of read-write variables, and the used data domain. For a significant class of implementations, we derive from this reduction the decidability of verifying causal consistency w.r.t. the read-write memory abstraction.

This is joint work with Ahmed Bouajjani, Rachid Guerraoui, and Jad Hamza.


marc.shapiro (at) nullacm.org