Verifying message-passing programs with dependent behavioural types

Alceste Scalas; Nobuko Yoshida; Elias Benussi

doi:10.1145/3314221.3322484

Verifying message-passing programs with dependent behavioural types

Alceste Scalas, Nobuko Yoshida, Elias Benussi

Research output: Chapter in Book/Published conference output › Conference publication

Abstract

Concurrent and distributed programming is notoriously hard. Modern languages and toolkits ease this difficulty by offering message-passing abstractions, such as actors (e.g., Erlang, Akka, Orleans) or processes (e.g., Go): they allow for simpler reasoning w.r.t. shared-memory concurrency, but do not ensure that a program implements a given specification. To address this challenge, it would be desirable to specify and verify the intended behaviour of message-passing applications using types, and ensure that, if a program type-checks and compiles, then it will run and communicate as desired. We develop this idea in theory and practice. We formalise a concurrent functional language λ^π, with a new blend of behavioural types (from π-calculus theory), and dependent function types (from the Dotty programming language, a.k.a. the future Scala 3). Our theory yields four main payoffs: (1) it verifies safety and liveness properties of programs via typeś level model checking; (2) unlike previous work, it accurately verifies channel-passing (covering a typical pattern of actor programs) and higher-order interaction (i.e., sending/receiving mobile code); (3) it is directly embedded in Dotty, as a toolkit called Effpi, offering a simplified actor-based API; (4) it enables an efficient runtime system for Effpi, for highly concurrent programs with millions of processes/actors.

Original language	English
Title of host publication	PLDI 2019 - Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation
Editors	Kathryn S. McKinley, Kathleen Fisher
Publisher	ACM
Pages	502-516
Number of pages	15
ISBN (Electronic)	9781450367127
DOIs	https://doi.org/10.1145/3314221.3322484
Publication status	Published - 8 Jun 2019
Event	40th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2019 - Phoenix, United States Duration: 22 Jun 2019 → 26 Jun 2019

Conference

Conference	40th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2019
Country/Territory	United States
City	Phoenix
Period	22/06/19 → 26/06/19

Bibliographical note

Keywords

Actors
Behavioural types
Dependent types
Dotty
Model checking
Processes
Scala
Temporal logic

Access to Document

10.1145/3314221.3322484

Verifying Message-Passing Programs with Dependent Behavioural Types
© ACM, 2019. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution.
Accepted author manuscript, 1.24 MB

http://mrg.doc.ic.ac.uk/publications/verifying-message-passing-programs-with-dependent-behavioural-types/pldi19-preprint.pdf

Cite this

@inproceedings{b91e27855bc4464b929d3ea5cd1fa82d,

title = "Verifying message-passing programs with dependent behavioural types",

abstract = "Concurrent and distributed programming is notoriously hard. Modern languages and toolkits ease this difficulty by offering message-passing abstractions, such as actors (e.g., Erlang, Akka, Orleans) or processes (e.g., Go): they allow for simpler reasoning w.r.t. shared-memory concurrency, but do not ensure that a program implements a given specification. To address this challenge, it would be desirable to specify and verify the intended behaviour of message-passing applications using types, and ensure that, if a program type-checks and compiles, then it will run and communicate as desired. We develop this idea in theory and practice. We formalise a concurrent functional language λπ, with a new blend of behavioural types (from π-calculus theory), and dependent function types (from the Dotty programming language, a.k.a. the future Scala 3). Our theory yields four main payoffs: (1) it verifies safety and liveness properties of programs via type{\'s} level model checking; (2) unlike previous work, it accurately verifies channel-passing (covering a typical pattern of actor programs) and higher-order interaction (i.e., sending/receiving mobile code); (3) it is directly embedded in Dotty, as a toolkit called Effpi, offering a simplified actor-based API; (4) it enables an efficient runtime system for Effpi, for highly concurrent programs with millions of processes/actors.",

keywords = "Actors, Behavioural types, Dependent types, Dotty, Model checking, Processes, Scala, Temporal logic",

author = "Alceste Scalas and Nobuko Yoshida and Elias Benussi",

note = "{\textcopyright} ACM, 2019. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. ; 40th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2019 ; Conference date: 22-06-2019 Through 26-06-2019",

year = "2019",

month = jun,

day = "8",

doi = "10.1145/3314221.3322484",

language = "English",

pages = "502--516",

editor = "McKinley, {Kathryn S.} and Kathleen Fisher",

booktitle = "PLDI 2019 - Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation",

publisher = "ACM",

address = "United States",

}

Scalas, A, Yoshida, N & Benussi, E 2019, Verifying message-passing programs with dependent behavioural types. in KS McKinley & K Fisher (eds), PLDI 2019 - Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation. ACM, pp. 502-516, 40th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2019, Phoenix, United States, 22/06/19. https://doi.org/10.1145/3314221.3322484

Verifying message-passing programs with dependent behavioural types. / Scalas, Alceste; Yoshida, Nobuko; Benussi, Elias.
PLDI 2019 - Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation. ed. / Kathryn S. McKinley; Kathleen Fisher. ACM, 2019. p. 502-516.

Research output: Chapter in Book/Published conference output › Conference publication

TY - GEN

T1 - Verifying message-passing programs with dependent behavioural types

AU - Scalas, Alceste

AU - Yoshida, Nobuko

AU - Benussi, Elias

N1 - © ACM, 2019. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution.

PY - 2019/6/8

Y1 - 2019/6/8

N2 - Concurrent and distributed programming is notoriously hard. Modern languages and toolkits ease this difficulty by offering message-passing abstractions, such as actors (e.g., Erlang, Akka, Orleans) or processes (e.g., Go): they allow for simpler reasoning w.r.t. shared-memory concurrency, but do not ensure that a program implements a given specification. To address this challenge, it would be desirable to specify and verify the intended behaviour of message-passing applications using types, and ensure that, if a program type-checks and compiles, then it will run and communicate as desired. We develop this idea in theory and practice. We formalise a concurrent functional language λπ, with a new blend of behavioural types (from π-calculus theory), and dependent function types (from the Dotty programming language, a.k.a. the future Scala 3). Our theory yields four main payoffs: (1) it verifies safety and liveness properties of programs via typeś level model checking; (2) unlike previous work, it accurately verifies channel-passing (covering a typical pattern of actor programs) and higher-order interaction (i.e., sending/receiving mobile code); (3) it is directly embedded in Dotty, as a toolkit called Effpi, offering a simplified actor-based API; (4) it enables an efficient runtime system for Effpi, for highly concurrent programs with millions of processes/actors.

AB - Concurrent and distributed programming is notoriously hard. Modern languages and toolkits ease this difficulty by offering message-passing abstractions, such as actors (e.g., Erlang, Akka, Orleans) or processes (e.g., Go): they allow for simpler reasoning w.r.t. shared-memory concurrency, but do not ensure that a program implements a given specification. To address this challenge, it would be desirable to specify and verify the intended behaviour of message-passing applications using types, and ensure that, if a program type-checks and compiles, then it will run and communicate as desired. We develop this idea in theory and practice. We formalise a concurrent functional language λπ, with a new blend of behavioural types (from π-calculus theory), and dependent function types (from the Dotty programming language, a.k.a. the future Scala 3). Our theory yields four main payoffs: (1) it verifies safety and liveness properties of programs via typeś level model checking; (2) unlike previous work, it accurately verifies channel-passing (covering a typical pattern of actor programs) and higher-order interaction (i.e., sending/receiving mobile code); (3) it is directly embedded in Dotty, as a toolkit called Effpi, offering a simplified actor-based API; (4) it enables an efficient runtime system for Effpi, for highly concurrent programs with millions of processes/actors.

KW - Actors

KW - Behavioural types

KW - Dependent types

KW - Dotty

KW - Model checking

KW - Processes

KW - Scala

KW - Temporal logic

UR - https://conf.researchr.org/home/pldi-2019

UR - http://www.scopus.com/inward/record.url?scp=85067658536&partnerID=8YFLogxK

U2 - 10.1145/3314221.3322484

DO - 10.1145/3314221.3322484

M3 - Conference publication

AN - SCOPUS:85067658536

SP - 502

EP - 516

BT - PLDI 2019 - Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation

A2 - McKinley, Kathryn S.

A2 - Fisher, Kathleen

PB - ACM

T2 - 40th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2019

Y2 - 22 June 2019 through 26 June 2019

ER -

Verifying message-passing programs with dependent behavioural types

Abstract

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this