Connectors meet Choreographies

We present Cho-Reo-graphies (CR), a new language model that unites two powerful programming paradigms for concurrent software based on communicating processes: Choreographic Programming and Exogenous Coordination. In CR, programmers specify the desired communications among processes using a choreography, and define how communications should be concretely animated by connectors given as constraint automata (e.g., synchronous barriers and asynchronous multi-casts). CR is the first choreography calculus where different communication semantics (determined by connectors) can be freely mixed; since connectors are user-defined, CR also supports many communication semantics that were previously unavailable for choreographies. We develop a static analysis that guarantees that a choreography in CR and its user-defined connectors are compatible, define a compiler from choreographies to a process calculus based on connectors, and prove that compatibility guarantees deadlock-freedom of the compiled process implementations

The Paths to Choreography Extraction

Choreographies are global descriptions of interactions among concurrent components, most notably used in the settings of verification (e.g., Multiparty Session Types) and synthesis of correct-by-construction software (Choreographic Programming). They require a top-down approach: programmers first write choreographies, and then use them to verify or synthesize their programs. However, most existing software does not come with choreographies yet, which prevents their application. To attack this problem, we propose a novel methodology (called choreography extraction) that, given a set of programs or protocol specifications, automatically constructs a choreography that describes their behavior. The key to our extraction is identifying a set of paths in a graph that represents the symbolic execution of the programs of interest. Our method improves on previous work in several directions: we can now deal with programs that are equipped with a state and internal computation capabilities; time complexity is dramatically better; we capture programs that are correct but not necessarily synchronizable, i.e., they work because they exploit asynchronous communication

Explicit connection actions in multiparty session types

This work extends asynchronous multiparty session types (MPST) with explicit connection actions to support protocols with op- tional and dynamic participants. The actions by which endpoints are connected and disconnected are a key element of real-world protocols that is not treated in existing MPST works. In addition, the use cases motivating explicit connections often require a more relaxed form of mul- tiparty choice: these extensions do not satisfy the conservative restric- tions used to ensure safety in standard syntactic MPST. Instead, we de- velop a modelling-based approach to validate MPST safety and progress for these enriched protocols. We present a toolchain implementation, for distributed programming based on our extended MPST in Java, and a core formalism, demonstrating the soundness of our approach. We discuss key implementation issues related to the proposed extensions: a practi- cal treatment of choice subtyping for MPST progress, and multiparty correlation of dynamic binary connections

Session Types in Concurrent Calculi: Higher-Order Processes and Objects

This dissertation investigates different formalisms, in the form of programming language calculi, that are aimed at providing a theoretical foundation for structured concurrent programming based on session types. The structure of a session type is essentially a process-algebraic style description of the behaviour of a single program identifier serving as a communication medium (and usually referred to as a channel): the types incorporate typed inputs, outputs, and choices which can be composed to form larger protocol descriptions. The effectiveness of session typing can be attributed to the linear treatment of channels and session types, and to the use of tractable methods such as syntactic duality to decide if the types of two connected channels are compatible. Linearity is ensured when accumulating the uses of a channel into a composite type that describes also the order of those actions. Duality provides a tractable and intuitive method for deciding when two connected channels can interact and exchange values in a statically determined type-safe way. We present our contributions to the theory of sessions, distilled into two families of programming calculi, the first based on higher-order processes and the second based on objects. Our work unifies, improves and extends, in manifold ways, the session primitives and typing systems for the Lambda-calculus, the Pi-calculus, the Object-calculus, and their combinations in multi-paradigm languages. Of particular interest are: the treatment of infinite interactions expressed with recursive sessions; the capacity to encapsulate channels in higher-order structures which can be exchanged and kept suspended, i.e., the use of code as data; the integration of protocol structure directly into the description of objects, providing a powerful and uniformly extensible set of implementation abstractions; finally, the introduction of asynchronous subtyping, which enables controlled reordering of actions on either side of a session. Our work on higher-order processes and on object calculi for session-based concurrent programming provides a theoretical foundation for programming language design integrating functional, process, and object-oriented features

Deadlock Freedom for Asynchronous and Cyclic Process Networks

This paper considers the challenging problem of establishing deadlock freedom for message-passing processes using behavioral type systems. In particular, we consider the case of processes that implement session types by communicating asynchronously in cyclic process networks. We present APCP, a typed process framework for deadlock freedom which supports asynchronous communication, delegation, recursion, and a general form of process composition that enables specifying cyclic process networks. We discuss the main decisions involved in the design of APCP and illustrate its expressiveness and flexibility using several examples.Comment: In Proceedings ICE 2021, arXiv:2109.14908. arXiv admin note: text overlap with arXiv:2101.0903

Hybrid Session Verification through Endpoint API Generation

© Springer-Verlag Berlin Heidelberg 2016.This paper proposes a new hybrid session verification methodology for applying session types directly to mainstream languages, based on generating protocol-specific endpoint APIs from multiparty session types. The API generation promotes static type checking of the behavioural aspect of the source protocol by mapping the state space of an endpoint in the protocol to a family of channel types in the target language. This is supplemented by very light run-time checks in the generated API that enforce a linear usage discipline on instances of the channel types. The resulting hybrid verification guarantees the absence of protocol violation errors during the execution of the session. We implement our methodology for Java as an extension to the Scribble framework, and use it to specify and implement compliant clients and servers for real-world protocols such as HTTP and SMTP

A decentralized analysis of multiparty protocols

Protocols provide the unifying glue in concurrent and distributed software today; verifying that message-passing programs conform to such governing protocols is important but difficult. Static approaches based on multiparty session types (MPST) use protocols as types to avoid protocol violations and deadlocks in programs. An elusive problem for MPST is to ensure both protocol conformance and deadlock-freedom for implementations with interleaved and delegated protocols. We propose a decentralized analysis of multiparty protocols, specified as global types and implemented as interacting processes in an asynchronous π-calculus. Our solution rests upon two novel notions: router processes and relative types. While router processes use the global type to enable the composition of participant implementations in arbitrary process networks, relative types extract from the global type the intended interactions and dependencies between pairs of participants. In our analysis, processes are typed using APCP, a type system that ensures protocol conformance and deadlock-freedom with respect to binary protocols, developed in prior work. Our decentralized, router-based analysis enables the sound and complete transference of protocol conformance and deadlock-freedom from APCP to multiparty protocols

A Decentralized Analysis of Multiparty Protocols

Protocols provide the unifying glue in concurrent and distributed software today; verifying that message-passing programs conform to such governing protocols is important but difficult. Static approaches based on multiparty session types (MPST) use protocols as types to avoid protocol violations and deadlocks in programs. An elusive problem for MPST is to ensure both protocol conformance and deadlock freedom for implementations with interleaved and delegated protocols. We propose a decentralized analysis of multiparty protocols, specified as global types and implemented as interacting processes in an asynchronous $\pi$-calculus. Our solution rests upon two novel notions: router processes and relative types. While router processes use the global type to enable the composition of participant implementations in arbitrary process networks, relative types extract from the global type the intended interactions and dependencies between pairs of participants. In our analysis, processes are typed using APCP, a type system that ensures protocol conformance and deadlock freedom with respect to binary protocols, developed in prior work. Our decentralized, router-based analysis enables the sound and complete transference of protocol conformance and deadlock freedom from APCP to multiparty protocols.Comment: revision following anonymous review