Runtime Refinement Checking of Concurrent Data Structures
Description (Abstract)
We present a runtime technique for checking that a concurrent implementation of a data structure conforms to a high-level executable specification with atomic operations. The technique consists of two phases. In the first phase, the implementation code is instrumented in order to record information about its execution into a log. In the second phase, a verification thread runs concurrently with the implementation and uses the logged information to check that the execution conforms to the high-level specification. We pay special attention to reducing the impact of the runtime analysis on the concurrency characteristics and performance of the implementation. We are currently applying our technique to Boxwood, a distributed implementation of a B-link tree data structure. |
Questions
Question 1: Let Tid = {t1, t2, t3}, V = {v1, v2, v3}, Actions = {call, return, a1, a2, a3} and the set of public method names be {name1, name2, name3}, give an example of a run r such that r is well-formed.
(Update: the intention of the question is that the reader understands the definition of well-formedness and can give an intuition how a well-formed run looks like with several threads and actions, including call and return. The details of variable assigments and returned lists are optional, but not necessary. )
Question 2: Why does the runtime verification of I/O refinement needs to be improved even with commit acitons added?
Martin
Q1: The lack of connection between arguments, return values, and variable assignments seems to be valid. I let name1 and name2 assign variables on Return, and name3 in the Call action. I believe that to be valid too..? Q2: |
Magnus
Q1: r = [ Q2: |
Kjell
Q1: r = s0--a1-->s1--a2--> ... s5--a6-->s6 Q2: |
Stavros
Q1: Q2: |