Concurrent operations on B*-trees with overtaking
Journal of Computer and System Sciences
Linearizability: a correctness condition for concurrent objects
ACM Transactions on Programming Languages and Systems (TOPLAS)
Using a formal specification and a model checker to monitor and direct simulation
Proceedings of the 40th annual Design Automation Conference
A type and effect system for atomicity
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Atomizer: a dynamic atomicity checker for multithreaded programs
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Exploiting purity for atomicity
ISSTA '04 Proceedings of the 2004 ACM SIGSOFT international symposium on Software testing and analysis
Boxwood: abstractions as the foundation for storage infrastructure
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Using model checking with symbolic execution to verify parallel numerical programs
Proceedings of the 2006 international symposium on Software testing and analysis
A classification of concurrency bugs in java benchmarks by developer intent
Proceedings of the 2006 workshop on Parallel and distributed systems: testing and debugging
Automatically classifying benign and harmful data races using replay analysis
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Goldilocks: a race and transaction-aware java runtime
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Combining symbolic execution with model checking to verify parallel numerical programs
ACM Transactions on Software Engineering and Methodology (TOSEM)
Deriving linearizable fine-grained concurrent objects
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Experience with Model Checking Linearizability
Proceedings of the 16th International SPIN Workshop on Model Checking Software
VyrdMC: Driving Runtime Refinement Checking with Model Checkers
Electronic Notes in Theoretical Computer Science (ENTCS)
RV'07 Proceedings of the 7th international conference on Runtime verification
Line-up: a complete and automatic linearizability checker
PLDI '10 Proceedings of the 2010 ACM SIGPLAN conference on Programming language design and implementation
Verifying linearizability with hindsight
Proceedings of the 29th ACM SIGACT-SIGOPS symposium on Principles of distributed computing
Testing atomicity of composed concurrent operations
Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications
Verification of STM on relaxed memory models
Formal Methods in System Design
Bounded model checking of concurrent data types on relaxed memory models: a case study
CAV'06 Proceedings of the 18th international conference on Computer Aided Verification
Automatically proving linearizability
CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
Location pairs: a test coverage metric for shared-memory concurrent programs
Empirical Software Engineering
WSCMon: runtime monitoring of web service orchestration based on refinement checking
Service Oriented Computing and Applications
A novel test coverage metric for concurrently-accessed software components
FATES'05 Proceedings of the 5th international conference on Formal Approaches to Software Testing
Fully automatic and precise detection of thread safety violations
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
| Hi-index | 0.00 |
We present a runtime technique for checking that a concurrently-accessed data structure implementation, such as a file system or the storage management module of a database, conforms to an executable specification that contains an atomic method per data structure operation. The specification can be provided separately or a non-concurrent, "atomized" interpretation of the implementation can serve as the specification. The technique consists of two phases. In the first phase, the implementation is instrumented in order to record information into a log during execution. In the second, a separate verification thread uses the logged information to drive an instance of the specification and to check whether the logged execution conforms to it. We paid special attention to the general applicability and scalability of the techniques and to minimizing their concurrency and performance impact. The result is a lightweight verification method that provides a significant improvement over testing for concurrent programs.We formalize conformance to a specification using the notion of refinement: Each trace of the implementation must be equivalent to some trace of the specification. Among the novel features of our work are two variations on the definition of refinement appropriate for runtime checking: I/O and "view" refinement. These definitions were motivated by our experience with two industrial-scale concurrent data structure implementations: the Boxwood project, a B-link tree data structure built on a novel storage infrastructure [10] and the Scan file system [9]. I/O and view refinement checking were implemented as a verification tool named VRYD (VerifYing concurrent programs by Runtime Refinement-violation Detection). VYRD was applied to the verification of Boxwood, Java class libraries, and, previously, to the Scan filesystem. It was able to detect previously unnoticed subtle concurrency bugs in Boxwood and the Scan file system, and the known bugs in the Java class libraries and manually constructed examples. Experimental results indicate that our techniques have modest computational cost.