Robert J. Colvin, Ian J. Hayes, Scott Heiner, Peter Höfner, Larissa Meinicke, Roger C. Su
{"title":"在多核架构上对 seL4 的高效锁进行实际依赖/保证验证","authors":"Robert J. Colvin, Ian J. Hayes, Scott Heiner, Peter Höfner, Larissa Meinicke, Roger C. Su","doi":"arxiv-2407.20559","DOIUrl":null,"url":null,"abstract":"Developers of low-level systems code providing core functionality for\noperating systems and kernels must address hardware-level features of modern\nmulticore architectures. A particular feature is pipelined \"out-of-order\nexecution\" of the code as written, the effects of which are typically\nsummarised as a \"weak memory model\" - a term which includes further\ncomplicating factors that may be introduced by compiler optimisations. In many\ncases, the nondeterminism inherent in weak memory models can be expressed as\nmicro-parallelism, i.e., parallelism within threads and not just between them.\nFortunately Jones' rely/guarantee reasoning provides a compositional method for\nshared-variable concurrency, whether that be in terms of communication between\ntop-level threads or micro-parallelism within threads. In this paper we provide\nan in-depth verification of the lock algorithm used in the seL4 microkernel,\nusing rely/guarantee to handle both interthread communication as well as\nmicro-parallelism introduced by weak memory models.","PeriodicalId":501208,"journal":{"name":"arXiv - CS - Logic in Computer Science","volume":"32 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-07-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Practical Rely/Guarantee Verification of an Efficient Lock for seL4 on Multicore Architectures\",\"authors\":\"Robert J. Colvin, Ian J. Hayes, Scott Heiner, Peter Höfner, Larissa Meinicke, Roger C. Su\",\"doi\":\"arxiv-2407.20559\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Developers of low-level systems code providing core functionality for\\noperating systems and kernels must address hardware-level features of modern\\nmulticore architectures. A particular feature is pipelined \\\"out-of-order\\nexecution\\\" of the code as written, the effects of which are typically\\nsummarised as a \\\"weak memory model\\\" - a term which includes further\\ncomplicating factors that may be introduced by compiler optimisations. In many\\ncases, the nondeterminism inherent in weak memory models can be expressed as\\nmicro-parallelism, i.e., parallelism within threads and not just between them.\\nFortunately Jones' rely/guarantee reasoning provides a compositional method for\\nshared-variable concurrency, whether that be in terms of communication between\\ntop-level threads or micro-parallelism within threads. In this paper we provide\\nan in-depth verification of the lock algorithm used in the seL4 microkernel,\\nusing rely/guarantee to handle both interthread communication as well as\\nmicro-parallelism introduced by weak memory models.\",\"PeriodicalId\":501208,\"journal\":{\"name\":\"arXiv - CS - Logic in Computer Science\",\"volume\":\"32 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-07-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv - CS - Logic in Computer Science\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/arxiv-2407.20559\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Logic in Computer Science","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2407.20559","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Practical Rely/Guarantee Verification of an Efficient Lock for seL4 on Multicore Architectures
Developers of low-level systems code providing core functionality for
operating systems and kernels must address hardware-level features of modern
multicore architectures. A particular feature is pipelined "out-of-order
execution" of the code as written, the effects of which are typically
summarised as a "weak memory model" - a term which includes further
complicating factors that may be introduced by compiler optimisations. In many
cases, the nondeterminism inherent in weak memory models can be expressed as
micro-parallelism, i.e., parallelism within threads and not just between them.
Fortunately Jones' rely/guarantee reasoning provides a compositional method for
shared-variable concurrency, whether that be in terms of communication between
top-level threads or micro-parallelism within threads. In this paper we provide
an in-depth verification of the lock algorithm used in the seL4 microkernel,
using rely/guarantee to handle both interthread communication as well as
micro-parallelism introduced by weak memory models.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
