Using concurrent relational logic with helpers for verifying the AtomFS file system

Zou, Mo; Ding, Haoran; Du, Dong; Fu, Ming; Gu, Ronghui; Chen, Haibo

doi:10.1145/3341301.3359644

Cited by 13 publications

(5 citation statements)

References 45 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…al. [49], for the purposes of verifying a concurrent file system with external linearization points. They extend the logic of Liang and Eng with abstract "helping" mechanism, which allows one thread to carry out linearization points of several other threads.…”

Section: Changes To the Reloc Modelmentioning

confidence: 99%

Mechanized verification of a fine-grained concurrent queue from meta’s folly library

Vindum

Frumin

Birkedal

2022

Proceedings of the 11th ACM SIGPLAN International Conference on Certified Programs and Proofs

View full text Add to dashboard Cite

We present the first formal specification and verification of the fine-grained concurrent multi-producer-multi-consumer queue algorithm from Meta's C++ library Folly of core infrastructure components. The queue is highly optimized, practical, and used by Meta in production where it scales to thousands of consumer and producer threads. We present an implementation of the algorithm in an ML-like language and formally prove that it is a contextual refinement of a simple coarse-grained queue (a property that implies that the MPMC queue is linearizable). We use the ReLoC relational logic and the Iris program logic to carry out the proof and to mechanize it in the Coq proof assistant. The MPMC queue is implemented using three modules, and our proof is similarly modular. By using ReLoC and Iris's support for modular reasoning we verify each module in isolation and compose these together. A key challenge of the MPMC queue is that it has a so-called external linearization point, which ReLoC has no support for reasoning about. Thus we extend ReLoC, both on paper and in Coq, with novel support for reasoning about external linearization points.

show abstract

Section: Changes To the Reloc Modelmentioning

confidence: 99%

Mechanized verification of a fine-grained concurrent queue from meta’s folly library

Vindum

Frumin

Birkedal

2022

Proceedings of the 11th ACM SIGPLAN International Conference on Certified Programs and Proofs

View full text Add to dashboard Cite

show abstract

“…Verification of a sophisticated locking scheme that locks inodes hand-overhand (lock coupling) has recently been done in the theorem prover Coq for a file system prototype called AtomFS that is directly programmed in C and stores data in RAM [44]. A particular challenge for the proof of linearizability solved there was the rename operation, that moves directories (whole subtrees).…”

Section: Related Workmentioning

confidence: 99%

Flashix: Modular Verification of a Concurrent and Crash-Safe Flash File System

Bodenmüller

Schellhorn

Bitterlich

et al. 2021

Logic, Computation and Rigorous Methods

View full text Add to dashboard Cite

The Flashix project has developed the first realistic verified file system for Flash memory. This paper gives an overview over the project and the theory used. Specification is based on modular components and subcomponents, which may have concurrent implementations connected via refinement. Functional correctness and crash-safety of each component is verified separately. We highlight some components that were recently added to improve efficiency, such as file caches and concurrent garbage collection. The project generates 18K of C code that runs under Linux. We evaluate how efficiency has improved and compare to UBIFS, the most recent flash file system implementation available for the Linux kernel.Partly supported by the Deutsche Forschungsgemeinschaft (DFG), "Verifikation von Flash-Dateisystemen" (grants RE828/13-1 and RE828/13-2).

show abstract

“…Concurrent Verified Components. With few exceptions [15,16,27,33,40,52,57], few systems verification methodologies reason about shared-memory concurrency. There are simple ways to safely layer concurrent reasoning on top of a singlethreaded verification.…”

Section: Functional Correctnessmentioning

confidence: 99%

An incremental path towards a safer OS kernel

Miller

Zhuo

et al. 2021

Proceedings of the Workshop on Hot Topics in Operating Systems

View full text Add to dashboard Cite

Linux has become the de-facto operating system of our age, but its vulnerabilities are a constant threat to service availability, user privacy, and data integrity. While one might scrap Linux and start over, the cost of that would be prohibitive due to Linux's ubiquitous deployment. In this paper, we propose an alternative, incremental route to a safer Linux through proper modularization and gradual replacement module by module. We lay out the research challenges and potential solutions for this route, and discuss the open questions ahead. CCS Concepts• Software and its engineering → Software verification;• Computer systems organization → Reliability.

show abstract

Using concurrent relational logic with helpers for verifying the AtomFS file system

Cited by 13 publications

References 45 publications

Mechanized verification of a fine-grained concurrent queue from meta’s folly library

Mechanized verification of a fine-grained concurrent queue from meta’s folly library

Flashix: Modular Verification of a Concurrent and Crash-Safe Flash File System

An incremental path towards a safer OS kernel

Contact Info

Product

Resources

About