Verification of Tree-Based Hierarchical Read-Copy Update in the Linux Kernel
Size: px
Start display at page:

Download "Verification of Tree-Based Hierarchical Read-Copy Update in the Linux Kernel"

Transcription

1 Verification of Tree-Based Hierarchical Read-Copy Update in the Linux Kernel Paul E. McKenney, IBM Linux Technology Center Joint work with Lihao Liang*, Daniel Kroening, and Tom Melham, University of Oxford

2 What Is RCU? 3/5/8 Verification of Linux-Kernel RCU 2

3 What Is RCU? Synchronization primitive used in Linux kernel Heavily used, and gaining use elsewhere as well Some implementations do read-only traversal of linked data structures using exactly the same sequence of machine instructions used in the absence of updates Readers get excellent performance, scalability, Complex and highly concurrent implementation 3/5/8 Verification of Linux-Kernel RCU 3

4 RCU Is Specialized: Area of Applicability Stale and inconsistent data OK 00% Updates Update-Mostly, Need Fresh Consistent Data (RCU Not So Good),2 Read-Write, Need Consistent Data (RCU Might Be OK) Read-Mostly, Need Consistent Data (RCU Is OK) Read-Mostly, Stale/Inconsistent OK (RCU Is Great!!!) 00% Reads Need fresh and consistent data. RCU provides ABA protection for update-friendly mechanisms 3/5/8 2. RCU provides bounded Verification wait-free of Linux-Kernel read-side primitives RCU for real-time use 4

5 What Exactly Does Heavily Used Mean? 3/5/8 Verification of Linux-Kernel RCU 5

6 Isn't Making Software Work A Solved Problem? Million-Year Bug: Once Per Million Years 975 NHS 3/5/8 Verification of Linux-Kernel RCU 6

7 Isn't Making Software Work A Solved Problem? Million-Year Bug: Once In Ten Millennia NHS 985 Various 3/5/8 Verification of Linux-Kernel RCU 7

8 Isn't Making Software Work A Solved Problem? Million-Year Bug: Once Per Century K K NHS 985 Various 995 SQNT 3/5/8 Verification of Linux-Kernel RCU 8

9 Isn't Making Software Work A Solved Problem? Million-Year Bug: Once a Month 0M K K K 0K K NHS 985 Various 995 SQNT 2005 Linux 3/5/8 Verification of Linux-Kernel RCU 9

10 Isn't Making Software Work A Solved Problem? Million-Year Bug: Several Times per Day 0G 0M 0M K K K 0K K K 0K K NHS 985 Various 995 SQNT 2005 Linux 205 Linux 3/5/8 Verification of Linux-Kernel RCU 0

11 Isn't Making Software Work A Solved Problem? Million-Year Bug: Several Times per Hour 0G 00G 0G K K M 00K 0K K M 00K 0K K M 00K 0K K NHS 985 Various 995 SQNT 2005 Linux 205 Linux 207 Linux 3/5/8 Verification of Linux-Kernel RCU

12 Isn't Making Software Work A Solved Problem? Million-Year Bug? You don't want to know NHS Various 0K K SQNT 0M 00K 0K K Linux 0G 0M 00K 0K K Linux 00G 0G 0M 00K 0K K Linux T 00G 0G 0M 00K T 0K K /5/8 Verification of Linux-Kernel RCU 2 IoT

13 Isn't Making Software Work A Solved Problem? Million-Year Bug? You don't want to know... But Murphy has transitioned from nice guy to homicidal maniac!!! 975 NHS Various 0K K SQNT 0M 00K 0K K Linux 0G 0M 00K 0K K Linux 00G 0G 0M 00K 0K K Linux T 00G 0G 0M 00K T 0K K /5/8 Verification of Linux-Kernel RCU 3 IoT

14 Why Stress About Potential Low-Probability Bugs? Almost any bug can become a security exploit Internet: Physical presence no longer required Not restricted to software: Meltdown and Spectre RCU is not the only thing with empirical spec! RCU is low level does not imply low risk After all, Row Hammer hit DRAM! Might be a trillion IoT devices in the World Translates to huge numbers of failures Some of which might put the general public at risk RCU is well-contained test case for PoC 3/5/8 Verification of Linux-Kernel RCU 4

15 Why Not Try Formal Verification? 3/5/8 Verification of Linux-Kernel RCU 5

16 Why Not Try Formal Verification? In Linux-Kernel RCU's Regression Tests... 3/5/8 Verification of Linux-Kernel RCU 6

17 Formal Verification & Regression Tests: Requirements Either automatic or no translation Correctly handle environment: memory model! Reasonable memory and CPU overhead Map back to lines of code containing bugs Main input: source code under test Find relevant bugs 3/5/8 Verification of Linux-Kernel RCU 7

18 Scorecard for Linux-Kernel C Code Promela PPCMEM Herd CBMC Test () Automated (2) Handle environment (MM) (MM) (MM) (3) Low overhead SAT? (4) Map to source code (5) Modest input (6) Relevant bugs???????????? Paul McKenney's first use /5/8 Verification of Linux-Kernel RCU 8

19 CBMC (Very) Rough Schematic C Code Encode into logic expression CBMC SAT solver Kroening, Clarke, and Lerda, A tool for checking ANSI-C Programs, Tools and Algorithms for the Construction and Analysis of Systems, 2004, pp Trace generation (if counterexample located) Verification Result 3/5/8 Verification of Linux-Kernel RCU 9

20 Applying CBMC to Linux-Kernel RCU Linux kernel (v4.3.6) Test Scaffolding Linux-kernel RCU Port & trim Linux-kernel RCU Run CBMC Reflects server-class RCU up to 6 CPUs with default config (32 or 64 CPUs w/non-default configs) Approximated interrupts & grace-period kthread w/handplaced function calls, specified per-loop unrolling limits Modeled per-cpu variables with arrays Modeled locks with CPROVER_atomic*() Memory consistency models: SC, TSO, and PSO Tested safety and a weak form of liveness 3/5/8 Source code: 20

21 Healthy Skepticism 3/5/8 Verification of Linux-Kernel RCU 2

22 Healthy Skepticism Formal verification of Linux-kernel RCU? 3/5/8 Verification of Linux-Kernel RCU 22

23 Healthy Skepticism Formal verification of Linux-kernel RCU? Sure, I can also write printf( VERIFIED\n ); 3/5/8 Verification of Linux-Kernel RCU 23

24 Healthy Skepticism Formal verification of Linux-kernel RCU? Sure, I can also write printf( VERIFIED\n ); I therefore maintain bug-injected RCU versions 3/5/8 Verification of Linux-Kernel RCU 24

25 Healthy Skepticism Formal verification of Linux-kernel RCU? Sure, I can also write printf( VERIFIED\n ); I therefore maintain bug-injected RCU versions How did CBMC do? 3/5/8 Verification of Linux-Kernel RCU 25

26 Healthy Skepticism Formal verification of Linux-kernel RCU? Sure, I can also write printf( VERIFIED\n ); I therefore maintain bug-injected RCU versions How did CBMC do? Only 2 failures out of 30. Interrupt over-approximation, memory exhaustion Up to 90.4M SAT variables, 75GB, ~70 CPU hours Ran on 64-bit 2.4GHz Xeon, 2 cores & 96GB memory 3/5/8 Verification of Linux-Kernel RCU 26

27 Healthy Skepticism Formal verification of Linux-kernel RCU? Sure, I can also write printf( VERIFIED\n ); I therefore maintain bug-injected RCU versions How did CBMC do? Only 2 failures out of 30. Interrupt over-approximation, memory exhaustion Up to 90.4M SAT variables, 75GB, ~70 CPU hours Ran on 64-bit 2.4GHz Xeon, 2 cores & 96GB memory But did not find new-to-me bugs! 3/5/8 Verification of Linux-Kernel RCU 27

28 Summary and Challenges 3/5/8 Verification of Linux-Kernel RCU 28

29 Summary Linux-kernel RCU robustness is important Large installed base poses severe challenge First automated LK RCU formal verification Two other teams have since done similar work Formal verification in regression tests: Almost Future work: Find bugs I don't already know about! Nevertheless, this work demonstrates the nascent ability and potential of SAT-based formal-verification tools to handle real-world production-quality synchronization primitives 3/5/8 Verification of Linux-Kernel RCU 29

30 Challenges/Limitations/Future Work Better modeling of interrupts & kernel threads Model concurrent linked lists: call_rcu() Incorporate Linux-kernel memory model And/or ARM, PowerPC, RISC-V,... Forward progress: Detect hangs & deadlocks Can already detect unconditional hangs/deadlocks Fully analyze unbounded looping Or at least automatically derive unrolling bounds Larger programs: Automatic decomposition? 3/5/8 Verification of Linux-Kernel RCU 30

31 Additional Challenges Find bug in rcu_preempt_offline_tasks() Find bug in RCU_NO_HZ_FULL_SYSIDLE Find bug in RCU linked-list use cases Verification Challenge 6 Find bugs in other popular open-source SW 3/5/8 Verification of Linux-Kernel RCU 3

32 Legal Statement This work represents the view of the authors and does not necessarily represent the view of IBM or University of Oxford. IBM and IBM (logo) are trademarks or registered trademarks of International Business Machines Corporation in the United States and/or other countries. Linux is a registered trademark of Linus Torvalds. Other company, product, and service names may be trademarks or service marks of others. 3/5/8 Verification of Linux-Kernel RCU 32

33 Questions? 3/5/8 Verification of Linux-Kernel RCU 33

Similar documents

Does RCU Really Work?

Does RCU Really Work? Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology Multicore World, February 21, 2017 Does RCU Really Work? And if so, how would we know? Isn't Making

More information

Practical Experience With Formal Verification Tools

Practical Experience With Formal Verification Tools Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology The Royal Society: Specialist Meeting, April 5, 2016 Practical Experience With Formal Verification

More information

Formal Verification and Linux-Kernel Concurrency

Formal Verification and Linux-Kernel Concurrency Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology Beaver BarCamp, April 18, 2015 Formal Verification and Linux-Kernel Concurrency Overview Two Definitions

More information

Verification of Tree-Based Hierarchical Read-Copy Update in the Linux Kernel

Verification of Tree-Based Hierarchical Read-Copy Update in the Linux Kernel Verification of Tree-Based Hierarchical Read-Copy Update in the Linux Kernel Lihao Liang University of Oxford Paul E. McKenney IBM Linux Technology Center Daniel Kroening and Tom Melham University of Oxford

More information

Netconf RCU and Breakage. Paul E. McKenney IBM Distinguished Engineer & CTO Linux Linux Technology Center IBM Corporation

Netconf RCU and Breakage. Paul E. McKenney IBM Distinguished Engineer & CTO Linux Linux Technology Center IBM Corporation RCU and Breakage Paul E. McKenney IBM Distinguished Engineer & CTO Linux Linux Technology Center Copyright 2009 IBM 2002 IBM Corporation Overview What the #$I#@(&!!! is RCU-bh for??? RCU status in mainline

More information

Introduction to RCU Concepts

Introduction to RCU Concepts Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology 22 October 2013 Introduction to RCU Concepts Liberal application of procrastination for accommodation

More information

The RCU-Reader Preemption Problem in VMs

The RCU-Reader Preemption Problem in VMs The RCU-Reader Preemption Problem in VMs Aravinda Prasad1, K Gopinath1, Paul E. McKenney2 1 2 Indian Institute of Science (IISc), Bangalore IBM Linux Technology Center, Beaverton 2017 USENIX Annual Technical

More information

arxiv: v2 [cs.lo] 18 Jan 2018

arxiv: v2 [cs.lo] 18 Jan 2018 Verification of the Tree-Based Hierarchical Read-Copy Update in the Linux Kernel Lihao Liang University of Oxford Paul E. McKenney IBM Linux Technology Center Daniel Kroening Tom Melham University of Oxford

More information

Abstraction, Reality Checks, and RCU

Abstraction, Reality Checks, and RCU Abstraction, Reality Checks, and RCU Paul E. McKenney IBM Beaverton University of Toronto Cider Seminar July 26, 2005 Copyright 2005 IBM Corporation 1 Overview Moore's Law and SMP Software Non-Blocking

More information

Read-Copy Update (RCU) for C++

Read-Copy Update (RCU) for C++ Read-Copy Update (RCU) for C++ ISO/IEC JTC1 SC22 WG21 P0279R1-2016-08-25 Paul E. McKenney, paulmck@linux.vnet.ibm.com TBD History This document is a revision of P0279R0, revised based on discussions at

More information

Getting RCU Further Out Of The Way

Getting RCU Further Out Of The Way Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center (Linaro) 31 August 2012 2012 Linux Plumbers Conference, Real Time Microconference RCU Was Once A Major Real-Time Obstacle rcu_read_lock()

More information

Tracing and Linux-Kernel RCU

Tracing and Linux-Kernel RCU Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology Tracing Summit, October 12, 2016 Tracing and Linux-Kernel RCU Overview Two Definitions and a Consequence

More information

Testing real-time Linux: What to test and how.

Testing real-time Linux: What to test and how. Testing real-time Linux: What to test and how. Sripathi Kodi sripathik@in.ibm.com Agenda IBM Linux Technology Center What is a real-time Operating System? Enterprise real-time Real-Time patches for Linux

More information

Using a Malicious User-Level RCU to Torture RCU-Based Algorithms

Using a Malicious User-Level RCU to Torture RCU-Based Algorithms 2009 linux.conf.au Hobart, Tasmania, Australia Using a Malicious User-Level RCU to Torture RCU-Based Algorithms Paul E. McKenney, Ph.D. IBM Distinguished Engineer & CTO Linux Linux Technology Center January

More information

Real-Time Response on Multicore Systems: It is Bigger Than You Think

Real-Time Response on Multicore Systems: It is Bigger Than You Think Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center (Linaro) 29 August 2012 Real-Time Response on Multicore Systems: It is Bigger Than You Think 2012 Linux Plumbers Conference, Scaling

More information

Practical Experience With Formal Verification Tools

Practical Experience With Formal Verification Tools Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology Beaver Barcamp, April 16, 2016 Practical Experience With Formal Verification Tools Report from Royal

More information

F-Soft: Software Verification Platform

F-Soft: Software Verification Platform F-Soft: Software Verification Platform F. Ivančić, Z. Yang, M.K. Ganai, A. Gupta, I. Shlyakhter, and P. Ashar NEC Laboratories America, 4 Independence Way, Suite 200, Princeton, NJ 08540 fsoft@nec-labs.com

More information

Decoding Those Inscrutable RCU CPU Stall Warnings

Decoding Those Inscrutable RCU CPU Stall Warnings Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology Open Source Summit North America, September 12, 2017 Decoding Those Inscrutable RCU CPU Stall Warnings

More information

RCU and C++ Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology CPPCON, September 23, 2016

RCU and C++ Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology CPPCON, September 23, 2016 Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology CPPCON, September 23, 2016 RCU and C++ What Is RCU, Really? Publishing of new data: rcu_assign_pointer()

More information

What Happened to the Linux-Kernel Memory Model?

What Happened to the Linux-Kernel Memory Model? Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology linux.conf.au Lightning Talk, January 26, 2018 What Happened to the Linux-Kernel Memory Model? Joint

More information

When Do Real Time Systems Need Multiple CPUs?

When Do Real Time Systems Need Multiple CPUs? Paul E. McKenney, IBM Distinguished Engineer, CTO Linux October 24, 2010 When Do Real Time Systems Need Multiple CPUs? When Do Real Time Systems Need Multiple CPUs? Overview SMP Real Time Systems: Inevitable?

More information

Read-Copy Update in a Garbage Collected Environment. By Harshal Sheth, Aashish Welling, and Nihar Sheth

Read-Copy Update in a Garbage Collected Environment. By Harshal Sheth, Aashish Welling, and Nihar Sheth Read-Copy Update in a Garbage Collected Environment By Harshal Sheth, Aashish Welling, and Nihar Sheth Overview Read-copy update (RCU) Synchronization mechanism used in the Linux kernel Mainly used in

More information

Formal Verification and Linux-Kernel Concurrency

Formal Verification and Linux-Kernel Concurrency Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology Compositional Verification Methods for Next-Generation Concurrency, May 3, 2015 Formal Verification

More information

Validating Core Parallel Software

Validating Core Parallel Software Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center linux.conf.au January 29, 2013 Validating Core Parallel Software linux.conf.au Overview Avoiding Bugs The Open-Source Way Avoiding

More information

Real-Time Response on Multicore Systems: It is Bigger Than I Thought

Real-Time Response on Multicore Systems: It is Bigger Than I Thought Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center linux.conf.au January 31, 2013 Real-Time Response on Multicore Systems: It is Bigger Than I Thought History of Real Time (AKA Preemptible)

More information

Introduction to RCU Concepts

Introduction to RCU Concepts Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology 22 October 2013 Introduction to RCU Concepts Liberal application of procrastination for accommodation

More information

Decoding Those Inscrutable RCU CPU Stall Warnings

Decoding Those Inscrutable RCU CPU Stall Warnings Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology linux.conf.au Kernel Miniconf, January 22, 2018 Decoding Those Inscrutable RCU CPU Stall Warnings

More information

Hazard Pointers. Safe Resource Reclamation for Optimistic Concurrency

Hazard Pointers. Safe Resource Reclamation for Optimistic Concurrency Document Number: P0233R3 Date: 2017-02-06 Reply-to: maged.michael@acm.org, michael@codeplay.com Authors: Maged M. Michael, Michael Wong, Paul McKenney, Arthur O'Dwyer, David Hollman Project: Programming

More information

Real Time vs. Real Fast

Real Time vs. Real Fast Real Time vs. Real Fast Paul E. McKenney IBM Distinguished Engineer Overview Confessions of a Recovering Proprietary Programmer What is Real Time and Real Fast, Anyway??? Example Real Time Application

More information

Frightening small children and disconcerting grown-ups: Concurrency in the Linux kernel

Frightening small children and disconcerting grown-ups: Concurrency in the Linux kernel Frightening small children and disconcerting grown-ups: Concurrency in the Linux kernel Jade Alglave, Luc Maranget, Paul McKenney, Andrea Parri and Alan Stern Concurrency in Linux can be a contentious

More information

Multi-Core Memory Models and Concurrency Theory

Multi-Core Memory Models and Concurrency Theory Paul E. McKenney IBM Distinguished Engineer, Linux Technology Center 03 Jan 2011 Multi-Core Memory Models and Concurrency Theory A View from the Linux Community Multi-Core Memory Models and Concurrency

More information

Model Checking Embedded C Software using k-induction and Invariants

Model Checking Embedded C Software using k-induction and Invariants FEDERAL UNIVERSITY OF RORAIMA and FEDERAL UNIVESITY OF AMAZONAS Model Checking Embedded C Software using k-induction and Invariants Herbert Rocha, Hussama Ismail, Lucas Cordeiro and Raimundo Barreto Agenda

More information

Tom Hart, University of Toronto Paul E. McKenney, IBM Beaverton Angela Demke Brown, University of Toronto

Tom Hart, University of Toronto Paul E. McKenney, IBM Beaverton Angela Demke Brown, University of Toronto Making Lockless Synchronization Fast: Performance Implications of Memory Reclamation Tom Hart, University of Toronto Paul E. McKenney, IBM Beaverton Angela Demke Brown, University of Toronto Outline Motivation

More information

Jackson Marusarz Software Technical Consulting Engineer

Jackson Marusarz Software Technical Consulting Engineer Jackson Marusarz Software Technical Consulting Engineer What Will Be Covered Overview Memory/Thread analysis New Features Deep dive into debugger integrations Demo Call to action 2 Analysis Tools for Diagnosis

More information

Advances in Validation of Concurrent Software

Advances in Validation of Concurrent Software Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology Linux Plumbers Conference 2013, New Orleans, LA, USA September 18, 2013 Advances in Validation of

More information

Bounded Model Checking Of C Programs: CBMC Tool Overview

Bounded Model Checking Of C Programs: CBMC Tool Overview Workshop on Formal Verification and Analysis Tools, CFDVS, IIT-Bombay - Feb 21,2017 Bounded Model Checking Of C Programs: CBMC Tool Overview Prateek Saxena CBMC Developed and Maintained by Dr Daniel Kröning

More information

NVMe Over Fabrics: Scaling Up With The Storage Performance Development Kit

NVMe Over Fabrics: Scaling Up With The Storage Performance Development Kit NVMe Over Fabrics: Scaling Up With The Storage Performance Development Kit Ben Walker Data Center Group Intel Corporation 2018 Storage Developer Conference. Intel Corporation. All Rights Reserved. 1 Notices

More information

Outline. Low-Level Optimizations in the PowerPC/Linux Kernels. PowerPC Architecture. PowerPC Architecture

Outline. Low-Level Optimizations in the PowerPC/Linux Kernels. PowerPC Architecture. PowerPC Architecture Low-Level Optimizations in the PowerPC/Linux Kernels Dr. Paul Mackerras Senior Technical Staff Member IBM Linux Technology Center OzLabs Canberra, Australia paulus@samba.org paulus@au1.ibm.com Introduction

More information

Typed Assembly Language for Implementing OS Kernels in SMP/Multi-Core Environments with Interrupts

Typed Assembly Language for Implementing OS Kernels in SMP/Multi-Core Environments with Interrupts Typed Assembly Language for Implementing OS Kernels in SMP/Multi-Core Environments with Interrupts Toshiyuki Maeda and Akinori Yonezawa University of Tokyo Quiz [Environment] CPU: Intel Xeon X5570 (2.93GHz)

More information

C Code Verification based on the Extended Labeled Transition System Model

C Code Verification based on the Extended Labeled Transition System Model C Code Verification based on the Extended Labeled Transition System Model Dexi Wang, Chao Zhang, Guang Chen, Ming Gu, and Jiaguang Sun School of Software, TNLIST, Tsinghua University, China {dx-wang12,zhang-chao13,chenguan14}@mails.tsinghua.edu.cn

More information

Bounded Model Checking of Concurrent Programs

Bounded Model Checking of Concurrent Programs Bounded Model Checking of Concurrent Programs Ishai Rabinovitz 1, and Orna Grumberg 1 1 Technion - Israel Institute of Technology IBM Haifa Research Laboratory, Haifa, Israel ishai@il.ibm.com orna@cs.technion.ac.il

More information

Sleepable Read-Copy Update

Sleepable Read-Copy Update Sleepable Read-Copy Update Paul E. McKenney Linux Technology Center IBM Beaverton paulmck@us.ibm.com July 8, 2008 Read-copy update (RCU) is a synchronization API that is sometimes used in place of reader-writer

More information

Effective Data-Race Detection for the Kernel

Effective Data-Race Detection for the Kernel Effective Data-Race Detection for the Kernel John Erickson, Madanlal Musuvathi, Sebastian Burckhardt, Kirk Olynyk Microsoft Research Presented by Thaddeus Czauski 06 Aug 2011 CS 5204 2 How do we prevent

More information

Paul E. McKenney, Distinguished Engineer IBM Linux Technology Center

Paul E. McKenney, Distinguished Engineer IBM Linux Technology Center Ottawa Linux Symposium Real Time vs. Real Fast : How to Choose? Paul E. McKenney, Distinguished Engineer July 23, 2008 Overview 2008 Ottawa Linux Symposium What is Real Time and Real Fast, Anyway??? Example

More information

Advances in Validation of Concurrent Software

Advances in Validation of Concurrent Software Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology linux.conf.au, Perth, Australia, January 8, 2014 Advances in Validation of Concurrent Software Overview

More information

BITCOIN MINING IN A SAT FRAMEWORK

BITCOIN MINING IN A SAT FRAMEWORK BITCOIN MINING IN A SAT FRAMEWORK Jonathan Heusser @jonathanheusser DISCLAIMER JUST TO BE CLEAR.. This is research! Not saying ASICs suck I am not a cryptographer, nor SAT solver guy WTF REALISED PHD RESEARCH

More information

Paul E. McKenney, Distinguished Engineer IBM Linux Technology Center

Paul E. McKenney, Distinguished Engineer IBM Linux Technology Center After 25 Years, C/C++ Understands Concurrency Paul E. McKenney, Distinguished Engineer February 1, 2008 What This Talk is Not... Not introducing new synchronization mechanisms The point of standardization

More information

Software Model Checking. Xiangyu Zhang

Software Model Checking. Xiangyu Zhang Software Model Checking Xiangyu Zhang Symbolic Software Model Checking CS510 S o f t w a r e E n g i n e e r i n g Symbolic analysis explicitly explores individual paths, encodes and resolves path conditions

More information

Parallel Methods for Verifying the Consistency of Weakly-Ordered Architectures. Adam McLaughlin, Duane Merrill, Michael Garland, and David A.

Parallel Methods for Verifying the Consistency of Weakly-Ordered Architectures. Adam McLaughlin, Duane Merrill, Michael Garland, and David A. Parallel Methods for Verifying the Consistency of Weakly-Ordered Architectures Adam McLaughlin, Duane Merrill, Michael Garland, and David A. Bader Challenges of Design Verification Contemporary hardware

More information

Proving Dekker with SPIN and PROMELA

Proving Dekker with SPIN and PROMELA 15-410...fairness disabled... Proving Dekker with SPIN and PROMELA Joshua Wise With help from Greg Hartman L36_SPIN 1 Synchronization Project 4 due Wednesday Everyone having fun? Kernel interviews If you

More information

Exploring mtcp based Single-Threaded and Multi-Threaded Web Server Design

Exploring mtcp based Single-Threaded and Multi-Threaded Web Server Design Exploring mtcp based Single-Threaded and Multi-Threaded Web Server Design A Thesis Submitted in partial fulfillment of the requirements for the degree of Master of Technology by Pijush Chakraborty (153050015)

More information

The benefits and costs of writing a POSIX kernel in a high-level language

The benefits and costs of writing a POSIX kernel in a high-level language 1 / 38 The benefits and costs of writing a POSIX kernel in a high-level language Cody Cutler, M. Frans Kaashoek, Robert T. Morris MIT CSAIL Should we use high-level languages to build OS kernels? 2 / 38

More information

Verifying Concurrent Programs

Verifying Concurrent Programs Verifying Concurrent Programs Daniel Kroening 8 May 1 June 01 Outline Shared-Variable Concurrency Predicate Abstraction for Concurrent Programs Boolean Programs with Bounded Replication Boolean Programs

More information

Formal Verification for UML/SysML models

Formal Verification for UML/SysML models Formal Verification for UML/SysML models IBM Research Lab - Haifa Content Formal verification v.s. testing Correctness properties Formal verification for Rhapsody models 2 Formal Verification Desired Properties

More information

Stateless Model Checking of the Linux Kernel s Hierarchical Read-Copy-Update (Tree RCU)

Stateless Model Checking of the Linux Kernel s Hierarchical Read-Copy-Update (Tree RCU) Stateless Model Checking of the Linux Kernel s Hierarchical Read-Copy-Update (Tree RCU) ABSTRACT Michalis Kokologiannakis National Technical University of Athens, Greece Read-Copy-Update (RCU) is a synchronization

More information

NVIDIA COLLECTIVE COMMUNICATION LIBRARY (NCCL)

NVIDIA COLLECTIVE COMMUNICATION LIBRARY (NCCL) NVIDIA COLLECTIVE COMMUNICATION LIBRARY (NCCL) RN-08645-000_v01 March 2018 Release Notes TABLE OF CONTENTS Chapter Chapter Chapter Chapter Chapter Chapter Chapter 1. 2. 3. 4. 5. 6. 7. NCCL NCCL NCCL NCCL

More information

Is Parallel Programming Hard, And If So, What Can You Do About It?

Is Parallel Programming Hard, And If So, What Can You Do About It? 2011 Android System Developer Forum Is Parallel Programming Hard, And If So, What Can You Do About It? Paul E. McKenney IBM Distinguished Engineer & CTO Linux Linux Technology Center April 28, 2011 Copyright

More information

Precision Time Protocol, and Sub-Microsecond Synchronization

Precision Time Protocol, and Sub-Microsecond Synchronization Linux Foundation End User Summit May 1, 2012 Precision Time Protocol, and Sub-Microsecond Synchronization Mike Kravetz IBM Linux Technology Center kravetz@us.ibm.com 2009 IBM Corporation Agenda Background/History

More information

Lawson M3 7.1 Large User Scaling on System i

Lawson M3 7.1 Large User Scaling on System i Lawson M3 7.1 Large User Scaling on System i IBM System i Paul Swenson paulswen@us.ibm.com System i ERP, Lawson Team Version Date: November 15 2007 Statement of Approval... 3 Introduction... 4 Benchmark

More information

Read-Copy Update (RCU) Validation and Verification for Linux

Read-Copy Update (RCU) Validation and Verification for Linux Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology Read-Copy Update (RCU) Validation and Verification for Linux Overview What Is RCU? Linux Kernel Validation:

More information

UNDERSTANDING PROGRAMMING BUGS IN ANSI-C SOFTWARE USING BOUNDED MODEL CHECKING COUNTER-EXAMPLES

UNDERSTANDING PROGRAMMING BUGS IN ANSI-C SOFTWARE USING BOUNDED MODEL CHECKING COUNTER-EXAMPLES FEDERAL UNIVERSITY OF AMAZONAS INSTITUTE OF COMPUTING GRADUATE PROGRAM IN COMPUTER SCIENCE UNDERSTANDING PROGRAMMING BUGS IN ANSI-C SOFTWARE USING BOUNDED MODEL CHECKING COUNTER-EXAMPLES Herbert Oliveira

More information

Load-reserve / Store-conditional on POWER and ARM

Load-reserve / Store-conditional on POWER and ARM Load-reserve / Store-conditional on POWER and ARM Peter Sewell (slides from Susmit Sarkar) 1 University of Cambridge June 2012 Correct implementations of C/C++ on hardware Can it be done?...on highly relaxed

More information

What Is RCU? Guest Lecture for University of Cambridge

What Is RCU? Guest Lecture for University of Cambridge Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center Member, IBM Academy of Technology November 1, 2013 What Is RCU? Guest Lecture for University of Cambridge Overview Mutual Exclusion

More information

Extreme-Scale Operating Systems

Extreme-Scale Operating Systems Extreme-Scale Operating Systems Rolf Riesen 23 August 2016 Copyright c 2016 Intel Corporation. All rights reserved. ROME Legal Disclaimer Intel and the Intel logo are trademarks of Intel Corporation in

More information

Program Analysis and Code Verification

Program Analysis and Code Verification Program Analysis and Code Verification http://d3s.mff.cuni.cz Pavel Parízek CHARLES UNIVERSITY IN PRAGUE faculty of mathematics and physics Language Lectures: English Labs: English Homework: Czech/English

More information

On partial order semantics for SAT/SMT-based symbolic encodings of weak memory concurrency

On partial order semantics for SAT/SMT-based symbolic encodings of weak memory concurrency On partial order semantics for SAT/SMT-based symbolic encodings of weak memory concurrency Alex Horn and Daniel Kroening University of Oxford April 30, 2015 Outline What s Our Problem? Motivation and Example

More information

Intel Threading Building Blocks (Intel TBB) 2.1. In-Depth

Intel Threading Building Blocks (Intel TBB) 2.1. In-Depth Intel Threading Building Blocks (Intel TBB) 2.1 In-Depth Contents Intel Threading Building Blocks (Intel TBB) 2.1........... 3 Features................................................ 3 New in this Release.....................................

More information

Read-Copy Update (RCU) Don Porter CSE 506

Read-Copy Update (RCU) Don Porter CSE 506 Read-Copy Update (RCU) Don Porter CSE 506 Logical Diagram Binary Formats Memory Allocators Today s Lecture System Calls Threads User Kernel RCU File System Networking Sync Memory Management Device Drivers

More information

David DeFlyer Class notes CS162 January 26 th, 2009

David DeFlyer Class notes CS162 January 26 th, 2009 1. Class opening: 1. Handed out ACM membership information 2. Review of last lecture: 1. operating systems were something of an ad hoc component 2. in the 1960s IBM tried to produce a OS for all customers

More information

Hazard Pointers. Safe Resource Reclamation for Optimistic Concurrency

Hazard Pointers. Safe Resource Reclamation for Optimistic Concurrency Document Number: P0233R1 Date: 2016 05 29 Reply to: maged.michael@acm.org, michael@codeplay.com Authors: Maged M. Michael, Michael Wong Project: Programming Language C++, SG14/SG1 Concurrency, LEWG Hazard

More information

NightStar. NightView Source Level Debugger. Real-Time Linux Debugging and Analysis Tools BROCHURE

NightStar. NightView Source Level Debugger. Real-Time Linux Debugging and Analysis Tools BROCHURE NightStar Real-Time Linux Debugging and Analysis Tools Concurrent s NightStar is a powerful, integrated tool set for debugging and analyzing time-critical Linux applications. NightStar tools run with minimal

More information

Multiprocessor System. Multiprocessor Systems. Bus Based UMA. Types of Multiprocessors (MPs) Cache Consistency. Bus Based UMA. Chapter 8, 8.

Multiprocessor System. Multiprocessor Systems. Bus Based UMA. Types of Multiprocessors (MPs) Cache Consistency. Bus Based UMA. Chapter 8, 8. Multiprocessor System Multiprocessor Systems Chapter 8, 8.1 We will look at shared-memory multiprocessors More than one processor sharing the same memory A single CPU can only go so fast Use more than

More information

The ComFoRT Reasoning Framework

The ComFoRT Reasoning Framework Pittsburgh, PA 15213-3890 The ComFoRT Reasoning Framework Sagar Chaki James Ivers Natasha Sharygina Kurt Wallnau Predictable Assembly from Certifiable Components Enable the development of software systems

More information

Simplicity Through Optimization

Simplicity Through Optimization 21 linux.conf.au Wellington, NZ Simplicity Through Optimization It Doesn't Always Work This Way, But It Is Sure Nice When It Does!!! Paul E. McKenney, Distinguished Engineer January 21, 21 26-21 IBM Corporation

More information

Lecture 1: Model Checking. Edmund Clarke School of Computer Science Carnegie Mellon University

Lecture 1: Model Checking. Edmund Clarke School of Computer Science Carnegie Mellon University Lecture 1: Model Checking Edmund Clarke School of Computer Science Carnegie Mellon University 1 Cost of Software Errors June 2002 Software bugs, or errors, are so prevalent and so detrimental that they

More information

Multiprocessor Systems. COMP s1

Multiprocessor Systems. COMP s1 Multiprocessor Systems 1 Multiprocessor System We will look at shared-memory multiprocessors More than one processor sharing the same memory A single CPU can only go so fast Use more than one CPU to improve

More information

More on Verification and Model Checking

More on Verification and Model Checking More on Verification and Model Checking Wednesday Oct 07, 2015 Philipp Rümmer Uppsala University Philipp.Ruemmer@it.uu.se 1/60 Course fair! 2/60 Exam st October 21, 8:00 13:00 If you want to participate,

More information

Software verification for ubiquitous computing

Software verification for ubiquitous computing Software verification for ubiquitous computing Marta Kwiatkowska Computing Laboratory, University of Oxford QA 09, Grenoble, June 2009 Software everywhere Electronic devices, ever smaller Laptops, phones,

More information

Abstraction techniques for Floating-Point Arithmetic

Abstraction techniques for Floating-Point Arithmetic Abstraction techniques for Floating-Point Arithmetic Angelo Brillout 1, Daniel Kroening 2 and Thomas Wahl 2 1 ETH Zurich, 2 Oxford University ETH Zürich Floating-Point Arithmetic (FPA) Used for embedded

More information

What Is RCU? Indian Institute of Science, Bangalore. Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center 3 June 2013

What Is RCU? Indian Institute of Science, Bangalore. Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center 3 June 2013 Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center 3 June 2013 What Is RCU? Indian Institute of Science, Bangalore Overview Mutual Exclusion Example Application Performance of Synchronization

More information

Lecture 13: Memory Consistency. + a Course-So-Far Review. Parallel Computer Architecture and Programming CMU , Spring 2013

Lecture 13: Memory Consistency. + a Course-So-Far Review. Parallel Computer Architecture and Programming CMU , Spring 2013 Lecture 13: Memory Consistency + a Course-So-Far Review Parallel Computer Architecture and Programming Today: what you should know Understand the motivation for relaxed consistency models Understand the

More information

Bug Finding with Under-approximating Static Analyses. Daniel Kroening, Matt Lewis, Georg Weissenbacher

Bug Finding with Under-approximating Static Analyses. Daniel Kroening, Matt Lewis, Georg Weissenbacher Bug Finding with Under-approximating Static Analyses Daniel Kroening, Matt Lewis, Georg Weissenbacher Overview Over- vs. underapproximating static analysis Path-based symbolic simulation Path merging Acceleration

More information

Non-blocking Array-based Algorithms for Stacks and Queues. Niloufar Shafiei

Non-blocking Array-based Algorithms for Stacks and Queues. Niloufar Shafiei Non-blocking Array-based Algorithms for Stacks and Queues Niloufar Shafiei Outline Introduction Concurrent stacks and queues Contributions New algorithms New algorithms using bounded counter values Correctness

More information

Read-Copy Update (RCU) Don Porter CSE 506

Read-Copy Update (RCU) Don Porter CSE 506 Read-Copy Update (RCU) Don Porter CSE 506 RCU in a nutshell ò Think about data structures that are mostly read, occasionally written ò Like the Linux dcache ò RW locks allow concurrent reads ò Still require

More information

Intel Threading Tools

Intel Threading Tools Intel Threading Tools Paul Petersen, Intel -1- INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. EXCEPT AS PROVIDED IN INTEL'S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS,

More information

NVIDIA COLLECTIVE COMMUNICATION LIBRARY (NCCL)

NVIDIA COLLECTIVE COMMUNICATION LIBRARY (NCCL) NVIDIA COLLECTIVE COMMUNICATION LIBRARY (NCCL) RN-08645-000_v01 September 2018 Release Notes TABLE OF CONTENTS Chapter Chapter Chapter Chapter Chapter Chapter Chapter Chapter Chapter Chapter 1. NCCL Overview...1

More information

Market Data Publisher In a High Frequency Trading Set up

Market Data Publisher In a High Frequency Trading Set up Market Data Publisher In a High Frequency Trading Set up INTRODUCTION The main theme behind the design of Market Data Publisher is to make the latest trade & book data available to several integrating

More information

<Insert Picture Here> Boost Linux Performance with Enhancements from Oracle

<Insert Picture Here> Boost Linux Performance with Enhancements from Oracle Boost Linux Performance with Enhancements from Oracle Chris Mason Director of Linux Kernel Engineering Linux Performance on Large Systems Exadata Hardware How large systems are different

More information

Supra-linear Packet Processing Performance with Intel Multi-core Processors

Supra-linear Packet Processing Performance with Intel Multi-core Processors White Paper Dual-Core Intel Xeon Processor LV 2.0 GHz Communications and Networking Applications Supra-linear Packet Processing Performance with Intel Multi-core Processors 1 Executive Summary Advances

More information

Advanced Operating Systems (CS 202)

Advanced Operating Systems (CS 202) Advanced Operating Systems (CS 202) Memory Consistency, Cache Coherence and Synchronization (Part II) Jan, 30, 2017 (some cache coherence slides adapted from Ian Watson; some memory consistency slides

More information

System Wide Tracing User Need

System Wide Tracing User Need System Wide Tracing User Need dominique toupin ericsson com April 2010 About me Developer Tool Manager at Ericsson, helping Ericsson sites to develop better software efficiently Background

More information

Proposed Wording for Concurrent Data Structures: Hazard Pointer and Read Copy Update (RCU)

Proposed Wording for Concurrent Data Structures: Hazard Pointer and Read Copy Update (RCU) Document number: D0566R1 Date: 20170619 (pre Toronto) Project: Programming Language C++, WG21, SG1,SG14, LEWG, LWG Authors: Michael Wong, Maged M. Michael, Paul McKenney, Geoffrey Romer, Andrew Hunter

More information

OpenMPDK and unvme User Space Device Driver for Server and Data Center

OpenMPDK and unvme User Space Device Driver for Server and Data Center OpenMPDK and unvme User Space Device Driver for Server and Data Center Open source for maximally utilizing Samsung s state-of-art Storage Solution in shorter development time White Paper 2 Target Audience

More information

A Comparison of Relativistic and Reader-Writer Locking Approaches to Shared Data Access

A Comparison of Relativistic and Reader-Writer Locking Approaches to Shared Data Access A Comparison of Relativistic and Reader-Writer Locking Approaches to Shared Data Access Philip W. Howard, Josh Triplett, and Jonathan Walpole Portland State University Abstract. This paper explores the

More information

Concurrency: State Models & Design Patterns

Concurrency: State Models & Design Patterns Concurrency: State Models & Design Patterns Practical Session Week 02 1 / 13 Exercises 01 Discussion Exercise 01 - Task 1 a) Do recent central processing units (CPUs) of desktop PCs support concurrency?

More information

Scalable Program Analysis Using Boolean Satisfiability: The Saturn Project

Scalable Program Analysis Using Boolean Satisfiability: The Saturn Project Scalable Program Analysis Using Boolean Satisfiability: The Saturn Project Alex Aiken Stanford University Saturn 1 The Idea Verify properties of large systems! Doesn t {SLAM, BLAST, CQual, ESP} already

More information

Synchronization for Concurrent Tasks

Synchronization for Concurrent Tasks Synchronization for Concurrent Tasks Minsoo Ryu Department of Computer Science and Engineering 2 1 Race Condition and Critical Section Page X 2 Synchronization in the Linux Kernel Page X 3 Other Synchronization

More information

Scalable Correct Memory Ordering via Relativistic Programming

Scalable Correct Memory Ordering via Relativistic Programming Scalable Correct Memory Ordering via Relativistic Programming Josh Triplett Portland State University josh@joshtriplett.org Philip W. Howard Portland State University pwh@cs.pdx.edu Paul E. McKenney IBM

More information

Validating Core Parallel Software

Validating Core Parallel Software Paul E. McKenney, IBM Distinguished Engineer, Linux Technology Center 28 October 2011 Validating Core Parallel Software Overview Who is Paul and How Did He Get This Way? Avoiding Debugging By Design Avoiding

More information

Advanced Topic: Efficient Synchronization

Advanced Topic: Efficient Synchronization Advanced Topic: Efficient Synchronization Multi-Object Programs What happens when we try to synchronize across multiple objects in a large program? Each object with its own lock, condition variables Is

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback