SRC #14 CFSCQ: Extending a verified file system with concurrency Tej Chajed advised by Frans Kaashoek and Nickolai Zeldovich 1
Goal: verify a concurrent file system • Existing verified file systems are sequential • e.g. , FSCQ, Yggdrasil, BilbyFS • All real file systems are concurrent • e.g. , ext4, btrfs 2
CFSCQ re-uses FSCQ (a verified sequential file system) • FSCQ: 75,000 lines • CFSCQ: +6,000 lines • Concurrency verified separately from sequential behavior 3
What can we achieve without modifying proofs? • Make disk reads asynchronous • Run read-only system calls on multiple cores • Leverage FSCQ code, spec, and proof for bulk of concurrent implementation 4
Asynchronous reads allow system calls to read from memory while disk is reading CPU Disk rename read other syscall rename 5
Asynchronous reads allow system calls to read from memory while disk is reading CPU Disk rename rollback writes read other syscall rename restarts 6
Read-only system calls run on separate cores Core1 Core2 read stat stat 7
Read-only system calls run on separate cores Core1 Core2 Core3 read-only read stat rename updates stat 7
Read-only system calls run on separate cores Core1 Core2 Core3 read-only snapshot initial state read stat rename updates stat 7
Read-only system calls run on separate cores Core1 Core2 Core3 read-only snapshot initial state read stat rename updates stat update state 7
Read-only system calls run on separate cores Core1 Core2 Core3 read-only snapshot initial state read stat rename updates stat with write lock update state 7
Progress • Verified asynchronous disk reads and multicore ✔ concurrent reads • Asynchronous disk reads improve throughput with ✔ slow I/O • Working on performance and scalability of multicore reads 8
Recommend
More recommend
