buddy memory allocation in zephyr rtos
play

Buddy Memory Allocation in Zephyr RTOS L o L o g o g o Authors: - PowerPoint PPT Presentation

Jun 07, 2023 β€’152 likes β€’475 views

Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS L o L o g o g o Authors: Feng Zhang , Yongwang Zhao , , Dianfu Ma , Wensheng Niu *. Corresponding Author 1. School of Computer

  1. Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS L o L o g o g o Authors: Feng Zhang 𝟐 , Yongwang Zhao βˆ—,𝟐 , Dianfu Ma 𝟐 , Wensheng Niu πŸ‘ *. Corresponding Author 1. School of Computer Science and Engineering, Beihang Univerisity, China 2. Aeronautical Computing Technique Research Institute, Xi’an, China

  2. Contents ➒ 1. Introduction ➒ 2. Buddy Memory Allocation Algorithm in Zephyr ➒ 3. Fine-Grained Formal Specification in Isabell/HOL ➒ 4. Formal Proof ➒ 5. Results and Discussions ➒ 6. Conclusions 1 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  3. 1. Introduction - Abstract ➒ Memory management (MM) is a critical component of OS ➒ Bugs in MM may crash OS or the whole critical system ➒ This paper presents a case study of formal verification on the buddy memory allocation component of the Zephyr RTOS: β€’ Provide Fine-Grained formal specification in Isabelle/HOL β€’ Conduct Formal proof using the interactive prover in Isabelle β€’ Find two flaws in the C code when executing sequentially 2 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  4. 1. Introduction – Research Status ➒ Verification of the TLSF algorithm in Event-B: O nly verifies an abstract specification at the requirement level β€’ β€’ not check consistency between elements in the data structure ➒ seL4 pushes the memory allocation outside of the kernel ➒ Yu et al. introduce a low-level language CAP (certified assembly programming) in Coq β€’ build certified programs β€’ present a certified library for dynamic storage allocation β€’ not a kernel’s component but a certified memory library β€’ 75 lines C code 3 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  5. 1. Introduction – summary ➒ We create a fine-grained formal specification: β€’ All the elements of the data structure β€’ All the operations (initialization, allocation and release) β€’ System clocks and simple kernel scheduling β€’ The execution of memory allocation is preemptive ➒ We concentrate in five types of critical properties: β€’ Invariants β€’ Correctness of doubly linked lists β€’ Functional correctness of events β€’ Conformity of event specifications to kernel requirements β€’ Livelock-free of the system specification. 4 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  6. Contents ➒ 1. Introduction ➒ 2. Buddy Memory Allocation Algorithm in Zephyr ➒ 3. Fine-Grained Formal Specification in Isabell/HOL ➒ 4. Formal Proof ➒ 5. Results and Discussions ➒ 6. Conclusions 5 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  7. 2.1 – Zephyr Project ➒ Zephyr Project is a Linux Foundation Project ➒ Be perfect for building simple connected sensors: β€’ up to modems and small IoT wireless gateways β€’ Built with safety and security in mind β€’ Cross-architecture with growing developer tool support β€’ Complete, fully integrated, highly configurable, modular for flexibility, better than roll-your-own β€’ Product development ready β€’ Permissively licensed 6 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  8. 2.2 – Zephyr OS Kernel ➒ Derived from Wind River ’s commercial Microkernel Profile ➒ Microkernel Profile has evolved over 20 years from DSP RTOS technology known as Virtuoso ➒ Used in several commercial applications: β€’ satellites, military command and control communications, radar, telecommunications and image processing β€’ successful Philae Landing on Comet Churyumov – Gerasimenko and the accompanying Rosetta Orbiter 7 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  9. 2.2 – Buddy Memory Allocation Algorithm in Zephyr Kernel ➒ (1) Pool and block Initialization β€’ only be defined and initialized at compile time ➒ (2) Block Allocation β€’ Quad-Partitioning: iteratively partitioning larger blocks into smaller quad- ones ➒ (3)Block Release β€’ Immediately, automatically, and recursively combining smaller blocks into bigger ones 8 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  10. 2.2 – Buddy Memory Allocation Algorithm in Zephyr Kernel ➒ (1) Pool and block Initialization β€’ only be defined and initialized at compile time ➒ (2) Block Allocation β€’ Quad-Partitioning: iteratively partitioning larger blocks into smaller quad- ones ➒ (3)Block Release β€’ Immediately, automatically, and recursively combining smaller blocks into bigger ones 9 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  11. Contents ➒ 1. Introduction ➒ 2. Buddy Memory Allocation Algorithm ➒ 3. Fine-Grained Formal Specification in Isabell/HOL ➒ 4. Formal Proof ➒ 5. Results and Discussions ➒ 6. Conclusions 10 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  12. 3 – Fine-Grained Formal Specification ➒ A. State Machine β€’ The state is defined as a record StateD β€’ the initial state 𝑑 0 state-transition functions Ο† β€’ 11 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  13. 3 – Fine-Grained Formal Specification ➒ B. Data Structure 12 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  14. 3 – Fine-Grained Formal Specification ➒ B. Data Structure 13 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  15. 3 – Fine-Grained Formal Specification ➒ C. Event Specification  system behaviors based on Zephyr characteristics β€’ system clocks time_tick β€’ the thread scheduling schedule  actions operated on memory pools and blocks β€’ pool and block initializations β€’ block allocations β€’ block release 14 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  16. 3 – Fine-Grained Formal Specification ➒ C. Event Specification  system behaviors based on Zephyr characteristics β€’ system clocks time_tick β€’ the thread scheduling schedule  actions operated on memory pools and blocks β€’ pool and block initializations β€’ block allocations β€’ block release 15 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  17. 3 – Fine-Grained Formal Specification ➒ C. Event Specification 16 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  18. 3 – Fine-Grained Formal Specification ➒ D. State Space 17 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  19. Contents ➒ 1. Introduction ➒ 2. Buddy Memory Allocation Algorithm in Zephyr ➒ 3. Fine-Grained Formal Specification in Isabell/HOL ➒ 4. Formal Proof ➒ 5. Results and Discussions ➒ 6. Conclusions 18 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  20. 4 – Formal Proof ➒ 4.1 Invariants - Consistency of Data Structure β€’ bitMap_freelistS s specifies the consistency between bit_maps and free lists β€’ bitMap_treeS s specifies the consistency between bit_maps and abstract trees. 19 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  21. 4 – Formal Proof ➒ 4.2 Correctness of Doubly Linked Lists β€’ The pointer in C is specified as a ref in Isabelle β€’ ref = (UNIV::nat set) β€’ head_next :: β€œref => refβ€œ β€’ tail_prev :: "ref => ref" 20 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  22. 4 – Formal Proof ➒ 4.2 Correctness of Doubly Linked Lists β€’ Length of a dilist β€’ Validity of a node β€’ Validity of a dlist β€’ Validity of appending actions 21 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  23. 4 – Formal Proof ➒ 4.3 Functional Correctness of Events β€’ {P} C {Q} β€’ Our specifications are all total correctness specifications β€’ terminations are ensured by using the primrec, fun, function and definition 22 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  24. 4 – Formal Proof ➒ 4.4 Conformity of Event Specifications to Kernel Requirements β€’ determine whether event executions and their return values conform to the kernel requirements ➒ 4.5 Livelock-free β€’ Starvation β€’ Execution loop β€’ No further progress 23 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  25. Contents ➒ 1. Introduction ➒ 2. Buddy Memory Allocation Algorithm in Zephyr ➒ 3. Fine-Grained Formal Specification in Isabell/HOL ➒ 4. Formal Proof ➒ 5. Results and Discussions ➒ 6. Conclusions 24 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  26. 5 – Results and Discussions ➒ A. Evaluation β€’ 600 lines C β€’ 800 lines specification: 109 functions/definitions 12 primary events β€’ 9400 lines proof: 338 lemmas 25 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

  27. 5 – Results and Discussions ➒ B. Results of formal analysis: fine two flaws  Return code not conform to the kernel requirement  Application thread will fall into live lock. 26 Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Dynamic Memory Management Allocating memory: The Interface Buddy System

Dynamic Memory Management Allocating memory: The Interface Buddy System

CPSC 410/611 : Operating Systems Dynamic Memory Management Allocating memory: The Interface Buddy System Slab Allocation Reading: Doeppner, 3.3 Memory Areas Memory areas (regions) are intervals of legal

183 views β€’ 5 slides
Zephyr Power Management Ramesh Thomas OTC, Intel Zephyr is a trademark of the Linux

Zephyr Power Management Ramesh Thomas OTC, Intel Zephyr is a trademark of the Linux

Zephyr Power Management Ramesh Thomas OTC, Intel Zephyr is a trademark of the Linux Foundation. *Other names and brands may be claimed as the property of others. Agenda Why Power Management? The core concepts behind Zephyr RTOS PM Power

487 views β€’ 34 slides
Using SoC Vendor HALs in in the Zephyr Proje ject Maureen Helm, NXP What is Zephyr Project?

Using SoC Vendor HALs in in the Zephyr Proje ject Maureen Helm, NXP What is Zephyr Project?

Using SoC Vendor HALs in in the Zephyr Proje ject Maureen Helm, NXP What is Zephyr Project? Small Footprint RTOS Truly Open Source Cross Architecture As small as 8KB Apache 2.0 License ARM Enables Hosted by Linux

340 views β€’ 16 slides
CSE 351: Section 10 Memory Allocation Memory Allocation Must allocate any memory you need to

CSE 351: Section 10 Memory Allocation Memory Allocation Must allocate any memory you need to

CSE 351: Section 10 Memory Allocation Memory Allocation Must allocate any memory you need to use Allocating memory = designating a block of it as 'used' This way, you don't overwrite your data The memory isn't changed, but

417 views β€’ 15 slides
Dynamic Memory Management The Linux Perspective Allocating memory: The

Dynamic Memory Management The Linux Perspective Allocating memory: The

CPSC 410/611 : Operating Systems Dynamic Memory Management The Linux Perspective Allocating memory: The Interface Buddy System Slab Allocation Reading: Silberschatz (8 th ed.), Chapters 9.8

447 views β€’ 6 slides
Dynamic Memory Allocation Today Dynamic memory allocation mechanisms & policies

Dynamic Memory Allocation Today Dynamic memory allocation mechanisms & policies

Dynamic Memory Allocation Today Dynamic memory allocation mechanisms & policies Memory bugs Chris Riesbeck, Spring 2010 Original: Fabian Bustamante Wednesday, November 2, 2011 Dynamic memory allocation Application Dynamic

1.2k views β€’ 47 slides
Ausgewhlte Betriebssysteme Memory 1 Memory Management Kernel Page Frames Buddy

Ausgewhlte Betriebssysteme Memory 1 Memory Management Kernel Page Frames Buddy

Ausgewhlte Betriebssysteme Memory 1 Memory Management Kernel Page Frames Buddy Allocator Slab Allocators Buffer Cache Page Cache Process Memory Regions 2 Memory Map 3 Page Frame kernel must keep track of

878 views β€’ 43 slides
Memory Management Ausgewhlte Betriebssysteme Kernel Page Frames Buddy Allocator

Memory Management Ausgewhlte Betriebssysteme Kernel Page Frames Buddy Allocator

Memory Management Ausgewhlte Betriebssysteme Kernel Page Frames Buddy Allocator Slab Allocators Buffer Cache Memory Page Cache Process Memory Regions 1 2 Memory Map Page Frame kernel

234 views β€’ 11 slides
Zephyr OS Configuration via Device Tree Andy Gross - Linaro IoT Zephyr is a trademark of the

Zephyr OS Configuration via Device Tree Andy Gross - Linaro IoT Zephyr is a trademark of the

Zephyr OS Configuration via Device Tree Andy Gross - Linaro IoT Zephyr is a trademark of the Linux Foundation. *Other names and brands may be claimed as the property of others. Configuration in Zephyr today Configuration is spread out

878 views β€’ 11 slides
Memory Management 5A. Memory Management and Address Spaces 5B. Allocation Algorithms Operating

Memory Management 5A. Memory Management and Address Spaces 5B. Allocation Algorithms Operating

4/10/2016 Memory Management 5A. Memory Management and Address Spaces 5B. Allocation Algorithms Operating Systems Principles 5C. Advanced Allocation Techniques Memory Management 5D. Segment Relocation 5E. Garbage Collection Mark Kampe

711 views β€’ 9 slides
Automatic Memory Management Storage Allocation Static Allocation Bind names at compile

Automatic Memory Management Storage Allocation Static Allocation Bind names at compile

Automatic Memory Management Storage Allocation Static Allocation Bind names at compile time Pros: Fast (no run time allocation, no indirection) Safety : memory requirements known in advance Cons: Sizes must be

417 views β€’ 14 slides
Dynamic Memory Allocation Lecture 14 COP 3014 Spring 2018 April 4, 2018 Allocating memory

Dynamic Memory Allocation Lecture 14 COP 3014 Spring 2018 April 4, 2018 Allocating memory

Dynamic Memory Allocation Lecture 14 COP 3014 Spring 2018 April 4, 2018 Allocating memory There are two ways that memory gets allocated for data storage: 1. Compile Time (or static) Allocation Memory for named variables is allocated by the

783 views β€’ 10 slides
Dynamic Memory Allocation Lecture 27 COP 3014 Spring 2017 March 23, 2017 Allocating memory

Dynamic Memory Allocation Lecture 27 COP 3014 Spring 2017 March 23, 2017 Allocating memory

Dynamic Memory Allocation Lecture 27 COP 3014 Spring 2017 March 23, 2017 Allocating memory There are two ways that memory gets allocated for data storage: 1. Compile Time (or static) Allocation Memory for named variables is allocated by

340 views β€’ 10 slides
Dynamic Memory Allocation Lecture 14 COP 3014 Fall 2019 November 20, 2019 Allocating memory

Dynamic Memory Allocation Lecture 14 COP 3014 Fall 2019 November 20, 2019 Allocating memory

Dynamic Memory Allocation Lecture 14 COP 3014 Fall 2019 November 20, 2019 Allocating memory There are two ways that memory gets allocated for data storage: 1. Compile Time (or static) Allocation Memory for named variables is allocated by

987 views β€’ 10 slides
Dynamic Memory Allocation in the Heap (malloc and free) Explicit allocators (a.k.a. manual memory

Dynamic Memory Allocation in the Heap (malloc and free) Explicit allocators (a.k.a. manual memory

Dynamic Memory Allocation in the Heap (malloc and free) Explicit allocators (a.k.a. manual memory management) Heap Allocation Addr Perm Contents Managed by Initialized Stack 2 N -1 RW Procedure context Compiler Run-time Programmer,

565 views β€’ 31 slides
Native IP Stack For Zephyr OS Zephyr is a trademark of the Linux Foundation. *Other names and

Native IP Stack For Zephyr OS Zephyr is a trademark of the Linux Foundation. *Other names and

Native IP Stack For Zephyr OS Zephyr is a trademark of the Linux Foundation. *Other names and brands may be claimed as the property of others. Why a native IP stack? Features missing in current Contiki based uIP stack No dual IPv6 &

225 views β€’ 11 slides
CSE 331 Review: Classes, Inheritance, and Collections slides created by Marty Stepp based on

CSE 331 Review: Classes, Inheritance, and Collections slides created by Marty Stepp based on

CSE 331 Review: Classes, Inheritance, and Collections slides created by Marty Stepp based on materials by M. Ernst, S. Reges, D. Notkin, R. Mercer, Wikipedia http://www.cs.washington.edu/331/ 1 Recall: A typical Java class public class Point

622 views β€’ 22 slides
Monthly Proton Flux Monthly Proton Flux Matteo Palermo (University of Hawaii) on behalf of the

Monthly Proton Flux Monthly Proton Flux Matteo Palermo (University of Hawaii) on behalf of the

Properties of The Forbush Properties of The Forbush decreases measured by AMS decreases measured by AMS on the ISS on the ISS Monthly Proton Flux Monthly Proton Flux Matteo Palermo (University of Hawaii) on behalf of the AMS Collaboration

830 views β€’ 41 slides
CARSI: Cross University Identity Management and Resource Sharing over CERNET Prof. PING CHEN

CARSI: Cross University Identity Management and Resource Sharing over CERNET Prof. PING CHEN

CARSI: Cross University Identity Management and Resource Sharing over CERNET Prof. PING CHEN Peking University, Beijing, China Feb, 24 th , 2011 CARSI & Peking University Agenda n Current IdM Situation in CERNET n What is

758 views β€’ 40 slides
The Automated Acquisition of Suggestions from Tweets July 16, 2013 What is suggestion?

The Automated Acquisition of Suggestions from Tweets July 16, 2013 What is suggestion?

The Automated Acquisition of Suggestions from Tweets July 16, 2013 What is suggestion? Suggestion: The psychological process by which one person guides the thoughts, feelings, or behavior of another. Why do suggestions matter? When I

548 views β€’ 16 slides
http://cs224w.stanford.edu Course website: Course website: http://cs224w.stanford.edu

http://cs224w.stanford.edu Course website: Course website: http://cs224w.stanford.edu

CS224W: Social and Information Network Analysis Jure Leskovec, Stanford University , y http://cs224w.stanford.edu Course website: Course website: http://cs224w.stanford.edu Slides will be available online Reading material will be

499 views β€’ 28 slides
Operating Systems Practical Coursework 2 Tom Spink tspink@inf.ed.ac.uk February 2019 Tom Spink

Operating Systems Practical Coursework 2 Tom Spink tspink@inf.ed.ac.uk February 2019 Tom Spink

Operating Systems Practical Coursework 2 Tom Spink tspink@inf.ed.ac.uk February 2019 Tom Spink tspink@inf.ed.ac.uk School of Informatics Coursework Task 1 Task 1 was to implement a round-robin scheduler Tom Spink tspink@inf.ed.ac.uk School

551 views β€’ 27 slides
Data Manipulation Jonathan Rosenberg dynamicsoft XCAP Issue #1 Should we just instead use

Data Manipulation Jonathan Rosenberg dynamicsoft XCAP Issue #1 Should we just instead use

Data Manipulation Jonathan Rosenberg dynamicsoft XCAP Issue #1 Should we just instead use actual filesystem hierarchy for buddy lists? I.e., each buddy is a separate file Makes it easy to modify individual buddies with HTTP

385 views β€’ 23 slides
Stop Bullying Now Dr. Elizabeth Gail S. Marsal North Carolina Wesleyan College Rocky

Stop Bullying Now Dr. Elizabeth Gail S. Marsal North Carolina Wesleyan College Rocky

10/2/2015 Stop Bullying Now Dr. Elizabeth Gail S. Marsal North Carolina Wesleyan College Rocky Mount , NC Childnet Video http://digizen.org/resources/cyberbullying/films/uk/lfit film.aspx Effects of Cyber Bullying Lowered

269 views β€’ 4 slides

More recommend