CFSCQ: Extending a verified file system with concurrency Tej - - PowerPoint PPT Presentation

CFSCQ: Extending a verified file system with concurrency

Tej Chajed advised by Frans Kaashoek and Nickolai Zeldovich

SRC #14

1

Goal: verify a concurrent file system

• Existing verified file systems are sequential
• e.g., FSCQ, Yggdrasil, BilbyFS
• All real file systems are concurrent
• e.g., ext4, btrfs

2

CFSCQ re-uses FSCQ
 (a verified sequential file system)

• FSCQ: 75,000 lines
• CFSCQ: +6,000 lines
• Concurrency verified separately from sequential

behavior

3

What can we achieve without modifying proofs?

• Make disk reads asynchronous
• Run read-only system calls on multiple cores
• Leverage FSCQ code, spec, and proof for bulk of

concurrent implementation

4

Asynchronous reads allow system calls to read from memory while disk is reading

CPU Disk

rename read rename

5

• ther

syscall

Asynchronous reads allow system calls to read from memory while disk is reading

CPU Disk

rename

• ther

syscall rename restarts

rollback writes

read

6

Read-only system calls run

• n separate cores

Core1 Core2

read stat stat

7

Read-only system calls run

• n separate cores

Core1 Core2

read stat stat

Core3

rename read-only updates

7

Read-only system calls run

• n separate cores

Core1 Core2

read stat stat

Core3

rename snapshot initial state read-only updates

7

Read-only system calls run

• n separate cores

Core1 Core2

read stat stat

Core3

rename snapshot initial state read-only updates update state

7

Read-only system calls run

• n separate cores

Core1 Core2

read stat stat

Core3

rename snapshot initial state with write lock read-only updates update state

7

Progress

• Verified asynchronous disk reads and multicore

concurrent reads

• Asynchronous disk reads improve throughput with

slow I/O

• Working on performance and scalability of

multicore reads

✔ ✔

8