The FLINT Project

Research

People

Publications

Software

Support

Links

Internal

Safety and Liveness of MCS Lock---Layer by Layer

Last modified: Sun Apr 15 21:38:06 2018 GMT.

Authors

Jieung Kim
Vilhelm Sjöberg
Ronghui Gu
Zhong Shao

Abstract

The MCS Lock, a small but complex piece of low-level software, is a standard algorithm for providing inter-CPU locks with FIFO ordering guarantee and scalability. It is an interesting target for verification---short and subtle, involving both liveness and safety properties. We implemented and verified the MCS Lock algorithm as part of the CertiKOS kernel, showing that the C/assembly implementation contextually refines atomic specifications of the acquire and release lock methods. Our development follows the methodology of certified concurrent abstraction layers. By splitting the proof into layers, we can modularize it into separate parts for the low-level machine model, data abstraction, and reasoning about concurrent interleavings. This separation of concerns makes the layered methodology suitable for verified programming in the large, and our MCS Lock can be composed with other shared objects in CertiKOS kernel.

Published

  • Proc. 15th Asian Symposium on Programming Languages and Systems (APLAS'17), Suzhou, China, November 2017. Lecture Notes in Computer Science Vol. 10695, pages 273-297. [pdf]
  • Extended TR: [pdf]

Copyright © 1996-2017 The FLINT Group <flint at cs dot yale dot edu>
Yale University Department of Computer Science
Validate this page
colophon