Linked lists #752
Linked lists #752
Conversation
michaelmcinerney
force-pushed
the
michaelm-linked_list_on_master
branch
from
b914ce2
to
fd0b126
Compare
| apply (rule cc) | ||
| apply clarsimp | ||
| apply assumption | ||
| apply assumption |
There was a problem hiding this comment.
this proof looks like a struggle uphill both ways in the snow... any insight into why the rules are matching so badly? ccorres_symb_exec_l has 4 versions (2,3,and '), none of them help?
There was a problem hiding this comment.
I think this proof was copied from somewhere, and it had this rather unusual structure. Would it be better to try to rewrite this?
There was a problem hiding this comment.
I'd say it's worth a try, but as it's copied, I'd say put it on your TODO list and like the FIXME move above do it in another PR.
|
I've reviewed the generic and AARCH64 files now (assuming the other arches are same and will have same commentary apply to them, except maybe ARM/ARM_HYP will be extra clunky). This is really a tremendous amount of work, and the sea of red in IpcCancel_C was really nice to see. Compared to the amount of changes, I only have small nitpicks related to documentation, maintenance and some automation. Very nice work. I really hope it helps when it comes to merges into |
Thanks Raf. I haven't done a before/after, but we could still do that before this is merged. I have never run any benchmarks like Corey has before, but that might be fun to do. I'm actually not expecting that much of a performance increase from this work. It seems like the I think the main benefit of this work is a much nicer abstraction to work with, especially when it comes to something as difficult as a loop, like we have in |
Initial tests show a slight slowdown in |
Overall, I think this will be a noticeable performance improvement, particularly as these sessions are built in parallel and so reducing the longer time of |
Thanks @corlewis ! The time saved in CRefine is nice indeed, even if overall it's only one wall-minute saved across both. |
|
Nice performance numbers! Pretty much as expected (slightly slower Refine, faster CRefine), but good to see that the CRefine speedup is a good bit more than the Refine slowdown. Quite happy with that! |
michaelmcinerney
force-pushed
the
michaelm-linked_list_on_master
branch
from
851b004
to
8d8a0c1
Compare
This models the ready queues in the design spec as linked lists via the tcbSchedNext and tcbSchedPrev pointers of a TCB, as in the C. Library functions to update these linked lists are introduced, and used to perform all functions which modify the ready queues. Refinement between the linked lists and the Isabelle lists in the abstract spec is handled via the predicate `heap_ls`. `invs'` has been significantly modified, with the introduction of `valid_sched_pointers` and `sym_heap_sched_pointers`. The various invariants related to the bitmaps have been collected in the invariant `valid_bitmaps`. This includes a major revision to Orphanage, which now uses the tcbQueued field of a TCB to indicate a thread's membership in a ready queue, rather than the previous formulation which used membership in the set of the Isabelle list. Co-authored-by: Rafal Kolanski <[email protected]> Co-authored-by: Gerwin Klein <[email protected]> Signed-off-by: Michael McInerney <[email protected]>
michaelmcinerney
force-pushed
the
michaelm-linked_list_on_master
branch
from
8d8a0c1
to
d2b566a
Compare
Test with seL4/seL4#1176