Article

Solving the starting problem: device drivers as self-describing artifacts

Authors:

Michael F. Spear,

Steven LeviAuthors Info & Claims

EuroSys '06: Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006

Pages 45 - 57

https://doi.org/10.1145/1217935.1217941

Published: 18 April 2006 Publication History

Abstract

Run-time conflicts can affect even the most rigorously tested software systems. A reliance on execution-based testing makes it prohibitively costly to test every possible interaction among potentially thousands of programs with complex configurations. In order to reduce configuration problems, detect developer errors, and reduce developer effort, we have created a new first class operating system abstraction, the application abstraction, which enables both online and offline reasoning about programs and their configuration requirements.We have implemented a subset of the application abstraction for device drivers in the Singularity operating system. Programmers use the application abstraction by placing declarative statements about hardware and communication requirements within their code. Our design enables Singularity to learn the input/output and interprocess communication requirements of drivers without executing driver code. By reasoning about this information within the domain of Singularity's strong software isolation architecture, the installer can execute a subset the system's resource management algorithm at install time to verify that a new driver will not conflict with existing software. This abstract representation also allows the system to run the full algorithm at driver start time to ensure that there are never resource conflicts between executing drivers, and that drivers never use undeclared resources.

References

[1]

M. Abadi, A. Birrell, and T. Wobber. Access Control in a World of Software Diversity. In Tenth Workshop on Hot Topics in Operating Systems (HotOS X), Sante Fe, NM, USA, 2005.

Digital Library

[2]

M. Accetta, R. Baron, W. Bolosky, D. Golub, R. Rashid, A. Tevanian, and M. Young. MACH: A New Kernel Foundation for UNIX Development. In Proceedings of the USENIX Summer Conference, pages 93--112, Atlanta, GA, USA, 1986.

[3]

G. Back and W. C. Hsieh. The KaffeOS Java Runtime System. ACM Transactions on Programming Languages and Systems (TOPLAS), 27(4):583--630, 2005.

Digital Library

[4]

E. C. Bailey. Maximum RPM: Taking the Red Hat Package Manager to the Limit. Red Hat Software, Inc., first edition, 1997.

Digital Library

[5]

T. Ball and S. K. Rajamani. The SLAM Project: Debugging System Software via Static Analysis. In The 29th Annual ACM SIGPLAN - SIGACT Symposium on Principles of Programming Languages, pages 1--3, Portland, OR, USA, 2002.

Digital Library

[6]

P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the Art of Virtualization. In Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles (SOSP '03), pages 164--177, Bolton Landing, NY, USA, 2003.

Digital Library

[7]

B. N. Bershad, S. Savage, P. Pardyak, E. G. Sirer, M. E. Fiuczynski, D. Becker, C. Chambers, and S. Eggers. Extensibility Safety and Performance in the SPIN Operating System. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (SOSP '95), pages 267--283, Copper Mountain Resort, CO, USA, 1995.

Digital Library

[8]

D. P. Bovet and M. Cesati. Understanding the Linux Kernel. O'Reilley & Associates, Inc., second edition, 2002.

Digital Library

[9]

A. Chou, J. Yang, B. Chelf, S. Hallem, and D. R. Engler. An Empirical Study of Operating System Errors. In Proceedings of the Eighteenth ACM Symposium on Operating Systems Principles (SOSP '01), pages 73--88, Chateau Lake Louise, Banff, Canada, 2001.

Digital Library

[10]

Compaq Computer Corporation, Phoenix Technologies Ltd., and Intel Corporation. Plug and Play BIOS Specification, Version 1.0a. May 5, 1994.

[11]

M. Das, S. Lerner, and M. Seigle. ESP: Path-Sensitive Program Verification in Polynomial Time. In ACM SIGPLAN 2002 Conference on Programming Language Design and Implementation (PLDI), pages 57--68, Berlin, Germany, 2002.

Digital Library

[12]

J. Dassen, C. Stickelman, S. G. Kleinmann, S. Rudolph, S. Vila, J. Rodin, and J. Fernandez-Sanguino. The Debian GNU/Linux FAQ Chapter 6-Basics of the Debian Package Management System. http://www.debian.org/doc/FAQ/ch-pkg_basics.en.html, September 2005.

[13]

J. DeTreville. Making System Configuration More Declarative. In Tenth Workshop on Hot Topics in Operating Systems (HotOS X), Sante Fe, NM, USA, 2005.

Digital Library

[14]

C. Dodge, C. Irvine, and T. Nguyen. A Study of Initialization in Linux and OpenBSD. SIGOPS Operating Systems Review, 39(2):79--93, 2005.

Digital Library

[15]

D. Engler, B. Chelf, A. Chou, and S. Hallem. Checking System Rules Using System-Specific, Programmer-Written Compiler Extensions. In Proceedings of the Fourth Symposium on Operating Systems Design and Implementation (OSDI 2000), pages 1--16, San Diego, CA, USA, 2000.

Digital Library

[16]

D. R. Engler, M. F. Kaashoek, and J. O'Toole. Exokernel: An Operating System Architecture for Application-Level Resource Management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (SOSP '95), pages 251--266, Copper Mountain Resort, CO, USA, 1995.

Digital Library

[17]

U. Erlingsson, T. Roeder, and T. Wobber. Virtual Environments for Unreliable Extensions. Technical Report MSR-TR-2005-82, Microsoft Research, Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, 2005.

[18]

D. Evans, J. V. Guttag, J. J. Horning, and Y. M. Tan. LCLint: A Tool for Using Specifications to Check Code. In Proceedings of the Second ACM SIGSOFT Symposium on Foundations of Software Engineering (SOGSPFT '94), pages 87--96, New Orleans, LA, USA, 1994.

Digital Library

[19]

R. Fitzgerald, T. B. Knoblock, E. Ruf, B. Steensgaard, and D. Tarditi. Marmot: An Otimizing Compiler for Java. Software-Practice and Experience, 30(3): 199--232, 2000.

Digital Library

[20]

K. Fraser, S. Hand, R. Neugebauer, I. Pratt, A. Warfield, and M. Williamson. Safe Hardware Access with the Xen Virtual Machine Monitor. In First Workshop on Operating System and Architectural Support for the On-Demand IT Infrastructure (OASIS) at ASPLOS'04, Boston, MA, USA, October 2004.

[21]

Gentoo Foundation, Inc. About Gentoo Linux. http://www.gentoo.org/main/en/about.xml, 2005.

[22]

M. Golm, M. Felser, C. Wawersich, and J. Kleinöder. The JX Operating System. In Proceedings of the General Track: 2002 USENIX Annual Technical Conference, pages 45--58, Monterey, CA, 2002, 2002.

Digital Library

[23]

H. Härtig, M. Hohmuth, J. Liedtke, S. Schönberg, and J. Wolter. The Performance of μ-Kernel-Based Systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (SOSP'97), pages 66--77, Saint-Malo, France, 1997.

Digital Library

[24]

Hewlett-Packard Corporation, Intel Corporation, Microsoft Corporation, Phoenix Technologies Ltd., and Toshiba Corporation. Advanced Configuration and Power Interface Specification, Revision 3.0. September 2, 2004.

[25]

A. Heydon, R. Levin, T. Mann, and Y. Yu. The Vesta Approach to Software Configuration Management. Technical Report 168, Compaq Systems Research Center, March 2001.

[26]

G. Hunt, J. Larus, M. Abadi, M. Aiken, P. Barham, M. Fändrich, C. Hawblitzel, O. Hodson, S. Levi, N. Murphy, B. Steensgaard, D. Tarditi, T. Wobber, and B. Zill. An Overview of the Singularity Project. Technical Report MSR-TR-2005-135, Microsoft Research, Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, 2005.

[27]

G. C. Hunt and J. R. Larus. Singularity Design Motivation. Technical Report MSR-TR-2004-105, Microsoft Research, Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, December 2004.

[28]

G. C. Hunt, J. R. Larus, D. Tarditi, and T. Wobber. Broad New OS Research: Challenges and Opportunities. In Tenth Workshop on Hot Topics in Operating Systems (HotOS X), Sante Fe, NM, USA, 2005.

Digital Library

[29]

ISO/IEC 23271:2003. Common Language Infrastructure (CLI): Partition II: CIL Instruction Set. http://www.ecma-international.org/publications/standards/Ecma-335.htm, 2003.

[30]

S. C. Johnson. Lint, a C Program Checker. Technical Report 65, AT&T Bell Laboratories, 1978.

[31]

J. LeVasseur, V. Uhlig, J. Stoess, and S. Götz. Unmodified Device Driver Reuse and Improved System Dependability via Virtual Machines. In Proceedings of the Sixth Symposium on Operating Systems Design and Implementation (OSDI 2004), pages 17--30, San Francisco, CA, USA, 2004.

Digital Library

[32]

F. Mérillon, L. Réveillere, C. Consel, R. Marlet, and G. Muller. Devil: An IDL for Hardware Programming. In Proceedings of the Fourth Symposium on Operating Systems Design and Implementation (OSDI 2000), pages 17--30, San Diego, CA, USA, 2000.

Digital Library

[33]

PCI Special Interest Group. PCI Local Bus Specification, Revision 2.3. March 29, 2004.

[34]

E. S. Raymond. The CML2 Language. http://www.catb.org/~esr/cml2/cml2-paper.html, 2000.

[35]

M. F. Robert DeLine. Enforcing high-level protocols in low-level software. In ACM SIGPLAN 2001 Conference on Programming Language Design and Implementation (PLDI), pages 59--69, Snowbird, UT, USA, 2001.

Digital Library

[36]

J. Sun, W. Yuan, M. Kallahalla, and N. Islam. HAIL: A Language for Easy and Correct Device Access. In The 5th ACM International Conference on Embedded Software (EMSOFT'05), pages 1--9, Jersey City, NJ, USA, 2005.

Digital Library

[37]

Sun Microsystems Inc. Javadoc Tool Home Page. http://java.sun.com/j2se/javadoc/, 2005.

[38]

M. M. Swift, M. Annamalai, B. N. Bershad, and H. M. Levy. Recovering Device Drivers. In Proceedings of the Sixth Symposium on Operating Systems Design and Implementation (OSDI 2004), pages 1--16, San Francisco, CA, USA, 2004

Digital Library

[39]

M. M. Swift, B. N. Bershad, and H. M. Levy. Improving the Reliability of Commodity Operating Systems. In Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles (SOSP '03), pages 207--222, Bolton Landing, NY, USA, 2003.

Digital Library

[40]

A. S. Tanenbaum. Modern Operating Systems. Prentice Hall, second edition, 2001.

Digital Library

[41]

The FreeBSD Documentation Project. FreeBSD Architecture Handbook. http://www.freebsd.org/doc/en_US.ISO8859--1/books/arch-handbook/, 2000--2005.

[42]

The FreeBSD Project. FreeBSD Ports. http://www.freebsd.org/ports/, October 2005.

[43]

D. van Heesch. Doxygen. http://www.doxygen.org/, 1997--2005.

[44]

J. Yang, P. Twohey, D. R. Engler, and M. Musuvathi. Using Model Checking to Find Serious File System Errors. In Proceedings of the Sixth Symposium on Operating Systems Design and Implementation (OSDI 2004), pages 273--288, San Francisco, CA, USA, 2004.

Digital Library

Cited By

Schwahn OWinter SCoppik NSuri N(2018)How to Fillet a Penguin: Runtime Data Driven Partitioning of Linux CodeIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2017.274557415:6(945-958)Online publication date: 1-Nov-2018
https://doi.org/10.1109/TDSC.2017.2745574
Ryzhyk LWalker A(2016)Developing a Practical Reactive Synthesis Tool: Experience and Lessons LearnedElectronic Proceedings in Theoretical Computer Science10.4204/EPTCS.229.8229(84-99)Online publication date: 22-Nov-2016
https://doi.org/10.4204/EPTCS.229.8
Ryzhyk LWalker AKeys JLegg ARaghunath AStumm MVij MFlinn JLevy H(2014)User-guided device driver synthesisProceedings of the 11th USENIX conference on Operating Systems Design and Implementation10.5555/2685048.2685101(661-676)Online publication date: 6-Oct-2014
https://dl.acm.org/doi/10.5555/2685048.2685101
Show More Cited By

Solving the starting problem: device drivers as self-describing artifacts
1. Software and its engineering
  1. Software organization and properties
    1. Contextual software domains

Recommendations

Solving the starting problem: device drivers as self-describing artifacts
Proceedings of the 2006 EuroSys conference

Run-time conflicts can affect even the most rigorously tested software systems. A reliance on execution-based testing makes it prohibitively costly to test every possible interaction among potentially thousands of programs with complex configurations. ...
TxLinux: using and managing hardware transactional memory in an operating system
SOSP '07

TxLinux is a variant of Linux that is the first operating system to use hardware transactional memory (HTM) as a synchronization primitive, and the first to manage HTM in the scheduler. This paper describes and measures TxLinux and discusses two ...
A principled approach to operating system construction in Haskell
ICFP '05: Proceedings of the tenth ACM SIGPLAN international conference on Functional programming

We describe a monadic interface to low-level hardware features that is a suitable basis for building operating systems in Haskell. The interface includes primitives for controlling memory management hardware, user-mode process execution, and low-level ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

EuroSys '06: Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006

April 2006

420 pages

ISBN:1595933220

DOI:10.1145/1217935

Conference Chair:
Yolande Berbers
K. U. Leuven, Belgium
,
Program Chair:
Willy Zwaenepoel
EPFL

ACM SIGOPS Operating Systems Review Volume 40, Issue 4
Proceedings of the 2006 EuroSys conference
October 2006
383 pages
ISSN:0163-5980
DOI:10.1145/1218063
Issue’s Table of Contents

Copyright © 2006 Authors.

Sponsors

SIGOPS: ACM Special Interest Group on Operating Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 April 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

EUROSYS06

Sponsor:

SIGOPS

EUROSYS06: Eurosys 2006 Conference

April 18 - 21, 2006

Leuven, Belgium

Acceptance Rates

Overall Acceptance Rate 241 of 1,308 submissions, 18%

Upcoming Conference

EuroSys '25

Sponsor:
sigops

Twentieth European Conference on Computer Systems

March 30 - April 3, 2025

Rotterdam , Netherlands

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

54
Total Citations
View Citations
485
Total Downloads

Downloads (Last 12 months)8
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Schwahn OWinter SCoppik NSuri N(2018)How to Fillet a Penguin: Runtime Data Driven Partitioning of Linux CodeIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2017.274557415:6(945-958)Online publication date: 1-Nov-2018
https://doi.org/10.1109/TDSC.2017.2745574
Ryzhyk LWalker A(2016)Developing a Practical Reactive Synthesis Tool: Experience and Lessons LearnedElectronic Proceedings in Theoretical Computer Science10.4204/EPTCS.229.8229(84-99)Online publication date: 22-Nov-2016
https://doi.org/10.4204/EPTCS.229.8
Ryzhyk LWalker AKeys JLegg ARaghunath AStumm MVij MFlinn JLevy H(2014)User-guided device driver synthesisProceedings of the 11th USENIX conference on Operating Systems Design and Implementation10.5555/2685048.2685101(661-676)Online publication date: 6-Oct-2014
https://dl.acm.org/doi/10.5555/2685048.2685101
Tschudin PRéveillère LJiang LLo DLawall JMuller GHarris TMadhavapeddy A(2013)Understanding the genetic makeup of Linux device driversProceedings of the Seventh Workshop on Programming Languages and Operating Systems10.1145/2525528.2525536(1-6)Online publication date: 3-Nov-2013
https://dl.acm.org/doi/10.1145/2525528.2525536
Kadav ASwift M(2012)Understanding modern device driversACM SIGPLAN Notices10.1145/2248487.215098747:4(87-98)Online publication date: 3-Mar-2012
https://dl.acm.org/doi/10.1145/2248487.2150987
Schüpbach ABaumann ARoscoe TPeter S(2012)A Declarative Language Approach to Device ConfigurationACM Transactions on Computer Systems10.1145/2110356.211036130:1(1-35)Online publication date: 1-Feb-2012
https://dl.acm.org/doi/10.1145/2110356.2110361
Je CTang MLee YLee MKim Y(2012)PolyDepthACM Transactions on Graphics10.1145/2077341.207734631:1(1-14)Online publication date: 2-Feb-2012
https://dl.acm.org/doi/10.1145/2077341.2077346
Porter DBoyd-Wickizer SHowell JOlinsky RHunt G(2011)Rethinking the library OS from the top downACM SIGPLAN Notices10.1145/1961296.195039946:3(291-304)Online publication date: 5-Mar-2011
https://dl.acm.org/doi/10.1145/1961296.1950399
Hofmann ODunn AKim SRoy IWitchel E(2011)Ensuring operating system kernel integrity with OSckACM SIGPLAN Notices10.1145/1961296.195039846:3(279-290)Online publication date: 5-Mar-2011
https://dl.acm.org/doi/10.1145/1961296.1950398
Chipounov VKuznetsov VCandea G(2011)S2EACM SIGPLAN Notices10.1145/1961296.195039646:3(265-278)Online publication date: 5-Mar-2011
https://dl.acm.org/doi/10.1145/1961296.1950396
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten