Safe Deferred Memory Reclamation with Types

  title={Safe Deferred Memory Reclamation with Types},
  author={Ismail Kuru and Colin S. Gordon},
Memory management in lock-free data structures remains a major challenge in concurrent programming. Design techniques including read-copy-update (RCU) and hazard pointers provide workable solutions, and are widely used to great effect. These techniques rely on the concept of a grace period: nodes that should be freed are not deallocated immediately, and all threads obey a protocol to ensure that the deallocating thread can detect when all possible readers have completed their use of the object… 
1 Citations
Pointer life cycle types for lock-free data structures with memory reclamation
This work considers the verification of lock-free data structures that manually manage their memory with the help of a safe memory reclamation (SMR) algorithm and introduces angels, ghost variables with an angelic semantics, to automate the type inference and the invariant check.


Verifying Concurrent Memory Reclamation Algorithms with Grace
This paper proposes a modular reasoning method, motivated by the pattern, that handles all three of the above memory reclamation techniques in a uniform way and achieves clean and simple proofs, scaling even to realistic implementations of the algorithms without a significant increase in proof complexity.
Hazard pointers: safe memory reclamation for lock-free objects
  • Maged M. Michael
  • Computer Science
    IEEE Transactions on Parallel and Distributed Systems
  • 2004
Hazard pointers is presented, a memory management methodology that allows memory reclamation for arbitrary reuse and offers a lock-free solution for the ABA problem using only practical single-word instructions and guaranteeing continuous progress and availability, even in the presence of thread failures and arbitrary delays.
Decoupling lock-free data structures from memory reclamation for static analysis
The approach is implemented and was able to verify linearizability of Michael&Scott's queue and the DGLM queue for both hazard pointers and epoch-based reclamation, the first to verify such implementations fully automatically.
GPS: navigating weak memory with ghosts, protocols, and separation
GPS is introduced, the first program logic to provide a full-fledged suite of modern verification techniques - including ghost state, protocols, and separation logic - for high-level, structured reasoning about weak memory.
Verifying read-copy-update in a logic for weak memory
This work verifies the first formal proof of correctness for an implementation of RCU under a weak memory model using GPS, a recently developed program logic for the C/C++11 memory model.
Exploiting deferred destruction: an analysis of read-copy-update techniques in operating system kernels
This dissertation presents read-copy update (RCU), a reader-writer synchronization mechanism in which read-side critical sections incur virtually zero synchronization overhead, thereby achieving near-ideal performance for read-mostly workloads.
Concurrent manipulation of binary search trees
The concurrency control techniques introduced in the paper include the use of special nodes and pointers to redirect searches, and theUse of copies of sections of the tree to introduce many changes simultaneously and therefore avoid unpredictable interleaving.
Relativistic Programming in Haskell Using Types to Enforce a Critical Section Discipline
Monadic RP is introduced, a GHC Haskell library for RP that provides a novel mechanism to statically rule out a subset of unsafe relativistic programs by using types to separate readside and write-side critical sections, and to restrict the operations available in each.
Separation logic: a logic for shared mutable data structures
  • J. C. Reynolds
  • Computer Science
    Proceedings 17th Annual IEEE Symposium on Logic in Computer Science
  • 2002
An extension of Hoare logic that permits reasoning about low-level imperative programs that use shared mutable data structure is developed, including extensions that permit unrestricted address arithmetic, dynamically allocated arrays, and recursive procedures.
Stateless model checking of the Linux kernel's hierarchical read-copy-update (tree RCU)
This paper presents an approach to systematically test the code of the main flavor of RCU used in the Linux kernel (Tree RCU) for concurrency errors, both under sequential consistency and weak memory.