Skip to main content
SpringerLink
Log in

Verifying a Concurrent Garbage Collector with a Rely-Guarantee Methodology

  • Published:
Journal of Automated Reasoning Aims and scope Submit manuscript

Abstract

Concurrent garbage collection algorithms are a challenge for program verification. In this paper, we address this problem by proposing a mechanized proof methodology based on the Rely-Guarantee proof technique. We design a compiler intermediate representation with strong type guarantees, dedicated support for abstract concurrent data structures, and high-level iterators on runtime internals. In addition, we define an Rely-Guarantee program logic supporting an incremental proof methodology where annotations and invariants can be progressively enriched. We formalize the intermediate representation, the proof system, and prove the soundness of the methodology in the Coq proof assistant. Equipped with this, we prove a fully concurrent garbage collector where mutators never have to wait for the collector.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Notes

  1. We present a simplified pseudo-code of the MGC, with variable , field , and value assumed non-deterministically chosen from the thread environment. The actual definition in Coq is an operational characterization of this thread system.

  2. The write barrier in [8] avoids marking old in some cases. We drop this optimization.

References

  1. Brookes, S.: A semantics for concurrent separation logic. Theor. Comput. Sci. 375(1–3), 227–270 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  2. Davis, J., Myreen, M.O.: The reflective Milawa theorem prover is sound (down to the machine code that runs it). J. Autom. Reason. 55(2), 117–183 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  3. De Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Proceedings of the Theory and Practice of Software (TACAS) (2008)

  4. Demange, D., Laporte, V., Zhao, L., Jagannathan, S., Pichardie, D., Vitek, J.: Plan B: a buffered memory model for Java. In: Symposium on Principles of Programming Languages (POPL) (2013)

  5. Dijkstra, E.W., Lamport, L., Martin, A.J., Scholten, C.S., Steffens, E.F.M.: On-the-fly garbage collection: an exercise in cooperation. Commun. ACM 21(11), 966–975 (1978)

    Article  MATH  Google Scholar 

  6. Doligez, D., Gonthier, G.: Portable, unobtrusive garbage collection for multiprocessor systems. In: Symposium on Principles of Programming Languages (POPL) (1994)

  7. Doligez, D., Leroy, X.: A concurrent, generational garbage collector for a multithreaded implementation of ML. In: Symposium on Principles of Programming Languages (POPL) (1993)

  8. Domani, T., Kolodner, E.K., Lewis, E., Salant, E.E., Barabash, K., Lahan, I., Levanoni, Y., Petrank, E., Yanover, I.: Implementing an on-the-fly garbage collector for Java. In: International Symposium on Memory Management (ISMM) (2000)

  9. Elmas, T., Qadeer, S., Tasiran, S.: A calculus of atomic actions. In: Symposium on Principles of Programming Languages (POPL) (2009)

  10. Gammie, P., Hosking, A.L., Engelhardt, K.: Relaxing safely: verified on-the-fly garbage collection for x86-TSO. In: Programming Language Design and Implementation (PLDI) (2015)

  11. Gonthier, G.: Verifying the safety of a practical concurrent garbage collector. In: International Conference on Computer Aided Verification (CAV) (1996)

  12. Havelund, K.: Mechanical verification of a garbage collector. In: International Parallel Processing Symposium and Symposium on Parallel and Distributed Processing (IPPS/SPDP) (1999)

  13. Hawblitzel, C., Howell, J., Lorch, J.R., Narayan, A., Parno, B., Zhang, D., Zill, B.: Ironclad apps: end-to-end security via automated full-system verification. In: Conference on Operating Systems Design and Implementation (OSDI) (2014)

  14. Hawblitzel, C., Petrank, E.: Automated verification of practical garbage collectors. In: Symposium on Principles of Programming Languages (POPL) (2009)

  15. Hawblitzel, C., Petrank, E., Qadeer, S., Tasiran, S.: Automated and modular refinement reasoning for concurrent programs. In: International Conference on Computer Aided Verification (CAV) (2015)

  16. Herlihy, M., Wing, J.M.: Linearizability: a correctness condition for concurrent objects. Trans. Program. Lang. Syst. (TOPLAS) 12(3), 463–492 (1990)

    Article  Google Scholar 

  17. Jagannathan, S., Laporte, V., Petri, G., Pichardie, D., Vitek, J.: Atomicity refinement for verified compilation. Trans. Program. Lang. Syst. (TOPLAS) 36(2), 6 (2014)

    Google Scholar 

  18. Jones, C.B.: Tentative steps toward a development method for interfering programs. Trans. Program. Lang. Syst. (TOPLAS) 5(4), 596–619 (1983)

    Article  MATH  Google Scholar 

  19. Jones, R., Hosking, A., Moss, E.: The Garbage Collection Handbook. Chapman & Hall, London (2011)

    Book  Google Scholar 

  20. Leino, R.: This is boogie 2 (2008). https://www.microsoft.com/en-us/research/publication/this-is-boogie-2-2/

  21. Liang, H., Feng, X., Fu, M.: A rely-guarantee-based simulation for verifying concurrent program transformations. In: Symposium on Principles of Programming Languages (POPL) (2012)

  22. Liang, H., Feng, X., Fu, M.: Rely-guarantee-based simulation for compositional verification of concurrent program transformations. Trans. Program. Lang. Syst. (TOPLAS) 36(1), 3 (2014)

    Google Scholar 

  23. McCreight, A., Chevalier, T., Tolmach, A.: A certified framework for compiling and executing garbage-collected languages. In: International Conference on Functional Programming (ICFP) (2010)

  24. McCreight, A., Shao, Z., Lin, C., Li, L.: A general framework for certifying garbage collectors and their mutators. In: Programming Language Design and Implementation (PLDI) (2007)

  25. Michael, M.M., Scott, M.L.: Simple, fast, and practical non-blocking and blocking concurrent queue algorithms. In: Symposium on Principles of Distributed Computing (PODC) (1996)

  26. Myreen, M.O.: Reusable verification of a copying collector. In: Conference on Verified Software: Theories, Tools, Experiments (VSTTE) (2010)

  27. O’Hearn, P.W.: Separation logic and concurrent resource management. In: International Symposium on Memory Management (ISMM) (2007)

  28. Owicki, S., Gries, D.: An axiomatic proof technique for parallel programs I. Acta Inform. 6(4), 319–340 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  29. Pavlovic, D., Pepper, P., Smith, D.R.: Formal derivation of concurrent garbage collectors. In: International Conference on Mathematics of Program Construction (MPC) (2010)

  30. Pfenning, F., Elliott, C.: Higher-order abstract syntax. In: Programming Language Design and Implementation (PLDI) (1988)

  31. Pizlo, F., Ziarek, L., Maj, P., Hosking, A.L., Blanton, E., Vitek, J.: Schism: fragmentation-tolerant real-time garbage collection. In: Programming Language Design and Implementation (PLDI) (2010)

  32. Prensa Nieto, L.: the rely-guarantee method in Isabelle/HOL. In: European Conference on Programming (ESOP) (2003)

  33. Reynolds, J.C.: Separation logic: a logic for shared mutable data structures. In: Symposium on Logic in Computer Science (LICS) (2002)

  34. Sandberg Ericsson, A., Myreen, M.O., Åman Pohjola, J.: A verified generational garbage collector for CakeML. In: Ayala-Rincón, M., Muñoz, C. (eds.) Interactive Theorem Proving, pp. 444–461. Springer, Cham (2017)

    Chapter  Google Scholar 

  35. Sergey, I., Nanevski, A., Banerjee, A.: Mechanized verification of fine-grained concurrent programs. In: Programming Language Design and Implementation (PLDI) (2015)

  36. Ševčík, J., Vafeiadis, V., Nardelli, F.Z., Jagannathan, S., Sewell, P.: CompcertTSO: a verified compiler for relaxed-memory concurrency. J. ACM 60(3), 22 (2013)

    MathSciNet  MATH  Google Scholar 

  37. Torp-Smith, N., Birkedal, L., Reynolds, J.C.: Local reasoning about a copying garbage collector. Trans. Program. Lang. Syst. (TOPLAS) 30(4), 24 (2008)

    MATH  Google Scholar 

  38. Treiber, R.K.: Systems programming: coping with parallelism. Technical report, IBM Almaden Research Center (1986)

  39. Vafeiadis, V.: Concurrent separation logic and operational semantics. Electron. Notes Theor. Comput. Sci. 276, 335–351 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  40. Vafeiadis, V., Parkinson, M.J.: A marriage of rely/guarantee and separation logic. In: International Conference on Concurrency Theory (CONCUR) (2007)

  41. Yang, J., Hawblitzel, C.: Safe to the last instruction: automated verification of a type-safe operating system. In: Programming Language Design and Implementation (PLDI) (2010)

  42. Zakowski, Y., Cachera, D., Demange, D., Petri, G., Pichardie, D., Jagannathan, S., Vitek, J.: Verifying a concurrent garbage collector using a rely-guarantee methodology—companion website (2017). http://www.irisa.fr/celtique/ext/cgc/. Accessed 31 Oct 2018

  43. Zakowski, Y., Cachera, D., Demange, D., Pichardie, D.: Compilation of linearizable data structures—a mechanised RG logic for semantic refinement. In: Symposium on Applied Computing (SAC) (2018)

Download references

Acknowledgements

We thank the anonymous reviewers and Peter Gammie for their thorough comments and suggestions on how to improve the final version of the paper. We also thank Vincent Laporte for his work earlier in this project, and his help on implementing parts of the garbage collector presented here. Our work is supported by the National Science Foundation under Grants CCF-1544542, CCF-1318227, CCF-1618732, ONR Award 503353, the Agence Nationale de la Recherche (ANR) under Grant 14-CE28-0004, and the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation program (Grant Agreement 695412).

Author information

Authors and Affiliations

  1. Inria, CNRS, IRISA, Univ Rennes, Rennes, France

    Yannick Zakowski, David Cachera, Delphine Demange & David Pichardie

  2. IRIF, Université Paris Diderot, Paris, France

    Gustavo Petri

  3. Purdue University, West Lafayette, USA

    Suresh Jagannathan

  4. Northeastern University, Boston, USA

    Jan Vitek

  5. Czech Technical University, Prague, Czech Republic

    Jan Vitek

Authors
  1. Yannick Zakowski
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Cachera
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Delphine Demange
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Gustavo Petri
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. David Pichardie
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Suresh Jagannathan
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Jan Vitek
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yannick Zakowski.

Additional information

This material is based upon work supported by Grants ANR 14-CE28-0004, ERC 695412, NSF CCF-1318227, CCF-1544542, CCF-1618732 and ONR 503353.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zakowski, Y., Cachera, D., Demange, D. et al. Verifying a Concurrent Garbage Collector with a Rely-Guarantee Methodology. J Autom Reasoning 63, 489–515 (2019). https://doi.org/10.1007/s10817-018-9489-x

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10817-018-9489-x

Keywords

Search

Navigation