Verifying Concurrent Memory Reclamation Algorithms with Grace

  • Alexey Gotsman
  • Noam Rinetzky
  • Hongseok Yang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7792)


Memory management is one of the most complex aspects of modern concurrent algorithms, and various techniques proposed for it—such as hazard pointers, read-copy-update and epoch-based reclamation—have proved very challenging for formal reasoning. In this paper, we show that different memory reclamation techniques actually rely on the same implicit synchronisation pattern, not clearly reflected in the code, but only in the form of assertions used to argue its correctness. The pattern is based on the key concept of a grace period, during which a thread can access certain shared memory cells without fear that they get deallocated. We propose a modular reasoning method, motivated by the pattern, that handles all three of the above memory reclamation techniques in a uniform way. By explicating their fundamental core, our method achieves clean and simple proofs, scaling even to realistic implementations of the algorithms without a significant increase in proof complexity. We formalise the method using a combination of separation logic and temporal logic and use it to verify example instantiations of the three approaches to memory reclamation.


Critical Section Shared State Grace Period Separation Logic Atomic Block 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Boyland, J.: Checking Interference with Fractional Permissions. In: Cousot, R. (ed.) SAS 2003. LNCS, vol. 2694, pp. 55–72. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Calcagno, C., O’Hearn, P., Yang, H.: Local action and abstract separation logic. In: LICS (2007)Google Scholar
  3. 3.
    Elmas, T., Qadeer, S., Tasiran, S.: A calculus of atomic actions. In: POPL (2009)Google Scholar
  4. 4.
    Feng, X., Ferreira, R., Shao, Z.: On the Relationship Between Concurrent Separation Logic and Assume-Guarantee Reasoning. In: De Nicola, R. (ed.) ESOP 2007. LNCS, vol. 4421, pp. 173–188. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  5. 5.
    Fraser, K.: Practical lock-freedom. PhD Thesis. University of Cambridge (2004)Google Scholar
  6. 6.
    Fu, M., Li, Y., Feng, X., Shao, Z., Zhang, Y.: Reasoning about Optimistic Concurrency Using a Program Logic for History. In: Gastin, P., Laroussinie, F. (eds.) CONCUR 2010. LNCS, vol. 6269, pp. 388–402. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  7. 7.
    Gotsman, A., Rinetzky, N., Yang, H.: Verifying concurrent memory reclamation algorithms with grace. Technical Report 7/13, School of Computer Science, Tel-Aviv University (2013),
  8. 8.
    Herlihy, M., Luchangco, V., Moir, M.: The Repeat Offender Problem: A Mechanism for Supporting Dynamic-Sized, Lock-Free Data Structures. In: Malkhi, D. (ed.) DISC 2002. LNCS, vol. 2508, pp. 339–353. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Herlihy, M.P., Wing, J.M.: Linearizability: a correctness condition for concurrent objects. TOPLAS (1990)Google Scholar
  10. 10.
    Jones, C.B.: Specification and design of (parallel) programs. In: IFIP Congress (1983)Google Scholar
  11. 11.
    McKenney, P.: Exploiting deferred destruction: an analysis of read-copy-update techniques in operating system kernels. PhD Thesis. OGI (2004)Google Scholar
  12. 12.
    Michael, M.M.: Hazard pointers: Safe memory reclamation for lock-free objects. IEEE Trans. Parallel Distrib. Syst. (2004)Google Scholar
  13. 13.
    O’Hearn, P.: Resources, concurrency and local reasoning. TCS (2007)Google Scholar
  14. 14.
    Parkinson, M., Bornat, R., O’Hearn, P.: Modular verification of a non-blocking stack. In: POPL (2007)Google Scholar
  15. 15.
    Pnueli, A.: In transition from global to modular temporal reasoning about programs. In: Logics and Models of Concurrent Systems (1985)Google Scholar
  16. 16.
    Tofan, B., Schellhorn, G., Reif, W.: Formal Verification of a Lock-Free Stack with Hazard Pointers. In: Cerone, A., Pihlajasaari, P. (eds.) ICTAC 2011. LNCS, vol. 6916, pp. 239–255. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  17. 17.
    Vafeiadis, V.: Modular fine-grained concurrency verification. PhD Thesis. University of Cambridge (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Alexey Gotsman
    • 1
  • Noam Rinetzky
    • 2
  • Hongseok Yang
    • 3
  1. 1.IMDEA Software InstituteSpain
  2. 2.Tel-Aviv UniversityIsrael
  3. 3.University of OxfordUK

Personalised recommendations