Modular Verification of Safe Memory Reclamation in Concurrent Separation Logic

Formal verification is an effective method to address the challenge of designing correct and efficient concurrent data structures. But verification efforts often ignore memory reclamation, which involves nontrivial synchronization between concurrent accesses and reclamation. When incorrectly impleme...

Full description

Saved in:
Bibliographic Details
Published in:Proceedings of ACM on programming languages Vol. 7; no. OOPSLA2; pp. 828 - 856
Main Authors: Jung, Jaehwang, Lee, Janggun, Choi, Jaemin, Kim, Jaewoo, Park, Sunho, Kang, Jeehoon
Format: Journal Article
Language:English
Published: New York, NY, USA ACM 16.10.2023
Subjects:
Concurrent algorithms
Program verification
Separation logic
Theory of computation
Iris
safe memory reclamation
separation logic
ISSN:2475-1421, 2475-1421
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Formal verification is an effective method to address the challenge of designing correct and efficient concurrent data structures. But verification efforts often ignore memory reclamation, which involves nontrivial synchronization between concurrent accesses and reclamation. When incorrectly implemented, it may lead to critical safety errors such as use-after-free and the ABA problem. Semi-automatic safe memory reclamation schemes such as hazard pointers and RCU encapsulate the complexity of manual memory management in modular interfaces. However, this modularity has not been carried over to formal verification. We propose modular specifications of hazard pointers and RCU, and formally verify realistic implementations of them in concurrent separation logic. Specifically, we design abstract predicates for hazard pointers that capture the meaning of validating the protection of nodes, and those for RCU that support optimistic traversal to possibly retired nodes. We demonstrate that the specifications indeed facilitate modular verification in three criteria: compositional verification, general applicability, and easy integration. In doing so, we present the first formal verification of Harris’s list, the Harris-Michael list, the Chase-Lev deque, and RDCSS with reclamation. We report the Coq mechanization of all our results in the Iris separation logic framework.
ISSN:2475-1421
2475-1421
DOI:10.1145/3622827