Abstract
Read-Copy-Update (RCU) is a technique for letting multiple readers safely access a data structure while a writer concurrently modifies it. It is used heavily in the Linux kernel in situations where fast reads are important and writes are infrequent. Optimized implementations rely only on the weaker memory orderings provided by modern hardware, avoiding the need for expensive synchronization instructions (such as memory barriers) as much as possible. Using GPS, a recently developed program logic for the C/C++11 memory model, we verify an implementation of RCU for a singly-linked list assuming "release-acquire" semantics. Although release-acquire synchronization is stronger than what is required by real RCU implementations, it is nonetheless significantly weaker than the assumption of sequential consistency made in prior work on RCU verification. Ours is the first formal proof of correctness for an implementation of RCU under a weak memory model.
- Supplemental material for this paper available at the following URL: http://plv.mpi-sws.org/gps/rcu/.Google Scholar
- J. Alglave, D. Kroening, and M. Tautschnig. Partial orders for efficient bounded model checking of concurrent software. In CAV, 2013.Google Scholar
- M. Batty, S. Owens, S. Sarkar, P. Sewell, and T. Weber. Mathematizing C++ concurrency. In POPL, 2011. Google Scholar
Digital Library
- R. Bornat, C. Calcagno, P. O’Hearn, and M. Parkinson. Permission accounting in separation logic. In POPL, 2005. Google Scholar
Digital Library
- M. Desnoyers, P. E. McKenney, A. S. Stern, M. R. Dagenais, and J. Walpole. User-level implementations of read-copy update. IEEE Trans. Parallel Distrib. Syst., 23(2):375–382, 2012. Google Scholar
Digital Library
- E. W. Dijkstra. EWD123: Cooperating Sequential Processes. Technical report, 1965. Google Scholar
Digital Library
- A. Gotsman, N. Rinetzky, and H. Yang. Verifying concurrent memory reclamation algorithms with grace. In ESOP, 2013. Google Scholar
Digital Library
- ISO/IEC 9899:2011. Programming language C.Google Scholar
- R. Jung, D. Swasey, F. Sieczkowski, K. Svendsen, A. Turon, L. Birkedal, and D. Dreyer. Iris: Monoids and invariants as an orthogonal basis for concurrent reasoning. In POPL, 2015. Google Scholar
Digital Library
- L. Lamport. How to make a multiprocessor computer that correctly executes multiprocess programs. IEEE Trans. on Computers, C-28(9): 690–691, 1970. Google Scholar
Digital Library
- S. Mador-Haim, L. Maranget, S. Sarkar, K. Memarian, J. Alglave, S. Owens, R. Alur, M. Martin, P. Sewell, and D. Williams. An axiomatic memory model for POWER multiprocessors. In CAV. 2012. Google Scholar
Digital Library
- P. E. McKenney. Exploiting Deferred Destruction: An Analysis of Read-Copy-Update Techniques in Operating System Kernels. PhD thesis, OGI School of Science and Engineering at Oregon Health and Sciences University, 2004. Google Scholar
Digital Library
- P. E. McKenney and J. D. Slingwine. Read-copy update: Using execution history to solve concurrency problems. In PDCS, 1998.Google Scholar
- P. E. McKenney, T. Riegel, J. Preshing, H. Boehm, C. Nelson, and O. Giroux. N4215: Towards implementation and use of memory order consume, 2014. Available at http://www.open-std. org/jtc1/sc22/wg21/docs/papers/2014/n4215.pdf.Google Scholar
- J. C. Reynolds. Separation logic: A logic for shared mutable data structures. In LICS, 2002. Google Scholar
Digital Library
- P. Sewell, S. Sarkar, S. Owens, F. Z. Nardelli, and M. O. Myreen. x86-TSO: A rigorous and usable programmer’s model for x86 multiprocessors. CACM, 53(7):89–97, 2010. Google Scholar
Digital Library
- A. Turon, V. Vafeiadis, and D. Dreyer. GPS: Navigating weak memory with ghosts, protocols, and separation. In OOPSLA, 2014. Google Scholar
Digital Library
- V. Vafeiadis. Concurrent separation logic and operational semantics. In MFPS, volume 276 of ENTCS, 2011. Google Scholar
Digital Library
- V. Vafeiadis and C. Narayan. Relaxed separation logic: A program logic for C11 concurrency. In OOPSLA, 2013. Google Scholar
Digital Library
- V. Vafeiadis, T. Balabonski, S. Chakraborty, R. Morisset, and F. Zappa Nardelli. Common compiler optimisations are invalid in the C11 memory model and what we can do about it. In POPL, 2015. Google Scholar
Digital Library
Index Terms
Verifying read-copy-update in a logic for weak memory
Recommendations
Verifying read-copy-update in a logic for weak memory
PLDI '15: Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and ImplementationRead-Copy-Update (RCU) is a technique for letting multiple readers safely access a data structure while a writer concurrently modifies it. It is used heavily in the Linux kernel in situations where fast reads are important and writes are infrequent. ...
GPS: navigating weak memory with ghosts, protocols, and separation
OOPSLA '14: Proceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Languages & ApplicationsWeak memory models formalize the inconsistent behaviors that one can expect to observe in multithreaded programs running on modern hardware. In so doing, however, they complicate the already-difficult task of reasoning about correctness of concurrent ...
Relaxed separation logic: a program logic for C11 concurrency
OOPSLA '13We introduce relaxed separation logic (RSL), the first program logic for reasoning about concurrent programs running under the C11 relaxed memory model. From a user's perspective, RSL is an extension of concurrent separation logic (CSL) with proof rules ...






Comments