o n t he f ly g arbage c ollector edger w. dijkstra leslie lamport a. j. martin c. s. scholten...

1

ON THE FLY GARBAGE COLLECTOR

Edger W. Dijkstra

Leslie Lamport

A. J. Martin

C. S. Scholten

E.F.M. Steffens

Presented by: Dana Drachsler

2

roots

GARBAGE COLLECTION – PROBLEM DESCRIPTION

Directed graph The number of nodes is fixed, M The edges may change Each node has two outgoing edges:

left edge, right edge Either of them can be missing

We have a set of “root nodes” A node is reachable if it is reachable from

some root The data structure consists of all reachable

nodes and their interconnections Nodes that are not reachable are called “garbage

nodes”

3

GARBAGE COLLECTION – PROBLEM DESCRIPTION

Operations we can apply on reachable nodes:1. Redirecting an edge towards an already

reachable one2. Redirecting an edge towards a not yet

reachable node that doesn’t have outgoing edges

3. Adding an edge towards an already reachable one

4. Adding an edge towards a not yet reachable node that doesn’t have outgoing edges

5. Removing an edge After applying operations of type 1, 2 or 5 a node may become a garbage node.

4

IMPLEMENTING A GARBAGE COLLECTOR

We maintain a list of “free list” of nodes that have been identified as garbage nodes These nodes are available to be added to the

data structure

5

IMPLEMENTING A GARBAGE COLLECTOR

The trivial solution for a garbage collector:1. While (free list is not empty) continue2. Halt every processor, and start collecting

garbage: Starting from the roots, mark all reachable

nodes The “marking phase”

Append all unmarked nodes to the free listand remove the marking The “sweeping phase”

Goto 1

roots

6

DISADVANTAGES OF THIS SOLUTION

In 1978, the minor disadvantage was the delay of the computation

The major disadvantage was the unpredicted interludes caused by the garbage collector This led to difficulties upon designing real-time

systems. To this end, we study the case where we

have two processors: The “mutator” – responsible only for the

computation The collector – responsible for collecting garbage

They both operate concurrently

7

SOLUTIONS

We present three solutions to the garbage collection problem

We start with a coarse grained solution and we next refine it.

8

REFORMULATION OF THE PROBLEM STEP 1

We have a special root node named NIL Its two outgoing edges point to it

A missing edge will be replaced with anedge to NIL

Thus, we are left with only two possible operations:1. Redirecting an edge towards an already

reachable one2. Redirecting an edge towards a not yet

reachable node8

NIL

9


We add special root nodes that NIL and all garbage nodes will be reachable from them but no other node will be reachable from

them. Thus, all nodes are now part of the

data structure

NILroots

roots

10

roots


We are left with a single type of operation:1. Redirecting an edge towards an already

reachable one Operation of type 2 is translated into

two modifications of type 1: Redirect an edge towards a node

in the free list Redirect edges of free list’s nodes to

remove this node from the free list

NILroots

11


Now, the activities of the mutator and collector are repeated executions of: Mutator:

Redirect an outgoing edge of a reachable node towards an already reachable one

Collector: Marking phase:

Mark all reachable nodes Appending phase:

Append all unmarked nodes to the free list Remove the marking from all marked nodes

12

CORRECTNESS CRITERIA

The mutator and collector keep throughout the execution the following correctness criteria:

CC1 (Liveness):Every garbage node is eventually

appended to the free list.

CC2 (Safety) :Appending a garbage node to the free

list is the collector’s only modification of the data structure.

13

ATOMIC OPERATIONS

We will assume that the following operations are atomic: Redirecting an edge Finding the left or right successor of a node Testing and/ or setting certain attributes of a

node Appending node to the free list

This is simple, provided that the free list remains long enough and then the mutator does not interfere with the collector’s appending operation.

14

THE COARSE GRAINED SOLUTION

Can we eliminate the overhead of the mutator? No, consider the following scenario. roots

A

B

C

15

THE COARSE GRAINED SOLUTION

Can we eliminate the overhead of the mutator? No, consider the following scenario. The collector observes nodes

one at a time Hence, it may never discover that

C is reachable Thus, the mutator must mark in

some way the target nodes of edges it redirects

rootsA

B

C

16

MARKING THE NODES

We will use colors for marking We start with all nodes white During the marking phase all

reachable nodes will be marked black

At the end of the marking phase, all white nodes are garbage nodes

17

MARKING THE NODES

During the marking phase we keep the following invariants:

No node will become lighter

No edge points from a black node to a white node

18

MARKING THE NODES

Suppose the mutator wants to redirectone of its edge to a white node It will violate our invariant

Can it mark it black? No, the white node may have white

successors Thus, we need to introduce another color

Gray


19

THE MUTATOR

We define “shading a node” as marking it gray if it was white, and leave it unchanged otherwise

The mutator repeatedly performs the following atomic operation: Redirect an outgoing edge of a

reachable node towards an already reachable one and

Shade it

20

THE COLLECTOR

The collector will also use the gray color in order to ensure it doesn’t violate the invariant

Upon encountering a gray node, the collector will: Mark it black

and Shade its left successor

and Shade its right successor

The marking phase will terminate once there are no gray nodes This will be detected after scanning all nodes

without finding gray ones

21

THE MARKING PHASE

1. Shade all roots2. i = 0, k = M 3. While (k > 0)

1. If (node i is gray) 1. k = M2. Shade all successors of node i

and make node i black2. Else // node i isn’t gray

1. k = k – 13. i = (i + 1) mod M

roots0

1

23

4

i = 0 k = 6

0

1

2

i = 1

3

i = 2

4

i = 3i = 4i = 5

5

k = 5k = 4k = 3k = 2k = 1k = 0

22

THE MARKING PHASE

roots0

1

23

4

6

7

5 8

NIL

23

APPENDING PHASE

1. i = 02. While (i < M)

1. If (node i is white) 1. Append it to the free list

2. Else if (node i is black)1. Mark it white

3. Else1. Error

4. i = i + 1

24

PROVING CORRECTNESS CRITERIA

Proof: It suffices to show that in the appending phase

we append only garbage nodes to the free list To this end, we prove the invariant:

a white node with a number ≥ i is garbage

CC2:Appending a garbage node to the free

list is the collector’s only modification of the data structure.

25

PROVING CORRECTNESS CRITERIA “A white node with a number ≥ i is garbage” Proof: This is held between the appending cycles:

Throughout the appending phase i only increasesThus, the collector may violate it only if it makes

a non garbage node white or by making a white node non garbageThis is violated only with respect to node i, but

then the subsequent increase i = i + 1 restores the invariant

26

PROVING CORRECTNESS CRITERIA “A white node with a number ≥ i is garbage” Proof: This is held between the appending cycles:

The mutator cannot violate this invariantIt doesn’t update i It doesn’t color nodes in white (only gray)It can’t redirect edges to non reachable nodes

thus, it can’t make a white node non garbagebecause it is not reachable

27

PROVING CORRECTNESS CRITERIA “A white node with a number ≥ i is garbage” Proof: This is held when we enter the appending phase:

We need to show that the marking phase has established that “all white nodes are garbage”

To prove this, we assume that at the beginning of the marking phase there are no black nodesAt the end of the appending phase, there are

no black nodesThe mutator doesn’t color nodes in black

Recall the mutator and collector maintain the following:No edge points from a black node to a

white node

28


Thus, when there are no more gray nodes all black nodes are reachable and all white node are garbage

We determine that there are no gray nodes after scanning all nodes without encountering gray nodes

If only the collector would have colored nodes in gray, this was trivially correct

Can the mutator also color nodes in gray?Not white nodes, since they are not reachableNot black nodes, since it only shades nodes

29


Thus if a collector has scanned all nodes and didn’t encounter a gray node, it implies that at the beginning of that scan there were no gray nodes If there was a gray node at the beginning of the

scan the collector must have encountered it The mutator leaves gray nodes gray

Thus, we can safely determine that there are no gray nodes and all white nodes are garbage

30


Proof: We first show that the collector’s

two phases terminate properly The appending phase terminates

unless it encounters a gray node At the end of the marking phase there are no

gray nodes Also, every white node is garbage, thus the

mutator cannot shade them Thus, there are no gray nodes during this phase

CC1:Every garbage node is eventually


1. While (i < M)1. If (node i is white) …2. Else if (node i is black)

…3. Else Error4. i = i + 1

31


Proof: The marking phase terminates

since the quantity k + M * (number of nonblack nodes) decreases by at least one in each iteration of the marking phase

1. …2. i = 0, k = M 3. While (k > 0)

1. If (node i is gray) 1. k = M2. …

2. Else 1. k = k – 1

3. …

CC1:Every garbage node is eventually


32

D nodes


At the beginning of the appending phase we have 3 sets: The set of reachable nodes

which are black The set of white garbage nodes

which will be appended to the freelist

The set of black garbage nodes We name them D-nodes

We want to show that D-nodes will be appended to the free list in the next appending phase

33


We say that an edge “leads into D” if its source is not in D and its target is in D.

Because D-nodes are garbage, the sources of edges that lead into D are white.

Since D-nodes are garbage, the mutator will not redirect edges towards them

Since they are black they will not be appended during this appending phase

D nodes

34


But the collector will append all white nodes to the free list, thus redirect their edges

Thus at the end of this phase: There will be no edges leading

into D All D nodes will be white

No new edges that lead into D until the next appending phase The mutator surely cannot create new ones The collector doesn’t redirect edges during the

marking phase

D nodes

35


Thus, at the next marking round they will remain white

And will be appended to the free list in the next appending phase

36

TOWARDS A FINER GRAINED SOLUTION

Recall the mutator atomic operation:Redirect an outgoing edge of a reachable node

towards an already reachable oneShade it

We want to split it into two atomic operationsWe also want to maintain our old invariant

The trivial solution: shade the new target and then redirect the edge


37


Consider the following scenario: The mutator shades B and goes to sleep The collector performs a marking phase Then, it performs an appending phase

Afterwards B’s color is white! The collector begins another marking phase

and color A in black and goes to sleep The mutator redirect A’s edge towards B

The mutator redirects all edges that their target is B The collector completes the marking phase, and in

the appending phase identifies B as garbage!

A

BB

A

No node points from a black node to a white node

38


Thus, we must change the mutator’s atomic operation

Thus, before introducing a finer grained solution we need a new coarse grained solution The collector will remain the same

39

A NEW COARSE GRAINED SOLUTION

The pervious invariant allowed us to deduce that if we encountered a reachable white node then there exists a gray node

Propagation path: A path that begins with a gray node and all

other nodes are white

We used the old invariant to conclude that if there are no gray nodes, all white nodes are garbage The new invariant suffices for this conclusion

For each white reachable node, there exists a propagation path leading to it

40


Corollary: If each root is gray or black,

the absence of edges from black to white implies our invariant. In particular it is true at the beginning of the marking cycle because all nodes have been shaded and there are no black nodes


roots0

1

34

6

2

7

5 8

41


Thus, we only need to show that we keep our new invariant


roots0

1

34

6

2

7

5 8

42


To prove this, we need to maintain another invariant

Note that in the absence of black nodes, this clearly holds Thus, at the beginning of the marking phase, this

holds We now show that both invariants are held

during the marking phase

Only the last edge placed by the mutator may lead from a black node to a white

one

43

THE NEW INVARIANTS

Recall the collector’s atomic operation: Shade all successors of node i and

make node i black



one

44

THE NEW INVARIANTS

Shading the successors means that: The node’s edges are not part of any

propagation path, thus, making the node black doesn’t violate the first invariant

There is no black-to-white edge, thus the second invariant is held



one

45

THE NEW INVARIANTS

The mutator’s new atomic operation: Shade the target of the previously

redirected edge redirect an outgoing edge of a

reachable node towards a reachable node

This clearly holds

rootsA

B

CC3D


one

B

46

THE NEW INVARIANTS

We only redirect to reachable nodes, thus,if they are white they had a propagation pathbefore this operation.

If the source node isblack, then its outgoing edge was not part of any propagation path

For each white reachable node, there exists a

propagation path leading to it

roots0

1

23

4

6

7

5 8

NIL

0

1 6

23

47

THE NEW INVARIANTS

If the source node was white or gray, then afterthis operation, there willbe no edges from a blacknode to a white node

The roots must be grayof black, thus, accordingto the corollary, the invariant holds

For each white reachable node, there exists a

propagation path leading to it

roots0

1

23

4

6

7

5 8

NIL

48

A FINE GRAINED SOLUTION

We split the mutator’s atomic operation: Shade the target of the previously redirected

edge Redirect an outgoing edge of a reachable node

towards a reachable node We split the collector’s atomic operation:

Shade the left-hand successor of node i Shade the right-hand successor of node i Make node i black

We need to show that our invariants still hold during the marking phase We will show stronger invariants

49


A C-edge is an edge whose source has been detected as gray by the collector during the marking phase Note that a C-edge remains a C-edge even if the

target is changed by the mutator At the beginning, the set of C-edges is empty We create C-edges when we shade a node’s

successors The c-edges are the node’s edges


The strengthened invariants:

50

Every root is gray or black, and for each white reachable node, there exists a propagation path

leading to it, containing no C-edges

There exists at most one edge E satisfying E is a black to white edge or E is a C-edge with a white

target

51

UNDERSTANDING THE INVARIANTS

Every root is gray or black, and for each white

reachable node, there exists a propagation path leading to it, containing

no C-edges

roots0

1

34

6

2

7

5 8

There exists at most one edge E satisfying E is a black to white

edge or E is a C-edge with a white target

6

3

52

PROVING THE INVARIANTS

At the beginning, There are no C-edges and all roots are gray, thus

the first invariant holds There are no black nodes or C-edges, thus the

second invariant holds




target

53


None of the atomic operations introduces a new reachable white node

Thus, it suffices to show that if we have a propagation path before applying any of the operations, we have one afterwards




target

54


The mutator’s atomic operation: Shade the target of the previously redirected


towards a reachable node The collector’s atomic operation:

Shade the left-hand successor of node i Shade the right-hand successor of node i Make node i black

If we had propagation path without C-edges before these operations, we will have the same paths or shortened paths

0

1

2

0

33

55


The collector’s shading operations create C-edges but their targets are black or gray, thus they did not belong to a propagation path

The mutator’s shading operation may only remove edge E if existed


target

56


The collector’s atomic operation: Shade the left-hand successor of node i Shade the right-hand successor of node i Make node i black

Node i is gray, thus all its outgoing edges are C-edges, thus they are not part of any propagation path



57


The collector’s atomic operation: Shade the left-hand successor of node i Shade the right-hand successor of node i Make node i black

It may introduce a black to white edge, but then this edge was already a C-edge with a white target


target

58




towards a reachable node

If this invariant was held before, then there could not have been a black to white edge or a C-edge with a white target.

This operation creates at most one edge of this type


target

59




towards a reachable node

If the source is black, or the edge is C-edge then the edge didn’t belong to any propagation path

Thus, since this operation does not create other C-edges, the same paths exist



60


Otherwise, the edge to be redirected is not a C-edge and has a white or gray source

Since there is at most one black-to-white edge or a C edge, we know that there are no C-edges and no black-to-white edges at all, using the corollary we get our invariant



61

SUMMARY

We have shown three solutions We first showed a simple coarse grained-

solution Which its invariants were quite straight-forward

We aimed to refine this solution This turned out to be not a simple task

We needed to change our implementation and the invariants

Afterwards we could refine the solution, and “fix” the proof of the coarse grained solution

62

QUESTIONS?

o n t he f ly g arbage c ollector edger w. dijkstra leslie lamport a. j. martin c. s. scholten...

Documents