A promising semantics for relaxed-memory concurrency

Despite many years of research, it has proven very difficult to develop a memory model for concurrent programming languages that adequately balances the conflicting desiderata of programmers, compilers, and hardware. In this paper, we propose the first relaxed memory model that (1) accounts for a broad spectrum of features from the C++11 concurrency model, (2) is implementable, in the sense that it provably validates many standard compiler optimizations and reorderings, as well as standard compilation schemes to x86-TSO and Power, (3) justifies simple invariant-based reasoning, thus demonstrating the absence of bad "out-of-thin-air" behaviors, (4) supports "DRF" guarantees, ensuring that programmers who use sufficient synchronization need not understand the full complexities of relaxed-memory semantics, and (5) defines the semantics of racy programs without relying on undefined behaviors, which is a prerequisite for applicability to type-safe languages like Java. The key novel idea behind our model is the notion of *promises*: a thread may promise to execute a write in the future, thus enabling other threads to read from that write out of order. Crucially, to prevent out-of-thin-air behaviors, a promise step requires a thread-local certification that it will be possible to execute the promised write even in the absence of the promise. To establish confidence in our model, we have formalized most of our key results in Coq.

[1]  Radha Jagadeesan,et al.  Generative Operational Semantics for Relaxed Memory Models , 2010, ESOP.

[2]  Andreas Lochbihler Making the java memory model safe , 2014, TOPL.

[3]  Karl Crary,et al.  A Calculus for Relaxed Memory , 2015, POPL.

[4]  James Riely,et al.  On Thin Air Reads Towards an Event Structures Model of Relaxed Memory , 2016, 2016 31st Annual ACM/IEEE Symposium on Logic in Computer Science (LICS).

[5]  M. Hill,et al.  Weak ordering-a new definition , 1990, [1990] Proceedings. The 17th Annual International Symposium on Computer Architecture.

[6]  John Wickerson,et al.  Overhauling SC atomics in C11 and OpenCL , 2016, POPL.

[7]  David Aspinall,et al.  On Validity of Program Transformations in the Java Memory Model , 2008, ECOOP.

[8]  Yang Zhang,et al.  An operational happens-before memory model , 2015, Frontiers of Computer Science.

[9]  Peter Sewell,et al.  A Better x86 Memory Model: x86-TSO , 2009, TPHOLs.

[10]  Peter Sewell,et al.  A concurrency semantics for relaxed atomics that permits optimisation and avoids thin-air executions , 2016, POPL.

[11]  Jeremy Manson,et al.  The Java memory model , 2005, POPL '05.

[12]  Brian Demsky,et al.  CDSchecker: checking concurrent data structures written with C/C++ atomics , 2013, OOPSLA.

[13]  Ori Lahav,et al.  Explaining Relaxed Memory Models with Program Transformations , 2016, FM.

[14]  Ali Sezgin,et al.  Modelling the ARMv8 architecture, operationally: concurrency and ISA , 2016, POPL.

[15]  Anton Podkopaev,et al.  Operational Aspects of C/C++ Concurrency , 2016, ArXiv.

[16]  Suresh Jagannathan,et al.  CompCertTSO: A Verified Compiler for Relaxed-Memory Concurrency , 2013, JACM.

[17]  Ori Lahav,et al.  Taming release-acquire consistency , 2016, POPL.

[18]  Peter Sewell,et al.  Mathematizing C++ concurrency , 2011, POPL '11.

[19]  Guy L. Steele,et al.  The Java Language Specification , 1996 .

[20]  Happy Gogoi PROGRAMMING LANGUAGE C , 2015 .

[21]  Наталія Ігорівна Муліна,et al.  Programming language C , 2013 .

[22]  Hans-Juergen Boehm,et al.  Outlawing ghosts: avoiding out-of-thin-air results , 2014, MSPC@PLDI.

[23]  Jeehoon Kang,et al.  Repairing sequential consistency in C/C++11 , 2017, PLDI.

[24]  Viktor Vafeiadis,et al.  Common Compiler Optimisations are Invalid in the C11 Memory Model and what we can do about it , 2015, POPL.

[25]  Jan Vitek,et al.  Plan B: a buffered memory model for Java , 2013, POPL.

[26]  Viktor Vafeiadis,et al.  Formalizing the concurrency semantics of an LLVM fragment , 2017, 2017 IEEE/ACM International Symposium on Code Generation and Optimization (CGO).