Repairing sequential consistency in C/C++11

The C/C++11 memory model defines the semantics of concurrent memory accesses in C/C++, and in particular supports racy "atomic" accesses at a range of different consistency levels, from very weak consistency ("relaxed") to strong, sequential consistency ("SC"). Unfortunately, as we observe in this paper, the semantics of SC atomic accesses in C/C++11, as well as in all proposed strengthenings of the semantics, is flawed, in that (contrary to previously published results) both suggested compilation schemes to the Power architecture are unsound. We propose a model, called RC11 (for Repaired C11), with a better semantics for SC accesses that restores the soundness of the compilation schemes to Power, maintains the DRF-SC guarantee, and provides stronger, more useful, guarantees to SC fences. In addition, we formally prove, for the first time, the correctness of the proposed stronger compilation schemes to Power that preserve load-to-store ordering and avoid "out-of-thin-air" reads.

[1]  Alexey Gotsman,et al.  C/C++ Causal Cycles Confound Compositionality , 2013, Tiny Trans. Comput. Sci..

[2]  Viktor Vafeiadis,et al.  GPS: navigating weak memory with ghosts, protocols, and separation , 2014, OOPSLA.

[3]  Jeehoon Kang,et al.  A promising semantics for relaxed-memory concurrency , 2017, POPL.

[4]  Peter Sewell,et al.  Clarifying and compiling C/C++ concurrency: from C++11 to POWER , 2012, POPL '12.

[5]  Peter Sewell,et al.  The Problem of Programming Language Concurrency Semantics , 2015, ESOP.

[6]  Ori Lahav,et al.  Owicki-Gries Reasoning for Weak Memory Models , 2015, ICALP.

[7]  Viktor Vafeiadis,et al.  Common Compiler Optimisations are Invalid in the C11 Memory Model and what we can do about it , 2015, POPL.

[8]  Peter Sewell,et al.  Mathematizing C++ concurrency , 2011, POPL '11.

[9]  Ali Sezgin,et al.  Modelling the ARMv8 architecture, operationally: concurrency and ISA , 2016, POPL.

[10]  Albert Cohen,et al.  Correct and efficient work-stealing for weak memory models , 2013, PPoPP '13.

[11]  Leslie Lamport,et al.  How to Make a Multiprocessor Computer That Correctly Executes Multiprocess Programs , 2016, IEEE Transactions on Computers.

[12]  Peter Sewell,et al.  A Better x86 Memory Model: x86-TSO , 2009, TPHOLs.

[13]  Hans-Juergen Boehm,et al.  Outlawing ghosts: avoiding out-of-thin-air results , 2014, MSPC@PLDI.

[14]  Hans-Juergen Boehm Can seqlocks get along with programming language memory models? , 2012, MSPC '12.

[15]  James Riely,et al.  On Thin Air Reads Towards an Event Structures Model of Relaxed Memory , 2016, 2016 31st Annual ACM/IEEE Symposium on Logic in Computer Science (LICS).

[16]  Hans-Juergen Boehm,et al.  Foundations of the C++ concurrency memory model , 2008, PLDI '08.

[17]  Peter Sewell,et al.  A concurrency semantics for relaxed atomics that permits optimisation and avoids thin-air executions , 2016, POPL.

[18]  Margaret Martonosi,et al.  Counterexamples and Proof Loophole for the C/C++ to POWER and ARMv7 Trailing-Sync Compiler Mappings , 2016, ArXiv.

[19]  Brian Demsky,et al.  CDSchecker: checking concurrent data structures written with C/C++ atomics , 2013, OOPSLA.

[20]  Dennis Shasha,et al.  Efficient and correct execution of parallel programs that share memory , 1988, TOPL.

[21]  Viktor Vafeiadis,et al.  Relaxed separation logic: a program logic for C11 concurrency , 2013, OOPSLA.

[22]  George A. Constantinides,et al.  Automatically comparing memory consistency models , 2017, POPL.

[23]  Ori Lahav,et al.  Taming release-acquire consistency , 2016, POPL.

[24]  Ori Lahav,et al.  Explaining Relaxed Memory Models with Program Transformations , 2016, FM.

[25]  Jade Alglave,et al.  Synchronising C/C++ and POWER , 2012, PLDI.

[26]  John Wickerson,et al.  Overhauling SC atomics in C11 and OpenCL , 2016, POPL.