Repairing sequential consistency in C/C++11

@article{Lahav2017RepairingSC,
  title={Repairing sequential consistency in C/C++11},
  author={Ori Lahav and Viktor Vafeiadis and Jeehoon Kang and Chung-Kil Hur and Derek Dreyer},
  journal={Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation},
  year={2017}
}
  • O. Lahav, Viktor Vafeiadis, Derek Dreyer
  • Published 14 June 2017
  • Computer Science
  • Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation
The C/C++11 memory model defines the semantics of concurrent memory accesses in C/C++, and in particular supports racy "atomic" accesses at a range of different consistency levels, from very weak consistency ("relaxed") to strong, sequential consistency ("SC"). Unfortunately, as we observe in this paper, the semantics of SC atomic accesses in C/C++11, as well as in all proposed strengthenings of the semantics, is flawed, in that (contrary to previously published results) both suggested… 
A promising semantics for relaxed-memory concurrency
TLDR
The first relaxed memory model that accounts for a broad spectrum of features from the C++11 concurrency model, is implementable, and defines the semantics of racy programs without relying on undefined behaviors, which is a prerequisite for applicability to type-safe languages like Java is proposed.
Formalizing the concurrency semantics of an LLVM fragment
TLDR
In order to support LLVM's semantics for racy accesses, the formal model does not work on the level of single executions as the hardware and the C/C++ models do, but rather uses more elaborate structures called event structures.
The semantics of transactions and weak memory in x86, Power, ARM, and C++
TLDR
This work aims to clarify the interplay between weak memory and TM by extending existing axiomatic weak memory models with new rules for TM with a key finding that a proposed TM extension to ARMv8 currently being considered within ARM Research is incompatible with lock elision without sacrificing portability or performance.
The semantics of transactions and weak memory in x86, Power, ARM, and C++
TLDR
This work aims to clarify the interplay between weak memory and TM by extending existing axiomatic weak memory models (x86, Power, ARMv8, and C++) with new rules for TM, and finds that a proposed TM extension toARMv8 currently being considered within ARM Research is incompatible with lock elision without sacrificing portability or performance.
1 The Semantics of Transactions and Weak Memory in x 86 , Power , ARMv 8 , and C + +
TLDR
This work aims to provide an formal understanding of the interplay between weak memory and TM, without which, programmers cannot robustly reason about programs that use both of these important concurrent programming constructs.
Mixed-size concurrency: ARM, POWER, C/C++11, and SC
TLDR
It is shown that adding a memory barrier between each instruction does not restore sequential consistency, and the C/C++11 model is extended to support non-atomic mixed-size memory accesses, a necessary step towards semantics for real-world shared-memory concurrent code, beyond litmus tests.
Decidable verification under a causally consistent shared memory
TLDR
This paper establishes the decidability of safety properties for finite-state concurrent programs running under a causally consistent shared memory model, and develops an alternative operational semantics, based on the notion of a thread potential, that is equivalent to the existing declarative semantics and constitutes a well-structured transition system.
Modular Relaxed Dependencies in Weak Memory Concurrency
We present a denotational semantics for weak memory concurrency that avoids thin-air reads, provides data-race free programs with sequentially consistent semantics (DRF-SC), and supports a
Effective stateless model checking for C/C++ concurrency
TLDR
A stateless model checking algorithm for verifying concurrent programs running under RC11, a repaired version of the C/C++11 memory model without dependency cycles, which works directly on execution graphs and (in the absence of RMW instructions and SC atomics) avoids redundant exploration by construction.
Verifying C11-Style Weak Memory Libraries via Refinement
TLDR
This paper develops a simple framework for specifying abstract objects that precisely characterises the observability guarantees of abstract method calls, and shows how this framework can be integrated with an operational semantics that enables verification of client programs that execute abstract method Calls from a library they use.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 44 REFERENCES
Clarifying and compiling C/C++ concurrency: from C++11 to POWER
TLDR
Two simpler but provably equivalent models for C++11 are established, one for the full language and another for the subset without consume operations, and it is proved that, under an additional condition, the model is equivalent to sequential consistency for race-free programs.
A promising semantics for relaxed-memory concurrency
TLDR
The first relaxed memory model that accounts for a broad spectrum of features from the C++11 concurrency model, is implementable, and defines the semantics of racy programs without relying on undefined behaviors, which is a prerequisite for applicability to type-safe languages like Java is proposed.
Taming release-acquire consistency
We introduce a strengthening of the release-acquire fragment of the C11 memory model that (i) forbids dubious behaviors that are not observed in any implementation; (ii) supports fence instructions
Mathematizing C++ concurrency
TLDR
This work establishes a mathematical (yet readable) semantics for C++ concurrency, which will aid discussion of any further changes, provide a correctness condition for compilers, and give a much-needed basis for analysis and verification of concurrent C and C++ programs.
Overhauling SC atomics in C11 and OpenCL
TLDR
An overhaul of SC atomics in C11 is conducted, reducing the associated axioms in both number and complexity, which leads to an exponential improvement in simulation time for C11 litmus tests compared with the original model, making *exhaustive* simulation competitive, time-wise, with the *non-ex exhaustive* CDSChecker tool.
Foundations of the C++ concurrency memory model
TLDR
The simple model the effort to address issues by explicitly providing semantics for threads in the next revision of the C++ standard is described, and how this, together with some practical, but often under-appreciated implementation constraints, drives us towards the above decisions.
Synchronising C/C++ and POWER
TLDR
This paper gives a clear semantic characterisation of the load-reserve/store-conditional primitives as provided by POWER multiprocessors, for the first time since they were introduced 20 years ago, and proves sound a proposed compilation scheme of the C/C++ synchronisation constructs to POWER, together with the simpler atomic operations for which soundness is already known from previous work.
A concurrency semantics for relaxed atomics that permits optimisation and avoids thin-air executions
TLDR
A concurrency semantics for a core calculus, including relaxed-atomic and non-atomic accesses, and locks, that admits a wide range of optimisation while still forbidding the classic thin-air examples, and addresses other problems relating to undefined behaviour.
Counterexamples and Proof Loophole for the C/C++ to POWER and ARMv7 Trailing-Sync Compiler Mappings
TLDR
This paper discusses two counterexamples to the well-known trailing-sync compiler mappings for the Power and ARMv7 architectures that were previously thought to be proven correct and discusses the loophole in the proof of the mappings that allowed the incorrect mappings to be proved correct.
Relaxed separation logic: a program logic for C11 concurrency
TLDR
Relaxed separation logic (RSL), the first program logic for reasoning about concurrent programs running under the C11 relaxed memory model, is introduced with proof rules for the various kinds of C11 atomic accesses.
...
1
2
3
4
5
...