Abstract
The C/C++11 concurrency model balances two goals: it is relaxed enough to be efficiently implementable and (leaving aside the ``thin-air'' problem) it is strong enough to give useful guarantees to programmers. It is mathematically precise and has been used in verification research and compiler testing. However, the model is expressed in an axiomatic style, as predicates on complete candidate executions. This suffices for computing the set of allowed executions of a small litmus test, but it does not directly support the incremental construction of executions of larger programs. It is also at odds with conventional operational semantics, as used implicitly in the rest of the C/C++ standards.
Our main contribution is the development of an operational model for C/C++11 concurrency. This covers all the features of the previous formalised axiomatic model, and we have a mechanised proof that the two are equivalent, in Isabelle/HOL. We also integrate this semantics with an operational semantics for sequential C (described elsewhere); the combined semantics can incrementally execute programs in a small fragment of C.
Doing this uncovered several new aspects of the C/C++11 model: we show that one cannot build an equivalent operational model that simply follows program order, sequential consistent order, or the synchronises-with order. The first negative result is forced by hardware-observable behaviour, but the latter two are not, and so might be ameliorated by changing C/C++11. More generally, we hope that this work, with its focus on incremental construction of executions, will inform the future design of new concurrency models.
- Jade Alglave, Luc Maranget, and Michael Tautschnig. Herding cats: Modelling, simulation, testing, and data mining for weak memory. ACM TOPLAS, 36(2):7:1–7:74, 2014. Google Scholar
Digital Library
- Mark Batty. The C11 and C++11 Concurrency Model. PhD thesis, University of Cambridge, 2015.Google Scholar
- https://www.cs. kent.ac.uk/people/staff/mjb211/toc.pdf.Google Scholar
- Mark Batty, Mike Dodds, and Alexey Gotsman. Library abstraction for C/C++ concurrency. In Proc. POPL, pages 235–248, 2013. Google Scholar
Digital Library
- Mark Batty, Kayvan Memarian, Kyndylan Nienhuis, Jean Pichon-Pharabod, and Peter Sewell. The problem of programming language concurrency semantics. In Proc. ESOP, pages 283–307. 2015.Google Scholar
- Mark Batty, Kayvan Memarian, Scott Owens, Susmit Sarkar, and Peter Sewell. Clarifying and compiling C/C++ concurrency: from C++11 to POWER. In Proc. POPL, pages 509– 520, 2012. Google Scholar
Digital Library
- Mark Batty, Scott Owens, Susmit Sarkar, Peter Sewell, and Tjark Weber. Mathematizing C++ concurrency. In Proc. POPL, 2011. Google Scholar
Digital Library
- Jasmin Christian Blanchette, Tjark Weber, Mark Batty, Scott Owens, and Susmit Sarkar. Nitpicking C++ concurrency. In Peter Schneider-Kamp and Michael Hanus, editors, Proc. PPDP, pages 113–124, 2011. Google Scholar
Digital Library
- Hans-J Boehm and Sarita V Adve. Foundations of the C++ concurrency memory model. In ACM SIGPLAN Notices, volume 43, pages 68–78. ACM, 2008. Google Scholar
Digital Library
- Pietro Cenciarelli, Alexander Knapp, and Eleonora Sibilio. The Java memory model: Operationally, denotationally, axiomatically. In Proc. ESOP, pages 331–346, 2007. Google Scholar
Digital Library
- Karl Crary and Michael J. Sullivan. A calculus for relaxed memory. In Proc. POPL, pages 623–636, 2015. Google Scholar
Digital Library
- Chucky Ellison. A Formal Semantics of C with Applications. PhD thesis, University of Illinois, July 2012.Google Scholar
- Lisa Higham, Lillanne Jackson, and Jalal Kawash. Specifying memory consistency of write buffer multiprocessors. ACM TOPLAS, 25(1), February 2007. Google Scholar
Digital Library
- Ori Lahav, Nick Giannarakis, and Viktor Vafeiadis. Taming release-acquire consistency. In Proc. POPL, pages 649–662, 2016. Google Scholar
Digital Library
- Jeremy Manson, William Pugh, and Sarita V Adve. The Java memory model, volume 40. ACM, 2005. Google Scholar
Digital Library
- Paul E. McKenney, Torvald Riegel, Jeff Preshing, Hans Boehm, Clark Nelson, and Olivier Giroux. N4321: Towards implementation and use of memory order consume. WG21 working note, http://www.open-std.org/jtc1/ sc22/wg21/docs/papers/2014/n4321.pdf, October 2014.Google Scholar
- Kayvan Memarian, Justus Matthiesen, James Lingard, Kyndylan Nienhuis, David Chisnall, Robert N.M. Watson, and Peter Sewell. Into the depths of C: elaborating the de facto standards. In Proc. PLDI, 2016. Google Scholar
Digital Library
- Robin Morisset, Pankaj Pawan, and Francesco Zappa Nardelli. Compiler testing via a theory of sound optimisations in the C11/C++11 memory model. In Proc. PLDI, 2013. Google Scholar
Digital Library
- Dominic P. Mulligan, Scott Owens, Kathryn E. Gray, Tom Ridge, and Peter Sewell. Lem: reusable engineering of realworld semantics. In Proc. ICFP, pages 175–188, 2014. Google Scholar
Digital Library
- Brian Norris and Brian Demsky. CDSchecker: checking concurrent data structures written with C/C++ atomics. In Proc. OOPSLA, 2013. Google Scholar
Digital Library
- Scott Owens, Susmit Sarkar, and Peter Sewell. A better x86 memory model: x86-TSO. In Theorem Proving in Higher Order Logics, pages 391–407. 2009. Google Scholar
Digital Library
- Jean Pichon-Pharabod and Peter Sewell. A concurrency semantics for relaxed atomics that permits optimisation and avoids thin-air executions. In Proc. POPL, 2016. Google Scholar
Digital Library
- Jaroslav Ševˇcík and Peter Sewell. C/C++11 mappings to processors. http://www.cl.cam.ac.uk/~pes20/cpp/ cpp0xmappings.html. Accessed 2015-07-08.Google Scholar
- Joseph Tassarotti, Derek Dreyer, and Viktor Vafeiadis. Verifying read-copy-update in a logic for weak memory. In Proc. PLDI, pages 110–120, 2015. Google Scholar
Digital Library
- Emina Torlak, Mandana Vaziri, and Julian Dolby. Memsat: Checking axiomatic specifications of memory models. In Proc. PLDI, pages 341–350, 2010. Google Scholar
Digital Library
- Aaron Turon, Viktor Vafeiadis, and Derek Dreyer. GPS: navigating weak memory with ghosts, protocols, and separation. In Proc. OOPSLA, pages 691–707, 2014. Google Scholar
Digital Library
- Viktor Vafeiadis, Thibaut Balabonski, Soham Chakraborty, Robin Morisset, and Francesco Zappa Nardelli. Common compiler optimisations are invalid in the C11 memory model and what we can do about it. In Proc. POPL, pages 209–220, 2015. Google Scholar
Digital Library
- Jaroslav Ševˇcík, Viktor Vafeiadis, Francesco Zappa Nardelli, Suresh Jagannathan, and Peter Sewell. CompCertTSO: A verified compiler for relaxed-memory concurrency. J. ACM, 60(3), June 2013. Google Scholar
Digital Library
- WG14. ISO/IEC 9899:2011.Google Scholar
- WG14 and WG21. ISO/IEC 14882:2011.Google Scholar
- WG14 and WG21. ISO/IEC 14882:2014.Google Scholar
- WG21. N3786.Google Scholar
Index Terms
An operational semantics for C/C++11 concurrency
Recommendations
An operational semantics for C/C++11 concurrency
OOPSLA 2016: Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and ApplicationsThe C/C++11 concurrency model balances two goals: it is relaxed enough to be efficiently implementable and (leaving aside the ``thin-air'' problem) it is strong enough to give useful guarantees to programmers. It is mathematically precise and has been ...
A concurrency semantics for relaxed atomics that permits optimisation and avoids thin-air executions
POPL '16Despite much research on concurrent programming languages, especially for Java and C/C++, we still do not have a satisfactory definition of their semantics, one that admits all common optimisations without also admitting undesired behaviour. Especially ...
A concurrency semantics for relaxed atomics that permits optimisation and avoids thin-air executions
POPL '16: Proceedings of the 43rd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming LanguagesDespite much research on concurrent programming languages, especially for Java and C/C++, we still do not have a satisfactory definition of their semantics, one that admits all common optimisations without also admitting undesired behaviour. Especially ...







Comments