Bounding data races in space and time
read more
Citations
On Thin Air Reads: Towards an Event Structures Model of Relaxed Memory.
Bridging the gap between programming languages and hardware weak memory models
Pomsets with preconditions: a simple model of relaxed memory
Owicki-Gries Reasoning for C11 RAR
SmartTrack: efficient predictive race detection
References
The Java memory model
x86-TSO: a rigorous and usable programmer's model for x86 multiprocessors
Understanding POWER multiprocessors
Fixing the Java memory model
Fences in weak memory models
Related Papers (5)
Frequently Asked Questions (12)
Q2. What future works have the authors mentioned in the paper "Bounding data races in space and time" ?
In future work, the authors plan to extend their currently spartan model with other types of atomics. Two routes to this suggest themselves: by extending their operational model with release-acquire primitives in the style of Kang et al. [ 13 ], or by extending the SRA model of Lahav et al. [ 14 ] with load-buffering-free nonatomics.
Q3. How do the authors enforce SRA on AArch64?
The authors enforce SRA by compiling all mutable loads as load acquire ([ldar] on AArch64 and [r <- ld; cmpi r, 0; beq L; L: isync] on PowerPC) and assignments are store release ([stlr] on AArch64 and [lwsync; st] on PowerPC).
Q4. What is the purpose of releaseacquire atomics?
In particular, releaseacquire atomics would be a useful extension: they are strong enough to describe many parallel programming idioms, yet weak enough to be relatively cheaply implementable.
Q5. What is the condition that the authors assume of these transitions?
The only condition that the authors do assume of these transitions is that read transitions are not picky about the value being read, that is:Proposition 4.
Q6. What is the semantics of Kang et al.?
The semantics of Kang et al. [13] accounts for a large fragment of the C++ memory model, including release-acquire, relaxed and nonatomic accesses, while introducing a novel “promise” mechanism to give an operational interpretation to load-buffering behaviours.
Q7. Why is the effect of data races in Java not bounded in time?
the effect of data races in Java is not bounded in time, because the memory model permits reads to return inconsistent values because of a data race that happened in the past.
Q8. What is the way to prove that the program has the expected behaviour?
Using the standard global DRF theorems, the authors are able to prove that each of the three examples above have the expected behaviour, but only under the stronger assumption that there are no data races on any variables at any time during the program’s execution.
Q9. What is the way to conclude that g has a bug?
In a safe language, when f() + g() returns the wrong answer even when f() returns the right one, one can conclude that g has a bug.
Q10. What is the largest subset of relating only events on the same thread?
For two such events E1,E2 ∈ |Σ|, the authors write E1 <Σ E2 if the transition T (E1) occurs before the transition T (E2) in the trace Σ. From any Σ, the authors construct a candidate execution (|Σ|, poΣ, rfΣ, coΣ) as follows:• poΣ is the largest subset of <Σ relating only events on the same thread.
Q11. What are the two simple ways to insert a branch after loads?
Two simple ones are to insert a branch after loads, or to insert a dmb ld barrier before stores, shown in tables 2a and 2b respectively.
Q12. What heap layout is used to allocate large objects in Multicore OCaml?
New objects in Multicore OCaml are allocated in a threadlocal minor heap with large objects allocated directly in the major heap.