Generative Operational Semantics forRelaxed Memory Models
Radha Jagadeesan Corin Pitcher James Riely
School of ComputingDePaul University
ESOP 2010
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 1 / 32
An operational semantics for concurrency
Message passing concurrency well understoodoperational/denotational models, equivalence/order relations soundtype systems, proof systems, etc
Shared-memory concurrency well understood, assumingsequentially consistent execution, ordata race free programs
Relaxed models used in practiceCompiler flexibility (source, JIT, instruction decoder/scheduler)Efficiency, lock free algorithms
Relaxed models not well understoodGoal: novel type system for relaxed modelThis paper: operational semantics for soundness proof
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 2 / 32
An operational semantics for concurrency
Message passing concurrency well understoodoperational/denotational models, equivalence/order relations soundtype systems, proof systems, etc
Shared-memory concurrency well understood, assumingsequentially consistent execution, ordata race free programs
Relaxed models used in practiceCompiler flexibility (source, JIT, instruction decoder/scheduler)Efficiency, lock free algorithms
Relaxed models not well understoodGoal: novel type system for relaxed modelThis paper: operational semantics for soundness proof
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 2 / 32
An operational semantics for concurrency
Message passing concurrency well understoodoperational/denotational models, equivalence/order relations soundtype systems, proof systems, etc
Shared-memory concurrency well understood, assumingsequentially consistent execution, ordata race free programs
Relaxed models used in practiceCompiler flexibility (source, JIT, instruction decoder/scheduler)Efficiency, lock free algorithms
Relaxed models not well understoodGoal: novel type system for relaxed modelThis paper: operational semantics for soundness proof
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 2 / 32
An operational semantics for concurrency
Message passing concurrency well understoodoperational/denotational models, equivalence/order relations soundtype systems, proof systems, etc
Shared-memory concurrency well understood, assumingsequentially consistent execution, ordata race free programs
Relaxed models used in practiceCompiler flexibility (source, JIT, instruction decoder/scheduler)Efficiency, lock free algorithms
Relaxed models not well understoodGoal: novel type system for relaxed modelThis paper: operational semantics for soundness proof
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 2 / 32
An operational semantics for concurrency
Message passing concurrency well understoodoperational/denotational models, equivalence/order relations soundtype systems, proof systems, etc
Shared-memory concurrency well understood, assumingsequentially consistent execution, ordata race free programs
Relaxed models used in practiceCompiler flexibility (source, JIT, instruction decoder/scheduler)Efficiency, lock free algorithms
Relaxed models not well understoodGoal: novel type system for relaxed modelThis paper: operational semantics for soundness proof
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 2 / 32
Transformations that occur in relaxed models
Non-conflict reordering (conflict = same location + write)p.f=0p.g=1
p.g=1p.f=0
Redundant read eliminationx=p.fp.g=1y=p.freturn y
x=p.fp.g=1return x
Roach motelx=p.fk.acquire()
k.acquire()x=p.f
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 3 / 32
Transformations that occur in relaxed models
Non-conflict reordering (conflict = same location + write)p.f=0p.g=1
p.g=1p.f=0
Redundant read eliminationx=p.fp.g=1y=p.freturn y
x=p.fp.g=1return x
Roach motelx=p.fk.acquire()
k.acquire()x=p.f
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 3 / 32
Transformations that occur in relaxed models
Non-conflict reordering (conflict = same location + write)p.f=0p.g=1
p.g=1p.f=0
Redundant read eliminationx=p.fp.g=1y=p.freturn y
x=p.fp.g=1return x
Roach motelx=p.fk.acquire()
k.acquire()x=p.f
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 3 / 32
Concurrency and program transformation
Transformation correct: no new behaviorExpect p.h incremented at most once (Dijkstra, 1965)
write g, read fp.g = 1x = p.fif(x == 0)p.h ++
write f, read gp.f = 1y = p.gif(y == 0)p.h ++
Non-conflict reordering
p.f=0 p.g=0 p.h=0
x = p.fp.g = 1if(x == 0)p.h ++
p.f = 1y = p.gif(y == 0)p.h ++
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 4 / 32
Concurrency and program transformation
Transformation correct: no new behaviorExpect p.h incremented at most once (Dijkstra, 1965)
write f, read gx = p.fp.g = 1if(x == 0)p.h ++
write f, read gp.f = 1y = p.gif(y == 0)p.h ++
Non-conflict reordering
p.f=0 p.g=0 p.h=0
x = p.fp.g = 1if(x == 0)p.h ++
p.f = 1y = p.gif(y == 0)p.h ++
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 4 / 32
Concurrency and program transformation
Transformation correct: no new behaviorExpect p.h incremented at most once (Dijkstra, 1965)
write g, read fp.g = 1x = p.fif(x == 0)p.h ++
write f, read gp.f = 1y = p.gif(y == 0)p.h ++
Non-conflict reordering
p.f=0 p.g=0 p.h=0
x = p.fp.g = 1if(x == 0)p.h ++
p.f = 1y = p.gif(y == 0)p.h ++
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 4 / 32
Concurrency and program transformation
Transformation correct: no new behaviorExpect p.h incremented at most once (Dijkstra, 1965)
write g, read fp.g = 1x = p.fif(x == 0)p.h ++
write f, read gp.f = 1y = p.gif(y == 0)p.h ++
Non-conflict reordering
p.f=0 p.g=0 p.h=0
x = p.fp.g = 1if(x == 0)p.h ++
p.f = 1y = p.gif(y == 0)p.h ++
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 4 / 32
Concurrency and program transformation
Transformation correct: no new behaviorExpect p.h incremented at most once (Dijkstra, 1965)
write g, read fp.g = 1x = p.fif(x == 0)p.h ++
write f, read gp.f = 1y = p.gif(y == 0)p.h ++
Non-conflict reordering
p.f=0 p.g=0 p.h=0
0 = p.fp.g = 1if(0 == 0)p.h ++
p.f = 1y = p.gif(y == 0)p.h ++
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 4 / 32
Concurrency and program transformation
Transformation correct: no new behaviorExpect p.h incremented at most once (Dijkstra, 1965)
write g, read fp.g = 1x = p.fif(x == 0)p.h ++
write f, read gp.f = 1y = p.gif(y == 0)p.h ++
Non-conflict reordering
p.f=1 p.g=0 p.h=0
0 = p.fp.g = 1if(0 == 0)p.h ++
p.f = 1y = p.gif(y == 0)p.h ++
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 4 / 32
Concurrency and program transformation
Transformation correct: no new behaviorExpect p.h incremented at most once (Dijkstra, 1965)
write g, read fp.g = 1x = p.fif(x == 0)p.h ++
write f, read gp.f = 1y = p.gif(y == 0)p.h ++
Non-conflict reordering
p.f=1 p.g=0 p.h=0
0 = p.fp.g = 1if(0 == 0)p.h ++
p.f = 10 = p.gif(0 == 0)p.h ++
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 4 / 32
Concurrency and program transformation
Transformation correct: no new behaviorExpect p.h incremented at most once (Dijkstra, 1965)
write g, read fp.g = 1x = p.fif(x == 0)p.h ++
write f, read gp.f = 1y = p.gif(y == 0)p.h ++
Non-conflict reordering
p.f=1 p.g=0 p.h=1
0 = p.fp.g = 1if(0 == 0)p.h ++
p.f = 10 = p.gif(0 == 0)p.h ++
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 4 / 32
Concurrency and program transformation
Transformation correct: no new behaviorExpect p.h incremented at most once (Dijkstra, 1965)
write g, read fp.g = 1x = p.fif(x == 0)p.h ++
write f, read gp.f = 1y = p.gif(y == 0)p.h ++
Non-conflict reordering
p.f=1 p.g=1 p.h=1
0 = p.fp.g = 1if(0 == 0)p.h ++
p.f = 10 = p.gif(0 == 0)p.h ++
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 4 / 32
Concurrency and program transformation
Transformation correct: no new behaviorExpect p.h incremented at most once (Dijkstra, 1965)
write g, read fp.g = 1x = p.fif(x == 0)p.h ++
write f, read gp.f = 1y = p.gif(y == 0)p.h ++
Non-conflict reordering
p.f=1 p.g=1 p.h=2
0 = p.fp.g = 1if(0 == 0)p.h ++
p.f = 10 = p.gif(0 == 0)p.h ++
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 4 / 32
1 BackgroundSequential ConsistencyData Race Free ModelJava Memory Model
2 Speculative semanticsEmpirical and speculative actionsDesirable executions allowedUndesirable executions prevented
3 Summary of resultsRelation to Java Memory ModelSimulation precongruence
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 5 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory:
p.f=0
Threads: p.f = 0p.f = 1return
x = p.fy = p.freturn(x,y)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory:
p.f=0
Threads: p.f = 0p.f = 1return
x = p.fy = p.freturn(x,y)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=0
Threads: p.f = 0p.f = 1return
x = p.fy = p.freturn(x,y)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=0
Threads: p.f = 0p.f = 1return
x = p.fy = p.freturn(x,y)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=1
Threads: p.f = 0p.f = 1return
x = p.fy = p.freturn(x,y)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=1
Threads: p.f = 0p.f = 1return
1 = p.fy = p.freturn(1,y)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=1
Threads: p.f = 0p.f = 1return
1 = p.f1 = p.freturn(1,1)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=0
Threads: p.f = 0p.f = 1return
x = p.fy = p.freturn(x,y)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=0
Threads: p.f = 0p.f = 1return
x = p.fy = p.freturn(x,y)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=0
Threads: p.f = 0p.f = 1return
x = p.fy = p.freturn(x,y)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=1
Threads: p.f = 0p.f = 1return
0 = p.fy = p.freturn(0,y)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=1
Threads: p.f = 0p.f = 1return
0 = p.fy = p.freturn(0,y)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=1
Threads: p.f = 0p.f = 1return
0 = p.f1 = p.freturn(0,1)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=1
Threads: p.f = 0p.f = 1return
0 = p.f1 = p.freturn(0,1)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Sequential Consistency (SC)Ops appear to execute in some sequential orderOps of individual threads appear in program order(Lamport 1977)
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=1
Threads: p.f = 0p.f = 1return
0 = p.f1 = p.freturn(0,1)
return (1,1) possiblereturn (0,1) possiblereturn (0,0) possiblereturn (1,0) impossible
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 6 / 32
Caching model
Indirection between action and memory
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=0
Pending actions:
p.f=0 p.f=1
Threads: p.f = 0p.f = 1return
x = p.fy = p.freturn(x,y)
return (1,0) possibleThe execution has a data race: conflicting ops not totally ordered
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 7 / 32
Caching model
Indirection between action and memory
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=0
Pending actions: p.f=0
p.f=1
Threads: p.f = 0p.f = 1return
x = p.fy = p.freturn(x,y)
return (1,0) possibleThe execution has a data race: conflicting ops not totally ordered
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 7 / 32
Caching model
Indirection between action and memory
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=0
Pending actions: p.f=0 p.f=1
Threads: p.f = 0p.f = 1return
x = p.fy = p.freturn(x,y)
return (1,0) possibleThe execution has a data race: conflicting ops not totally ordered
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 7 / 32
Caching model
Indirection between action and memory
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=1
Pending actions: p.f=0
Threads: p.f = 0p.f = 1return
x = p.fy = p.freturn(x,y)
return (1,0) possibleThe execution has a data race: conflicting ops not totally ordered
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 7 / 32
Caching model
Indirection between action and memory
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=1
Pending actions: p.f=0
Threads: p.f = 0p.f = 1return
1 = p.fy = p.freturn(1,y)
return (1,0) possibleThe execution has a data race: conflicting ops not totally ordered
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 7 / 32
Caching model
Indirection between action and memory
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=0
Pending actions:
Threads: p.f = 0p.f = 1return
1 = p.fy = p.freturn(1,y)
return (1,0) possibleThe execution has a data race: conflicting ops not totally ordered
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 7 / 32
Caching model
Indirection between action and memory
Program: write f twicep.f = 0p.f = 1return
read f twicex = p.fy = p.freturn(x,y)
Memory: p.f=0
Pending actions:
Threads: p.f = 0p.f = 1return
1 = p.f0 = p.freturn(1,0)
return (1,0) possibleThe execution has a data race: conflicting ops not totally ordered
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 7 / 32
Data-Race Free (DRF) Semantics
DRF programs: SC executionPrograms with races: no commentOk for C++ (Boehm and Adve, 2008)
no benign racesno safety guarantees
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 8 / 32
Java
Defines semantics for programs with races (type safety)Defined (Gosling, Joy, Steele, 1996)Caching semantics with “prescient reads”Criticized (Pugh 1999)
invalidates redundant read eliminationx=p.f
y=q.f
z=p.f
x=p.f
y=q.fz=x
invalidates non-conflict reordering!x=p.g
y=p.f
z=q.f
p.x=1
y=p.fx=p.g
z=q.f
p.x=1
Replaced by JMM (JSR 133, 2004)Semantics based on series of executions,each “committing” a data race
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 9 / 32
Java
Defines semantics for programs with races (type safety)Defined (Gosling, Joy, Steele, 1996)Caching semantics with “prescient reads”Criticized (Pugh 1999)
invalidates redundant read eliminationx=p.f
y=q.f
z=p.f
x=p.f
y=q.fz=x
invalidates non-conflict reordering!x=p.g
y=p.f
z=q.f
p.x=1
y=p.fx=p.g
z=q.f
p.x=1
Replaced by JMM (JSR 133, 2004)Semantics based on series of executions,each “committing” a data race
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 9 / 32
Java
Defines semantics for programs with races (type safety)Defined (Gosling, Joy, Steele, 1996)Caching semantics with “prescient reads”Criticized (Pugh 1999)
invalidates redundant read eliminationx=p.f
y=q.f
z=p.f
x=p.f
y=q.fz=x
invalidates non-conflict reordering!x=p.g
y=p.f
z=q.f
p.x=1
y=p.fx=p.g
z=q.f
p.x=1
Replaced by JMM (JSR 133, 2004)Semantics based on series of executions,each “committing” a data race
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 9 / 32
Java
Defines semantics for programs with races (type safety)Defined (Gosling, Joy, Steele, 1996)Caching semantics with “prescient reads”Criticized (Pugh 1999)
invalidates redundant read eliminationx=p.f
y=q.f
z=p.f
x=p.f
y=q.fz=x
invalidates non-conflict reordering!x=p.g
y=p.f
z=q.f
p.x=1
y=p.fx=p.g
z=q.f
p.x=1
Replaced by JMM (JSR 133, 2004)Semantics based on series of executions,each “committing” a data race
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 9 / 32
Prescient read: seeing the future
Caching not enoughProgram A:
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.gp.f = 1return y
In SC semantics, return 1 impossibleCan result from non-conflict reordering
Memory: p.f=0 p.g=0
Threads: x = p.fp.g = xreturn x
p.f = 1y = p.greturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 10 / 32
Prescient read: seeing the future
Caching not enoughProgram A:
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.gp.f = 1return y
In SC semantics, return 1 impossibleCan result from non-conflict reordering
Memory: p.f=0 p.g=0
Threads: x = p.fp.g = xreturn x
p.f = 1y = p.greturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 10 / 32
Prescient read: seeing the future
Caching not enoughProgram A:
copy f to gx = p.fp.g = xreturn x
write f, read gp.f = 1y = p.greturn y
In SC semantics, return 1 impossibleCan result from non-conflict reordering
Memory: p.f=0 p.g=0
Threads: x = p.fp.g = xreturn x
p.f = 1y = p.greturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 10 / 32
Prescient read: seeing the future
Caching not enoughProgram A:
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.gp.f = 1return y
In SC semantics, return 1 impossibleCan result from non-conflict reordering
Memory: p.f=0 p.g=0
Threads: x = p.fp.g = xreturn x
p.f = 1y = p.greturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 10 / 32
Prescient read: seeing the future
Caching not enoughProgram A:
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.gp.f = 1return y
In SC semantics, return 1 impossibleCan result from non-conflict reordering
Memory: p.f=1 p.g=0
Threads: x = p.fp.g = xreturn x
p.f = 1y = p.greturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 10 / 32
Prescient read: seeing the future
Caching not enoughProgram A:
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.gp.f = 1return y
In SC semantics, return 1 impossibleCan result from non-conflict reordering
Memory: p.f=1 p.g=0
Threads: 1 = p.fp.g = 1return 1
p.f = 1y = p.greturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 10 / 32
Prescient read: seeing the future
Caching not enoughProgram A:
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.gp.f = 1return y
In SC semantics, return 1 impossibleCan result from non-conflict reordering
Memory: p.f=1 p.g=1
Threads: 1 = p.fp.g = 1return 1
p.f = 11 = p.greturn 1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 10 / 32
Thin-air read: making things up
Need to be carefulProgram B:
copy f to gx = p.fp.g = xreturn x
copy g to fy = p.gp.f = yreturn y
return 1 undesirable — out of “thin air”
Memory:
p.f=0 p.g=0
Threads: x = p.fp.g = xreturn x
y = p.gp.f = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 11 / 32
Thin-air read: making things up
Need to be carefulProgram B:
copy f to gx = p.fp.g = xreturn x
copy g to fy = p.gp.f = yreturn y
return 1 undesirable — out of “thin air”
Memory: p.f=0 p.g=0
Threads: x = p.fp.g = xreturn x
y = p.gp.f = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 11 / 32
Thin-air read: making things up
Need to be carefulProgram B:
copy f to gx = p.fp.g = xreturn x
copy g to fy = p.gp.f = yreturn y
return 1 undesirable — out of “thin air”
Memory: p.f=0 p.g=0
Threads: x = p.fp.g = xreturn x
0 = p.gp.f = 0return 0
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 11 / 32
Thin-air read: making things up
Need to be carefulProgram B:
copy f to gx = p.fp.g = xreturn x
copy g to fy = p.gp.f = yreturn y
return 1 undesirable — out of “thin air”
Memory: p.f=0 p.g=0
Threads: x = p.fp.g = xreturn x
0 = p.gp.f = 0return 0
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 11 / 32
Thin-air read: making things up
Need to be carefulProgram B:
copy f to gx = p.fp.g = xreturn x
copy g to fy = p.gp.f = yreturn y
return 1 undesirable — out of “thin air”
Memory: p.f=0 p.g=0
Threads: 0 = p.fp.g = 0return 0
0 = p.gp.f = 0return 0
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 11 / 32
Thin-air read: making things up
Need to be carefulProgram B:
copy f to gx = p.fp.g = xreturn x
copy g to fy = p.gp.f = yreturn y
return 1 undesirable — out of “thin air”
Memory: p.f=0 p.g=0
Threads: 0 = p.fp.g = 0return 0
0 = p.gp.f = 0return 0
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 11 / 32
Java Memory Model (JMM)
Program A:
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.gp.f = 1return y
JMM allows both threads to return 1Critism of JMM:
Language acceptor, not generatorDifficult to understand (still)Invalidates useful optimizations (still)
Redundant read eliminationRoach motel
Execution 1:
W (p.f=0)W (p.g=0)
R(0=p.f)
W (p.g=0)
R(0=p.g)
W (p.f=1)
Execution 2:
W (p.f=0)W (p.g=0)
R(1=p.f)
W (p.g=1)
R(0=p.g)
W (p.f=1)
Execution 3:
W (p.f=0)W (p.g=0)
R(1=p.f)
W (p.g=1)
R(1=p.g)
W (p.f=1)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 12 / 32
Java Memory Model (JMM)
Program A:
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.gp.f = 1return y
JMM allows both threads to return 1Critism of JMM:
Language acceptor, not generatorDifficult to understand (still)Invalidates useful optimizations (still)
Redundant read eliminationRoach motel
Execution 1:
W (p.f=0)W (p.g=0)
R(0=p.f)
W (p.g=0)
R(0=p.g)
W (p.f=1)
Execution 2:
W (p.f=0)W (p.g=0)
R(1=p.f)
W (p.g=1)
R(0=p.g)
W (p.f=1)
Execution 3:
W (p.f=0)W (p.g=0)
R(1=p.f)
W (p.g=1)
R(1=p.g)
W (p.f=1)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 12 / 32
Java Memory Model (JMM)
Program A:
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.gp.f = 1return y
JMM allows both threads to return 1Critism of JMM:
Language acceptor, not generatorDifficult to understand (still)Invalidates useful optimizations (still)
Redundant read eliminationRoach motel
Execution 1:
W (p.f=0)W (p.g=0)
R(0=p.f)
W (p.g=0)
R(0=p.g)
W (p.f=1)
Execution 2:
W (p.f=0)W (p.g=0)
R(1=p.f)
W (p.g=1)
R(0=p.g)
W (p.f=1)
Execution 3:
W (p.f=0)W (p.g=0)
R(1=p.f)
W (p.g=1)
R(1=p.g)
W (p.f=1)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 12 / 32
Our goals
New formalization of JMMGenerative modelStandard guarantees
DRF — DRF programs have SC executionsno TAR — no “Thin Air Reads”
Strictly more expressive than JMMEvery outcome allowed by JMM allowed by our semanticsOnly for lockless programs
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 13 / 32
Our goals
New formalization of JMMGenerative modelStandard guarantees
DRF — DRF programs have SC executionsno TAR — no “Thin Air Reads”
Strictly more expressive than JMMEvery outcome allowed by JMM allowed by our semanticsOnly for lockless programs
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 13 / 32
Our goals
New formalization of JMMGenerative modelStandard guarantees
DRF — DRF programs have SC executionsno TAR — no “Thin Air Reads”
Strictly more expressive than JMMEvery outcome allowed by JMM allowed by our semanticsOnly for lockless programs
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 13 / 32
Related Work
The Java Memory ModelManson (PhD Thesis 2004)Also Manson, Pugh, Adve, (POPL 2005)Foundations of the C++ Concurrency Memory ModelBoehm and Adve (PLDI 2008)Program Transformations in Weak Memory ModelsSevcík (PhD Thesis, 2008)Also Sevcík and Aspinall (ECOOP 2008)The semantics of x86-CC multiprocessor machine codeSarkar, Sewell, Nardelli, Owens, Ridge, Braibant, Myreen,Alglave (POPL 2009)Relaxed memory models: an operational approachBoudol and Petri (POPL 2009)Also Boudol and Petri (ESOP 2010)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 14 / 32
1 BackgroundSequential ConsistencyData Race Free ModelJava Memory Model
2 Speculative semanticsEmpirical and speculative actionsDesirable executions allowedUndesirable executions prevented
3 Summary of resultsRelation to Java Memory ModelSimulation precongruence
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 15 / 32
Memory as action sequence
No conventional memoryWrite action: !p.f=1Aquire action: ykRelease action: kxRead value determined by context (Boudol and Petri, 2009)Context is a sequence of actions
yk !p.f=1 !p.g=1 kx
!p.f=2 yk !p.g=2 [ ]
Visibility standard from JMM p.f visible at 1 and 2p.g visible at 2 only, due to k
Threads may reorder non-conflict actions privately (see paper)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 16 / 32
Memory as action sequence
No conventional memoryWrite action: !p.f=1Aquire action: ykRelease action: kxRead value determined by context (Boudol and Petri, 2009)Context is a sequence of actions
yk !p.f=1 !p.g=1 kx
!p.f=2 yk !p.g=2 [ ]
Visibility standard from JMM p.f visible at 1 and 2p.g visible at 2 only, due to k
Threads may reorder non-conflict actions privately (see paper)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 16 / 32
Memory as action sequence
No conventional memoryWrite action: !p.f=1Aquire action: ykRelease action: kxRead value determined by context (Boudol and Petri, 2009)Context is a sequence of actions
yk !p.f=1 !p.g=1 kx
!p.f=2 yk !p.g=2 [ ]
Visibility standard from JMM p.f visible at 1 and 2p.g visible at 2 only, due to k
Threads may reorder non-conflict actions privately (see paper)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 16 / 32
Memory as action sequence
No conventional memoryWrite action: !p.f=1Aquire action: ykRelease action: kxRead value determined by context (Boudol and Petri, 2009)Context is a sequence of actions
yk !p.f=1 !p.g=1 kx
!p.f=2 yk !p.g=2 [ ]
Visibility standard from JMM p.f visible at 1 and 2p.g visible at 2 only, due to k
Threads may reorder non-conflict actions privately (see paper)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 16 / 32
Speculative action
Speculation ?p.f=1 causes branchingWorlds execute independently: initial and final
Speculation visible in final branch, not initialInitial branch must produce justifying empirical write !p.f=1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 17 / 32
Initiality not too restrictive: Program A
Initial branch must justify speculationAfterwards, only final copy remains
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.fp.g = 1return y
!p.g=0 !p.f=1
x = p.fp.g = xreturn x
y = p.gp.f = 1return y
initial
?p.f=1
!p.g=1 !p.f=1
x = p.fp.g = xreturn x
y = p.gp.f = 1return y
final
?p.f=1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 18 / 32
Initiality not too restrictive: Program A
Initial branch must justify speculationAfterwards, only final copy remains
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.fp.g = 1return y
!p.g=0 !p.f=1
x = p.fp.g = xreturn x
y = p.gp.f = 1return y
initial
?p.f=1
!p.g=1 !p.f=1
x = p.fp.g = xreturn x
y = p.gp.f = 1return y
final
?p.f=1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 18 / 32
Initiality not too restrictive: Program A
Initial branch must justify speculationAfterwards, only final copy remains
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.fp.g = 1return y
!p.g=0 !p.f=1
0 = p.fp.g = 0return 0
y = p.gp.f = 1return y
initial
?p.f=1
!p.g=1 !p.f=1
1 = p.fp.g = 1return 1
y = p.gp.f = 1return y
final
?p.f=1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 18 / 32
Initiality not too restrictive: Program A
Initial branch must justify speculationAfterwards, only final copy remains
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.fp.g = 1return y
!p.g=0
!p.f=1
0 = p.fp.g = 0return 0
y = p.gp.f = 1return y
initial
?p.f=1
!p.g=1
!p.f=1
1 = p.fp.g = 1return 1
y = p.gp.f = 1return y
final
?p.f=1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 18 / 32
Initiality not too restrictive: Program A
Initial branch must justify speculationAfterwards, only final copy remains
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.fp.g = 1return y
!p.g=0
!p.f=1
0 = p.fp.g = 0return 0
0 = p.gp.f = 1return 0
initial
?p.f=1
!p.g=1
!p.f=1
1 = p.fp.g = 1return 1
1 = p.gp.f = 1return 1
final
?p.f=1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 18 / 32
Initiality not too restrictive: Program A
Initial branch must justify speculationAfterwards, only final copy remains
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.fp.g = 1return y
!p.g=0 !p.f=1
0 = p.fp.g = 0return 0
0 = p.gp.f = 1return 0
initial
?p.f=1
!p.g=1 !p.f=1
1 = p.fp.g = 1return 1
1 = p.gp.f = 1return 1
final
?p.f=1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 18 / 32
Initiality not too restrictive: Program A
Initial branch must justify speculationAfterwards, only final copy remains
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.fp.g = 1return y
!p.g=0 !p.f=1
0 = p.fp.g = 0return 0
0 = p.gp.f = 1return 0
initial
?p.f=1
!p.g=1 !p.f=1
1 = p.fp.g = 1return 1
1 = p.gp.f = 1return 1
final
?p.f=1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 18 / 32
Initiality not too restrictive: Program A
Initial branch must justify speculationAfterwards, only final copy remains
copy f to gx = p.fp.g = xreturn x
read g, write fy = p.fp.g = 1return y
!p.g=0 !p.f=1
0 = p.fp.g = 0return 0
0 = p.gp.f = 1return 0
initial
?p.f=1
!p.g=1 !p.f=1
1 = p.fp.g = 1return 1
1 = p.gp.f = 1return 1
final
?p.f=1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 18 / 32
Initiality necessary: Program B
Initial branch must justify speculationOtherwise, execution is stuck
copy f to gx = p.fp.g = xreturn x
copy g to fy = p.gp.f = yreturn y
!p.g=0 !p.f=0
x = p.fp.g = xreturn x
y = p.gp.f = yreturn y
initial
?p.f=1
!p.g=1 !p.f=1
x = p.fp.g = xreturn x
y = p.gp.f = yreturn y
final
?p.f=1
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 19 / 32
Initiality necessary: Program B
Initial branch must justify speculationOtherwise, execution is stuck
copy f to gx = p.fp.g = xreturn x
copy g to fy = p.gp.f = yreturn y
!p.g=0 !p.f=0
x = p.fp.g = xreturn x
y = p.gp.f = yreturn y
initial
?p.f=1
!p.g=1 !p.f=1
x = p.fp.g = xreturn x
y = p.gp.f = yreturn y
final
?p.f=1
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 19 / 32
Initiality necessary: Program B
Initial branch must justify speculationOtherwise, execution is stuck
copy f to gx = p.fp.g = xreturn x
copy g to fy = p.gp.f = yreturn y
!p.g=0 !p.f=0
0 = p.fp.g = 0return 0
y = p.gp.f = yreturn y
initial
?p.f=1
!p.g=1 !p.f=1
1 = p.fp.g = 1return 1
y = p.gp.f = yreturn y
final
?p.f=1
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 19 / 32
Initiality necessary: Program B
Initial branch must justify speculationOtherwise, execution is stuck
copy f to gx = p.fp.g = xreturn x
copy g to fy = p.gp.f = yreturn y
!p.g=0
!p.f=0
0 = p.fp.g = 0return 0
y = p.gp.f = yreturn y
initial
?p.f=1
!p.g=1
!p.f=1
1 = p.fp.g = 1return 1
y = p.gp.f = yreturn y
final
?p.f=1
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 19 / 32
Initiality necessary: Program B
Initial branch must justify speculationOtherwise, execution is stuck
copy f to gx = p.fp.g = xreturn x
copy g to fy = p.gp.f = yreturn y
!p.g=0
!p.f=0
0 = p.fp.g = 0return 0
0 = p.gp.f = 0return 0
initial
?p.f=1
!p.g=1
!p.f=1
1 = p.fp.g = 1return 1
1 = p.gp.f = 1return 1
final
?p.f=1
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 19 / 32
Initiality necessary: Program B
Initial branch must justify speculationOtherwise, execution is stuck
copy f to gx = p.fp.g = xreturn x
copy g to fy = p.gp.f = yreturn y
!p.g=0 !p.f=0
0 = p.fp.g = 0return 0
0 = p.gp.f = 0return 0
initial
?p.f=1
!p.g=1 !p.f=1
1 = p.fp.g = 1return 1
1 = p.gp.f = 1return 1
final
?p.f=1
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 19 / 32
Initiality necessary: Program B
Initial branch must justify speculationOtherwise, execution is stuck
copy f to gx = p.fp.g = xreturn x
copy g to fy = p.gp.f = yreturn y
!p.g=0 !p.f=0
0 = p.fp.g = 0return 0
0 = p.gp.f = 0return 0
initial
?p.f=1
!p.g=1 !p.f=1
1 = p.fp.g = 1return 1
1 = p.gp.f = 1return 1
final
?p.f=1
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 19 / 32
Initiality necessary: Program B
Initial branch must justify speculationOtherwise, execution is stuck
copy f to gx = p.fp.g = xreturn x
copy g to fy = p.gp.f = yreturn y
!p.g=0 !p.f=0
0 = p.fp.g = 0return 0
0 = p.gp.f = 0return 0
initial
?p.f=1
!p.g=1 !p.f=1
1 = p.fp.g = 1return 1
1 = p.gp.f = 1return 1
final
?p.f=1STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 19 / 32
Avoiding thin air reads
X Initiality? No self-justification? Consistency? Timeliness
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 20 / 32
Self justification: a degenerate case
Impossible in SC execution: return 1
This execution prevented by definition of visiblity:Thread can not see self-speculation
x = p.fp.f = 1return x
!p.f=1
x = p.fp.f = 1return x
?p.f=1
!p.f=1
x = p.fp.f = 1return x
?p.f=1
ILLEGAL!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 21 / 32
Self justification: a degenerate case
Impossible in SC execution: return 1
This execution prevented by definition of visiblity:Thread can not see self-speculation
x = p.fp.f = 1return x
!p.f=1
x = p.fp.f = 1return x
?p.f=1
!p.f=1
x = p.fp.f = 1return x
?p.f=1
ILLEGAL!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 21 / 32
Self justification: a degenerate case
Impossible in SC execution: return 1
This execution prevented by definition of visiblity:Thread can not see self-speculation
x = p.fp.f = 1return x
!p.f=1
0 = p.fp.f = 1return 0
?p.f=1
!p.f=1
1 = p.fp.f = 1return 1
?p.f=1
ILLEGAL!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 21 / 32
Self justification: a degenerate case
Impossible in SC execution: return 1
This execution prevented by definition of visiblity:Thread can not see self-speculation
x = p.fp.f = 1return x
!p.f=1
0 = p.fp.f = 1return 0
?p.f=1
!p.f=1
1 = p.fp.f = 1return 1
?p.f=1
ILLEGAL!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 21 / 32
Self justification: a degenerate case
Impossible in SC execution: return 1
This execution prevented by definition of visiblity:Thread can not see self-speculation
x = p.fp.f = 1return x
!p.f=1
0 = p.fp.f = 1return 0
?p.f=1
!p.f=1
1 = p.fp.f = 1return 1
?p.f=1
ILLEGAL!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 21 / 32
Self justification: a degenerate case
Impossible in SC execution: return 1
This execution prevented by definition of visiblity:Thread can not see self-speculation
x = p.fp.f = 1return x
!p.f=1
0 = p.fp.f = 1return 0
?p.f=1
!p.f=1
1 = p.fp.f = 1return 1
?p.f=1ILLEGAL!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 21 / 32
Self justification: a degenerate case
Impossible in SC execution: return 1
This execution prevented by definition of visiblity:Thread can not see self-speculation
x = p.fp.f = 1return x
!p.f=1
x = p.fp.f = 1return x
?p.f=1
!p.f=1
x = p.fp.f = 1return x
?p.f=1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 22 / 32
Self justification: a degenerate case
Impossible in SC execution: return 1
This execution prevented by definition of visiblity:Thread can not see self-speculation
x = p.fp.f = 1return x
!p.f=1
x = p.fp.f = 1return x
?p.f=1
!p.f=1
x = p.fp.f = 1return x
?p.f=1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 22 / 32
Self justification: a degenerate case
Impossible in SC execution: return 1
This execution prevented by definition of visiblity:Thread can not see self-speculation
x = p.fp.f = 1return x
!p.f=1
0 = p.fp.f = 1return 0
?p.f=1
!p.f=1
0 = p.fp.f = 1return 0
?p.f=1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 22 / 32
Self justification: a degenerate case
Impossible in SC execution: return 1
This execution prevented by definition of visiblity:Thread can not see self-speculation
x = p.fp.f = 1return x
!p.f=1
0 = p.fp.f = 1return 0
?p.f=1
!p.f=1
0 = p.fp.f = 1return 0
?p.f=1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 22 / 32
Self justification: a degenerate case
Impossible in SC execution: return 1
This execution prevented by definition of visiblity:Thread can not see self-speculation
x = p.fp.f = 1return x
!p.f=1
0 = p.fp.f = 1return 0
?p.f=1
!p.f=1
0 = p.fp.f = 1return 0
?p.f=1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 22 / 32
Controlling speculation: consistencyk.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()x = p.fp.g = x
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Impossible in SC execution: return(1,2)Possible in final branch with speculation ?p.f=2
Initial branch can produce justifying writeInconsistent use of locks between speculation and justifying write
Initial branch
!p.f=0 !p.g=0 ?p.f=2
yk !p.g=0 kx
yk !p.f=2 kx
yk kx
yk kx
Final branch
!p.f=0 !p.g=0 ?p.f=2
yk !p.g=2 kx
yk !p.f=1 kx
yk kx
yk kx
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 23 / 32
Controlling speculation: consistencyk.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()x = p.fp.g = x
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Impossible in SC execution: return(1,2)Possible in final branch with speculation ?p.f=2
Initial branch can produce justifying writeInconsistent use of locks between speculation and justifying write
Initial branch
!p.f=0 !p.g=0 ?p.f=2
yk !p.g=0 kx
yk !p.f=2 kx
yk kx
yk kx
Final branch
!p.f=0 !p.g=0 ?p.f=2
yk !p.g=2 kx
yk !p.f=1 kx
yk kx
yk kx
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 23 / 32
Controlling speculation: consistencyk.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()x = p.fp.g = x
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Impossible in SC execution: return(1,2)Possible in final branch with speculation ?p.f=2
Initial branch can produce justifying writeInconsistent use of locks between speculation and justifying write
Initial branch
!p.f=0 !p.g=0 ?p.f=2
yk !p.g=0 kx
yk !p.f=2 kx
yk kx
yk kx
Final branch
!p.f=0 !p.g=0 ?p.f=2
yk !p.g=2 kx
yk !p.f=1 kx
yk kx
yk kx
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 23 / 32
Controlling speculation: consistencyk.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()x = p.fp.g = x
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Impossible in SC execution: return(1,2)Possible in final branch with speculation ?p.f=2
Initial branch can produce justifying writeInconsistent use of locks between speculation and justifying write
Initial branch
!p.f=0 !p.g=0 ?p.f=2
yk !p.g=0 kx
yk !p.f=2 kx
yk kx
yk kx
Final branch
!p.f=0 !p.g=0 ?p.f=2
yk !p.g=2 kx
yk !p.f=1 kx
yk kx
yk kx
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 23 / 32
Controlling speculation: timeliness
k.acquire()x = p.fp.f = x+1p.g = 1
k.release()return x
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
Impossible SC: return 0; return 1; return 1;
Possible in final branch with speculation ?p.g=1
Initial and final branches produce same actionsSpeculation used to introduce data race in final branch
!p.f=0 !p.g=0
yk !p.f=1 !p.g=1 kx ?p.g=1
yk !p.f=2 !p.g=2 kx
yk kx
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 24 / 32
Controlling speculation: timeliness
k.acquire()x = p.fp.f = x+1p.g = 1
k.release()return x
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
Impossible SC: return 0; return 1; return 1;
Possible in final branch with speculation ?p.g=1
Initial and final branches produce same actionsSpeculation used to introduce data race in final branch
!p.f=0 !p.g=0
yk !p.f=1 !p.g=1 kx ?p.g=1
yk !p.f=2 !p.g=2 kx
yk kx
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 24 / 32
Controlling speculation: timeliness
k.acquire()x = p.fp.f = x+1p.g = 1
k.release()return x
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
Impossible SC: return 0; return 1; return 1;
Possible in final branch with speculation ?p.g=1
Initial and final branches produce same actionsSpeculation used to introduce data race in final branch
!p.f=0 !p.g=0
yk !p.f=1 !p.g=1 kx ?p.g=1
yk !p.f=2 !p.g=2 kx
yk kx
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 24 / 32
Controlling speculation: timeliness
k.acquire()x = p.fp.f = x+1p.g = 1
k.release()return x
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
Impossible SC: return 0; return 1; return 1;
Possible in final branch with speculation ?p.g=1
Initial and final branches produce same actionsSpeculation used to introduce data race in final branch
!p.f=0 !p.g=0
yk !p.f=1 !p.g=1 kx ?p.g=1
yk !p.f=2 !p.g=2 kx
yk kx
STUCK!
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 24 / 32
1 BackgroundSequential ConsistencyData Race Free ModelJava Memory Model
2 Speculative semanticsEmpirical and speculative actionsDesirable executions allowedUndesirable executions prevented
3 Summary of resultsRelation to Java Memory ModelSimulation precongruence
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 25 / 32
Relation to JMM
TheoremDRF program ⇒ SC execution
TheoremLockless program ⇒ every JMM execution allowed
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 26 / 32
Simulation
Simulation defined in paperPrecongruenceUseful
p.f=1; p.g=1;& p.g=1; p.f=1;
p.f=1; k.acquire();& k.acquire(); p.f=1;
x=p.f; y=p.f; M & x=p.f; M{x/y}
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 27 / 32
Summary
New model based on speculation
Data Races Locks New vs. JMMX - =- X >X X 6≷
Simulation precongruenceBetter behaved:Validates redundant-read-elimination, roach-motel, etcThank you
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 28 / 32
Summary
New model based on speculation
Data Races Locks New vs. JMMX - =- X >X X 6≷
Simulation precongruenceBetter behaved:Validates redundant-read-elimination, roach-motel, etcThank you
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 28 / 32
Appendix
The rest of the slides animate the execution of a few examples.
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 29 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=0 kx
yk !p.f=2 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()x = p.fp.g = x
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=2 kx
yk !p.f=1 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()x = p.fp.g = x
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2
yk !p.g=0 kx
yk !p.f=2 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()x = p.fp.g = x
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
!p.f=0 !p.g=0 ?p.f=2
yk !p.g=2 kx
yk !p.f=1 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()x = p.fp.g = x
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk
!p.g=0 kx
yk !p.f=2 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()x = p.fp.g = x
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
!p.f=0 !p.g=0 ?p.f=2 yk
!p.g=2 kx
yk !p.f=1 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()x = p.fp.g = x
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk
!p.g=0 kx
yk !p.f=2 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()0 = p.fp.g = 0
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
!p.f=0 !p.g=0 ?p.f=2 yk
!p.g=2 kx
yk !p.f=1 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()2 = p.fp.g = 2
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=0
kx
yk !p.f=2 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()0 = p.fp.g = 0
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=2
kx
yk !p.f=1 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()2 = p.fp.g = 2
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=0 kx
yk !p.f=2 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()0 = p.fp.g = 0
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=2 kx
yk !p.f=1 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()2 = p.fp.g = 2
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=0 kx
yk
!p.f=2 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()0 = p.fp.g = 0
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=2 kx
yk
!p.f=1 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()2 = p.fp.g = 2
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=0 kx
yk
!p.f=2 kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()0 = p.fif(0==0)p.f = 2
k.release()
k.acquire()0 = p.fp.g = 0
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=2 kx
yk
!p.f=1 kx yk kx yk kx
k.acquire()0 = p.fif(0==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()2 = p.fp.g = 2
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=0 kx
yk !p.f=2
kx yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()0 = p.fif(0==0)p.f = 2
k.release()
k.acquire()0 = p.fp.g = 0
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=2 kx
yk !p.f=1
kx yk kx yk kx
k.acquire()0 = p.fif(0==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()2 = p.fp.g = 2
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=0 kx
yk !p.f=2 kx
yk kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()0 = p.fif(0==0)p.f = 2
k.release()
k.acquire()0 = p.fp.g = 0
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=2 kx
yk !p.f=1 kx
yk kx yk kx
k.acquire()0 = p.fif(0==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()2 = p.fp.g = 2
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=0 kx
yk !p.f=2 kx yk
kx yk kx
k.acquire()x = p.fif(x==0)p.f = 1
k.release()
k.acquire()0 = p.fif(0==0)p.f = 2
k.release()
k.acquire()0 = p.fp.g = 0
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=2 kx
yk !p.f=1 kx yk
kx yk kx
k.acquire()0 = p.fif(0==0)p.f = 1
k.release()
k.acquire()x = p.fif(x==0)p.f = 2
k.release()
k.acquire()2 = p.fp.g = 2
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=0 kx
yk !p.f=2 kx yk
kx yk kx
k.acquire()2 = p.fif(2==0)p.f = 1
k.release()
k.acquire()0 = p.fif(0==0)p.f = 2
k.release()
k.acquire()0 = p.fp.g = 0
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=2 kx
yk !p.f=1 kx yk
kx yk kx
k.acquire()0 = p.fif(0==0)p.f = 1
k.release()
k.acquire()1 = p.fif(1==0)p.f = 2
k.release()
k.acquire()2 = p.fp.g = 2
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=0 kx
yk !p.f=2 kx yk kx
yk kx
k.acquire()2 = p.fif(2==0)p.f = 1
k.release()
k.acquire()0 = p.fif(0==0)p.f = 2
k.release()
k.acquire()0 = p.fp.g = 0
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=2 kx
yk !p.f=1 kx yk kx
yk kx
k.acquire()0 = p.fif(0==0)p.f = 1
k.release()
k.acquire()1 = p.fif(1==0)p.f = 2
k.release()
k.acquire()2 = p.fp.g = 2
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=0 kx
yk !p.f=2 kx yk kx yk
kx
k.acquire()2 = p.fif(2==0)p.f = 1
k.release()
k.acquire()0 = p.fif(0==0)p.f = 2
k.release()
k.acquire()0 = p.fp.g = 0
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=2 kx
yk !p.f=1 kx yk kx yk
kx
k.acquire()0 = p.fif(0==0)p.f = 1
k.release()
k.acquire()1 = p.fif(1==0)p.f = 2
k.release()
k.acquire()2 = p.fp.g = 2
k.release()
k.acquire()x = p.fy = p.g
k.release()return(x,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=0 kx
yk !p.f=2 kx yk kx yk
kx
k.acquire()2 = p.fif(2==0)p.f = 1
k.release()
k.acquire()0 = p.fif(0==0)p.f = 2
k.release()
k.acquire()0 = p.fp.g = 0
k.release()
k.acquire()2 = p.fy = p.g
k.release()return(2,y)
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=2 kx
yk !p.f=1 kx yk kx yk
kx
k.acquire()0 = p.fif(0==0)p.f = 1
k.release()
k.acquire()1 = p.fif(1==0)p.f = 2
k.release()
k.acquire()2 = p.fp.g = 2
k.release()
k.acquire()1 = p.fy = p.g
k.release()return(1,y)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=0 kx
yk !p.f=2 kx yk kx yk
kx
k.acquire()2 = p.fif(2==0)p.f = 1
k.release()
k.acquire()0 = p.fif(0==0)p.f = 2
k.release()
k.acquire()0 = p.fp.g = 0
k.release()
k.acquire()2 = p.f0 = p.g
k.release()return(2,0)
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=2 kx
yk !p.f=1 kx yk kx yk
kx
k.acquire()0 = p.fif(0==0)p.f = 1
k.release()
k.acquire()1 = p.fif(1==0)p.f = 2
k.release()
k.acquire()2 = p.fp.g = 2
k.release()
k.acquire()1 = p.f2 = p.g
k.release()return(1,2)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: consistency
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=0 kx
yk !p.f=2 kx yk kx yk kx
k.acquire()2 = p.fif(2==0)p.f = 1
k.release()
k.acquire()0 = p.fif(0==0)p.f = 2
k.release()
k.acquire()0 = p.fp.g = 0
k.release()
k.acquire()2 = p.f0 = p.g
k.release()return(2,0)
!p.f=0 !p.g=0 ?p.f=2 yk !p.g=2 kx
yk !p.f=1 kx yk kx yk kx
k.acquire()0 = p.fif(0==0)p.f = 1
k.release()
k.acquire()1 = p.fif(1==0)p.f = 2
k.release()
k.acquire()2 = p.fp.g = 2
k.release()
k.acquire()1 = p.f2 = p.g
k.release()return(1,2)
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 30 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()x = p.fp.f = x+1p.g = 1
k.release()return x
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()x = p.fp.f = x+1p.g = 1
k.release()return x
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0
yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()x = p.fp.f = x+1p.g = 1
k.release()return x
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0
yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()x = p.fp.f = x+1p.g = 1
k.release()return x
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk
!p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()x = p.fp.f = x+1p.g = 1
k.release()return x
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0 yk
!p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()x = p.fp.f = x+1p.g = 1
k.release()return x
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk
!p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0 yk
!p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk !p.f=1
!p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0 yk !p.f=1
!p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1
kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1
kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1
yk !p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1
yk !p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1
yk !p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1
yk !p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk
!p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk
!p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()x = p.fp.f = x+1p.g = 2
k.release()return x
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk
!p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()1 = p.fp.f = 1+1p.g = 2
k.release()return 1
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk
!p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()1 = p.fp.f = 1+1p.g = 2
k.release()return 1
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2
!p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()1 = p.fp.f = 1+1p.g = 2
k.release()return 1
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2
!p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()1 = p.fp.f = 1+1p.g = 2
k.release()return 1
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2
kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()1 = p.fp.f = 1+1p.g = 2
k.release()return 1
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2
kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()1 = p.fp.f = 1+1p.g = 2
k.release()return 1
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx
yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()1 = p.fp.f = 1+1p.g = 2
k.release()return 1
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx
yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()1 = p.fp.f = 1+1p.g = 2
k.release()return 1
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk
kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()1 = p.fp.f = 1+1p.g = 2
k.release()return 1
k.acquire()
y = p.gk.release()return y
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk
kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()1 = p.fp.f = 1+1p.g = 2
k.release()return 1
k.acquire()
y = p.gk.release()return y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk
kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()1 = p.fp.f = 1+1p.g = 2
k.release()return 1
k.acquire()
2 = p.gk.release()return 2
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk
kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()1 = p.fp.f = 1+1p.g = 2
k.release()return 1
k.acquire()
1 = p.gk.release()return 1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Controlling speculation: timeliness
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()1 = p.fp.f = 1+1p.g = 2
k.release()return 1
k.acquire()
2 = p.gk.release()return 2
!p.f=0 !p.g=0 yk !p.f=1 !p.g=1 kx
?p.g=1 yk !p.f=2 !p.g=2 kx yk kx
k.acquire()0 = p.fp.f = 0+1p.g = 1
k.release()return 0
k.acquire()1 = p.fp.f = 1+1p.g = 2
k.release()return 1
k.acquire()
1 = p.gk.release()return 1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 31 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
x = p.fk.acquire()z = p.hif(x==2) p.g = 1else p.g = z
k.release()return(x,z)
y = p.gp.h = yreturn y
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
x = p.fk.acquire()z = p.hif(x==2) p.g = 1else p.g = z
k.release()return(x,z)
y = p.gp.h = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0
yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
x = p.fk.acquire()z = p.hif(x==2) p.g = 1else p.g = z
k.release()return(x,z)
y = p.gp.h = yreturn y
!p.f=0 !p.g=0 !p.h=0
yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
x = p.fk.acquire()z = p.hif(x==2) p.g = 1else p.g = z
k.release()return(x,z)
y = p.gp.h = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk
!p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
x = p.fk.acquire()z = p.hif(x==2) p.g = 1else p.g = z
k.release()return(x,z)
y = p.gp.h = yreturn y
!p.f=0 !p.g=0 !p.h=0 yk
!p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
x = p.fk.acquire()z = p.hif(x==2) p.g = 1else p.g = z
k.release()return(x,z)
y = p.gp.h = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2
kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
x = p.fk.acquire()z = p.hif(x==2) p.g = 1else p.g = z
k.release()return(x,z)
y = p.gp.h = yreturn y
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2
kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
x = p.fk.acquire()z = p.hif(x==2) p.g = 1else p.g = z
k.release()return(x,z)
y = p.gp.h = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx
yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
x = p.fk.acquire()z = p.hif(x==2) p.g = 1else p.g = z
k.release()return(x,z)
y = p.gp.h = yreturn y
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx
yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
x = p.fk.acquire()z = p.hif(x==2) p.g = 1else p.g = z
k.release()return(x,z)
y = p.gp.h = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx
yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
2 = p.fk.acquire()z = p.hif(2==2) p.g = 1else p.g = z
k.release()return(2,z)
y = p.gp.h = yreturn y
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
x = p.fk.acquire()z = p.hif(x==2) p.g = 1else p.g = z
k.release()return(x,z)
y = p.gp.h = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
2 = p.fk.acquire()z = p.hif(2==2) p.g = 1else p.g = z
k.release()return(2,z)
y = p.gp.h = yreturn y
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1
kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
x = p.fk.acquire()z = p.hif(x==2) p.g = 1else p.g = z
k.release()return(x,z)
y = p.gp.h = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1
kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
2 = p.fk.acquire()z = p.hif(2==2) p.g = 1else p.g = z
k.release()return(2,z)
y = p.gp.h = yreturn y
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx
yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
x = p.fk.acquire()z = p.hif(x==2) p.g = 1else p.g = z
k.release()return(x,z)
y = p.gp.h = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx
yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
2 = p.fk.acquire()z = p.hif(2==2) p.g = 1else p.g = z
k.release()return(2,z)
y = p.gp.h = yreturn y
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx
yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
1 = p.fk.acquire()z = p.hif(1==2) p.g = 1else p.g = z
k.release()return(1,z)
y = p.gp.h = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk
?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
2 = p.fk.acquire()z = p.hif(2==2) p.g = 1else p.g = z
k.release()return(2,z)
y = p.gp.h = yreturn y
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk
?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
1 = p.fk.acquire()z = p.hif(1==2) p.g = 1else p.g = z
k.release()return(1,z)
y = p.gp.h = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1
!p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
2 = p.fk.acquire()z = p.hif(2==2) p.g = 1else p.g = z
k.release()return(2,z)
y = p.gp.h = yreturn y
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1
!p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
1 = p.fk.acquire()z = p.hif(1==2) p.g = 1else p.g = z
k.release()return(1,z)
y = p.gp.h = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1
!p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
2 = p.fk.acquire()z = p.hif(2==2) p.g = 1else p.g = z
k.release()return(2,z)
y = p.gp.h = yreturn y
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1
!p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
1 = p.fk.acquire()z = p.hif(1==2) p.g = 1else p.g = z
k.release()return(1,z)
y = p.gp.h = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1
!p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
2 = p.fk.acquire()0 = p.hif(2==2) p.g = 1else p.g = 0
k.release()return(2,0)
y = p.gp.h = yreturn y
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1
!p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
1 = p.fk.acquire()1 = p.hif(1==2) p.g = 1else p.g = 1
k.release()return(1,1)
y = p.gp.h = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1
!p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
2 = p.fk.acquire()0 = p.hif(2==2) p.g = 1else p.g = 0
k.release()return(2,0)
y = p.gp.h = yreturn y
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1
!p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
1 = p.fk.acquire()1 = p.hif(1==2) p.g = 1else p.g = 1
k.release()return(1,1)
y = p.gp.h = yreturn y
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1
!p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
2 = p.fk.acquire()0 = p.hif(2==2) p.g = 1else p.g = 0
k.release()return(2,0)
1 = p.gp.h = 1return 1
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1
!p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
1 = p.fk.acquire()1 = p.hif(1==2) p.g = 1else p.g = 1
k.release()return(1,1)
1 = p.gp.h = 1return 1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1
kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
2 = p.fk.acquire()0 = p.hif(2==2) p.g = 1else p.g = 0
k.release()return(2,0)
1 = p.gp.h = 1return 1
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1
kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
1 = p.fk.acquire()1 = p.hif(1==2) p.g = 1else p.g = 1
k.release()return(1,1)
1 = p.gp.h = 1return 1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32
Roach Motel
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
2 = p.fk.acquire()0 = p.hif(2==2) p.g = 1else p.g = 0
k.release()return(2,0)
1 = p.gp.h = 1return 1
!p.f=0 !p.g=0 !p.h=0 yk !p.f=2 kx yk
!p.f=1 kx yk ?p.h=1 !p.g=1 !p.h=1 kx
k.acquire()p.f = 2
k.release()
k.acquire()p.f = 1
k.release()
1 = p.fk.acquire()1 = p.hif(1==2) p.g = 1else p.g = 1
k.release()return(1,1)
1 = p.gp.h = 1return 1
Generative Operational Semantics for Relaxed Memory Models ESOP 2010 32 / 32