Exceptions and Transactions in C+ + Ali-Reza Adl-Tabatabai 1 , Victor - - PowerPoint PPT Presentation

exceptions and transactions in c
SMART_READER_LITE
LIVE PREVIEW

Exceptions and Transactions in C+ + Ali-Reza Adl-Tabatabai 1 , Victor - - PowerPoint PPT Presentation

Dec 12, 2023 367 likes •527 views

Exceptions and Transactions in C+ + Ali-Reza Adl-Tabatabai 1 , Victor Luchangco 2 , Virendra J. Marathe 2 , Mark Moir 2 , Ravi Narayanasw am y 1 , Yang Ni 1 , Dan Nussbaum 2 , Xinm in Tian 1 , Adam W elc 1 , Peng W u 3 1 I ntel 2 Sun 3 I BM

slide-1
SLIDE 1

Exceptions and Transactions in C+ +

Ali-Reza Adl-Tabatabai1, Victor Luchangco2,

Virendra J. Marathe 2, Mark Moir 2, Ravi Narayanasw am y1, Yang Ni1, Dan Nussbaum 2, Xinm in Tian 1, Adam W elc1, Peng W u 3

1I ntel 2Sun 3I BM

slide-2
SLIDE 2

2

Background

TM requires language support Multiple projects extend C/C++ with TM constructs Adoption requires common TM language extensions Intel, Sun, IBM discussions on C++ extensions

  • Agree where possible on a specification
  • Understand differences

How to define semantics of TM extensions in C++? Today’s talk: TM & C++ exceptions interaction

slide-3
SLIDE 3

3

TM extensions

What happens if an exception is thrown out of the atomic block? __tm_atomic { <stmts> if (cond) __tm_abort; } Atomic block executes as a transaction Abort rolls back atomic block

slide-4
SLIDE 4

4

The problem

When MyException escapes the atomic statement

  • Should the effects of x++ be committed?
  • Or should they be rolled back?

Active debate in the community __tm_atomic { x++; if (cond) throw MyException(); }

slide-5
SLIDE 5

5

To com m it?

“Commit-on-escape” Exception is just another exit from atomic block Similar to the behavior expected for locks or single-threaded programs

− Exception safety up to the programmer − Fits naturally with lock-based TM semantics

Easier to implement Exceptions & concurrency control should be

  • rthogonal

But …

slide-6
SLIDE 6

6

Against com m it

Invariant: Total balance remains constant Commit exposes broken invariants to other threads

− Programmer can easily overlook hidden exceptions paths

Concurrency exacerbates exception safety issues __tm_atomic { withdraw(euro_amount,euro_account); dollar_amount = convert(euro_amount); deposit(dollar_amount,dollar_account); } Throw s Exception

slide-7
SLIDE 7

7

Or not to com m it?

“Abort-on-escape” On exception: Rollback atomic block Leaves program state as it was before atomic block Automatic strong exception safety guarantee Programmers can reason about atomic statements as “all-or-nothing”

− Failure atomicity: A key value proposition of transactions

But …

slide-8
SLIDE 8

8

Against abort

Exception reports incorrectly converted amount But state of atomic statement is rolled back including exception object

− What exception object should propagate out of atomic?

Overkill if code already provides exception safety __tm_atomic { ... if (amount < 0) throw ConvertException(amount); }

slide-9
SLIDE 9

9

Both sides are right

Some programs behave surprisingly under commit-on-escape Others under abort-on-escape Observations:

  • Exceptions that can escape an atomic statement

without being clear are potentially dangerous

  • No single behavior appropriate for all cases

− Only the programmer can determine what’s appropriate

slide-10
SLIDE 10

1 0

Our approach

Support both semantics & let programmer decide New syntax for

  • Exception specifications on atomic blocks
  • Throwing exceptions that abort

Significant progress towards an agreement

  • An open issue still remains
slide-11
SLIDE 11

1 1

Exception specification

Specify which exceptions may escape an atomic Terminate if exception does not match specification No specification? Default behavior still under debate

− As if no exceptions allowed to escape − As if all exceptions allowed to escape

__tm_atomic throw(E1,E2){…}// E1 or E2 __tm_atomic throw() {…}// no exceptions __tm_atomic throw(…) {…}// all exceptions __tm_atomic {…}// default ???

slide-12
SLIDE 12

1 2

Com m it-on-escape

Standard syntax for exception throw Easy to specify that any exception commits __tm_atomic throw(MyException) { ... throw MyException(); } __tm_atomic throw(…) { exception_throwing_fun(); }

slide-13
SLIDE 13

1 3

Abort-on-escape

New syntax for exception throw Exception object is not rolled back Programmer must ensure exception object makes sense after rollback

− E.g., avoid dangling pointers

__tm_atomic throw(MyException) { ... __tm_abort throw MyException(); }

slide-14
SLIDE 14

1 4

Aborting on any exception

Any exception aborts atomic block & propagates exception __tm_atomic throw(...) { try { <stmts> } catch (...) { __tm_abort throw; } }

slide-15
SLIDE 15

1 5

Conclusion

We need common C++ language extensions for TM Flexible integration of exceptions & atomic blocks in C++ Worked out jointly by Sun, IBM, and Intel

− Debate continues over default for no exception specification − More work remains to complete full specification

Try it out using the Intel C++ STM compiler

− Download from whatif.intel.com − 32-bit & 64-bit Windows & Linux − Compiler-runtime ABI specification also available