Issue 1524: Allocation functions are missing happens-before requirements and guarantees

1524. Allocation functions are missing happens-before requirements and guarantees

Section: 17.6.3.5 [new.delete.dataraces] Status: C++11 Submitter: Hans Boehm Opened: 2011-02-26 Last modified: 2016-01-28

Priority: Not Prioritized

View all other issues in [new.delete.dataraces].

View all issues with C++11 status.

Discussion:

Addresses US-34

Technical details:

When the same unit of storage is allocated and deallocated repeatedly, operations on it can't be allowed to race between the allocator and the user program. But I don't see any mention of happens-before in the descriptions of allocation and deallocation functions.

Proposed resolution (not wording yet):

The call to an allocation function returning a pointer P must happen-before the matching deallocation call with P as a parameter. Otherwise the behavior is undefined. I don't know whether receiving P with memory_order_consume fits this requirement. memory_order_relaxed does not.
If some memory is passed to a deallocation function, the implementation must ensure that the deallocation call happens-before any allocation call that returns the same memory address.

[2011-02-26: Hans comments and drafts wording]

The second requirement already exists, almost verbatim, as 17.6.3.5 [new.delete.dataraces] p. 1. I think this is where the statement belongs. However, this paragraph requires work to correctly address the first part of the issue.

[Adopted at Madrid, 2011-03]

Proposed resolution:

Change 17.6.3.5 [new.delete.dataraces] p. 1 as follows:

1 The library versions of operator new and operator delete, user replacement versions of global operator new and operator delete, and the C standard library functions calloc, malloc, realloc, and free shall not introduce data races (6.10.2 [intro.multithread]) as a result of concurrent calls from different threads. For purposes of determining the existence of data races, the library versions of operator new, user replacement versions of global operator new, and the C standard library functions calloc and malloc shall behave as though they accessed and modified only the storage referenced by the return value. The library versions of operator delete, user replacement versions of operator delete, and the C standard library function free shall behave as though they accessed and modified only the storage referenced by their first argument. The C standard library realloc function shall behave as though it accessed and modified only the storage referenced by its first argument and by its return value. Calls to these functions that allocate or deallocate a particular unit of storage shall occur in a single total order, and each such deallocation call shall happen before the next allocation (if any) in this order.