Sandboxing for Software Transactional Memory with Deferred Updates

TL;DR

This paper reviews and improves sandboxing techniques for software transactional memory, focusing on reducing validation costs and enhancing error detection in unmanaged languages like C/C++.

Contribution

It proposes enhancements to sandboxing methods, including a new error model, optimized stack protection, and alternative validation techniques, to improve transaction safety and efficiency.

Findings

Improved sandboxing techniques for C/C++ transactions.

Reduced validation frequency with effective error detection.

Identified risks in waivered regions without instrumentation.

Abstract

Software transactional memory implementations which allow transactions to work on inconsistent states of shared data, risk to cause application visible errors such as memory access violations or endless loops. Hence, many implementations rely on repeated incremental validation of every read of the transaction to always guarantee for a consistent view of shared data. Because this eager validation technique generates significant processing costs several proposals have been published to establish a sandbox for transactions, which transparently prevents or suppresses those errors and thereby allows to reduce the frequency of in-flight validations. The most comprehensive sandboxing concept of transactions in software transactional memory based on deferred updates and considering unmanaged languages, integrates multiple techniques such as signal interposition, out-of-band validation and static and dynamic instrumentation. The latter comprises the insertion of a validation barrier in front of every direct write which addresses the execution stack of the thread and potentially results from unvalidated reads. This paper basically results from a review of this sandboxing approach, which revealed some improvements for sandboxing on C/C++. Based on knowledge about the runtime environment and the compiler an error model has been developed to identify critical paths to application visible errors. This analysis lead to a concept for stack protection with less frequent validation, an alternative out-of-band validation technique and revealed additional risks of so-called waivered regions without instrumentation inside transactions.