Dynamic languages like Erlang, Clojure, JavaScript, and E adopted data-race freedom by design. To enforce data-race freedom, these languages either deep copy objects during actor (thread) communication or proxy back to their owning thread. We present Dala, a simple programming model that ensures data-race freedom while supporting efficient inter-thread communication. Dala is a dynamic, concurrent, capability-based language that relies on three core capabilities: immutable values can be shared freely; isolated mutable objects can be transferred between threads but not aliased; local objects can be aliased within their owning thread but not dereferenced by other threads. Objects with capabilities can co-exist with unsafe objects, that are unchecked and may suffer data races, without compromising the safety of safe objects. We present a formal model of Dala, prove data race-freedom and state and prove a dynamic gradual guarantee. These theorems guarantee data race-freedom when using safe capabilities and show that the addition of capabilities is semantics preserving modulo permission and cast errors.

中文翻译：

---

Dala：用于数据竞争自由的简单的基于能力的动态语言设计

Erlang、Clojure、JavaScript 和 E 等动态语言在设计上采用了数据竞争自由。为了强制实现数据竞争自由，这些语言要么在参与者（线程）通信期间深度复制对象，要么代理回它们拥有的线程。我们展示了 Dala，这是一种简单的编程模型，可确保数据竞争自由，同时支持高效的线程间通信。Dala 是一种动态的、并发的、基于能力的语言，它依赖于三个核心能力：不可变值可以自由共享；隔离的可变对象可以在线程之间传输但不能别名；本地对象可以在它们拥有的线程中使用别名，但不能被其他线程取消引用。具有功能的对象可以与不安全的对象共存，这些对象未经检查并可能遭受数据竞争，而不会损害安全对象的安全性。我们提出了 Dala 的正式模型，证明了数据无竞争性和状态，并证明了动态渐进保证。这些定理在使用安全功能时保证了数据无竞争性，并表明功能的添加是保留模权限和转换错误的语义。