Changeset 44664


Ignore:
Timestamp:
Apr 21, 2008, 1:28:02 AM (10 years ago)
Author:
Beman Dawes
Message:

Draft 1 of revision 2 circulated for comment

File:
1 edited

Legend:

Unmodified
Added
Removed
  • sandbox/committee/LWG/thread_safety.html

    r44661 r44664  
    1111<body>
    1212
    13 <p>Doc. no.&nbsp;&nbsp; N2410=07-0270<br>
     13<p><span style="background-color: rgb(255, 255, 0)">Doc. no.&nbsp;&nbsp; Nxxxx=08-xxxx</span><br>
    1414Date:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
    15 <!--webbot bot="Timestamp" s-type="EDITED" s-format="%Y-%m-%d" startspan -->2007-09-07<!--webbot bot="Timestamp" endspan i-checksum="12600" --><br>
     15<!--webbot bot="Timestamp" s-type="EDITED" s-format="%Y-%m-%d" startspan -->2008-04-20<!--webbot bot="Timestamp" endspan i-checksum="12276" --><br>
    1616Project:&nbsp;&nbsp;&nbsp;&nbsp; Programming Language C++<br>
    1717Reply to:&nbsp;&nbsp; Beman Dawes &lt;bdawes at acm.org&gt;<br>
     
    1919Peter Dimov &lt;pdimov at pdimov.com&gt;<br>
    2020&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
    21 Herb Sutter &lt;hsutter at microsoft.com&gt;</p>
    22 
    23 <h1>Thread-Safety in the Standard Library (Rev 1)</h1>
     21Herb Sutter &lt;hsutter at microsoft.com&gt;<br>
     22&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Hans Boehm &lt;Hans.Boehm at hp.com&gt;<br>
     23&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Lawrence Crowl &lt;crowl at google.com&gt;<br>
     24&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Paul E. McKenney &lt;paulmck at linux.vnet.ibm.com&gt;<span style="background-color: rgb(255, 255, 0)"><br>
     25&nbsp;</span></p>
     26
     27<h1>Thread-Safety in the Standard Library (Rev 2)</h1>
    2428
    2529<p><a href="#Executive-summary">Executive summary</a><br>
     
    4347<h2><a name="Introduction">Introduction</a></h2>
    4448<p>With the introduction of multi-threading into the C++ standard, the contract
    45 between standard library users and implementors needs to explicitly state the
     49between standard library users and implementers needs to explicitly state the
    4650conditions under which standard library components are or are not thread-safe.</p>
    4751<h2><a name="Rationale">Rationale</a></h2>
     
    7781current implementations of the standard library.</p>
    7882<h2><a name="Proposed-Wording">Proposed Wording</a></h2>
    79 <p><i>References shown as ([Multi-threaded executions and data races]) refer to
     83<p><i><span style="background-color: #FFFF00">References shown as ([Multi-threaded executions and data races]) refer to
    8084the new section of that name described in
    8185<a href="http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2007/n2334.htm">
    82 N2334</a> or it successor.</i></p>
     86N2334</a> or it successor.</span></i></p>
    8387<p><i>Change 17.4.4 Conforming implementations [conforming] as indicated:</i></p>
    8488<blockquote>
     
    8791an implementation’s use of headers (17.4.4.1), macros (17.4.4.2), global
    8892functions (17.4.4.3), member functions (17.4.4.4), reentrancy (17.4.4.5), access
    89 specifiers (17.4.4.6), class derivation (17.4.4.7), <font color="#FF0000">
    90 <strike>and</strike></font> exceptions (17.4.4.8)<font color="#228822"><u>, and
    91 thread safety ([res.on.thread.safety])</u></font>.</p>
     93specifiers (17.4.4.6), class derivation (17.4.4.7),&nbsp; exceptions (17.4.4.8), and
     94thread safety ([res.on.thread.safety]).</p>
    9295</blockquote>
    9396<p><i>At the end of [conforming] add a new subsection: </i> </p>
     
    97100  different threads shall not result in a data race unless<font color="#228822">
    98101  </font>arguments to the calls,
    99   including <code>*this</code>, directly or indirectly access objects shared
     102  including <code>*this</code>, directly or indirectly <font color="#FF0000">
     103  <strike>access</strike></font> <u><font color="#228822">point to or reference</font></u> objects shared
    100104  between the threads in such a way that an expression evaluation conflict
    101105  occurs ([<i>Multi-threaded executions and data races</i>]) .</p>
     
    104108  synchronization because it could cause a data race even in programs that do
    105109  not explicitly share objects between threads.<i> --end note] </i></p>
     110<p><font color="#228822"><u>Unless otherwise specified, standard library
     111functions shall perform all operations with observable effects solely within the
     112current thread.<br>
     113<br>
     114<i>[Note:</i> This allows implementations to parallelize operations if there are
     115no visible side effects. <i>--end note]</i></u></font></p>
    106116</blockquote>
    107117<p><i>Somewhere in [constraints] add a constraint on programs: </i> </p>
    108118<blockquote>
    109   <p>Unless otherwise specified, direct or indirect access to the same object of
     119  <p><font color="#FF0000"><strike>Unless otherwise specified, direct or indirect access to the same object of
    110120  a standard library type from different threads results in undefined behavior
    111121  if any of the accesses are via a non-const member function of the object or
    112122  non-const argument
    113   to any standard library function, including <code>*this</code>, and one does
    114   not happen before the other ([<i>Multi-threaded executions and data races</i>]).</p>
     123  to any standard library function, including *this, and one does
     124  not happen before the other ([Multi-threaded executions and data races]).</strike></font></p>
     125  <p><font color="#228822"><u>Unless otherwise specified, calls to standard
     126  library functions from different threads result in undefined behavior if any
     127  non-const arguments, including *this, directly or indirectly point to or
     128  reference objects of a standard library type shared between the threads, and
     129  one call does not happen before the other ([Multi-threaded executions and data
     130  races]).</u></font></p>
    115131  <p><i>[Note: </i>This lack of strong thread-safety guarantee means that
    116132  modifying an object of a standard library type shared between threads
    117   without using a locking mechanism may result in a data race or
    118   other undesirable behavior. <i>
     133  without using a locking mechanism may result in a data race<font color="#FF0000"><strike> or
     134  other undesirable behavior</strike></font>. <i>
    119135  --end note]</i></p>
    120136</blockquote>
    121137  <p><i>To 18.5.1 Storage allocation and deallocation [new.delete], add:</i></p>
    122138<blockquote>
    123   <p>The library versions of operator <code>new</code> and <code>delete</code>
    124   shall not introduce data races ([<i>Multi-threaded executions and data races</i>])
     139  <p><font color="#228822"><u>Neither</u></font> the library versions of operator <code>new</code> and <code>delete</code><u><font color="#228822">,
     140  user replacement versions of global replacement operator <code>new</code> and
     141  <code>delete</code>, nor the Standard C library functions <code>calloc</code>,
     142  <code>malloc</code>, <code>realloc</code>, or <code>free</code></font></u> shall
     143  <font color="#FF0000"><strike>not</strike></font> introduce data races ([<i>Multi-threaded executions and data races</i>])
    125144  as a result of concurrent calls from different threads.&nbsp;Calls that allocate or
    126145  deallocate a particular unit of storage shall occur in a single total order,
     
    137156  <p>Except for the destructor, member functions of the default allocator shall
    138157  not introduce data races ([<i>Multi-threaded executions and data races</i>])
    139   as a result of concurrent accesses to default allocator objects from different
     158  as a result of concurrent <font color="#FF0000"><strike>accesses</strike></font>
     159  <u><font color="#228822">calls</font></u> to default allocator object<u><font color="#228822">'</font></u>s
     160  <u><font color="#228822">member functions</font></u> from different
    140161  threads.&nbsp;Allocation and deallocation calls that allocate or return a
    141162  particular unit of storage shall occur in a single total order, and each such
    142   deallocation call happens before the next allocation (if any) in this order.</p>
     163  deallocation call <font color="#FF0000"><strike>happens</strike></font>
     164  <font color="#228822"><u>shall occur</u></font> before the next allocation (if any) in this order.</p>
    143165  </blockquote>
    144166  <p><i>To 20.7 Date and Time [date.time], add:</i></p>
     
    158180    <p>The <code>rand</code> function has the semantics specified in the C
    159181    standard, except that the implementation may specify that particular library
    160     functions may call <code>rand</code>.<u><font color="#228822"> The</font></u><font color="#228822"><u>
    161     <code>rand</code> function is not require to be thread-safe ([res.on.thread.safety]).</u></font></p>
     182    functions may call <code>rand</code>. The
     183    <code>rand</code> function is not require to be thread-safe ([res.on.thread.safety]).</p>
    162184</blockquote>
    163185  <h2><a name="Acknowledgements">Acknowledgements</a></h2>
    164   <p>Hans-J. Boehm provided helpful suggestions for improving the proposed
    165   wording.</p>
     186  <p><font color="#228822"><u>Jeffrey Yasskin's, N2519 <i>Library thread-safety
     187  from a user's point of view, with wording</i> provided several valuable
     188  insights that have been adopted by this proposal.</u></font></p>
    166189  <h2><a name="Revision-history">Revision history</a></h2>
     190  <p><span style="background-color: #FFFF00">NXXXX</span> - Revision 2:</p>
     191  <ul>
     192    <li>Strike &quot;or other undesirable behavior&quot;. Data races are the only case we
     193    can thing of, so mention them only.</li>
     194    <li>Replace uses of &quot;access&quot; with well defined terms, and clarify related
     195    wording.</li>
     196    <li>Include user supplied global operator new and delete, and the C library
     197    memory allocation functions in the prohibition against allocation data
     198    races.</li>
     199    <li>Specify when library implementation may or may not multithread.</li>
     200    <li>Acknowledge N2519.</li>
     201    <li>Add additional authors.</li>
     202</ul>
    167203  <p>N2410 - Revision 1:</p>
    168204  <ul>
Note: See TracChangeset for help on using the changeset viewer.