From: Brad Moore <brad.moore@shaw.ca>
Subject: Re: Safety of unprotected concurrent operations on constant objects
Date: Sun, 11 May 2014 12:01:20 -0600
Date: 2014-05-11T12:01:20-06:00 [thread overview]
Message-ID: <RVObv.4489$TT7.3088@fx02.iad> (raw)
In-Reply-To: <10pk27v48vhcb$.1qkf6roq2yzjn$.dlg@40tude.net>
On 10/05/2014 2:27 PM, Dmitry A. Kazakov wrote:
> On Sat, 10 May 2014 06:30:14 -0600, Brad Moore wrote:
>
>> On 09/05/2014 1:00 PM, Dmitry A. Kazakov wrote:
>>> On Fri, 09 May 2014 07:14:09 -0600, Brad Moore wrote:
>>>
>>>> On 08/05/2014 2:20 AM, Dmitry A. Kazakov wrote:
>>>
>>>>> To me description that does not prescribe is a lie.
>>>>
>>>> It is true that the Task_Safe aspect would be prescribing some
>>>> restrictions that are meant to enforce the intent as best as possible,
>>>> but it also documents the intent of the programmer. So to be more
>>>> precise, the Task_Safe mechanism doesn't prescribe a specific
>>>> implementation for the programmer. It only prescribes that whatever
>>>> implementation the programmer chooses, it should be task safe.
>>>
>>> In other words is a comment. I prefer old -- -style comments.
>>
>> It'd be far, far better than a comment, in my mind. A comment doesn't
>> cause compilations to fail.
>
> Neither the aspect should, because, as I said, neither task-safety nor
> unsafety follows from safety of called operations.
>
> There is no reasonable rules to verify. Safety of an operation is *not*
> related to the safety of called operations, not transitive nor
> antitransitive.
>
A couple more thoughts and refinements to throw in, for consideration.
This got me thinking about what could be done to be able to say with
more confidence that a Task_Safe subprogram is in fact task safe (i.e
Safe to call concurrently).
What if we threw in a couple more restrictions.
- A Task_Safe subprogram does not contain any backwards jumping goto
statements, nor does it contain while loops. (Or at least while loops
that cannot be easily proven to be guaranteed to exit. For loops however
are OK, since they are guaranteed to exit)
- A subprogram that does contain backwards jumping goto statements or
while loops are considered to be potentially blocking, for the purpose
of the Potentially_Blocking aspect, so applying the Potentially_Blocking
aspect to such a subprogram would be allowed.
It would be OK for the main body of a task to have while loops of
course. The compiler would just statically warn about calling
subprograms that have while loops.
Now it seems to me that when we say Task_Safe, it is more than just
documenting the intent of the programmer, it is provable.
Such a subprogram for example could not deadlock because it does not
contain any endless loops, and does not call anything that blocks. It
also does not refer to any global variables.
With such restrictions, can you provide any example that you would
consider unsafe? I am having difficulty coming up with one.
Keep in mind also that Task_Safe is not a term defined in the RM. We can
pretty much define it to mean whatever we want, including something that
is provable.
Regards,
Brad
next prev parent reply other threads:[~2014-05-11 18:01 UTC|newest]
Thread overview: 94+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-02 8:42 Safety of unprotected concurrent operations on constant objects Natasha Kerensikova
2014-05-03 13:43 ` sbelmont700
2014-05-03 20:54 ` Natasha Kerensikova
2014-05-03 21:40 ` Simon Wright
2014-05-04 0:28 ` Jeffrey Carter
2014-05-04 7:46 ` Natasha Kerensikova
2014-05-04 8:06 ` Dmitry A. Kazakov
2014-05-04 15:18 ` sbelmont700
2014-05-04 15:57 ` Natasha Kerensikova
2014-05-04 18:30 ` sbelmont700
2014-05-04 19:34 ` Dmitry A. Kazakov
2014-05-05 19:04 ` Brad Moore
2014-05-05 21:23 ` Brad Moore
2014-05-04 21:44 ` Shark8
2014-05-05 8:39 ` Simon Wright
2014-05-05 15:11 ` Brad Moore
2014-05-05 16:36 ` Dmitry A. Kazakov
2014-05-06 6:00 ` Brad Moore
2014-05-06 8:11 ` Dmitry A. Kazakov
2014-05-06 8:48 ` Alejandro R. Mosteo
2014-05-06 9:49 ` G.B.
2014-05-06 12:19 ` Dmitry A. Kazakov
2014-05-06 12:58 ` G.B.
2014-05-06 15:00 ` Dmitry A. Kazakov
2014-05-06 16:24 ` G.B.
2014-05-06 19:14 ` Dmitry A. Kazakov
2014-05-07 6:49 ` Georg Bauhaus
2014-05-07 7:40 ` Dmitry A. Kazakov
2014-05-07 11:25 ` G.B.
2014-05-07 12:14 ` Dmitry A. Kazakov
2014-05-07 13:45 ` G.B.
2014-05-07 14:08 ` Dmitry A. Kazakov
2014-05-07 17:45 ` Simon Wright
2014-05-07 18:28 ` Georg Bauhaus
2014-05-07 4:59 ` J-P. Rosen
2014-05-07 7:30 ` Dmitry A. Kazakov
2014-05-07 8:26 ` J-P. Rosen
2014-05-07 9:09 ` Dmitry A. Kazakov
2014-05-07 11:29 ` J-P. Rosen
2014-05-07 12:36 ` Safety of unprotected concurrent operations on constant objects (was: Safety of unprotected concurrent operations on constant objects) Dmitry A. Kazakov
2014-05-07 14:04 ` Safety of unprotected concurrent operations on constant objects G.B.
2014-05-08 4:12 ` Brad Moore
2014-05-08 8:20 ` Dmitry A. Kazakov
2014-05-08 10:30 ` G.B.
2014-05-09 13:14 ` Brad Moore
2014-05-09 19:00 ` Dmitry A. Kazakov
2014-05-10 12:30 ` Brad Moore
2014-05-10 20:27 ` Dmitry A. Kazakov
2014-05-11 6:56 ` Brad Moore
2014-05-11 18:01 ` Brad Moore [this message]
2014-05-12 8:13 ` Dmitry A. Kazakov
2014-05-13 4:50 ` Brad Moore
2014-05-13 8:56 ` Dmitry A. Kazakov
2014-05-13 15:01 ` Brad Moore
2014-05-13 15:38 ` Brad Moore
2014-05-13 16:46 ` Simon Wright
2014-05-13 19:15 ` Dmitry A. Kazakov
2014-05-13 16:08 ` Dmitry A. Kazakov
2014-05-13 20:27 ` Randy Brukardt
2014-05-14 4:30 ` Shark8
2014-05-14 21:37 ` Randy Brukardt
2014-05-14 21:56 ` Robert A Duff
2014-05-15 1:21 ` Shark8
2014-05-14 14:30 ` Brad Moore
2014-05-15 8:03 ` Dmitry A. Kazakov
2014-05-15 13:21 ` Robert A Duff
2014-05-15 14:27 ` Dmitry A. Kazakov
2014-05-15 15:53 ` Robert A Duff
2014-05-15 16:30 ` Dmitry A. Kazakov
2014-10-26 17:11 ` Jacob Sparre Andersen
2014-05-08 19:52 ` Randy Brukardt
2014-05-06 16:22 ` Robert A Duff
2014-05-06 19:07 ` Dmitry A. Kazakov
2014-05-08 5:03 ` Brad Moore
2014-05-08 12:03 ` Brad Moore
2014-05-08 19:57 ` Randy Brukardt
2014-05-09 2:58 ` Brad Moore
2014-05-05 20:29 ` Natasha Kerensikova
2014-05-08 3:41 ` Randy Brukardt
2014-05-08 9:07 ` Natasha Kerensikova
2014-05-08 19:35 ` Randy Brukardt
2014-05-08 3:12 ` Randy Brukardt
2014-05-05 22:30 ` Brad Moore
2014-05-04 16:04 ` Peter Chapin
2014-05-04 18:07 ` Natasha Kerensikova
2014-05-04 18:55 ` Jeffrey Carter
2014-05-04 19:36 ` Simon Wright
2014-05-04 20:29 ` Jeffrey Carter
2014-05-05 22:46 ` Brad Moore
2014-05-04 20:25 ` Shark8
2014-05-04 23:33 ` sbelmont700
2014-05-05 7:38 ` Dmitry A. Kazakov
2014-05-08 3:45 ` Randy Brukardt
2014-05-08 3:19 ` Randy Brukardt
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox