From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00
	autolearn=unavailable autolearn_force=no version=3.4.4
Path: 
 border2.nntp.dca3.giganews.com!backlog4.nntp.dca3.giganews.com!border2.nntp.dca.giganews.com!nntp.giganews.com!usenet.blueworldhosting.com!feeder01.blueworldhosting.com!feeder.erje.net!eu.feeder.erje.net!eternal-september.org!feeder.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: "J-P. Rosen" <rosen@adalog.fr>
Newsgroups: comp.lang.ada
Subject: Re: Safety of unprotected concurrent operations on constant objects
Date: Wed, 07 May 2014 06:59:52 +0200
Organization: A noiseless patient Spider
Message-ID: <lkcek8$79p$1@dont-email.me>
References: <slrnlm6mkg.i0l.lithiumcat@nat.rebma.instinctive.eu>
 <7403d130-8b42-43cd-a0f1-53ba34b46141@googlegroups.com>
 <slrnlmals8.i0l.lithiumcat@nat.rebma.instinctive.eu>
 <lya9aybkxc.fsf@pushface.org> <lk41jr$1vl$1@dont-email.me>
 <slrnlmbs1n.i0l.lithiumcat@nat.rebma.instinctive.eu>
 <6c2cd5d4-a44c-4c18-81a3-a0e87d25cd9e@googlegroups.com>
 <slrnlmcoqd.i0l.lithiumcat@nat.rebma.instinctive.eu>
 <waw9v.109142$f85.65293@fx19.iad> <scy9v.1071029$2N5.142769@fx05.iad>
 <kxy9v.109149$f85.89664@fx19.iad> <lyzjiw7h6c.fsf@pushface.org>
 <fRN9v.204655$Ng5.180587@fx17.iad>
 <t7a0jcl05g1h.11jb75b2jg1l7.dlg@40tude.net> <eT_9v.574$dr.264@fx27.iad>
 <83ha6vuynrzs.1jk08faxb8mnl.dlg@40tude.net>
 <97a0996a-a593-4990-95e9-44f4e9070fd3@googlegroups.com>
 <5368b00d$0$6703$9b4e6d93@newsspool3.arcor-online.net>
 <lqsx31h1st5k.oag3lhs8dn2i$.dlg@40tude.net>
 <5368dc70$0$6708$9b4e6d93@newsspool3.arcor-online.net>
 <ye80u8yjop49.zttq1d7bi98f$.dlg@40tude.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 7 May 2014 04:59:52 +0000 (UTC)
Injection-Info: mx05.eternal-september.org;
 posting-host="2b3884a634d8f846e0712b4e3a92507a";
 logging-data="7481"; mail-complaints-to="abuse@eternal-september.org";
 posting-account="U2FsdGVkX1+jgI9xLYMTNsy2oeD0QhMF"
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:24.0) Gecko/20100101 Thunderbird/24.5.0
In-Reply-To: <ye80u8yjop49.zttq1d7bi98f$.dlg@40tude.net>
Cancel-Lock: sha1:jZTcYy6mz6DtaSZeFCGplaJM8gs=
X-Enigmail-Version: 1.6
X-Original-Bytes: 3591
Xref: number.nntp.dca.giganews.com comp.lang.ada:186277
Date: 2014-05-07T06:59:52+02:00
List-Id: <comp.lang.ada>

Le 06/05/2014 17:00, Dmitry A. Kazakov a écrit :
> I pointed out that manual wrapping of operations is tedious, error prone,
> and the potential damage is incredibly high as bugs may stay undetected in
> the production code for years and there is no way to write a test for such
> bugs.
> 
Note that in your examples, you just considered explicit locks and
assumed lock checking on the caller's side. There are other, safer ways.

For example, in Aegis, the system that manages registrations to the
Ada-Europe conference (plug: http://www.ada-europe.org/conference2014),
we use a (SQLite) database (not exactly the same issues as containers,
but close enough). All requests are encapsulated in a task, whose
(simplified) scheme is:

loop
   accept Begin_Transaction;
   loop
      select
         accept Request;
      or
         accept End_Transaction;
         exit;
      end select;
   end loop;
end loop;

The only constraint on the user is to call Begin_Transaction at the
beginning, and End_Transaction in the end, which is quite acceptable for
database transactions!

Of course, we are in a favourable context: all the transactions are done
within the building of one web page, and concurrent transactions are
unlikely (we have typically 2-5 registrations a day), so delaying a
request by even one tenth of a second is not an issue! YMMV.

-- 
J-P. Rosen
Adalog
2 rue du Docteur Lombard, 92441 Issy-les-Moulineaux CEDEX
Tel: +33 1 45 29 21 52, Fax: +33 1 45 29 25 00
http://www.adalog.fr