[cpp-threads] RE: Ping on memory model and concurrency

[Boehm, Hans]

[Moving this discussion back to the mailing list, so that it can be
archived:]

I agree that most programmers should use locks to fully synchronize
their code, and thus should be able to ignore much of the memory model.

But I think a major part of what we're trying to do is to make the above
statement correct.  Currently there are problems far beyond
"non-disjoint" variables, though that particular one seems to show up
most frequently in practice.

Making this true has a significant impact on existing compilers.  An
astonishingly simple example that I used in my PLDI talk, though not the
paper, is the following loop, which adds the number of elements of a
list to the global variable 'count':

for (p = list; p != 0; p = p -> next) ++count;

As far as I can tell, nearly every optimizing compiler naively promotes
'count' to a register.  This is almost certainly wrong, in that 'count'
is written even if the list is empty, and it can thus introduce a data
race.  Although it is very unlikely to break code in practice, it can
break code that is fully synchronized using locks.  And most programmers
would have zero chance of debugging the result.  Current specifications
are ambiguous with respect to things like this; fixing that is my top
priority.  So long as compilers are allowed to introduce unexpected data
races, we have no hope of teaching programmers to write correct
multithreaded code.

Hans