[cpp-threads] High-level vs. low-level

Peter Dimov pdimov at mmltd.net
Thu Jul 13 20:57:14 BST 2006 

Herb Sutter wrote:

>> All this isn't mere speculation; currently we have the exact same
>> situation
>> when x is volatile, and the above problems do occur quite regularly.
>
> Do you mean C++ volatile, or Java volatile?

I mean the C++ volatile.

Instead of responding point by point, I'll try a higher-level approach.

Our differences stem from the opposite directions from which we view the 
problem.

You are primarily interested in the "write" side of things.

I am primarily interested in the "read" side.

When I see some lock-free code, I want to know the intended category of 
every operation:

- ordinary
- atomic, no sync
- atomic, acquire
- atomic, release
- atomic, full

I want to know this in order to be able to reason about the code, 
familiarize myself with its assumptions, verify its correctness (to the best 
of my ability), come up with a test that has a chance to expose its 
problems, if any exist.

If I'm assigned to maintain the code, I want to be able to know as much as 
possible about how and why the code was written in such a way so that I can 
fix its bugs (or not introduce any).

If this is a reference implementation I want to know as much as possible 
about it in order to better understand it.

If this is pseudocode in a research article, I want it to contain the msync 
labels since these comprise ~30% of the algorithm being presented.

In this particular area, readability is more important for me than 
writeability. That's because very few people will actually need to write 
such code. (*) Most of us will read it. It will be a great service to the 
community if the code carries as much information as possible.

(*) If this isn't true, then the higher-level lock-free components are a 
failure.

> I guess the fundamental difficulty I'm struggling with is that
> programming at the level of explicit fences seems to me to be doomed
> and a proven failure. Most of the objections I have above are around
> requiring the programmer to know why and where to write explicit
> fences, when in practice even experts have a bad track record in
> getting it right.

No... all of my objections are about _reading_ the code, not writing it.

> Am I being too pessimistic?

You are actually optimistic. You assume that high-level code will be 
correct. :-) It's more likely to be a product of the highly scientific 
approach of inserting atomic<> until the program no longer crashes.

More information about the cpp-threads mailing list