Re: JavaMemoryModel: Why CnC

From: Bill Pugh (
Date: Tue Jul 29 2003 - 19:43:12 EDT

At 3:34 PM -0400 7/29/03, wrote:
>However, your mail suggests that "the programmer must write correctly
>synchronized code" is the programmer model. Is this true? That is,
>are we really telling programmers that incorrectly synchronized code
>is broken, and that all the other work we are doing to define
>semantics in those cases is to aid debugging? If so, then I would
>strongly advocate the weaker model.

No, I think it is totally wrong to say that our model is that "the
programmer must write correctly synchronized code", although Sarita
has advocated this line of thought previously.

Our model is that:
   * The programmer _should_ write correctly synchronized code. If you do
     so, we will provide you with a simple model of thread behavior.
     Incorrectly synchronized code is a _mistake_.

   * However, reality is that that programmers make mistakes and programs
     have errors. Incorrectly synchronized programs will have surprising
     and hard to understand behavior. However, the semantics will ensure
     a number of properties designed to increase the likelihood of
     safe and reliable behavior even in the presence of errors.

     For example, synchronization errors cannot lead to type errors. And
     I argue that synchronization errors should not lead to violations
     of consistency or causality.

JavaMemoryModel mailing list -

This archive was generated by hypermail 2b29 : Thu Oct 13 2005 - 07:00:48 EDT