At 3:34 PM -0400 7/29/03, email@example.com wrote:
>However, your mail suggests that "the programmer must write correctly
>synchronized code" is the programmer model. Is this true? That is,
>are we really telling programmers that incorrectly synchronized code
>is broken, and that all the other work we are doing to define
>semantics in those cases is to aid debugging? If so, then I would
>strongly advocate the weaker model.
No, I think it is totally wrong to say that our model is that "the
programmer must write correctly synchronized code", although Sarita
has advocated this line of thought previously.
Our model is that:
* The programmer _should_ write correctly synchronized code. If you do
so, we will provide you with a simple model of thread behavior.
Incorrectly synchronized code is a _mistake_.
* However, reality is that that programmers make mistakes and programs
have errors. Incorrectly synchronized programs will have surprising
and hard to understand behavior. However, the semantics will ensure
a number of properties designed to increase the likelihood of
safe and reliable behavior even in the presence of errors.
For example, synchronization errors cannot lead to type errors. And
I argue that synchronization errors should not lead to violations
of consistency or causality.
JavaMemoryModel mailing list - http://www.cs.umd.edu/~pugh/java/memoryModel
This archive was generated by hypermail 2b29 : Thu Oct 13 2005 - 07:00:48 EDT