|My point is not that the definition is wrong; as informal definitions of thread safety go, this one is not terrible. Rather, my point is that the definition indicates that the concept itself is completely vague and essentially means nothing more than "behaves correctly in some situations". Therefore, when I'm asked "is this code thread safe?" I always have to push back and ask "what are the exact threading scenarios you are concerned about?" and "exactly what is correct behaviour of the object in every one of those scenarios?"|
Carl Daniel 20 Oct 2009 7:19 AM
I have to agree with Eric on this one. While there are good definitions of "thread safe", there is no universal agreement on which of the many good definitions is "correct". Correctness, of course, depends on the circumstances. As a result, the term "thread safe" with no further qualification is vague at best, dangerously misleading at worst.
Thread safety is somewhat analogous to exception safety. The C++ community has settled on a multi-tier defintion of "exception safe" - I would propse that a similar family of thread safety guarantees would be a useful addition to the dialog. The mathematical defintion that Alun provided above sounds like a good candiate for being "the strong guarantee". At another extreme, a class that's documented as providing a single method that can be invoked by less than 3 threads under specific circumstances would be an example of a very weak guarantee.
The problem with the very stong guarantee that Alun provided - just like the stong exception safety guarantee in C++ - is that most cases don't require a guarantee that strong, and generally speaking, providing such a strong guarantee is more difficult and less efficient (naturally, there are always exceptions).