[go-nuts] Thread safety programatic definition for Go

Sun, 01 Jan 2017 03:44:29 -0800 

I am trying to come up with a detailed definition of what a thread safe Go 
program is (and is not). One that a (go) tool could check by analyzing the 
code for me.

Here is what I got so far:

   - 
   
   If there are no go statements, then the program is single threaded and 
   thus thread safe. I assume that we are only using go built in 
   concurrency primitives.
   
Otherwise:

   - 
   
   A program is globals safe if any of this is true:
   - 
      
      There are no global variables.
      - 
      
      Globals are read only.
      - 
      
      Globals are only ever modified by the same goroutine.
      - 
      
      Globals are only accessed under the same mutex.
      - 
   
   A program is thread-safe when it is globals safe AND any of these is 
   also true:
   - 
      
      Goroutines only ever get variables, as arguments or from channels, 
      passed by copy.
      - 
      
      After a reference is passed to another goroutine, the caller/sender 
      goroutine never access that reference again (it transferred “ownership” 
of 
      it).
      - Passed references are only accessed under the same mutex.
   

Of course, whether it is possible for a tool to check all this rules hold 
or not is the real work.
But for now I just want to make sure I start with a complete and correct 
definition of "thread safety in go".

Did I miss any possible source of races here?

Note that this kind of rule analysis is only possible for complete 
programs, for which we know the whole set of code and can compute all 
possible goroutine and mutex scopes.

Although my initial goal is for the tool to tell me definite answers 
(thread safe or not), if that is not possible or too complex, I would also 
think it's useful to have a tool that highlights risks (you might have not 
noticed).
That way, you can decide to fix or let them be at development time, BEFORE 
the dynamic race detector might flag real issues to you, probably already 
in production!

-- 
You received this message because you are subscribed to the Google Groups 
"golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to golang-nuts+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to