On May 27, 2013, at 6:45 PM, Peter <j...@zeus.net.au> wrote: > See inline. > > Cheers, > > Peter. > ----- Original message ----- >> >> >> Further discussion below... >> >> Cheers, >> >> Greg. >> >> On Mon, 2013-05-27 at 16:08, Peter wrote: >>> Now's a great time to standardise a common subset we can all use, this >>> is a good conversation. >>> >>> We're all solving similar issues, we could have something really great >>> if we can work together. >>> >>> I created com.sun.jini.start.Starter out of necessity to fix unsafe >>> publication, however this could take another form. >>> >> Although I've never liked the "export and publish in the costructor" >> model, I really think the likelihood of having another thread hit the >> exported object before the constructor is finished is pretty slim. > > Don't let 'this' escape during construction. > > It's Russian roulette, it's caused test failures for me that have taken me > weeks to solve and only then by hand auditing code, I wouldn't want a > critical failure to occur in production caused by this escaping during > construction, because of the low frequency of failure it's really a very > nasty bug. > > So if you have code that exports during construction, fix it now, before it > manifests in production.
The single, vital issue, is that we are not talking about only "visibility". We are also talking about weakly synchronized access. Non-volatile values which are not protected with synchronized access, can result in "optimizations" reordering operations of the VM in such a way as to expose uninitialized data into threads created to do the work of "join". Many operating systems will switch to the newly created thread. It can then see something completely unexpected in the state of the object as it performs marshaling for export etc. Gregg Wonderly
