<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Issue 1497: lock() postcondition can not be generally achieved</title>
<meta property="og:title" content="Issue 1497: lock() postcondition can not be generally achieved">
<meta property="og:description" content="C++ library issue. Status: C++11">
<meta property="og:url" content="https://cplusplus.github.io/LWG/issue1497.html">
<meta property="og:type" content="website">
<meta property="og:image" content="http://cplusplus.github.io/LWG/images/cpp_logo.png">
<meta property="og:image:alt" content="C++ logo">
<style>
  p {text-align:justify}
  li {text-align:justify}
  pre code.backtick::before { content: "`" }
  pre code.backtick::after { content: "`" }
  blockquote.note
  {
    background-color:#E0E0E0;
    padding-left: 15px;
    padding-right: 15px;
    padding-top: 1px;
    padding-bottom: 1px;
  }
  ins {background-color:#A0FFA0}
  del {background-color:#FFA0A0}
  table.issues-index { border: 1px solid; border-collapse: collapse; }
  table.issues-index th { text-align: center; padding: 4px; border: 1px solid; }
  table.issues-index td { padding: 4px; border: 1px solid; }
  table.issues-index td:nth-child(1) { text-align: right; }
  table.issues-index td:nth-child(2) { text-align: left; }
  table.issues-index td:nth-child(3) { text-align: left; }
  table.issues-index td:nth-child(4) { text-align: left; }
  table.issues-index td:nth-child(5) { text-align: center; }
  table.issues-index td:nth-child(6) { text-align: center; }
  table.issues-index td:nth-child(7) { text-align: left; }
  table.issues-index td:nth-child(5) span.no-pr { color: red; }
  @media (prefers-color-scheme: dark) {
     html {
        color: #ddd;
        background-color: black;
     }
     ins {
        background-color: #225522
     }
     del {
        background-color: #662222
     }
     a {
        color: #6af
     }
     a:visited {
        color: #6af
     }
     blockquote.note
     {
        background-color: rgba(255, 255, 255, .10)
     }
  }
</style>
</head>
<body>
<hr>
<p><em>This page is a snapshot from the LWG issues list, see the <a href="lwg-active.html">Library Active Issues List</a> for more information and the meaning of <a href="lwg-active.html#C++11">C++11</a> status.</em></p>
<h3 id="1497"><a href="lwg-defects.html#1497">1497</a>. <code>lock()</code> postcondition can not be generally achieved</h3>
<p><b>Section:</b> 32.7 <a href="https://wg21.link/thread.condition">[thread.condition]</a> <b>Status:</b> <a href="lwg-active.html#C++11">C++11</a>
 <b>Submitter:</b> Switzerland <b>Opened:</b> 2010-08-25 <b>Last modified:</b> 2016-01-28</p>
<p><b>Priority: </b>Not Prioritized
</p>
<p><b>View all other</b> <a href="lwg-index.html#thread.condition">issues</a> in [thread.condition].</p>
<p><b>View all issues with</b> <a href="lwg-status.html#C++11">C++11</a> status.</p>
<p><b>Discussion:</b></p>
<p><b>Addresses CH-30</b></p>
<p>
If <code>lock.lock()</code> throws an exception, the postcondition can not be generally achieved.
</p>
<p><i>[
Resolution proposed by ballot comment:
]</i></p>

<blockquote><p>
Either state that the postcondition might not be achieved, depending on the error condition, or
state that <code>terminate()</code> is called in this case.
</p></blockquote>

<p><i>[
2010-08-13 Peter Sommerlad comments and provides wording
]</i></p>


<blockquote><p>
32.7.4 <a href="https://wg21.link/thread.condition.condvar">[thread.condition.condvar]</a>, 32.7.5 <a href="https://wg21.link/thread.condition.condvarany">[thread.condition.condvarany]</a>
<p/>
p. 13, last bullet, and corresponding paragraphs in all wait functions
<p/>
Problem:<br/>
Condition variable wait might fail, because the lock cannot be acquired when notified.
CH-30 says: "If lock.lock() throws an exception, the postcondition can not be generally achieved."
CH-30 proposes: "Either state that the postcondition might not be achieved, depending on the error 
condition, or state that terminate() is called in this case."
<p/>
The discussion in Rapperswil concluded that calling <code>terminate()</code> might be too drastic in 
this case and a corresponding exception should be thrown&#47;passed on and one should use a lock type 
that allows querying its status, which <code>unique_lock</code> allows for <code>std::condition_variable</code>
<p/>
We also had some additional observations while discussing in Rapperswil:
</p>
<ul>
<li>in 32.7.4 <a href="https://wg21.link/thread.condition.condvar">[thread.condition.condvar]</a> <code>wait</code> with predicate and <code>wait_until</code> with 
predicate lack the precondition, postcondition and Error conditions sections. the lack of the precondition 
would allow to call <code>pred()</code> without holding the lock.
</li>
<li>in 32.7.4 <a href="https://wg21.link/thread.condition.condvar">[thread.condition.condvar]</a> <code>wait_until</code> and <code>wait_for</code> and 
32.7.5 <a href="https://wg21.link/thread.condition.condvarany">[thread.condition.condvarany]</a> <code>wait_for</code> still specify an 
error condition for a violated precondition. This should be removed.
</li>
</ul>
<p>
and add the following proposed solution:
</p>
</blockquote>

<p><i>[2011-02-27: Daniel adapts numbering to n3225]</i></p>



<p id="res-1497"><b>Proposed resolution:</b></p>
<ol>
<li>Change 32.7.4 <a href="https://wg21.link/thread.condition.condvar">[thread.condition.condvar]</a> as indicated:
<blockquote><pre>
void wait(unique_lock&lt;mutex&gt;&amp; lock);
</pre></blockquote>
<blockquote><p>
 9 <i>Requires</i>: <code>lock</code><ins><code>.owns_lock()</code> is <code>true</code> and <code>lock.mutex()</code></ins> is locked by the calling thread, and either
</p>
<ul>
<li>no other thread is waiting on this <code>condition_variable</code> object or
</li>
<li><code>lock.mutex()</code> returns the same value for each of the <code>lock</code> arguments supplied by all concurrently
waiting (via <code>wait</code> or <code>timed_wait</code>) threads.
</li>
</ul>
</blockquote>
[..]
<blockquote><p>
11 <em>Postcondition</em>: <code>lock</code><ins><code>.owns_lock()</code> is <code>true</code> and <code>lock.mutex()</code></ins> is locked by the calling thread.
</p></blockquote>
[..]
<blockquote><pre>
template &lt;class Predicate&gt;
void wait(unique_lock&lt;mutex&gt;&amp; lock, Predicate pred);
</pre></blockquote>
<blockquote><p>
<ins>?? <i>Requires</i>: <code>lock.owns_lock()</code> is <code>true</code> and <code>lock.mutex()</code> is locked by the calling thread, and either</ins>
</p>
<ul>
<li><ins>no other thread is waiting on this <code>condition_variable</code> object or</ins>
</li>
<li><ins><code>lock.mutex()</code> returns the same value for each of the <code>lock</code> arguments supplied by all concurrently
waiting (via <code>wait</code> or <code>timed_wait</code>) threads.</ins>
</li>
</ul>
</blockquote>
<blockquote><p>
14 <i>Effects</i>:
</p><blockquote><pre>
while (!pred())
  wait(lock);
</pre></blockquote>
</blockquote>

<blockquote><p>
<ins>?? <i>Postcondition</i>: <code>lock.owns_lock()</code> is <code>true</code> and <code>lock.mutex()</code> is locked by the calling thread.</ins>
</p></blockquote>
<blockquote><p>
<ins>?? <i>Throws</i>: <code>std::system_error</code> when an exception is required (30.2.2).</ins>
</p></blockquote>
<blockquote><p>
<ins>?? <em>Error conditions</em>:</ins>
</p>
<ul>
<li><ins>equivalent error condition from <code>lock.lock()</code> or <code>lock.unlock()</code>.</ins>
</li>
</ul>
</blockquote>

<blockquote><pre>
template &lt;class Clock, class Duration&gt;
cv_status wait_until(unique_lock&lt;mutex&gt;&amp; lock,
  const chrono::time_point&lt;Clock, Duration&gt;&amp; abs_time);
</pre></blockquote>
<blockquote><p>
15 <i>Requires</i>: <code>lock</code><ins><code>.owns_lock()</code> is <code>true</code> and <code>lock.mutex()</code></ins> is locked by the calling thread, and either
</p>
<ul>
<li>no other thread is waiting on this <code>condition_variable</code> object or
</li>
<li><code>lock.mutex()</code> returns the same value for each of the <code>lock</code> arguments supplied by all concurrently
waiting (via <code>wait</code>, <code>wait_for</code>, or <code>wait_until</code>) threads.
</li>
</ul>
</blockquote><p>
[..]
</p><blockquote><p>
17 <em>Postcondition</em>: <code>lock</code><ins><code>.owns_lock()</code> is <code>true</code> and <code>lock.mutex()</code></ins> is locked by the calling thread.
</p></blockquote>
[..]
<blockquote><p>
20 <em>Error conditions</em>:
</p>
<ul>
<li><del><code>operation_not_permitted</code> &mdash; if the thread does not own the lock.</del>
</li>
<li>equivalent error condition from <code>lock.lock()</code> or <code>lock.unlock()</code>.
</li>
</ul>
</blockquote>
<blockquote><pre>
template &lt;class Rep, class Period&gt;
cv_status wait_for(unique_lock&lt;mutex&gt;&amp; lock,
  const chrono::duration&lt;Rep, Period&gt;&amp; rel_time);
</pre></blockquote>
<blockquote><p>
21 <i>Requires</i>: <code>lock</code><ins><code>.owns_lock()</code> is <code>true</code> and <code>lock.mutex()</code></ins> is locked by the calling thread, and either
</p>
<ul>
<li>no other thread is waiting on this <code>condition_variable</code> object or
</li>
<li><code>lock.mutex()</code> returns the same value for each of the <code>lock</code> arguments supplied by all concurrently
waiting (via <code>wait</code>, <code>wait_for</code>, or <code>wait_until</code>) threads.
</li>
</ul>
</blockquote><p>
[..]
</p><blockquote><p>
24 <em>Postcondition</em>: <code>lock</code><ins><code>.owns_lock()</code> is <code>true</code> and <code>lock.mutex()</code></ins> is locked by the calling thread.
</p></blockquote>
[..]
<blockquote><p>
26 <em>Error conditions</em>:
</p>
<ul>
<li><del><code>operation_not_permitted</code> &mdash; if the thread does not own the lock.</del>
</li>
<li>equivalent error condition from <code>lock.lock()</code> or <code>lock.unlock()</code>.
</li>
</ul>
</blockquote>
<blockquote><pre>
template &lt;class Clock, class Duration, class Predicate&gt;
bool wait_until(unique_lock&lt;mutex&gt;&amp; lock,
  const chrono::time_point&lt;Clock, Duration&gt;&amp; abs_time,
    Predicate pred);
</pre></blockquote>
<blockquote><p>
<ins>?? <i>Requires</i>: <code>lock.owns_lock()</code> is <code>true</code> and <code>lock.mutex()</code> is locked by the calling thread, and either</ins>
</p>
<ul>
<li><ins>no other thread is waiting on this <code>condition_variable</code> object or</ins>
</li>
<li><ins><code>lock.mutex()</code> returns the same value for each of the <code>lock</code> arguments supplied by all concurrently
waiting (via <code>wait</code> or <code>timed_wait</code>) threads.</ins>
</li>
</ul>
</blockquote>
<blockquote><p>
27 <i>Effects</i>:
</p><blockquote><pre>
while (!pred())
  if (wait_until(lock, abs_time) == cv_status::timeout)
    return pred();
return true;
</pre></blockquote>
</blockquote>
<blockquote><p>
28 <i>Returns</i>: <code>pred()</code>
</p></blockquote>

<blockquote><p>
<ins>?? <i>Postcondition</i>: <code>lock.owns_lock()</code> is <code>true</code> and <code>lock.mutex()</code> is locked by the calling thread.</ins>
</p></blockquote>

<blockquote><p>
29 [ <i>Note</i>: The returned value indicates whether the predicate evaluates to true regardless of whether the
timeout was triggered. &mdash; <i>end note</i> ]
</p></blockquote>

<blockquote><p>
<ins>?? <i>Throws</i>: <code>std::system_error</code> when an exception is required (30.2.2).</ins>
</p></blockquote>
<blockquote><p>
<ins>?? <em>Error conditions</em>:</ins>
</p>
<ul>
<li><ins>equivalent error condition from <code>lock.lock()</code> or <code>lock.unlock()</code>.</ins>
</li>
</ul>
</blockquote>

<blockquote><pre>
template &lt;class Rep, class Period, class Predicate&gt;
bool wait_for(unique_lock&lt;mutex&gt;&amp; lock,
  const chrono::duration&lt;Rep, Period&gt;&amp; rel_time,
    Predicate pred);
</pre></blockquote>
<blockquote><p>
30 <i>Requires</i>: <code>lock</code><ins><code>.owns_lock()</code> is <code>true</code> and <code>lock.mutex()</code></ins> is locked by the calling thread, and either
</p>
<ul>
<li>no other thread is waiting on this <code>condition_variable</code> object or
</li>
<li><code>lock.mutex()</code> returns the same value for each of the <code>lock</code> arguments supplied by all concurrently
waiting (via <code>wait</code>, <code>wait_for</code>, or <code>wait_until</code>) threads.
</li>
</ul>
</blockquote><p>
[..]
</p><blockquote><p>
33 <em>Postcondition</em>: <code>lock</code><ins><code>.owns_lock()</code> is <code>true</code> and <code>lock.mutex()</code></ins> is locked by the calling thread.
</p></blockquote><p>
[..]
</p><blockquote><p>
37 <em>Error conditions</em>:
</p>
<ul>
<li><del><code>operation_not_permitted</code> &mdash; if the thread does not own the lock.</del>
</li>
<li>equivalent error condition from <code>lock.lock()</code> or <code>lock.unlock()</code>.
</li>
</ul>
</blockquote>

</li>

<li>Change 32.7.5 <a href="https://wg21.link/thread.condition.condvarany">[thread.condition.condvarany]</a> as indicated:
<p/>
[..]
<blockquote><pre>
template &lt;class Lock, class Predicate&gt;
void wait(Lock&amp; lock, Predicate pred);
</pre></blockquote>
<blockquote><p>
<ins>[<i>Note</i>: if any of the wait functions exits with an exception it is indeterminate if the <code>Lock</code> is held. 
One can use a <code>Lock</code> type that allows to query that, such as the <code>unique_lock</code> wrapper. &mdash; <i>end note</i>]</ins>
</p></blockquote>
<blockquote><p>
11 <i>Effects</i>:
</p><blockquote><pre>
while (!pred())
  wait(lock);
</pre></blockquote>
</blockquote><p>
[..]
</p><blockquote><p>
31 <em>Error conditions</em>:
</p>
<ul>
<li><del><code>operation_not_permitted</code> &mdash; if the thread does not own the lock.</del>
</li>
<li>equivalent error condition from <code>lock.lock()</code> or <code>lock.unlock()</code>.
</li>
</ul>
</blockquote>
</li>

</ol>





</body>
</html>
