* Ingo Strüwing <Ingo.Struewing@stripped> [09/05/05 23:35]:
Ingo,
your patch is bound to solve the present day trouble only unless
you write an instruction to developers that they can follow
when writing new code: an instruction how to write "killable" and
race-free code.
When you move the checks for thd->killed into critical section,
you change the conceptual model of thd->enter_cond().
According to the old conceptual model it was unnecessary, since
thd->awake cancels the wait on the condition (at least such was
the pitch).
thd->killed has never been too reliable. It wasn't designed to
be. In real life a user can send the signal twice without too much
trouble. But the way it worked was simple and easy to understand.
So, before we proceed, can we zoom out from the code for a minute
and discuss:
- what was the old model for thd->killed. What was wrong with it?
- what is the new model. How is it better?
Thanks,
--
kostja
