5

I have had recently a small contest with one of my colleagues (whom I very respect) regarding a theoretical possibility to test whether some code is thread-safe or not.

Let us suppose that we have a some "black-box" class FooUnknown taken from the 3rd party library, so we don't have an access to its original source code. Furthermore, it might be that it internally uses some native methods (if this is a matter).

Can we write such an unit test which will tell us that usage of this class (for example, its instance shared between several threads) is 100% thread-safe or not?

My conclusion, that it is not possible. For me it is obvious and straightforward: although one can write a code which will lead to some concurrency problems which is possible to detect. But an absent of such results doesn't guarantee that there are not concurrency issues at all.

Also I believe, that this question is not too broad. For certainty let us say we have a class some.FooUnknown and we want to use it in the following way:

@ApplicationScoped
public class FooService {
    private some.FooUnkown foo = new some.FooUnknown();

    public void someStuff() {
        // ...
        String result = foo.doSomeStuff();
        // ...
    }
}

How to test it to be sure that it is thread-safe, that we don't need to wrap it into ThreadLocal<FooUnknown> for instance?

Improve this question

3 Answers 3

Reset to default
2

Ignoring all practical reasons, this is also why it's theoretically hard to achieve a complete set of concurrency safety tests:

Assuming there are n threads operating on the same data structure. Then any thread i has a sequence of Si atomic operations on this datastructure, where each sequence may have a different length. Now what you need to make sure in an ideal environment is that every possible iteration sequence across all threads through these operation is covered by your tests. Even for relatively small operation sequences and only 2 threads this number grows quite fast.

But now the difficult part is to translate these findings to a real computer. Identifying such atomic operations itself is a complex task of its own, given the freedom of how jvms can be implemented and the java memory model. Then there is also thread scheduling controlled by os. So it's usually out of your control what actual operation sequence takes place on the data structure.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Man, even Halting problem is unsolvable algorithmically. What are you talking about?
@AntonMalyshev Unfortunately your question is too unspecific for me to improve my answer.
I just pointed out that it's nothing "theoretical" in your answer.
plus 1 to everyone, but idea with global variable seemed to me the best
1

It is impossible, because there are to many ways to produce thread unsafety. Just a global variable in native code could be enough.

Improve this answer

Comments

1

You are correct - as a black box, you can't possibly say if it's thread safe or not.. Even if you test it for 2 weeks and throw everything at it on a million VMs, maybe it is thread-safe now, but will become thread-unsafe in 2018 (e.g. by internally checking what the date is and intentionally dead-locking on 2018-01-01)

Improve this answer

21 Comments

Totally agree with you. But I want to keep this question open in order to give a chance for opposite side provide their tricky ideas :-) Upvoting the question also can cause increasing of the interest to it :)
Actually if we limit ourselves to thread safety for one particular ISA this is theoretically doable. Just execute every possible permutation of instructions for every possible input (both of which must be finite) and check whether the output is identical for every possible instruction sequence for every possible input. Not very practical but guaranteed to work.
(The trick here to counteract your example is that "get current date" would be an input so you'd have to check the output for every possible value).
@Voo that's interesting point, but you can not guarantee absent of the instructions reordering during you test. You can not forcibly cause it, so you can not be sure that even it happens, you are free from problems: cs.umd.edu/~pugh/java/memoryModel/jsr-133-faq.html#reordering
And looking at its instructions wouldn't exactly be black-box testing.. If you can look inside, it's probably at least 4 times faster to just reverse engineer it, compared to running all possible permutations on all possible inputs..
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.