[gclist] Finalization, again

Charles Fiterman cef@geodesic.com
Thu, 04 Oct 2001 16:01:20 -0500


Finalizers must be safe, general, sure and ordered.

Safe means they can't result in violations of the type system of the
language. You can't end up with a pointer to a deleted object because that
will later be filled and violate type safety. You could use it to write a
virus. It also means dead objects can't rise to alter the bits of the
living. The contents of dead objects must be inaccessible or the basic
guarantees of garbage collection are violated.

General means anything the user can write in the language he can write in a
finalizer. You can't prevent general. That includes locking operations,
exceptions, the use of thread local storage, thread operations, loops and
allocation. You can't stop general because the user can call functions. You
can't test for general its too open ended. If the collector runs finalizers
there will always be bugs because the user will always do something you
didn't expect.

Sure means if you build a finalizer object the finalizer gets run if only
at end of job. But end of job exists in user semantics. Is that really end
of phase three except on alternate Wednesdays? Sure also implies not
unreasonably delayed. If you have a linked list of a million finalizer
objects it can't take a million collections to run them all. I call this
the billion dollar lottery bug. "Congratulations you've just won a billion
dollar lottery. A dollar a year for a billion years."

Ordered means the user determines the order of finalizers. If A points to B
and B points to A the user knows which runs first and its not the
collector's job to figure it out. Never running them is wrong and picking
an order is wrong.

This combination is impossible, the parts are impossible, it is also non
negotiable. The anser is not to provide the feature.

Also unthreaded systems are more efficient than threaded ones. Saying
threads are required by finalizers is unacceptable. If the user doesn't use
threads the finalizer system can't run out and use them.