From: Mark H Weaver <mhw@netris.org>
To: ludo@gnu.org (Ludovic Courtès)
Cc: 31878@debbugs.gnu.org
Subject: bug#31878: Module autoloading is not thread safe
Date: Thu, 23 Aug 2018 15:40:50 -0400 [thread overview]
Message-ID: <87in40g9bx.fsf@netris.org> (raw)
In-Reply-To: <87va81p4sn.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Thu, 23 Aug 2018 15:54:00 +0200")
Hi Ludovic,
ludo@gnu.org (Ludovic Courtès) writes:
> Mark H Weaver <mhw@netris.org> skribis:
>
>> Since Guile (unfortunately) allows cyclic module dependencies, we would
>> need a mechanism to avoid deadlocks in case modules A and B both import
>> each other, and two threads concurrently attempt to load those modules.
>>
>> The first idea that comes to mind is to also have a global structure
>> storing a partial order on the modules currently being loaded. If,
>> while module A is being loaded, there's an attempt to auto-load module
>> B, then an entry (A < B) would added to the partial order. The partial
>> order would not allow cycles to be introduced, reporting an error in
>> that case. In case a cycle would be introduced when adding (A < B),
>> then the thread would simply be given access to the partially-loaded
>> module B, by adding B to its local list of modules-being-loaded.
>
> Would it enough to (1) use recursive mutexes, and (2) have
> ‘resolve-module’ lookup modules first in the global name space, and
> second in the local list of modules being loaded?
Item (2) above is something that I had already envisioned in my
proposal, although I neglected to mention it.
However, I don't see how recursive mutexes would help here, or how they
could obviate the need for the other mechanisms I described above.
Suppose module A and module B are mutually dependent on each other. If
thread 1 is loading module A concurrently with thread 2 loading module
B, then thread 1 will be the only thread with access to module A (via
thread 1's local list) and will hold the lock on it, and similarly for
thread 2 and module B.
Now, when thread 1 tries to load module B (while it's in the process of
loading module A), it should normally be blocked until module B is
finished loading. If those modules were _not_ mutually dependent on
each other, we should insist on thread 1 waiting for module B to finish
loading before gaining access to it. Only if there is a cyclic
dependency should it be granted access to the partially-loaded module.
If we simply use recursive mutexes, I think deadlock would occur in this
case. Thread 1 would try to grab the lock on module B, which is already
held by thread 2, and vice versa. Since it's not self-held, I fail to
see the relevance of the recursive mutex.
What do you think?
Mark
next prev parent reply other threads:[~2018-08-23 19:40 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-18 9:43 bug#31878: Module autoloading is not thread safe Ludovic Courtès
2018-06-18 11:11 ` Ludovic Courtès
2018-06-18 12:17 ` Ludovic Courtès
2018-08-22 23:22 ` Mark H Weaver
2018-08-23 2:18 ` Mark H Weaver
2018-08-23 13:54 ` Ludovic Courtès
2018-08-23 19:40 ` Mark H Weaver [this message]
2018-08-24 8:45 ` Ludovic Courtès
2018-10-21 18:16 ` Mark H Weaver
2018-10-22 10:10 ` Ludovic Courtès
[not found] ` <876002dm18.fsf@netris.org>
2018-08-23 13:51 ` Ludovic Courtès
2022-04-04 11:47 ` Calvin Heim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/guile/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87in40g9bx.fsf@netris.org \
--to=mhw@netris.org \
--cc=31878@debbugs.gnu.org \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).