From: Ken Raeburn <raeburn@raeburn.org>
To: guile-devel Development <guile-devel@gnu.org>
Subject: Re: thread safe functions
Date: Sat, 21 Aug 2010 20:57:46 -0400 [thread overview]
Message-ID: <8C8EEFE6-77CA-42E7-A2FB-9CEF4E83CDFF@raeburn.org> (raw)
In-Reply-To: <m3vd77vrs0.fsf@unquote.localdomain>
(switching to guile-devel from guile-user since I think this is more of a developers' issue)
On Aug 18, 2010, at 11:56, Andy Wingo wrote (quoting the manual):
> Thus, you need to put in additional synchronizations when multiple
> threads want to use a single hashtable, or any other mutable Scheme
> object.
Unfortunately this applies to some internals of the implementation too. For example, "set-object-property!" and friends use a hash table and assoc lists internally. There's a "critical section" protecting the assoc list manipulation in set-object-property!, but nothing else; I doubt using it on two objects not already in the hash table is safe (in the sense of both concurrent calls taking effect, as if made serially in unspecified order), based on the text Andy quoted about hash tables. But application code calling set-object-property! isn't explicitly operating on a mutable Scheme object (and a Scheme coder might reasonably assume that the properties were stored with the object, not in a global hash table), so the above advice from the manual doesn't seem to apply.
scm_c_issue_deprecation_warning and scm_c_register_extension don't look thread-safe to me (in the sense described above). Both maintain linked lists without locking, and these aren't even implicitly Scheme objects. Both risk losing the new list entries in the face of concurrent calls.
That's just from a spot check; I'm not even trying to be thorough.
And don't get me going on memory ordering models....
To be honest, I wouldn't trust libguile in a multithreaded application without much more careful analysis, not just of the code, but of the assumptions being made and whether they're actually valid for various processors (not just the relatively friendly x86) and compilers. Without that sort of analysis, I think "use mutexes everywhere" is the only safe approach, and libguile certainly isn't doing that.
Ken
next parent reply other threads:[~2010-08-22 0:57 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20100805112743.GA1671@securactive.net>
[not found] ` <m3vd77vrs0.fsf@unquote.localdomain>
2010-08-22 0:57 ` Ken Raeburn [this message]
2010-08-28 19:20 ` thread safe functions Andy Wingo
2010-08-29 1:33 ` Ken Raeburn
2011-02-10 22:19 ` Andy Wingo
2011-02-15 16:00 ` Ken Raeburn
2011-05-23 20:25 ` Andy Wingo
2011-02-15 17:18 ` Ken Raeburn
2011-05-23 20:38 ` Andy Wingo
2011-05-24 20:57 ` Andy Wingo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/guile/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8C8EEFE6-77CA-42E7-A2FB-9CEF4E83CDFF@raeburn.org \
--to=raeburn@raeburn.org \
--cc=guile-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).