safe and threadsafe
Wolfgang Thaller
wolfgang.thaller at gmx.net
Tue Feb 4 07:24:32 EST 2003
Hello Everyone,
I have recently spent some time improving GHC's support for
"threadsafe" foreign calls.
As a side effect of fixing a crashing bug, I made "safe" behave in
exactly the same way
as "threadsafe". Now I have to document it... :-(
I'm not very happy with the current definition of safety levels in the
FFI addendum
(section 3.3, Import Declarations). So before I write up somethhing for
the GHC user manual
explaining how GHC interprets it and why it does so, I'll try to
convince someone to change
or at least clarify the FFI spec a bit:
First, some things that are unclear:
Are safe calls _guaranteed_ to block all other haskell threads and
prevent garbage collection,
or is that an implementation detail? Are unsafe calls guaranteed to do
so? {In a SMP implementation,
this might require additional interthread messaging}.
What should happen when C code running in a separate OS thread calls a
foreign exported
function while the Haskell Runtime is blocked on a safe call?
Some more points:
In what way can a "safe" call be considered safe in a multithreaded
environment? After all
it may cause very hard-to-predict blocking. I think that "threadsafe"
should be the default,
where available.
It _may_ be possible to implement "safe" in a way that is slightly more
efficient than "threadsafe",
however this is relatively hard to do correctly in the context of GHC,
and I don't expect a big
performance gain. But if that is possible, then "safe" would be just a
hint for increasing performance
by sacrificing some "safety". It should be renamed to something else.
"Ceterum censeo" that
"threadsafe" should be the default.
Some people have said that "safe" calls are intended for serializing
access to foreign libraries
that are not multithread-safe. I think that MVars should be used for
such purposes. Blocking the
entire Haskell Runtime for the duration of a "safe" call is overkill,
but it's not always enough:
Many old C libraries keep state in global variables from one call to
the next.
Cheers,
Wolfgang
--
ceterum censeo invocationes "tutas" esse delendas.
More information about the FFI
mailing list