This chapter describes the Chez Scheme thread-system procedures and syntactic forms. With the exception of locks, locked increment, and locked decrement, the features of the thread system are implemented on top of the Posix thread system (pthreads) on non-Windows-based system and directly using the Windows API on Windows-based systems. Consult the appropriate documentation on your system for basic details of thread creation and interaction.
Most primitive Scheme procedures are thread-safe, meaning that they can be called concurrently from multiple threads. This includes allocation operations like cons and make-string, accessors like car and vector-ref, numeric operators like + and sqrt, and nondestructive higher-level primitive operators like append and map.
Simple mutation operators, like set-car!, vector-set!, and record field mutators are thread-safe. Likewise, assignments to local variables, including assignments to (unexported) library and top-level program variables are thread-safe.
Other destructive operators are thread safe only if they are used to operate on different objects from those being read or modified by other threads. For example, assignments to global variables are thread-safe only as long as one thread does not assign the same variable another thread references or assigns. Similarly, putprop can be called in one thread while another concurrently calls putprop or getprop if the symbols whose property lists are being modified or accessed differ.
In this context, most I/O operations should be considered destructive, since they might modify a port's internal structure; see also Section 15.8 for information on buffered ports.
Use of operators that are not thread-safe without proper synchronization can corrupt the objects upon which they operate. This corruption can lead to incorrect behavior, memory faults, and even unrecoverable errors that cause the system to abort.
The compiler and interpreter are thread-safe to the extent that user code evaluated during the compilation and evaluation process is thread-safe or properly synchronized. Thus, two or more threads can call any of the compiler or interpreter entry points, i.e., compile, compile-file, compile-program, compile-script, compile-port, or interpret at the same time. Naturally, the object-file targets of two file compilation operations that run at the same time should be different. The same is true for eval and load as long as the default evaluator is used or is set explicitly to compile, interpret, or some other thread-safe evaluator.
One restriction should be observed when one of multiple threads creates or loads compiled code, however, which is that only that thread or subsequently created children, or children of subsequently created children, etc., should run the code. This is because multiple-processor systems upon which threaded code may run might not guarantee that the data and instruction caches are synchronized across processors.
procedure: (fork-thread thunk)
returns: a thread object
libraries: (chezscheme)
thunk must be a procedure that accepts zero arguments.
fork-thread invokes thunk in a new thread and returns a thread object.
Nothing can be done with the thread object returned by fork-thread, other than to print it.
Threads created by foreign code using some means other than fork-thread must call Sactivate_thread (Section 4.8) before touching any Scheme data or calling any Scheme procedures.
procedure: (thread? obj)
returns: #t if obj is a thread object, #f otherwise
libraries: (chezscheme)
procedure: (get-thread-id)
returns: the thread id of the current thread
libraries: (chezscheme)
The thread id is a thread number assigned by thread id, and has no relationship to the process id returned by get-process-id, which is the same in all threads.
procedure: (make-mutex)
procedure: (make-mutex name)
returns: a new mutex object
libraries: (chezscheme)
name, if supplied, must be a symbol which identifies the mutex, or #f for no name. The name is printed every time the mutex is printed, which is useful for debugging.
procedure: (mutex? obj)
returns: #t if obj is a mutex, #f otherwise
libraries: (chezscheme)
procedure: (mutex-acquire mutex)
procedure: (mutex-acquire mutex block?)
returns: see below
libraries: (chezscheme)
mutex must be a mutex.
mutex-acquire acquires the mutex identified by mutex. The optional boolean argument block? defaults to #t and specifies whether the thread should block waiting for the mutex. If block? is omitted or is true, the thread blocks until the mutex has been acquired, and an unspecified value is returned.
If block? is false and the mutex currently belongs to a different thread, the current thread does not block. Instead, mutex-acquire returns immediately with the value #f to indicate that the mutex is not available. If block? is false and the mutex is successfully acquired, mutex-acquire returns #t.
Mutexes are recursive in Posix threads terminology, which means that the calling thread can use mutex-acquire to (re)acquire a mutex it already has. In this case, an equal number of mutex-release calls is necessary to release the mutex.
procedure: (mutex-release mutex)
returns: unspecified
libraries: (chezscheme)
mutex must be a mutex.
mutex-release releases the mutex identified by mutex. Unpredictable behavior results if the mutex is not owned by the calling thread.
syntax: (with-mutex mutex body1 body2 ...)
returns: the values of the body body1 body2 ...
libraries: (chezscheme)
with-mutex evaluates the expression mutex, which must evaluate to a mutex, acquires the mutex, evaluates the body body1 body2 ..., and releases the mutex. The mutex is released whether the body returns normally or via a control operation (that is, throw to a continuation, perhaps because of an error) that results in a nonlocal exit from the with-mutex form. If control subsequently returns to the body via a continuation invocation, the mutex is reacquired.
Using with-mutex is generally more convenient and safer than using mutex-acquire and mutex-release directly.
procedure: (mutex-name mutex)
returns: the name associated with mutex, if any; otherwise #f
libraries: (chezscheme)
mutex must be a mutex.
procedure: (make-condition)
procedure: (make-condition name)
returns: a new condition object
libraries: (chezscheme)
name, if supplied, must be a symbol which identifies the condition object, or #f for no name. The name is printed every time the condition is printed, which is useful for debugging.
procedure: (thread-condition? obj)
returns: #t if obj is a condition object, #f otherwise
libraries: (chezscheme)
procedure: (condition-wait cond mutex)
procedure: (condition-wait cond mutex timeout)
returns: #t if the calling thread was awakened by the condition, #f if the calling thread timed out waiting
libraries: (chezscheme)
cond must be a condition object, and mutex must be a mutex. The optional argument timeout is a time record of type time-duration or time-utc, or #f for no timeout. It defaults to #f.
condition-wait waits up to the specified timeout for the condition identified by the condition object cond. The calling thread must have acquired the mutex identified by the mutex mutex at the time condition-wait is called. mutex is released as a side effect of the call to condition-wait. When a thread is later released from the condition variable by one of the procedures described below or the timeout expires, mutex is reacquired and condition-wait returns.
procedure: (condition-signal cond)
returns: unspecified
libraries: (chezscheme)
cond must be a condition object.
condition-signal releases one of the threads waiting for the condition identified by cond.
procedure: (condition-broadcast cond)
returns: unspecified
libraries: (chezscheme)
cond must be a condition object.
condition-broadcast releases all of the threads waiting for the condition identified by cond.
procedure: (condition-name condition)
returns: the name associated with condition, if any; otherwise #f
libraries: (chezscheme)
condition must be a condition.
Locks are more primitive but more flexible and efficient than mutexes and can be used in situations where the added mutex functionality is not needed or desired. They can also be used independently of the thread system (including in nonthreaded versions of Chez Scheme) to synchronize operations running in separate Scheme processes as long as the lock is allocated in memory shared by the processes.
A lock is simply a word-sized integer, i.e., an iptr or uptr foreign type (Section 4.5) with the native endianness of the target machine, possibly part of a larger structure defined using define-ftype (page 77). It must be explicitly allocated in memory that resides outside the Scheme heap and, when appropriate, explicitly deallocated. When just threads are involved (i.e., when multiple processes are not involved), the memory can be allocated via foreign-alloc. When multiple processes are involved, the lock should be allocated in some area shared by the processes that will interact with the lock.
Once initialized using ftype-init-lock!, a process or thread can attempt to lock the lock via ftype-lock! or ftype-spin-lock!. Once the lock has been locked and before it is unlocked, further attempts to lock the lock fail, even by the process or thread that most recently locked it. Locks can be unlocked, via ftype-unlock!, by any process or thread, not just by the process or thread that most recently locked the lock.
The lock mechanism provides little structure, and mistakes in allocation and use can lead to memory faults, deadlocks, and other problems. Thus, it is usually advisable to use locks only as part of a higher-level abstraction that ensures locks are used in a disciplined manner.
(define lock
(make-ftype-pointer uptr
(foreign-alloc (ftype-sizeof uptr))))
(ftype-init-lock! uptr () lock)
(ftype-lock! uptr () lock) #t
(ftype-lock! uptr () lock) #f
(ftype-unlock! uptr () lock)
(ftype-spin-lock! uptr () lock)
(ftype-lock! uptr () lock) #f
(ftype-unlock! uptr () lock)
syntax: (ftype-init-lock! ftype-name (a ...) fptr-expr)
syntax: (ftype-init-lock! ftype-name (a ...) fptr-expr index)
returns: unspecified
syntax: (ftype-lock! ftype-name (a ...) fptr-expr)
syntax: (ftype-lock! ftype-name (a ...) fptr-expr index)
returns: #t if the lock is not already locked, #f otherwise
syntax: (ftype-spin-lock! ftype-name (a ...) fptr-expr)
syntax: (ftype-spin-lock! ftype-name (a ...) fptr-expr index)
returns: unspecified
syntax: (ftype-unlock! ftype-name (a ...) fptr-expr)
syntax: (ftype-unlock! ftype-name (a ...) fptr-expr index)
returns: unspecified
libraries: (chezscheme)
Each of these has a syntax like and behaves similarly to ftype-set! (page 86), though with an implicit val-expr. In particular, the restrictions on and handling of fptr-expr and the accessors a ... is similar, with one important restriction: the field specified by the last accessor, upon which the form operates, must be a word-size integer, i.e., an iptr, uptr, or the equivalent, with the native endianness.
ftype-init-lock! should be used to initialize the lock prior to the use of any of the other operators; if this is not done, the behavior of the other operators is undefined.
ftype-lock! can be used to lock the lock. If it finds the lock unlocked at the time of the operation, it locks the lock and returns #t; if it finds the lock already locked, it returns #f without changing the lock.
ftype-spin-lock! can also be used to lock the lock. If it finds the lock unlocked at the time of the operation, it locks the lock and returns; if it finds the lock already locked, it waits until the lock is unlocked, then locks the lock and returns. If no other thread or process unlocks the lock, the operation does not return and cannot be interrupted by normal means, including by the storage manager for the purpose of initiating a garbage collection. There are also no guarantees of fairness, so a process might hang indefinitely even if other processes are actively locking and unlocking the lock.
ftype-unlock! is used to unlock a lock. If it finds the lock locked, it unlocks the lock and returns. Otherwise, it returns without changing the lock.
The locked operations described here can be used when just an atomic increment or decrement is required.
syntax: (ftype-locked-incr! ftype-name (a ...) fptr-expr)
syntax: (ftype-locked-incr! ftype-name (a ...) fptr-expr index)
returns: #t if the updated value is 0, #f otherwise
syntax: (ftype-locked-decr! ftype-name (a ...) fptr-expr)
syntax: (ftype-locked-decr! ftype-name (a ...) fptr-expr index)
returns: #t if the updated value is 0, #f otherwise
libraries: (chezscheme)
Each of these has a syntax like and behaves similarly to ftype-set! (page 86), though with an implicit val-expr. In particular, the restrictions on and handling of fptr-expr and the accessors a ... is similar, with one important restriction: the field specified by the last accessor, upon which the form operates, must be a word-size integer, i.e., an iptr, uptr, or the equivalent, with the native endianness.
ftype-locked-incr! atomically reads the value of the specified field, adds 1 to the value, and writes the new value back into the field. Similarly, ftype-locked-decr! atomically reads the value of the specified field, subtracts 1 from the value, and writes the new value back into the field. Both return #t if the new value is 0, otherwise #f.
Applications that manage memory outside the Scheme heap can leverage the Scheme storage management system to help perform reference counting via ftype guardians. In a reference-counted memory management system, each object holds a count of pointers to it. The count is incremented when a new pointer is created and decremented when a pointer is dropped. When the count reaches zero, the object is no longer needed and the memory it formerly occupied can be made available for some other purpose.
Ftype guardians are similar to guardians created by make-guardian (Section 13.2). The guardian? procedure returns true for both, and the unregister-guardian procedure can be used to unregister objects registered with either.
syntax: (ftype-guardian ftype-name)
returns: a new ftype guardian
libraries: (chezscheme)
ftype-name must name an ftype. The first base field of the ftype (or one of the first base fields in the case of unions) must be a word-sized integer (iptr or uptr) with native endianness. This field is assumed to hold a reference count.
The return value is a new ftype guardian g, with which ftype-pointers of type ftype-name (or some subtype of ftype-name) can be registered. An ftype pointer is registered with g by invoking g with the ftype pointer as an argument.
An ftype guardian does not automatically protect from collection the ftype pointers registered with it, as a normal guardian would do. Instead, for each registered ftype pointer that becomes inaccessible via normal (non-weak, non-guardian pointers), the guardian decrements the reference count of the object to which the ftype pointer points. If the resulting reference-count value is zero, the ftype pointer is preserved and can be retrieved from the guardian. If the resulting reference-count value is non-zero, however, the ftype pointer is not preserved. Objects retrieved from an ftype guardian (by calling it without arguments) are guaranteed to have zero reference counts, assuming reference counts are maintained properly by code outside the collector.
The collector decrements the reference count using the equivalent of ftype-locked-decr! to support systems in which non-Scheme objects are stored in memory shared by multiple processes. In such systems, programs should themselves use ftype-locked-incr! and ftype-locked-decr! or non-Scheme equivalents (e.g., the C LOCKED_INCR and LOCKED_DECR macros in scheme.h, which are described in Section 4.8) to maintain reference counts.
The following example defines a simple ftype and an allocator for objects of that ftype that frees any objects of that ftype that were previously allocated and no longer accessible.
(module (A make-A free-dropped-As)
(define-ftype A
(struct
[refcount uptr]
[data int]))
(define g (ftype-guardian A))
(define free-dropped-As
(lambda ()
(let ([a (g)])
(when a
(printf "freeing ~s\n" (ftype-ref A (data) a))
(foreign-free (ftype-pointer-address a))
(free-dropped-As)))))
(define make-A
(lambda (n)
(free-dropped-As)
(let ([a (make-ftype-pointer A (foreign-alloc (ftype-sizeof A)))])
(ftype-set! A (refcount) a 1)
(ftype-set! A (data) a n)
(g a)
a))))
We can test this by allocating, dropping, and immediately collecting ftype pointers to A.
> (do ([i 10 (fx- i 1)])
((fx= i 0))
(make-A i)
(collect))
freeing 10
freeing 9
freeing 8
freeing 7
freeing 6
freeing 5
freeing 4
freeing 3
freeing 2
> (free-dropped-As)
freeing 1
Objects guarded by an ftype guardian might contain pointers to other objects whose reference counts should also be incremented upon allocation of the containing object and decremented upon freeing of the containing object.
procedure: (make-thread-parameter object)
procedure: (make-thread-parameter object procedure)
returns: a new thread parameter
libraries: (chezscheme)
See Section 12.13 for a general discussion of parameters and the use of the optional second argument.
When a thread parameter is created, a separate location is set aside in each current and future thread to hold the value of the parameter's internal state variable. (This location may be eliminated by the storage manager when the parameter becomes inaccessible.) Changes to the thread parameter in one thread are not seen by any other thread.
When a new thread is created (see fork-thread), the current value (not location) of each thread parameter is inherited from the forking thread by the new thread. Similarly, when a thread created by some other means is activated for the first time (see Sactivate_thread in Section 4.8), the current value (not location) of each thread parameter is inherited from the main (original) thread by the new thread.
Most built-in parameters are thread parameters, but some are global. All are marked as global or thread where they are defined. There is no distinction between built-in global and thread parameters in the nonthreaded versions of the system.
Chez Scheme buffers file I/O operations for efficiency, but buffered I/O is not thread safe. Two threads that write to or read from the same buffered port concurrently can corrupt the port, resulting in buffer overruns and, ultimately, invalid memory references.
Buffering on binary output ports can be disabled when opened with buffer-mode none. Buffering on input ports cannot be completely disabled, however, due to the need to support lookahead, and buffering on textual ports, even textual output ports, cannot be disabled completely because the transcoders that convert between characters and bytes sometimes require some lookahead.
Two threads should thus never read from or write to the same port concurrently, except in the special case of a binary output port opened buffer-mode none. Alternatives include appointing one thread to perform all I/O for a given port and providing a per-thread generic-port wrapper that forwards requests to the port only after acquiring a mutex.
The initial console and current input and output ports are thread-safe, as are transcript ports, so it is safe for multiple threads to print error and/or debugging messages to the console. The output may be interleaved, even within the same line, but the port will not become corrupted. Thread safety for these ports is accomplished at the high cost of acquiring a mutex for each I/O operation.
The following code, taken from the article "A Scheme for native threads [10]," implements a bounded queue using many of the thread-system features. A bounded queue has a fixed number of available slots. Attempting to enqueue when the queue is full causes the calling thread to block. Attempting to dequeue from an empty queue causes the calling thread to block.
(define-record-type bq
(fields
(immutable data)
(mutable head)
(mutable tail)
(immutable mutex)
(immutable ready)
(immutable room))
(protocol
(lambda (new)
(lambda (bound)
(new (make-vector bound) 0 0 (make-mutex)
(make-condition) (make-condition))))))
(define dequeue!
(lambda (q)
(with-mutex (bq-mutex q)
(let loop ()
(let ([head (bq-head q)])
(cond
[(= head (bq-tail q))
(condition-wait (bq-ready q) (bq-mutex q))
(loop)]
[else
(bq-head-set! q (incr q head))
(condition-signal (bq-room q))
(vector-ref (bq-data q) head)]))))))
(define enqueue!
(lambda (item q)
(with-mutex (bq-mutex q)
(let loop ()
(let* ([tail (bq-tail q)] [tail^ (incr q tail)])
(cond
[(= tail^ (bq-head q))
(condition-wait (bq-room q) (bq-mutex q))
(loop)]
[else
(vector-set! (bq-data q) tail item)
(bq-tail-set! q tail^)
(condition-signal (bq-ready q))]))))))
(define incr
(lambda (q i)
(modulo (+ i 1) (vector-length (bq-data q)))))
The code below demonstrates the use of the bounded queue abstraction with a set of threads that act as consumers and producers of the data in the queue.
(define job-queue)
(define die? #f)
(define make-job
(let ([count 0])
(define fib
(lambda (n)
(if (< n 2)
n
(+ (fib (- n 2)) (fib (- n 1))))))
(lambda (n)
(set! count (+ count 1))
(printf "Adding job #~s = (lambda () (fib ~s))\n" count n)
(cons count (lambda () (fib n))))))
(define make-producer
(lambda (n)
(rec producer
(lambda ()
(printf "producer ~s posting a job\n" n)
(enqueue! (make-job (+ 20 (random 10))) job-queue)
(if die?
(printf "producer ~s dying\n" n)
(producer))))))
(define make-consumer
(lambda (n)
(rec consumer
(lambda ()
(printf "consumer ~s looking for a job~%" n)
(let ([job (dequeue! job-queue)])
(if die?
(printf "consumer ~s dying\n" n)
(begin
(printf "consumer ~s executing job #~s~%" n (car job))
(printf "consumer ~s computed: ~s~%" n ((cdr job)))
(consumer))))))))
(define (bq-test np nc)
(set! job-queue (make-bq (max nc np)))
(do ([np np (- np 1)])
((<= np 0))
(fork-thread (make-producer np)))
(do ([nc nc (- nc 1)])
((<= nc 0))
(fork-thread (make-consumer nc))))
Here are a possible first several lines of output from a sample run of the example program.
> (begin
(bq-test 3 4)
(system "sleep 3")
(set! die? #t))
producer 3 posting a job
Adding job #1 = (lambda () (fib 29))
producer 3 posting a job
Adding job #2 = (lambda () (fib 26))
producer 3 posting a job
Adding job #3 = (lambda () (fib 22))
producer 3 posting a job
Adding job #4 = (lambda () (fib 21))
producer 2 posting a job
Adding job #5 = (lambda () (fib 29))
producer 1 posting a job
Adding job #6 = (lambda () (fib 29))
consumer 4 looking for a job
producer 3 posting a job
Adding job #7 = (lambda () (fib 24))
consumer 4 executing job #1
consumer 3 looking for a job
producer 2 posting a job
Adding job #8 = (lambda () (fib 26))
consumer 3 executing job #2
consumer 3 computed: 121393
consumer 3 looking for a job
producer 1 posting a job
Adding job #9 = (lambda () (fib 26))
...
Additional examples, including definitions of suspendable threads and threads that automatically terminate when they become inaccessible, are given in "A Scheme for native threads [10]."
Chez Scheme Version 9 User's Guide
Copyright © 2022 Cisco Systems, Inc.
Licensed under the Apache License Version 2.0
(full copyright notice.).
Revised April 2022 for Chez Scheme Version 9.5.8
about this book