4.10 Thread Safety and Libraries
According to Klieman, Shah, and Smaalders (1996): "A function or set of functions is said to be thread safe or reentrant when the functions may be called by more than one thread at a time without requiring any other action on the caller's part." When designing a multithread application, the programmer must be careful to ensure that concurrently executing functions are thread safe. We have already discussed making user-defined functions thread safe but an application often calls functions defined by the system- or a third-party-supplied library. Some of these functions and/or libraries are thread safe where others are not. If the functions are not thread safe, then this means the functions contain one or more of the following: static variables, accesses global data, and/or is not reentrant.
If the function contains static variables, then those variables maintain their values between invocations of the function. The function requires the value of the static variable in order to operate correctly. When concurrent multiple threads invoke this function, then a race condition occurs. If the function modifies a global variable, then multiple threads invoking that function may each attempt to modify that global variable. If multiple concurrent accesses to the global variable are not synchronized, then a race condition can occur here as well. For example, multiple concurrent threads can execute functions that set errno. With some of the threads, the function fails and errno is set to an error message while other threads execute successfully. Depending on the compiler implementation, errno is thread safe. If not, when a thread checks the state of errno, which message will it report?
A block of code is considered reentrant if the code cannot be changed while in use. Reentrant code avoids race conditions by removing references to global variables and modifiable static data. Therefore, the code can be shared by multiple concurrent threads or processes without a race condition occurring. The POSIX standard defines several functions as reentrant. They are easily identified by a _r attached to the function name of the nonreentrant counterpart. Some are listed below:
getgrgid_r() getgrnam_r() getpwuid_r() sterror_r() strtok_r() readdir_r() rand_r() ttyname_r()
If the function accesses unprotected global variables; contains static, modifiable variables; or is not reentrant, then the function is considered thread unsafe.
System- or third-party-supplied libraries may have different versions of their standard libraries. One version is for single-threaded applications and the other version for multithreaded applications. Whenever a multithreaded environment is anticipated, the programmer should link to these multithreaded versions of the library. Other environments do not require multithreaded applications to be linked to the multithreaded version of the library but only require macros to be defined in order for reentrant versions of functions to be declared. The application will then be compiled as thread safe.
It is not possible in all cases to use multithreaded versions of functions. In some instances, multithreaded versions of particular functions are not available for a given compiler or environment. Some function's interface cannot be simply made thread safe. In addition, the programmer may be faced with adding threads to an environment that uses functions that were only meant to be used in a single-threaded environment. Under these conditions, in general use mutexes to wrap all such functions within the program. For example, a program has three concurrently executing threads. Two of the threads, thread1 and thread2, both concurrently execute funcA(), which is not thread safe. The third thread, thread3, executes funcB(). To solve the problem of funcA(), the solution may be to simply wrap access to funcA() by thread1 and thread2 with a mutex:
thread1 thread2 thread3 { { { lock() lock() funcB() funcA() funcA() } unlock() unlock() } }
If this is done then only one thread accesses funcA() at a time. But there is still a problem. If funcA() and funcB() are both thread-unsafe functions, they may both modify a global or static variable. Although thread1 and thread2 are using mutexes with funcA(), thread3 will be executing funcB() concurrently with either of these threads. In this situation, a race condition occurs because funcA() and funcB() may both modify the same global or static variable.
To illustrate another type of race condition when dealing with the iostream library, let's say we have two threads, thread A and thread B, sending output to the standard output stream, cout. cout is an object of type ostream. Using inserters, (>>), and extractors, (<<), invokes the methods of the cout object. Are these methods thread safe? If thread A is sending the message "We are intelligent beings" to stdout and thread B is sending the message "Humans are illogical beings," will the output be interleaved and produce a message "We are Humans are illogical beings intelligent beings"? In some cases, thread-safe functions are implemented as atomic functions. Atomic functions are functions that once they begin to execute cannot be interrupted. In the case of cout, if the inserter operation is implemented as atomic, then this interweaving cannot take place. When there are multiple calls to the inserter operation, they will be executed as if they were in serial order. Thread A's message will be displayed, then thread B's, or vice versa, although they invoked the function simultaneously. This is an example of serializing a function or operation in order to make it thread safe. This may not be the only way to make a function thread safe. A function may interweave operations if it has no adverse effect. For example, if a method adds or removes elements to or from a structure that is not sorted and two different threads invoke that method, interweaving their operations will not have an adverse effect.
If it is not known which functions from a library are thread safe and which are not, the programmer has three choices:
-
Restrict use of all thread-unsafe functions to a single thread.
-
Do not use any of the thread-unsafe functions.
-
Wrap all potential thread-unsafe functions within a single set of synchronization mechanisms.
An additional approach is to create interface classes for all thread-unsafe functions that will be used in a multithreaded application. The unsafe functions are encapsulated within an interface class. The interface class can be combined with the appropriate synchronization objects through inheritance or composition. The interface class can be used by the host class through inheritance or composition. The approach eliminates the possibility of race conditions.