Mark H Weaver <[email protected]> writes: > One serious problem with this patch is that it changes the API (and > ABI) of 'scm_init_guile'.
The public functions could be separated into a compatible and a _safe variant like I did with `scm_with_guile', and `scm_with_guile_safe', should the patch be otherwise accepted. (I thought it would be fine to change a void return type to another, but I guess that was ignorance on my side.) > The fundamental problem here is that currently, programs must be > careful to limit the number of threads that have ever been put into > Guile mode, just as they must limit the number of open files. If they > do that, then they won't ever encounter this error. If they run out > of FDs then they are screwed, and this patch doesn't change that fact, > it merely trades one kind of ungraceful exit for another. > > A proper solution would eliminate that limitation. Once we've done > that, then there will no longer be a need for these new APIs that you > would introduce, nor for the error-prone code paths that they would > entail. I think there are two things to ask here: 1. once the FD limitation is lifted, can we otherwise guarantee that thread initialization will always succeed (after pthread_create), and do we want to hold on to that guarantee for the future (not ever introduce possibly-failing code to thread initialization)? And if we *don't* want to make that guarantee, 2. should we support error-reporting variants of the public functions at the expense of code complexity? I thought the right answer was 1. we can't guarantee that and 2. we should at least provide a way to handle errors, but if you say otherwise I'm fine with that; just asking explicitly to make the situation clear. (And we might want to document the conclusion.) (A more over-arching question might be whether it's acceptable for Guile to abort or crash at all, or in which precise situations. That would be relevant to the IO thread-safety topic as well. A *fully* safe and fault-tolerant system is a nice thought, but maybe an impractical goal.) Taylan
