Dr. Dobb's is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Channels ▼
RSS

Security

Writing Lock-Free Code: A Corrected Queue

By Herb Sutter, September 29, 2008

7 Comments

Herb continues his exploration of lock-free code--this time focusing on creating a lock-free queue.

A Corrected One-Producer, One-Consumer Lock-Free Queue

Now let's tackle the lock-free queue using our essential tools. In this first take, to allow easier comparison with the original code in [2], I'll stay fairly close to the original design and implementation, including that I'll continue to make the same simplifying assumption that there is exactly one Consumer thread and one Producer thread, so that we can easily arrange for them to always work in different parts of the underlying linked list. In Figure 1, the first "unconsumed" item is the one after the divider. The consumer increments divider to say it has consumed an item. The producer increments last to say it has produced an item, and also lazily cleans up consumed items before the divider.

[Click image to view at full size]

Figure 1: The lock-free queue data structure.

Here's the class definition, which carefully marks shared variables as being of an ordered atomic type (using C++ to most closely follow the original code in [2]):

template <typename T>
class LockFreeQueue {
private:
  struct Node {
    Node( T val ) : value(val), next(nullptr) { }
    T value;
    Node* next;
  };
  Node* first;			   // for producer only
  atomic<Node*> divider, last;         // shared

The constructor simply initializes the list with a dummy element. The destructor (in C# or Java, the dispose method) releases the list. In a future column, I'll discuss in detail why constructors and destructors of a shared object don't need to worry about concurrency and races with methods of the same object; the short answer for now is that creating or tearing down an object should always run in isolation, so no internal synchronization needed.

public:
  LockFreeQueue() {
    first = divider = last =
      new Node( T() );           // add dummy separator
  }
  ~LockFreeQueue() {
    while( first != nullptr ) {   // release the list
      Node* tmp = first;
      first = tmp->next;
      delete tmp;
    }
  }

Next, we'll look at the key methods, Produce and Consume. Figure 2 shows another view of the list by who owns what data by color-coding: The producer owns all nodes before divider, the next pointer inside the last node, and the ability to update first and last. The consumer owns everything else, including the values in the nodes from divider onward, and the ability to update divider.

[Click image to view at full size]

Figure 2: Ownership rules of the road.

The Producer

Produce is called on the producer thread only:

  void Produce( const T& t ) {
    last->next = new Node(t);  	// add the new item
        last  = last->next;		// publish it
    while( first != divider ) {	// trim unused nodes
      Node* tmp = first;
      first = first->next;
      delete tmp;
    }
  }

First, the producer creates a new Node containing the value and links it to the current last node. At this point, the node is not yet shared, but still private to the producer thread even though there's a link to it; the consumer will not follow that link unless the value of last says it may follow it. Finally, when all the real work is done—the node exists, its value is completely initialized, and it's correctly connected—then, and only then, do we write to last to "commit" the update and publish it atomically to the consumer thread. The consumer reads last, and either sees the old value (and ignores the new partly constructed element even if the last->next pointer might already have been set) or the new value that officially blesses the new node as an approved part of the queue, ready to be used.

Finally, the producer performs lazy cleanup of now-unused nodes. Because we always stop before divider, this can't conflict with anything the consumer might be doing later in the list. What if while we're in the loop, the consumer is consuming items and changing the value of divider? No problem: Each time we read divider, we see it either before or after any concurrent update by the consumer, both of which let the producer see the list in a consistent state.

The Consumer

Consume is called on the consumer thread only:

  bool Consume( T& result ) {
    if( divider != last ) {      	// if queue is nonempty
      result = divider->next->value; 	// C: copy it back
      divider = divider->next; 	// D: publish that we took it
      return true;          	// and report success
    }
    return false;           	// else report empty
  }
};

First, the consumer checks that the list is nonempty by atomically reading divider, atomically reading last, and comparing them. This one-time check is safe because although last's value may be changed by the producer while we are running the rest of this method, if the check is true once, it will stay true even if last moves, because last never backs up; it can only move forward to publish new tail nodes—which doesn't affect the consumer, who only cares about the first node after the divider. If there is a valid node after divider, the consumer copies its value and then, finally, advances divider to publish that the queue item was removed.

Yes, we could eliminate the need to make the last variable shared: The consumer only uses the value of last to check whether there's another node after the divider, and we could instead have the consumer just test whether divider->next is non-null. That would be fine, and it would let us make last an ordinary variable; but if we do that, we must also remember that this change would make each next member a shared variable instead, and so to make it safe, we would also have to change next's type to atomic<Node*>. I'm leaving last as is for now to make it easier to compare this code with the original version in [2], which did use such a tail iterator to communicate between two threads.



Previous 1 2 3 Next

Related Reading

News

Commentary

Slideshow

Video

Most Popular

More Insights

White Papers

More >>

Reports

More >>

Webcasts

More >>
INFO-LINK


Avatar
universalkludge

This code fails to be compiled w/ the latest VS – any chance to get the fixed code?

Avatar
yudhi

I was reading back and forth thinking the code must be incorrect.. because I found two consumer thread could consume the same value at the same time, before realizing that there is a 'Single Consumer' phrase in page 2. I don't think multi consumer thread is possible without using compareAndSet semantics.

Avatar
Deirdre Blake

Herb Sutter has traditionally used his own code highlighting colors in code samples, which conflicted with our "new" code presentation software when we installed it in 2011. The result was that some of Herb’s archived articles have been rendering with missing code and/or extraneous formatting artifacts. This article has been reformatted to its original layout and other classics are in the process of being corrected. If you spot any that we missed, please bring them to our attention. --Deirdre

Avatar
Brrrrrr

Tadzys might refer to this not being compilable code. Take these declarations for example:

Node* first; // for producer only
divider, last; // shared

The type of divider and last is missing, which should be sth like atomic< Node* >.

Same with

result = divider->next->value; // C: copy it back
= divider->next; // D: publish that we took it

in the last listing. The second statement assigns a value to ... whitespace? Again, an atomic variable is involved, so I'm guessing the problem isn't Herb's code, but possible the formatter you used. Maybe you could disable the formatter?

BTW, your site interprets <node*> in a comment as an XML tag. Maybe that's the problem?

Avatar
Andrew Binstock

You'll need to do a lot more than asser the code is "totally incorrect." This area of coding was Herb Sutter's specialty before Microsoft hired him to head up their C++ implementation. Yours is the first comment we've rec'd on this very popular article. So, I am quite sure it's not "totally incorrect." And until you can point to specifics, I seriously doubt it's incorrect at all.

Avatar
Tadzys

Unfortunately I don't see how this is corrected queue at all...
the code is totally incorrect.

Avatar
PSANDIFORD000

I know this is an old article so its probably pointless asking, however this is the most illuminating article on this subject I have yet read. This makes me very keen to fully understand it. Anyway:

You say "Here's the class definition, which carefully marks shared variables as being of an ordered atomic type" however I dont understand where in the code snippet the "ordered atomic type" can be found.

Apologies for being a bit stoopid!

Security Recent Articles

Most Popular

Stories Blogs

Upcoming Events



Most Recent Premium Content

Digital Issues