Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Elaborate on contracts #128

Merged
merged 1 commit into from
May 9, 2024
Merged

Elaborate on contracts #128

merged 1 commit into from
May 9, 2024

Conversation

polytypic
Copy link
Collaborator

@polytypic polytypic commented May 3, 2024
edited
Loading

This PR "tightens" the wordings on the requirements for schedulers when implementing the Picos effects.

The words "must" and "should" are now used more intentionally.

The biggest change is that the Spawn effect should now be all or nothing — if spawn returns normally, the scheduler should guarantee that all the mains spawned will be called and if spawn raises no mains should be called. This is how the sample effects based schedulers have worked already (modulo running out of memory) and this requirement has crossed my mind earlier, but for some reason I had failed to spell it out explicitly. This PR also changes Picos_threaded to provide the same guarantee as much as possible. The reason behind this is that otherwise it becomes very tricky (impossible even) to ensure that all spawned fibers are accounted for and no resources are leaked. OTOH, with this guarantee, it is safe to e.g. increment a counter before attempting spawn and then decrement it either in the fiber or in an exception handler:

Atomic.incr live_child_count;
try
  Fiber.spawn ~forbid:false computation [ fun () ->
    match main () with
    | () -> Atomic.decr live_child_count
    | exception error ->
      report_error error;
      Atomic.decr live_child_count
  ]
with exn ->
  Atomic.decr live_child_count;
  raise exn

In general, all of the effects are all or nothing.

Two of the effects are somewhat special when it comes to cancelation:

  • As specified earlier already, the Current effect must not be discontinued. This is because current is used by programs to obtain the fiber handle through which cancelation propagation can be controlled and if current would raise, it would be much more difficult to control cancelation propagation.

  • The Await effect also must not be discontinued. The scheduler must instead continue it with the cancelation exception (with backtrace). This is for performance, convenience, and to make the cancelation visible in the types — I expect calls of await are the places where cancelation requires extra care. Having the Await always return a value can be convenient in cases where one must deal with the possibity of cancelation while also juggling atomic state and cancelation propagation.

The motivation behind the requirements for schedulers is to make it possible to build non-trivial mechanisms, such as structured concurrency models and synchronization and communication primitives, on top of the effects correctly and efficiently.

@polytypic polytypic mentioned this pull request May 5, 2024
Open
18 tasks
@polytypic polytypic force-pushed the elaborate-on-contracts branch 7 times, most recently from c229624 to f798241 Compare May 9, 2024 08:37
@polytypic polytypic marked this pull request as ready for review May 9, 2024 08:49
@polytypic polytypic force-pushed the elaborate-on-contracts branch 5 times, most recently from a730f41 to d276551 Compare May 9, 2024 13:28
@polytypic polytypic merged commit 5486c29 into main May 9, 2024
4 of 5 checks passed
@polytypic polytypic deleted the elaborate-on-contracts branch May 9, 2024 13:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@polytypic