-
Notifications
You must be signed in to change notification settings - Fork 68
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Audit stdlib for mutable state #757
Comments
It seems probably better to also add |
Good point. It would be useful to extend this to include |
@Octachron I added a table for |
Another idea that's come up in discussions about this is to add an ocamldoc tag to each of these stdlib modules that indicates how thread-safe a particular module or function is expected to be. An equivalent convention is present in a javadoc extension. |
It is the bytecode side of On the native side, it only uses |
This issue tracks the status of auditing stdlib for mutable state. OCaml 5.00 stdlib will have the following guarantees:
There are two categories by which we classify the stdlib modules.
Top-level state
The module has some top-level mutable state that may cause surprising behaviours. For example, Arg module has a top-level mutable ref called
current
that represents the cursor of theSys.argv
argument being parsed. If two domains concurrently use Arg module, then they may see arguments being skipped. These cases either need to be:Filename.temp_file
, Format module for predefined buffers) orArg
module; it is reasonable to expect only the main domain to parse command-line arguments).Mutable interface
The module may create mutable state and return it. For example, Queue, Stack, Hashtbl, etc. These modules will be left as sequential only and not thread-safe. Multiple concurrent invocations may lead to non-linearizable behaviours. We leave it to the user to put a mutex around the use of the mutable structure (or use thread-safe libraries such as
domainslib
).Not all mutable interfaces are unsafe. For example, concurrent array get and set are fine. But we still mark the array for mutable interface. The reason is that, we also use mutable interface to indicate cases where the observed concurrent behaviour cannot be explained by assuming that each API call to the module executes atomically (linearizability). For example, though an individual get and set of Array fields is safe, we mark it as mutable interface as iteration functions that modify the same array may leave the array in a state that cannot be explained by linearizability.
Stdlib modules
The column "needs work" tracks whether code changes need to be made for OCaml 5.00 MVP.
Needs work column will be
N
if the work has already been done. For example, the Format module has top-level mutable state, which has been made domain-safe already in the Multicore OCaml 5.00 branch. Another example is Printexc, which has been made thread-safe in OCaml trunk in a forward-compatible manner with multicore.Needs work does not encompass documentation; Needs work may be
N
and documentation may need to be updated.current
type buffer
Obj.set_field
,Lazy.force
randomized
?raw_backtrace_entries
which returns an array (which could be modified concurrently).otherlibs
The text was updated successfully, but these errors were encountered: