[Haskell-cafe] Re: Asynchronous exception wormholes kill
modularity
Simon Marlow
marlowsd at gmail.com
Tue Apr 20 06:56:09 EDT 2010
On 09/04/2010 12:14, Bertram Felgenhauer wrote:
> Simon Marlow wrote:
>> On 09/04/2010 09:40, Bertram Felgenhauer wrote:
>>> timeout t io = mask $ \restore -> do
>>> result<- newEmptyMVar
>>> tid<- forkIO $ restore (io>>= putMVar result)
>>> threadDelay t `onException` killThread tid
>>> killThread tid
>>> tryTakeMVar result
>
> I'm worried about the case when this function is called with exceptions
> already blocked. Then 'restore' will be the identity, and exceptions
> will continue to be blocked inside the forked thread.
>
> You could argue that this is the responsibility of the whole chain of
> callers (who'd have to supply their own 'restore' functions that will
> have to be incorporated into the 'io' action), but that goes against
> modularity. In my opinion there's a valid demand for an escape hatch
> out of the blocked exception state for newly forked threads.
>
> It could be baked into a variant of the forkIO primitive, say
>
> forkIOwithUnblock :: ((IO a -> IO a) -> IO b) -> IO ThreadId
I agree with the argument here. However, forkIOWithUnblock reintroduces
the "wormhole", which is bad.
The existing System.Timeout.timeout does it the other way around: the
forked thread sleeps and then sends an exception to the main thread.
This version work if exceptions are masked, regardless of whether we
have forkIOWithUnblock.
Arguably the fact that System.Timeout.timeout uses an exception is a
visible part of its implementation: the caller must be prepared for
this, so it is not unreasonable for the caller to also ensure that
exceptions are unmasked. But it does mean that a library cannot use
System.Timeout.timeout invisibly as part of its implementation. If we
had forkIOWithUnblock that would solve this case too, as the library
code can use a private thread in which exceptions are unmasked. This is
quite a nice solution too, since a private ThreadId is not visible to
anyone else and hence cannot be the target of any unexpected exceptions.
So I think I'm convinced that forkIOWithUnblock is necessary. It's a
shame that it can be misused, but I don't see a way to avoid that.
Cheers,
Simon
More information about the Libraries
mailing list