lab/sx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: true cancellation for the fiber Io layer (PLAN-IO-UNIFY Phase 3)

Browse Source 
A cancelled async worker now abandons its body at its next suspend instead
of running to completion.

- Cancel-flag back-ref (D4): SpawnOpts.cancel_flag (core.sx) + Fiber.cancel_flag
  (sched.sx), set from opts.cancel_flag in Scheduler.spawn_raw; async passes
  xx @f.canceled (the Future.canceled Atomic(bool) erased to *void).
- Delivery: Scheduler.suspend_raw consults fiber_canceled(self.current) PRE-park
  (raise without parking — no deadlock if cancel landed before the worker ran)
  and POST-resume (cancel landed while parked), raising error.Canceled.
  cancel(f) flips the sticky flag, marks .canceled, and wakes the worker.
- async worker is failable Closure() -> ($R, !); the completion closure
  f.value = worker() catch {…} marks .canceled/.failed and wakes the awaiter,
  so post-suspend side effects never run. New failable io.sleep(ms) is the
  cancellation point.
- Compiler: a -> ! fn whose only error source is try-ing a protocol method
  (io.suspend_raw) was wrongly flagged 'declared ! but never errors';
  collectErrorSites now marks a try of a non-identifier callee as a dynamic
  (opaque) error source, suppressing the warning.
- Two UAFs found by adversarial review and fixed: (1) cancel-before-park
  orphaned io.sleep's armed timer — suspend_raw's pre-park raise now evicts the
  current fiber's timer/waiter first; (2) cancel(f) could wake a reaped worker —
  now only wakes when was_pending.

Migrated 1805/1806/1824 to failable workers. Lock: example 1825 (seq: 1 -99,
post-suspend line never runs); byte-identical on aarch64-macOS + aarch64-linux.
.ir churn is the SpawnOpts layout change (type-table string renumbering).
This commit is contained in:
agra
2026-06-28 09:19:01 +03:00
parent 45bd561a0d
commit 8bacb2b01c
54 changed files with 58249 additions and 57562 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
examples/concurrency/1805-concurrency-io-blocking-async.sx
View File

@@ -12,16 +12,18 @@
#import "modules/std.sx";
main :: () {
// Inputs captured at the call site.
s := context.io.async(() -> i64 => 40 + 2);
// Inputs captured at the call site. The worker is FAILABLE
// (`Closure() -> ($R, !)`) — the unified Phase 3 shape; a body that never
// raises is a degenerate failable that always succeeds.
s := context.io.async(() -> (i64, !) => 40 + 2);
print("sum: {}\n", s.await() or { -1 });
d := context.io.async(() -> i64 => 21 * 2);
d := context.io.async(() -> (i64, !) => 21 * 2);
print("double: {}\n", d.await() or { -1 });
// A worker that closes over a local.
base := 42;
n := context.io.async(() -> i64 => base);
n := context.io.async(() -> (i64, !) => base);
print("nullary: {}\n", n.await() or { -1 });
// The Io capability also carries a clock.