/*! Runtime support for message passing with protocol enforcement. Pipes consist of two endpoints. One endpoint can send messages and the other can receive messages. The set of legal messages and which directions they can flow at any given point are determined by a protocol. Below is an example protocol. ~~~ proto! pingpong { ping: send { ping -> pong } pong: recv { pong -> ping } } ~~~ The `proto!` syntax extension will convert this into a module called `pingpong`, which includes a set of types and functions that can be used to write programs that follow the pingpong protocol. */ /* IMPLEMENTATION NOTES The initial design for this feature is available at: https://github.com/eholk/rust/wiki/Proposal-for-channel-contracts Much of the design in that document is still accurate. There are several components for the pipe implementation. First of all is the syntax extension. To see how that works, it is best see comments in libsyntax/ext/pipes.rs. This module includes two related pieces of the runtime implementation. There is support for unbounded and bounded protocols. The main difference between the two is the type of the buffer that is carried along in the endpoint data structures. FIXME (#3072) - This is still incomplete */ import unsafe::{forget, reinterpret_cast, transmute}; import either::{either, left, right}; import option::unwrap; import arc::methods; // Things used by code generated by the pipe compiler. export entangle, get_buffer, drop_buffer; export send_packet_buffered, recv_packet_buffered; export packet, mk_packet, entangle_buffer, has_buffer, buffer_header; // export these so we can find them in the buffer_resource // destructor. This is probably a symptom of #3005. export atomic_add_acq, atomic_sub_rel; // User-level things export send_packet, recv_packet, send, recv, try_recv, peek; export select, select2, selecti, select2i, selectable; export spawn_service, spawn_service_recv; export stream, port, chan, shared_chan, port_set, channel; #[doc(hidden)] const SPIN_COUNT: uint = 0; macro_rules! move_it { { $x:expr } => { unsafe { let y <- *ptr::addr_of($x); y } } } #[doc(hidden)] enum state { empty, full, blocked, terminated } struct buffer_header { // Tracks whether this buffer needs to be freed. We can probably // get away with restricting it to 0 or 1, if we're careful. let mut ref_count: int; new() { self.ref_count = 0; } // We may want a drop, and to be careful about stringing this // thing along. } // This is for protocols to associate extra data to thread around. #[doc(hidden)] type buffer = { header: buffer_header, data: T, }; struct packet_header { let mut state: state; let mut blocked_task: option<*rust_task>; // This is a reinterpret_cast of a ~buffer, that can also be cast // to a buffer_header if need be. let mut buffer: *libc::c_void; new() { self.state = empty; self.blocked_task = none; self.buffer = ptr::null(); } // Returns the old state. unsafe fn mark_blocked(this: *rust_task) -> state { self.blocked_task = some(this); swap_state_acq(self.state, blocked) } unsafe fn unblock() { alt swap_state_acq(self.state, empty) { empty | blocked { } terminated { self.state = terminated; } full { self.state = full; } } } // unsafe because this can do weird things to the space/time // continuum. It ends making multiple unique pointers to the same // thing. You'll proobably want to forget them when you're done. unsafe fn buf_header() -> ~buffer_header { assert self.buffer.is_not_null(); reinterpret_cast(self.buffer) } fn set_buffer(b: ~buffer) unsafe { self.buffer = reinterpret_cast(b); } } #[doc(hidden)] type packet = { header: packet_header, mut payload: option, }; trait has_buffer { fn set_buffer(b: *libc::c_void); } impl methods of has_buffer for packet { fn set_buffer(b: *libc::c_void) { self.header.buffer = b; } } fn mk_packet() -> packet { { header: packet_header(), mut payload: none } } fn unibuffer() -> ~buffer> { let b = ~{ header: buffer_header(), data: { header: packet_header(), mut payload: none, } }; unsafe { b.data.header.buffer = reinterpret_cast(b); } b } #[doc(hidden)] fn packet() -> *packet { let b = unibuffer(); let p = ptr::addr_of(b.data); // We'll take over memory management from here. unsafe { forget(b) } p } #[doc(hidden)] fn entangle_buffer( -buffer: ~buffer, init: fn(*libc::c_void, x: &T) -> *packet) -> (send_packet_buffered, recv_packet_buffered) { let p = init(unsafe { reinterpret_cast(buffer) }, &buffer.data); unsafe { forget(buffer) } (send_packet_buffered(p), recv_packet_buffered(p)) } #[abi = "rust-intrinsic"] extern mod rusti { fn atomic_xchng(&dst: int, src: int) -> int; fn atomic_xchng_acq(&dst: int, src: int) -> int; fn atomic_xchng_rel(&dst: int, src: int) -> int; fn atomic_add_acq(&dst: int, src: int) -> int; fn atomic_sub_rel(&dst: int, src: int) -> int; } // If I call the rusti versions directly from a polymorphic function, // I get link errors. This is a bug that needs investigated more. #[doc(hidden)] fn atomic_xchng_rel(&dst: int, src: int) -> int { rusti::atomic_xchng_rel(dst, src) } #[doc(hidden)] fn atomic_add_acq(&dst: int, src: int) -> int { rusti::atomic_add_acq(dst, src) } #[doc(hidden)] fn atomic_sub_rel(&dst: int, src: int) -> int { rusti::atomic_sub_rel(dst, src) } #[doc(hidden)] type rust_task = libc::c_void; extern mod rustrt { #[rust_stack] fn rust_get_task() -> *rust_task; #[rust_stack] fn task_clear_event_reject(task: *rust_task); fn task_wait_event(this: *rust_task, killed: &mut *libc::c_void) -> bool; pure fn task_signal_event(target: *rust_task, event: *libc::c_void); } #[doc(hidden)] fn wait_event(this: *rust_task) -> *libc::c_void { let mut event = ptr::null(); let killed = rustrt::task_wait_event(this, &mut event); if killed && !task::failing() { fail ~"killed" } event } #[doc(hidden)] fn swap_state_acq(&dst: state, src: state) -> state { unsafe { reinterpret_cast(rusti::atomic_xchng_acq( *(ptr::mut_addr_of(dst) as *mut int), src as int)) } } #[doc(hidden)] fn swap_state_rel(&dst: state, src: state) -> state { unsafe { reinterpret_cast(rusti::atomic_xchng_rel( *(ptr::mut_addr_of(dst) as *mut int), src as int)) } } #[doc(hidden)] unsafe fn get_buffer(p: *packet_header) -> ~buffer { transmute((*p).buf_header()) } struct buffer_resource { let buffer: ~buffer; new(+b: ~buffer) { //let p = ptr::addr_of(*b); //error!{"take %?", p}; atomic_add_acq(b.header.ref_count, 1); self.buffer = b; } drop unsafe { let b = move_it!{self.buffer}; //let p = ptr::addr_of(*b); //error!{"drop %?", p}; let old_count = atomic_sub_rel(b.header.ref_count, 1); //let old_count = atomic_xchng_rel(b.header.ref_count, 0); if old_count == 1 { // The new count is 0. // go go gadget drop glue } else { forget(b) } } } #[doc(hidden)] fn send(-p: send_packet_buffered, -payload: T) { let header = p.header(); let p_ = p.unwrap(); let p = unsafe { &*p_ }; assert ptr::addr_of(p.header) == header; assert p.payload == none; p.payload <- some(payload); let old_state = swap_state_rel(p.header.state, full); alt old_state { empty { // Yay, fastpath. // The receiver will eventually clean this up. //unsafe { forget(p); } } full { fail ~"duplicate send" } blocked { debug!{"waking up task for %?", p_}; alt p.header.blocked_task { some(task) { rustrt::task_signal_event( task, ptr::addr_of(p.header) as *libc::c_void); } none { fail ~"blocked packet has no task" } } // The receiver will eventually clean this up. //unsafe { forget(p); } } terminated { // The receiver will never receive this. Rely on drop_glue // to clean everything up. } } } /** Receives a message from a pipe. Fails if the sender closes the connection. */ fn recv(-p: recv_packet_buffered) -> T { option::unwrap(try_recv(p)) } /** Attempts to receive a message from a pipe. Returns `none` if the sender has closed the connection without sending a message, or `some(T)` if a message was received. */ fn try_recv(-p: recv_packet_buffered) -> option { let p_ = p.unwrap(); let p = unsafe { &*p_ }; let this = rustrt::rust_get_task(); rustrt::task_clear_event_reject(this); p.header.blocked_task = some(this); let mut first = true; let mut count = SPIN_COUNT; loop { rustrt::task_clear_event_reject(this); let old_state = swap_state_acq(p.header.state, blocked); alt old_state { empty { debug!{"no data available on %?, going to sleep.", p_}; if count == 0 { wait_event(this); } else { count -= 1; // FIXME (#524): Putting the yield here destroys a lot // of the benefit of spinning, since we still go into // the scheduler at every iteration. However, without // this everything spins too much because we end up // sometimes blocking the thing we are waiting on. task::yield(); } debug!{"woke up, p.state = %?", copy p.header.state}; } blocked { if first { fail ~"blocking on already blocked packet" } } full { let mut payload = none; payload <-> p.payload; p.header.state = empty; return some(option::unwrap(payload)) } terminated { assert old_state == terminated; return none; } } first = false; } } /// Returns true if messages are available. pure fn peek(p: recv_packet_buffered) -> bool { alt unsafe {(*p.header()).state} { empty { false } blocked { fail ~"peeking on blocked packet" } full | terminated { true } } } impl peek for recv_packet_buffered { pure fn peek() -> bool { peek(self) } } #[doc(hidden)] fn sender_terminate(p: *packet) { let p = unsafe { &*p }; alt swap_state_rel(p.header.state, terminated) { empty { // The receiver will eventually clean up. //unsafe { forget(p) } } blocked { // wake up the target let target = p.header.blocked_task.get(); rustrt::task_signal_event(target, ptr::addr_of(p.header) as *libc::c_void); // The receiver will eventually clean up. //unsafe { forget(p) } } full { // This is impossible fail ~"you dun goofed" } terminated { // I have to clean up, use drop_glue } } } #[doc(hidden)] fn receiver_terminate(p: *packet) { let p = unsafe { &*p }; alt swap_state_rel(p.header.state, terminated) { empty { // the sender will clean up //unsafe { forget(p) } } blocked { // this shouldn't happen. fail ~"terminating a blocked packet" } terminated | full { // I have to clean up, use drop_glue } } } /** Returns when one of the packet headers reports data is available. This function is primarily intended for building higher level waiting functions, such as `select`, `select2`, etc. It takes a vector slice of packet_headers and returns an index into that vector. The index points to an endpoint that has either been closed by the sender or has a message waiting to be received. */ fn wait_many(pkts: &[*packet_header]) -> uint { let this = rustrt::rust_get_task(); rustrt::task_clear_event_reject(this); let mut data_avail = false; let mut ready_packet = pkts.len(); for pkts.eachi |i, p| unsafe { let p = unsafe { &*p }; let old = p.mark_blocked(this); alt old { full | terminated { data_avail = true; ready_packet = i; (*p).state = old; break; } blocked { fail ~"blocking on blocked packet" } empty { } } } while !data_avail { debug!{"sleeping on %? packets", pkts.len()}; let event = wait_event(this) as *packet_header; let pos = vec::position(pkts, |p| p == event); alt pos { some(i) { ready_packet = i; data_avail = true; } none { debug!{"ignoring spurious event, %?", event}; } } } debug!{"%?", pkts[ready_packet]}; for pkts.each |p| { unsafe{ (*p).unblock()} } debug!{"%?, %?", ready_packet, pkts[ready_packet]}; unsafe { assert (*pkts[ready_packet]).state == full || (*pkts[ready_packet]).state == terminated; } ready_packet } /** Receives a message from one of two endpoints. The return value is `left` if the first endpoint received something, or `right` if the second endpoint receives something. In each case, the result includes the other endpoint as well so it can be used again. Below is an example of using `select2`. ~~~ match select2(a, b) { left((none, b)) { // endpoint a was closed. } right((a, none)) { // endpoint b was closed. } left((some(_), b)) { // endpoint a received a message } right(a, some(_)) { // endpoint b received a message. } } ~~~ Sometimes messages will be available on both endpoints at once. In this case, `select2` may return either `left` or `right`. */ fn select2( +a: recv_packet_buffered, +b: recv_packet_buffered) -> either<(option, recv_packet_buffered), (recv_packet_buffered, option)> { let i = wait_many([a.header(), b.header()]/_); unsafe { alt i { 0 { left((try_recv(a), b)) } 1 { right((a, try_recv(b))) } _ { fail ~"select2 return an invalid packet" } } } } trait selectable { pure fn header() -> *packet_header; } fn selecti(endpoints: &[T]) -> uint { wait_many(endpoints.map(|p| p.header())) } fn select2i(a: A, b: B) -> either<(), ()> { alt wait_many([a.header(), b.header()]/_) { 0 { left(()) } 1 { right(()) } _ { fail ~"wait returned unexpected index" } } } #[doc = "Waits on a set of endpoints. Returns a message, its index, and a list of the remaining endpoints."] fn select(+endpoints: ~[recv_packet_buffered]) -> (uint, option, ~[recv_packet_buffered]) { let ready = wait_many(endpoints.map(|p| p.header())); let mut remaining = ~[]; let mut result = none; do vec::consume(endpoints) |i, p| { if i == ready { result = try_recv(p); } else { vec::push(remaining, p); } } (ready, result, remaining) } /// The sending end of a pipe. It can be used to send exactly one /// message. type send_packet = send_packet_buffered>; #[doc(hidden)] fn send_packet(p: *packet) -> send_packet { send_packet_buffered(p) } struct send_packet_buffered { let mut p: option<*packet>; let mut buffer: option>; new(p: *packet) { //debug!{"take send %?", p}; self.p = some(p); unsafe { self.buffer = some( buffer_resource( get_buffer(ptr::addr_of((*p).header)))); }; } drop { //if self.p != none { // debug!{"drop send %?", option::get(self.p)}; //} if self.p != none { let mut p = none; p <-> self.p; sender_terminate(option::unwrap(p)) } //unsafe { error!{"send_drop: %?", // if self.buffer == none { // "none" // } else { "some" }}; } } fn unwrap() -> *packet { let mut p = none; p <-> self.p; option::unwrap(p) } pure fn header() -> *packet_header { alt self.p { some(packet) { unsafe { let packet = &*packet; let header = ptr::addr_of(packet.header); //forget(packet); header } } none { fail ~"packet already consumed" } } } fn reuse_buffer() -> buffer_resource { //error!{"send reuse_buffer"}; let mut tmp = none; tmp <-> self.buffer; option::unwrap(tmp) } } /// Represents the receive end of a pipe. It can receive exactly one /// message. type recv_packet = recv_packet_buffered>; #[doc(hidden)] fn recv_packet(p: *packet) -> recv_packet { recv_packet_buffered(p) } struct recv_packet_buffered : selectable { let mut p: option<*packet>; let mut buffer: option>; new(p: *packet) { //debug!{"take recv %?", p}; self.p = some(p); unsafe { self.buffer = some( buffer_resource( get_buffer(ptr::addr_of((*p).header)))); }; } drop { //if self.p != none { // debug!{"drop recv %?", option::get(self.p)}; //} if self.p != none { let mut p = none; p <-> self.p; receiver_terminate(option::unwrap(p)) } //unsafe { error!{"recv_drop: %?", // if self.buffer == none { // "none" // } else { "some" }}; } } fn unwrap() -> *packet { let mut p = none; p <-> self.p; option::unwrap(p) } pure fn header() -> *packet_header { alt self.p { some(packet) { unsafe { let packet = &*packet; let header = ptr::addr_of(packet.header); //forget(packet); header } } none { fail ~"packet already consumed" } } } fn reuse_buffer() -> buffer_resource { //error!{"recv reuse_buffer"}; let mut tmp = none; tmp <-> self.buffer; option::unwrap(tmp) } } #[doc(hidden)] fn entangle() -> (send_packet, recv_packet) { let p = packet(); (send_packet(p), recv_packet(p)) } fn spawn_service( init: extern fn() -> (send_packet_buffered, recv_packet_buffered), +service: fn~(+recv_packet_buffered)) -> send_packet_buffered { let (client, server) = init(); // This is some nasty gymnastics required to safely move the pipe // into a new task. let server = ~mut some(server); do task::spawn |move service| { let mut server_ = none; server_ <-> *server; service(option::unwrap(server_)) } client } fn spawn_service_recv( init: extern fn() -> (recv_packet_buffered, send_packet_buffered), +service: fn~(+send_packet_buffered)) -> recv_packet_buffered { let (client, server) = init(); // This is some nasty gymnastics required to safely move the pipe // into a new task. let server = ~mut some(server); do task::spawn |move service| { let mut server_ = none; server_ <-> *server; service(option::unwrap(server_)) } client } // Streams - Make pipes a little easier in general. proto! streamp { open:send { data(T) -> open } } // It'd be nice to call this send, but it'd conflict with the built in // send kind. trait channel { fn send(+x: T); } trait recv { fn recv() -> T; fn try_recv() -> option; // This should perhaps be a new trait pure fn peek() -> bool; } #[doc(hidden)] type chan_ = { mut endp: option> }; enum chan { chan_(chan_) } #[doc(hidden)] type port_ = { mut endp: option> }; enum port { port_(port_) } fn stream() -> (chan, port) { let (c, s) = streamp::init(); (chan_({ mut endp: some(c) }), port_({ mut endp: some(s) })) } impl chan of channel for chan { fn send(+x: T) { let mut endp = none; endp <-> self.endp; self.endp = some( streamp::client::data(unwrap(endp), x)) } } impl port of recv for port { fn recv() -> T { let mut endp = none; endp <-> self.endp; let streamp::data(x, endp) = pipes::recv(unwrap(endp)); self.endp = some(endp); x } fn try_recv() -> option { let mut endp = none; endp <-> self.endp; alt move pipes::try_recv(unwrap(endp)) { some(streamp::data(x, endp)) { self.endp = some(move_it!{endp}); some(move_it!{x}) } none { none } } } pure fn peek() -> bool unchecked { let mut endp = none; endp <-> self.endp; let peek = alt endp { some(endp) { pipes::peek(endp) } none { fail ~"peeking empty stream" } }; self.endp <-> endp; peek } } // Treat a whole bunch of ports as one. struct port_set : recv { let mut ports: ~[pipes::port]; new() { self.ports = ~[]; } fn add(+port: pipes::port) { vec::push(self.ports, port) } fn chan() -> chan { let (ch, po) = stream(); self.add(po); ch } fn try_recv() -> option { let mut result = none; while result == none && self.ports.len() > 0 { let i = wait_many(self.ports.map(|p| p.header())); // dereferencing an unsafe pointer nonsense to appease the // borrowchecker. alt move unsafe {(*ptr::addr_of(self.ports[i])).try_recv()} { some(m) { result = some(move_it!{m}); } none { // Remove this port. let mut ports = ~[]; self.ports <-> ports; vec::consume(ports, |j, x| if i != j { vec::push(self.ports, x) }); } } } result } fn recv() -> T { option::unwrap(self.try_recv()) } pure fn peek() -> bool { // It'd be nice to use self.port.each, but that version isn't // pure. for vec::each(self.ports) |p| { if p.peek() { return true } } false } } impl of selectable for port { pure fn header() -> *packet_header unchecked { alt self.endp { some(endp) { endp.header() } none { fail ~"peeking empty stream" } } } } type shared_chan = arc::exclusive>; impl chan of channel for shared_chan { fn send(+x: T) { let mut xx = some(x); do self.with |_c, chan| { let mut x = none; x <-> xx; chan.send(option::unwrap(x)) } } } fn shared_chan(+c: chan) -> shared_chan { arc::exclusive(c) } trait select2 { fn try_select() -> either, option>; fn select() -> either; } impl, Right: selectable recv> of select2 for (Left, Right) { fn select() -> either { alt self { (lp, rp) { alt select2i(lp, rp) { left(()) { left (lp.recv()) } right(()) { right(rp.recv()) } } } } } fn try_select() -> either, option> { alt self { (lp, rp) { alt select2i(lp, rp) { left(()) { left (lp.try_recv()) } right(()) { right(rp.try_recv()) } } } } } } #[cfg(test)] mod test { #[test] fn test_select2() { let (c1, p1) = pipes::stream(); let (c2, p2) = pipes::stream(); c1.send("abc"); alt (p1, p2).select() { right(_) { fail } _ { } } c2.send(123); } }