Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The atermpp::standard_containers implementation is unidiomatic and error prone #1765

Open
mlaveaux opened this issue Apr 22, 2024 · 0 comments
Open

The atermpp::standard_containers implementation is unidiomatic and error prone #1765

mlaveaux opened this issue Apr 22, 2024 · 0 comments
Assignees
@mlaveaux
Labels
enhancement Something can be improved

Comments

@mlaveaux
Copy link
Member

Currently the containers that provide implicit protections for terms are implemented using inheritance of STL containers with overrides of members that must be protected using shared sections (using the global atermpp busy forbidden readers-writer lock). Although initially one might have assumed that such fine grained control would be beneficial for performance and/or would hide implementation details from the users, the result in an error prone mess.

In effect, every single member function of an STL container must be protected with a shared section, such that no garbage collection can take place during its execution. No assumptions can be made about its implementation, meaning in the worst case any non-const function can update everything at will and result in data races. Furthermore, inheriting from STL containers might result in fun puzzles due to class template argument deduction and other "features".

Instead, I propose to remove the aterm container inheritance and instead introduce a generic aterm_container (name pending) with a design inspired by the Rust mutex (see https://cliffle.com/blog/rust-mutexes/ for a discussion on why). The idea being that aterm_container<C> provides access to its underlying container by means of a lock function that yields a guard object which exists for as long as the container is accessed. This lock only requires a shared section since aterm_container only provides thread safe access iff its underlying container does so, and is otherwise only used to avoid access during garbage collection. Such a design would also be useful in other places where mutual exclusion is required, avoiding interesting comments such as the following:

image

The only remaining design question is whether we implicitly convert protected terms, e.g. aterm_container<std::vector<aterm>> into aterm_container<std::vector<unprotected_aterm>> or whether this should be left up explicitly to the user. Currently such an implicit conversion is also performed for std::pairs etc.
@mlaveaux mlaveaux added the enhancement Something can be improved label Apr 22, 2024
@mlaveaux mlaveaux self-assigned this Apr 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mlaveaux mlaveaux

Labels
enhancement Something can be improved
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mlaveaux