Make task::Builder::spawn* methods fallible
#4823
Conversation
Making the `task::Builder::spawn*` methods fallible allows applications to gracefully handle spawn errors (e.g. due to resource exhaustion) without tokio panicking internally. This change is also a good analogue for `std::thread::Builder` which has fallible spawn methods (whereas `std::thread::spawn` internally panics)
Using `tokio::task::spawn_blocking` continues to exhibit the previous behavior (panic if there aren't any worker threads available to accept the task, but return a dummy handle if the runtime is shutting down)
ipetkov
added
M-runtime
ipetkov
force-pushed
the
ivan/fallible-task-builder
branch
from
1f24b72
to
f77957d
Compare
ipetkov
force-pushed
the
ivan/fallible-task-builder
branch
from
1e323f2
to
cf181e8
Compare
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [tokio](https://tokio.rs) ([source](https://github.com/tokio-rs/tokio)) | dependencies | minor | `1.20.1` -> `1.21.0` | | [tokio](https://tokio.rs) ([source](https://github.com/tokio-rs/tokio)) | dev-dependencies | minor | `1.20.1` -> `1.21.0` | --- ### Release Notes <details> <summary>tokio-rs/tokio</summary> ### [`v1.21.0`](https://github.com/tokio-rs/tokio/releases/tag/tokio-1.21.0) [Compare Source](tokio-rs/tokio@tokio-1.20.1...tokio-1.21.0) ##### 1.21.0 (September 2, 2022) This release is the first release of Tokio to intentionally support WASM. The `sync,macros,io-util,rt,time` features are stabilized on WASM. Additionally the wasm32-wasi target is given unstable support for the `net` feature. ##### Added - net: add `device` and `bind_device` methods to TCP/UDP sockets ([#​4882]) - net: add `tos` and `set_tos` methods to TCP and UDP sockets ([#​4877]) - net: add security flags to named pipe `ServerOptions` ([#​4845]) - signal: add more windows signal handlers ([#​4924]) - sync: add `mpsc::Sender::max_capacity` method ([#​4904]) - sync: implement Weak version of `mpsc::Sender` ([#​4595]) - task: add `LocalSet::enter` ([#​4765]) - task: stabilize `JoinSet` and `AbortHandle` ([#​4920]) - tokio: add `track_caller` to public APIs ([#​4805], [#​4848], [#​4852]) - wasm: initial support for `wasm32-wasi` target ([#​4716]) ##### Fixed - miri: improve miri compatibility by avoiding temporary references in `linked_list::Link` impls ([#​4841]) - signal: don't register write interest on signal pipe ([#​4898]) - sync: add `#[must_use]` to lock guards ([#​4886]) - sync: fix hang when calling `recv` on closed and reopened broadcast channel ([#​4867]) - task: propagate attributes on task-locals ([#​4837]) ##### Changed - fs: change panic to error in `File::start_seek` ([#​4897]) - io: reduce syscalls in `poll_read` ([#​4840]) - process: use blocking threadpool for child stdio I/O ([#​4824]) - signal: make `SignalKind` methods const ([#​4956]) ##### Internal changes - rt: extract `basic_scheduler::Config` ([#​4935]) - rt: move I/O driver into `runtime` module ([#​4942]) - rt: rename internal scheduler types ([#​4945]) ##### Documented - chore: fix typos and grammar ([#​4858], [#​4894], [#​4928]) - io: fix typo in `AsyncSeekExt::rewind` docs ([#​4893]) - net: add documentation to `try_read()` for zero-length buffers ([#​4937]) - runtime: remove incorrect panic section for `Builder::worker_threads` ([#​4849]) - sync: doc of `watch::Sender::send` improved ([#​4959]) - task: add cancel safety docs to `JoinHandle` ([#​4901]) - task: expand on cancellation of `spawn_blocking` ([#​4811]) - time: clarify that the first tick of `Interval::tick` happens immediately ([#​4951]) ##### Unstable - rt: add unstable option to disable the LIFO slot ([#​4936]) - task: fix incorrect signature in `Builder::spawn_on` ([#​4953]) - task: make `task::Builder::spawn*` methods fallible ([#​4823]) [#​4595]: tokio-rs/tokio#4595 [#​4716]: tokio-rs/tokio#4716 [#​4765]: tokio-rs/tokio#4765 [#​4805]: tokio-rs/tokio#4805 [#​4811]: tokio-rs/tokio#4811 [#​4823]: tokio-rs/tokio#4823 [#​4824]: tokio-rs/tokio#4824 [#​4837]: tokio-rs/tokio#4837 [#​4840]: tokio-rs/tokio#4840 [#​4841]: tokio-rs/tokio#4841 [#​4845]: tokio-rs/tokio#4845 [#​4848]: tokio-rs/tokio#4848 [#​4849]: tokio-rs/tokio#4849 [#​4852]: tokio-rs/tokio#4852 [#​4858]: tokio-rs/tokio#4858 [#​4867]: tokio-rs/tokio#4867 [#​4877]: tokio-rs/tokio#4877 [#​4882]: tokio-rs/tokio#4882 [#​4886]: tokio-rs/tokio#4886 [#​4893]: tokio-rs/tokio#4893 [#​4894]: tokio-rs/tokio#4894 [#​4897]: tokio-rs/tokio#4897 [#​4898]: tokio-rs/tokio#4898 [#​4901]: tokio-rs/tokio#4901 [#​4904]: tokio-rs/tokio#4904 [#​4920]: tokio-rs/tokio#4920 [#​4924]: tokio-rs/tokio#4924 [#​4928]: tokio-rs/tokio#4928 [#​4935]: tokio-rs/tokio#4935 [#​4936]: tokio-rs/tokio#4936 [#​4937]: tokio-rs/tokio#4937 [#​4942]: tokio-rs/tokio#4942 [#​4945]: tokio-rs/tokio#4945 [#​4951]: tokio-rs/tokio#4951 [#​4953]: tokio-rs/tokio#4953 [#​4956]: tokio-rs/tokio#4956 [#​4959]: tokio-rs/tokio#4959 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzMi4xODcuMCIsInVwZGF0ZWRJblZlciI6IjMyLjE4Ny4wIn0=--> Co-authored-by: cabr2-bot <cabr2.help@gmail.com> Reviewed-on: https://codeberg.org/Calciumdibromid/CaBr2/pulls/1532 Reviewed-by: crapStone <crapstone@noreply.codeberg.org> Co-authored-by: Calciumdibromid Bot <cabr2_bot@noreply.codeberg.org> Co-committed-by: Calciumdibromid Bot <cabr2_bot@noreply.codeberg.org>
|
A question in relation to this: does a |
|
@huntc This question is quite confusing to me. What problem do you consider this a fix for? |
If I can test that a previous task has entirely completed then I’m in a position to spawn a new one. My question is whether this test is reliable. If the spawn method was failable then I wouldn’t need the test. Make sense? |
|
No, it doesn't really make sense. The As for what |
I didn’t appreciate the queue aspect to this. Thanks. In the case of spawn_blocking where I’ve allocated a pool size of two blocking threads, what would be the queue size? Again, I’m looking to rely on determining whether a blocking job has finished before spawning another. |
|
The queue of pending |
Thanks for the clarifications. I'm limiting the number of blocking threads to minimise memory usage (running embedded Linux). I'm unsure that a semaphore would assist here as I'm looking for the best indication that a previous task has finished outside of an async context, and so that I can avoid queuing another i.e. I don't want to queue to an unbounded buffer as I'd potentially run out of memory very quickly. Anyhow, you've answered my question by informing me of the unbounded queue so I'm good. I must say though that the queue being unbounded is a surprise. Perhaps separately being able to specify a bound and having the spawn methods fail given the bounds being exceeded would be fine, but then that may be another topic. |
|
You can definitely put a limit on the number of tasks using a |
I see now that I can use a |
|
Unless you only want one task running concurrently, I would find the |
Motivation
Tokio's current stable
spawn*methods are all infallible but may internally panic on unrecoverable errors (for example, if the blocking threadpool is empty and the OS refuses to spawn additional threads). Unfortunately, this means that applications cannot opt-into gracefully handling such situations.Solution
Convert all
task::Builder::spawn*methods to return a fallibleio::Result<_>, giving applications the opportunity to opt-into handling spawn errors themselves. This also is a fitting analogue tostd::thread::Builderwhich also has fallible spawn methods (contrasted withstd::thread::spawnwhich panic on failure).Given that the
task::Builderand its APIs are currently marked as unstable, this is a good time to make the change before we start stabilizing them. Currentlyspawn_blockingwas the only API which I could tell internally panics on some errors instead of yielding them, so it has been updated to surface those errors via thetask::Builder::spawn_blocking*APIs.Note that the behavior of
tokio::task::spawn_blockingis maintained as it was before this change:JoinHandleis returned without panicking.