Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Persist solver, part 2 #1128

Merged
merged 2 commits into from
Mar 25, 2021
Merged

Persist solver, part 2 #1128

merged 2 commits into from
Mar 25, 2021

Conversation

robdockins
Copy link
Contributor

Push solver instances higher, into the REPL monad or the SolverState.

Some remaining questions regarding the remote API server:

  1. Will this cause problems with concurrent clients?
  2. There doesn't seem to be any way to do cleanup actions when
    the server is shut down, so the solver will not be shut down
    gracefully. Is this a problem?

@robdockins
Hoist the Solver instance higher, into the REPL monad.
3114110 
Instead of creating a new solver instance for each module
command, we now maintain the same solver instance across
an entire REPL session, unless some of the typechecking
configuration options are changed.
@robdockins
Hoist the Solver instance into the SolverState for the remote API.
6626c4d 
Now, a single solver instance is used for the entire server.

Questions/TODO:

1. Will this cause problems with concurrent clients?
2. There doesn't seem to be any way to do cleanup actions when
the server is shut down, so the solver will not be shut down
gracefully.  Is this a problem?
@robdockins robdockins requested review from atomb and pnwamk March 23, 2021 22:36
@pnwamk
Copy link
Contributor

pnwamk commented Mar 23, 2021

Some remaining questions regarding the remote API server:

  1. Will this cause problems with concurrent clients?

I guess it depends on what kinds of problems we're worried about:

  1. If we're worried about multiple clients accessing the solver simultaneously, that shouldn't be an issue: the underlying server implementation (Argo) currently uses a global MVar to lock access to the internal store of app states while a responding to a particular RPC, so only one client would ever have a handle to the solver at a time with how things currently work.

  2. If we're worried about the solver needing to persist state between requests from the same client without interruption in order to function properly... then we might have a small but easily addressable problem. If each client needs their own solver instance and cannot "take turns" using it, then we would want to change this line here from PureState to MutableState, which signals to the server backend that a new initial state needs be created for each unique client because there is some underlying (observable) mutability in the app state.

  1. There doesn't seem to be any way to do cleanup actions when
    the server is shut down, so the solver will not be shut down
    gracefully. Is this a problem?

I'm not sure. I guess part of that depends on what's the worst that could happen if we just let the solver connection get GC'd by the Haskell runtime? (Or perhaps I don't have a good mental model for this aspect of the implementation...?) Does the solver get shutdown when the connection is GC'd? Does it matter if that's graceful or not...? Note, that if our answer to (1) above is that we do not need to create a Z3 connection for each user and they can share a connection, then this would only happen when the entire server is shutdown... in which case I'd have a hard time seeing if we cared... so long as we're not leaving zombie processes around or similar in the host machine.

@robdockins
Copy link
Contributor Author

The solver "shouldn't" be carrying state from query to query that we need to worry about (although I am a bit worried about the robustness of maintaining a solver connection indefinitely). So, I think we should be OK as long as client requests have mutual exclusion.

Currently, the solvers are not set up to be shutdown as part of a GC finalizer. I don't like this method of managing external resources, as it isn't reliable. So, indeed, the worry is that zombie processes will be left on the machine after server shutdown.

@pnwamk
Copy link
Contributor

pnwamk commented Mar 23, 2021

Okay, well then it seems like overall what you've already got here should work fine, and we can make a TODO w.r.t. improving the graceful shutdown story and how we handle long running server connections.

W.r.t. the lengthy server connection bit, is the worry just that they're generally not meant to be run for long periods and so we may hit issues since we're using them in an atypical way? Or is it more about the need to possibly restart the solver if it crashes?

@robdockins
Copy link
Contributor Author

robdockins commented Mar 23, 2021
edited
Loading

I don't know that it's "atypical", but you run greater risk of encountering space leaks and other abstraction-breaking problems by not restarting from a blank slate on a regular basis. EDIT: there's also more "fate sharing", as a problem caused during the execution of another user's request could crash the solver and leave other clients out of luck.

@robdockins
Copy link
Contributor Author

@LisannaAtGalois, should I be concerned about the CI failures on this PR? I'm not sure what those checks are doing or why they've failed.

@lisanna-dettwyler
Copy link
Contributor

@LisannaAtGalois, should I be concerned about the CI failures on this PR? I'm not sure what those checks are doing or why they've failed.

@robdockins Nope, they're a spurious issue with docker relating to some recent CI rework. Looking into a fix - feel free to ignore it in this PR.

@robdockins robdockins merged commit b4e0a7f into master Mar 25, 2021
@robdockins robdockins mentioned this pull request Mar 25, 2021
Closed
@brianhuffman brianhuffman mentioned this pull request Apr 8, 2021
Closed
brianhuffman pushed a commit to GaloisInc/saw-core that referenced this pull request Apr 8, 2021
Adapt to GaloisInc/cryptol#1128 "persistent-solver2".
4c6b436
@brianhuffman brianhuffman mentioned this pull request Apr 22, 2021
Open
brianhuffman pushed a commit to GaloisInc/saw-core that referenced this pull request Apr 22, 2021
Merge pull request #197 from GaloisInc/persist-solver2
1c05dc0 
Adapt to GaloisInc/cryptol#1128 "persistent-solver2".
brianhuffman pushed a commit to GaloisInc/saw-script that referenced this pull request Apr 26, 2021
Update cryptol and saw-core, and adapt to "persist-solver2" PRs.
ee8d927 
This patch includes the following submodule PRs:
- GaloisInc/cryptol#1128 "persist-solver2"
- GaloisInc/saw-core#197 "persist-solver2"
@brianhuffman brianhuffman mentioned this pull request Apr 26, 2021
Merged
brianhuffman pushed a commit to GaloisInc/saw-script that referenced this pull request Apr 27, 2021
Adapt to GaloisInc/cryptol#1128 "persistent-solver2".
46467ab
brianhuffman pushed a commit to GaloisInc/saw-script that referenced this pull request Apr 27, 2021
Adapt saw-script to GaloisInc/cryptol#1128 "persist-solver2".
2017180
@brianhuffman brianhuffman mentioned this pull request Apr 27, 2021
Merged
robdockins pushed a commit to GaloisInc/saw-script that referenced this pull request May 18, 2021
@robdockins
Adapt to GaloisInc/cryptol#1128 "persistent-solver2".
eb2040c
robdockins pushed a commit to GaloisInc/saw-script that referenced this pull request May 18, 2021
@robdockins
Adapt saw-script to GaloisInc/cryptol#1128 "persist-solver2".
2ff337c
@brianhuffman brianhuffman mentioned this pull request Oct 9, 2021
Open
@RyanGlScott RyanGlScott deleted the persist-solver2 branch March 22, 2024 14:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pnwamk pnwamk pnwamk approved these changes

@atomb atomb Awaiting requested review from atomb

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@robdockins @pnwamk @lisanna-dettwyler