fix timeout related Python 3.12.0b4 incompatibilities #232
Conversation
|
Recent changes on |
However, the adaptation is incomplete -- most of the tests inherited from the ZODB are no longer executed (they have the prefix |
… for ZODB inherited tests with prefixes `check` and `test`
|
This PR now fixes #233, too: it looks for ZODB inherited tests both with the old prefix |
|
Just one test failing on Python 3.12 now |
|
Jens Vagelpohl wrote at 2023-7-28 00:28 -0700:
Just one test failing on Python 3.12 now
This has been a race condition:
* reexecuting the check succeeded
* local test execution succeeds
* the failing code is
```python
# If we manage to call _dostore before the server disconnects
# us, we'll get a ClientDisconnected error. When we retry, it
# will succeed. It will succeed because:
# - _dostore calls tpc_abort
# - tpc_abort makes a synchronous call to the server to abort
# the transaction
# - when disconnected, synchronous calls are blocked for a little
# while while reconnecting (or they timeout of it takes too long).
try:
self._dostore()
except ClientDisconnected:
self._dostore()
```
The exception comes from the second `self._dostore()`.
The comment indicates with `(or they timeout if it takes too long)`
the existence of a potential race condition.
The race happens when the reconnection takes too long.
The test cannot recognize this case because a timeout
it mapped to `ClientDisconnected`.
I assume the following happened:
The first `_dostore` fails with `ClientDisconnected`.
In the exception handler, it calls `tpc_abort`.
This fails with a timeout (because the reconnection takes too long)
mapped to `ClientDisconnected`.
The test sees the `ClientDisconnected` and assumes it is the first
one (i.e. the reconnection should be complete), but it is the second
one (reconnection not complete). As a consequence, the second `_dostore`
fails (in the asynchronous call `tpc_begin`).
We would need quite detailed logging to verify that
my assumption is correct.
|
We could make the test more robust (should my assumption be correct): |
|
Must be a race condition. Running the tests locally works fine, including macOS. When I slow things down by running all Python versions in parallel I start seeing |
|
Dieter, thanks for looking into this problem and for asking for review. Given that #225 might be the future I generally agree that it makes sense to Regarding hereby PR I have a few questions about We invoke async def await_with_timeout(f, timeout, loop):
waiter = Future(loop)
def stop()
if not waiter.done():
waiter.set_result(None)
f.add_done_callback(stop)
handle = loop.call_later(timeout, stop)
await waiter
try:
if f.done():
return f.result()
else:
f.remove_done_callback(stop)
raise asyncio.TimeoutError
finally:
handle.cancel()Is it indeed correct or I am missing something and call_soon_threadsafe is Another thing I wanted to ask is about if not self.operational:
+ if timeout <= 0:
+ raise ClientDisconnected("timed out waiting for connection")
+
try:
- await asyncio.wait_for(asyncio.shield(self.connected), timeout)
+ await await_with_timeout(self.connected, timeout, self.loop)
except asyncio.TimeoutError:
raise ClientDisconnected("timed out waiting for connection")Here do we need to add that explicit Thanks once again for looking into this, |
|
Kirill Smelkov wrote at 2023-7-28 05:49 -0700:
...
Is it indeed correct or I am missing something and call_soon_threadsafe is
actually needed for a reason?
`call_soon_threadsafe` is not needed in the current situation
but will be necessary with the "direct socket access" approach
(because then the first task step is executed by the calling thread,
not the IO thread).
Another thing I wanted to ask is about
```diff
if not self.operational:
+ if timeout <= 0:
+ raise ClientDisconnected("timed out waiting for connection")
+
try:
- await asyncio.wait_for(asyncio.shield(self.connected), timeout)
+ await await_with_timeout(self.connected, timeout, self.loop)
except asyncio.TimeoutError:
raise ClientDisconnected("timed out waiting for connection")
```
Here do we need to add that explicit `if timeout <= 0: raise ClientDisconnected`
or we can rely on await_with_timeout raising TimeoutError
and followup except block converting that to ClientDisconnected?
I do not know. For an unknown reason `asyncio.wait_for` had special
handling for `timeout <= 0` (in Python 3.6, but it still has in 3.12).
During the "direct socket access" implementation, I replaced
the `asyncio.wait_for` call in `await_operational_co`
by an inline simplified timeout implementation
but retained the `timeout <= 0` special handling as a precaution.
It might not be necessary -- but the `asyncio.wait_for` author might
have had his reasons.
For this PR, I first took over the implementation from "direct socket access".
A failing test revealed that `close_co`, too, uses timeouts.
This let me refactor the common code into `await_with_timeout`.
A `timeout <= 0` can only come from the caller; the one in `close_co`
is known to be `> 0`. For this reason, the special handling
is only in `await_operational_co` and not in `await_with_timeout`.
|
|
Dieter, thanks for feedback. So to restore context I first reread carefully our conversation on And while thinking it all over again I started to question myself why asyncio What we currently do is that we forward those from-threads calls to the IO The IO thread is also probably needed to demultiplex replies to multiple As #225 (comment) says So I squeezed some time to sketch up a ZEO client working without asyncio and In #225 (comment) you wrote:
Please find below an outline implementation that satisfies all those """kzeo.py illustrates ideas for ZEO client with low-latency tx and rx.
With standard ZEO it takes 4 process switches to handle 1 loadBefore:
1. Client thread -> IO thread via `call_soon_threadsafe` which internally sends wakeup via internal socket.
2. IO thread -> ZEO server process (request)
3. IO thread <- ZEO server (reply)
4. client thread <- IO thread (result)
( https://github.com/zopefoundation/ZEO/pull/225#issuecomment-1414441686 )
Hereby implementation avoids "1". It also avoids "4" for one of the client threads.
XXX this code was not tested at all. It currently only illustrates the idea.
"""
from ZEO.asyncio import marshal as zmarshal
from ZEO.asyncio.client import exc_factories as zexc_factories
from ZEO.Exceptions import ServerException
import struct
from time import time, sleep
import socket
from golang import func, defer, chan, select, default, go
from golang import sync
# ZEOClient sketches up a client for ZEO.
# It supports multithreading and can be used by multiple threads simultaneously.
class ZEOClient:
# ._sk socket connection to ZEO server
# ._tx_lock sync.Mutex protects writing to _sk
# ._rx_lock sema via chan(1) protects reading from _sk + invoking received notifications
# ._rx_buf bytearray buffer for rx data
#
# ._inflight_mu sync.Mutex protects _inflight
# ._inflight {} msgid -> _Request in flight requests
#
# ._trxloop_until_reply float time of last entry to _rxloop_until_reply
#
# lock ordering:
# _rx_lock > _inflight_mu
pass
# _Request represents in-flight request to server.
class _Request:
# .ready chan[structZ] becomes closed when request is complete
# ._resp * response | error
# .msgid * message ID of the request
def __init__(self, msgid):
self.ready = chan(dtype='C.structZ')
self._resp = _missing
self.msgid = msgid
# ZEOClient() creates new ZEO client connected to particular storage on ZEO server at addr.
@func(ZEOClient)
def __init__(self, addr, storage='1'):
self._sk = socket.connect(addr)
self._tx_lock = sync.Mutex()
self._rx_lock = chan(1)
self._rx_buf = bytearray()
self._inflight_mu = sync.Mutex()
self._inflight = {}
self._trxloop_until_reply = float('-inf')
# handshake
hsrv = self.__rx_pkt()
encoding = hsrv[0]
version = hsrv[1:]
assert encoding in (b'Z', b'M')
assert version == b'5'
hcli = encoding + version
self._tx_pkt(hcli)
# handshaked ok
self.encoder = zmarshal.encoder(encoding)
self.decoder = zmarshal.decoder(encoding)
# XXX cache verification ...
# spawn rx poller so that invalidation messages do not queue indefinitely if there is no local activity
go(self._rxloop_poller)
# now ready to serve clients
# example client request to handle
@func(ZEOClient)
def loadBefore(self, oid, tid):
# XXX try cache first
# see if another loading request for (oid, tid) is already in flight
# if yes - only wait for that one to complete
msgid = (oid, tid)
with self._inflight_mu:
req = self._inflight.get(msgid)
already = (req is not None)
if not already:
req = _Request(msgid)
self._inflight[msgid] = req
if already:
req.ready.recv()
return req.result()
# this thread becomes responsible for issuing the request to server
req_pkt = self.encode(msgid, False, 'loadBefore', (msgid,))
with self._tx_lock:
self._tx_pkt(req_pkt)
# and for waiting for and processing the reply.
# But while we are waiting for the reply replies to other requests and notifications might come first.
# We handle them all until we get ours.
self._rxloop_until_reply(req)
return req.result()
# _rxloop_until_reply receives and processes incoming packets until reply for req is received.
# it can be called simultaneously but receives incoming messages and runs their handlers strictly serially.
@func(ZEOClient)
def _rxloop_until_reply(self, req: _Request):
# indicate to _rxloop_poller that there is local activity
self._trxloop_until_reply = time() # with gil
# wait until either
# - we get ._rx_lock, or
# - req becomes completed by _rxloop_until_reply ran in another thread while we are waiting.
_, _rx = select(
(self._rx_lock.send, 0), # 0
req.ready.recv, # 1
)
if _ == 1:
return
# we've got _rx_lock
defer(self._rx_lock.recv)
# see if maybe req still became completed simultaneously to us getting the lock
_, _rx = select(
req.ready, # 0
default, # 1
)
if _ == 0:
return
# not yet. We are holding _rx_lock and noone else can access the reception until we release it.
# let's receive and handle messages until we see req's reply.
# when we see a notification - we invoke corresponding handler.
# when we see a reply to another request - we notify its .ready to wakeup corresponding waiter
while 1:
msgid_ = self.__rx_and_handle1()
if msgid_ == req.msgid:
return
# _rxloop_poller polls rx from time to time to handle e.g. invalidations.
# it is run in its own thread so that server-originated messages do not queue
# up indefinitely if there is no local activity.
@func(ZEOClient)
def _rxloop_poller(self):
# XXX stop on close
while 1:
self._rx_lock.send(0)
try:
self.__rx_and_handle1()
finally:
self._rx_lock.recv()
# pause rx polling for a while if there is local activity
# this should result in that client thread receives its reply from server directly, not via rx poller thread
while 1:
now = time()
trxloop_until_reply = self._trxloop_until_reply # with gil
dt = now - trxloop_until_reply
if dt >= 1:
break
sleep(1-dt)
# __rx_and_handle1 receives one incoming packet and processes it.
# must be called under _rx_lock.
@func(ZEOClient)
def __rx_and_handle1(self): # -> msgid
pkt = self._rx_pkt()
msgid, async_, name, args = self.decode(pkt)
if name != '.reply':
assert async_ # client only get async calls
if not name in self.client_methods:
raise AttributeError(name)
getattr(self, name)(*args)
else:
# name == '.reply'
with self._inflight_mu:
req = self._inflight.pop(msgid)
if async_: # ZEO5 exception
klass, args = args
factory = zexc_factories.get(klass)
if factory:
exc = factory(klass, args)
else:
exc = ServerException(klass,args)
req.resp = exc
else:
req.resp = args
req.ready.close()
return msgid
# result turns received response into either plain return or raised exception.
@func(_Request)
def result(self):
resp = self._resp
assert resp is not _missing
if isinstance(resp, Exception):
raise resp
else:
return resp
# example notification handler
ZEOClient.client_methods = ('invalidateTransaction',)
@func(ZEOClient)
def invalidateTransaction(self, tid, oids):
1/0 # XXX
# _tx_pkt wraps up raw payload with sized header and transmits it.
# it must be invoked only serially.
@func(ZEOClient)
def _tx_pkt(self, data):
pkt = struct.pack('>I', len(data)) + data
_sendall(self._sk, pkt)
# _rx_pkt receives sized message and returns its raw payload.
# it must be called only serially.
@func(ZEOClient)
def _rx_pkt(self): # -> data
if len(self._rx_buf) < 4:
self._rx_buf += _readatleast(self._sk, 4 - len(self._rx_buf))
assert len(self._rx_buf) >= 4
size, = struct.unpack('>I', self._rx_buf[:4])
self._rx_buf = self._rx_buf[4:]
if len(self._rx_buf) < size:
self._rx_buf += _readatleast(self._sk, size - len(self._rx_buf))
assert len(self._rx_buf) >= size
data = self._rx_buf[:size]
self._rx_buf = self._rx_buf[size:]
return data
# _sendall sends all data to the socket.
def _sendall(sk, data):
1/0 # XXX
# _readatleast reads at least specified data from the socket.
def _readatleast(sk, n): # -> data | error
1/0 # XXX
# _missing represent something missing.
# It is not None because None is valid RPC result.
_missing = object()Speaking about hereby PR I suggest to do the following:
Kirill |
|
Kirill Smelkov wrote at 2023-7-31 12:39 -0700:
Dieter, thanks for feedback.
So to restore context I first reread carefully our conversation on
#224 and
#225.
And while thinking it all over again I started to question myself why asyncio
is needed for ZEO client at all? Frankly I do not see any good answer:
asyncio can be useful for a server that wants to handle many connections
without creating a thread for each client. But on the ZEO client we already
have clients each running in its own thread and accessing ZODB by calls like
loadBefore.
The problem comes from the asynchronous calls (e.g. invalidations)
and the need to ensure that **all** messages are processed in
sent order.
The IO thread allows for an easy solution to this requirement.
It will be much more difficult when there is no single thread
which handles all incoming messages.
Of course, we could give each application thread its own
ZEO connection. Then, the application thread could access the
ZEO connection socket freely. It would need to process asynchronous
messages at strategic points (e.g. as part of `sync` calls);
they would no longer be truely asynchronous.
...
Please find below an outline implementation that satisfies all those
properties.
If we can agree that this approach is sound, I think removing
This will be a big change.
Earlier you stressed that stability is one of your major concerns.
Big changes have the potential to threaden stability.
Therefore, I suggest, you implement your idea (completely)
and run our tests against it.
If this succeeds, we measure the performance
and if there is significant gain, I will take a close look
at your implementation with a good chance that I agree to its use.
|
…ely that the additional complexity would ever be used
…on/ZEO into py312_compatibility
Thank you for your review. I did not follow your first suggestion: I have closed #225. Thus, it becomes unlikely that |
…ely that the additional complexity would ever be used
…failures due to high load
|
With this change when I run all Python version tests in parallel on my slower VM only Python 3.12 still shows issues similar to this: |
|
Dieter, thanks for feedback and I appologize for the situation with I originally tried to express my ideas in February in I'm, once again, sorry for that. Speaking about my sketch:
I fully agree: for correctness we absoltely must ensure that the order in In my implementation, even though reception and processing of incoming messages can
This is fair. And yes, it is me who stresses correctness and stability first. For the reference my idea about how this big change could be made is as But Dieter, I cannot afford myself to invest time until we generally agree and The whole thing is ~ 250 lines of code including comments. I tried to keep it Thanks also for accepting part of my suggestions for hereby PR. Kirill |
|
Kirill Smelkov wrote at 2023-8-1 01:53 -0700:
...
But Dieter, I cannot afford myself to invest time until we generally agree and
see each other on the common track that doing things the way I propose is at
least _clear_ and _correct_. So would you please spend a bit of your time to
review the general organization of how messages are sent, received and
processed in my sketch?
I invested a lot of time in your initial idea.
I will not invest time into your new idea until you have
done the implementation and proved that it both presents no problems
and gives significant improvements in practical situations.
From my point of view, ZEO can stay as it is now.
|
|
Ok, clear and fair. Thanks for feedback. |
Fixes #231.
The reported test failures all have the same cause: Python 3.12 has changed the
asynciotimeout handling; it now requires a proper task context.ZEO(mostly) uses highly optimized tasks (maybe comparable to the new "eager tasks") instead of standard tasks. Those tasks do not callasyncio.tasks._{enter,exit}taskamd therefor do not properly set up the task context.The PR does not change this but instead uses the timeout implementation from branch
direct_socket_access_with_loop_lock(#225). The branch implements an idea from @navytux to access the socket directly. I have observed considerable speedup. Maybe @navytux finds it worth to do a review and we merge #225 eventually. This would prevent the use of standard timeouts anyway.