flow: Phase 3 suspend/resume/cancel via deterministic replay + 17 tests

Guest Scheme call/cc is escape-only (re-entry hangs), so durable resume uses deterministic replay: suspend escapes to the driver; resume re-runs the flow and replays resolved suspends from a (tag value) log. No live continuation is ever serialized — persisted state is plain data, survives restart. Adds flow/start (now state-returning, backward compatible), flow/resume, flow/cancel, store.sx. Harness reuses one env with a per-test reset (full env rebuild 66x was too slow). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-06 17:20:09 +00:00
parent e762cc2e32
commit e896deffc8
8 changed files with 230 additions and 48 deletions
--- a/lib/flow/spec.sx
+++ b/lib/flow/spec.sx
@@ -4,37 +4,29 @@
 ;;   node : input -> output
 ;; A leaf node ignoring its argument is effectively a thunk. Combinators
 ;; build composite nodes out of child nodes. The whole flow runs INSIDE the
-;; Scheme interpreter so that Phase 3's `suspend` (call/cc) can capture the
-;; flow continuation directly.
+;; Scheme interpreter.
 ;;
 ;; Phase 1 combinators (flow-combinators-src):
-;;   (flow-node f)      — wrap a 1-arg procedure as a node (identity)
-;;   (flow-id input)    — pass the upstream value through unchanged
-;;   (flow-const v)     — node that ignores input and yields v
-;;   (sequence n ...)   — thread input left-to-right through children
-;;   (parallel n ...)   — fan input to every child, join results into a list
-;;                        (SEQUENTIAL evaluation; true concurrency is Phase 3)
-;;   (defflow name body)— bind a named flow
+;;   flow-node / flow-id / flow-const / sequence / parallel / defflow
 ;;
 ;; Phase 2 combinators (flow-control-src):
-;;   (branch pred then else) — pred on input selects then/else node
-;;     (`cond` is a Scheme special form, so the combinator is named `branch`)
-;;   (fail reason)      — make an explicit failure value (data, not an exception)
-;;   (failed? x)        — is x a failure value?
-;;   (fail-reason x)    — the reason carried by a failure value
-;;   (try-catch node handler) — run node; if it raises, call (handler error)
-;;     with the reified error and return the handler's value
-;;   (retry n node)     — run node, re-running up to n attempts total on a raised
-;;     exception; the last attempt's exception propagates. Only RAISED exceptions
-;;     are retried — explicit (fail ...) values pass through unchanged. (Once a
-;;     node has suspended in Phase 3, retry does not re-run it; resume continues.)
-;;   (timeout budget node) — bound node by a COOPERATIVE STEP BUDGET. There is no
-;;     scheduler or wall clock in pure SX, so timeout is deterministic: a node opts
-;;     in by calling (tick) at safe points. `budget` ticks are allowed; the next
-;;     tick raises (quote flow-timeout) (catchable by try-catch). A node that never
-;;     ticks is unbounded. Budgets nest (save/restore) and are isolated per flow
-;;     run (fresh env per flow-make-env).
-;;   (tick)             — consume one unit of the active timeout budget
+;;   branch / fail / failed? / fail-reason / try-catch / retry / timeout / tick
+;;
+;; Phase 3 suspend core (flow-suspend-src):
+;;   The guest Scheme's call/cc is ESCAPE-ONLY (re-invoking a captured k after it
+;;   returns hangs the runtime), so suspend/resume CANNOT re-enter a continuation.
+;;   Instead, durability uses DETERMINISTIC REPLAY: a flow re-runs from the start
+;;   on each resume; suspend points that have already been resolved replay their
+;;   logged value, and the first unresolved suspend escapes back to the driver.
+;;   The entire persisted state is the replay log (plain (tag value) data), which
+;;   survives process restart — no live continuation is ever serialized.
+;;
+;;   (suspend tag)  — if tag is in the replay log, return its value; else escape
+;;     to the driver as (flow-suspended tag). tags must be unique & deterministic
+;;     across replays. ALL effects/non-determinism must go through suspend so their
+;;     results are logged (otherwise they re-run on every replay).
+;;   (flow-drive flow input log) — run flow with the given replay log; returns
+;;     (flow-done result) or (flow-suspended tag).

 (define
  flow-combinators-src
@@ -44,6 +36,10 @@
  flow-control-src
  "(define (branch pred then else)\n     (lambda (input) (if (pred input) (then input) (else input))))\n   (define (fail reason) (list (quote flow-fail) reason))\n   (define (failed? x) (and (pair? x) (eq? (car x) (quote flow-fail))))\n   (define (fail-reason x) (car (cdr x)))\n   (define (try-catch node handler)\n     (lambda (input) (guard (e (#t (handler e))) (node input))))\n   (define (flow-retry-step n node input)\n     (guard (e (#t (if (<= n 1) (raise e) (flow-retry-step (- n 1) node input))))\n       (node input)))\n   (define (retry n node) (lambda (input) (flow-retry-step n node input)))\n   (define flow-timeout-budget -1)\n   (define (tick)\n     (if (< flow-timeout-budget 0)\n         0\n         (begin\n           (set! flow-timeout-budget (- flow-timeout-budget 1))\n           (if (< flow-timeout-budget 0)\n               (raise (quote flow-timeout))\n               flow-timeout-budget))))\n   (define (timeout budget node)\n     (lambda (input)\n       (let ((saved flow-timeout-budget))\n         (set! flow-timeout-budget budget)\n         (guard (e (#t (begin (set! flow-timeout-budget saved) (raise e))))\n           (let ((result (node input)))\n             (set! flow-timeout-budget saved)\n             result)))))")

+(define
+  flow-suspend-src
+  "(define flow-replay-log (list))\n   (define flow-suspend-k #f)\n   (define (flow-log-lookup tag log)\n     (if (null? log)\n         (list #f #f)\n         (if (eq? (car (car log)) tag)\n             (list #t (car (cdr (car log))))\n             (flow-log-lookup tag (cdr log)))))\n   (define (suspend tag)\n     (let ((hit (flow-log-lookup tag flow-replay-log)))\n       (if (car hit)\n           (car (cdr hit))\n           (flow-suspend-k (list (quote flow-suspended) tag)))))\n   (define (flow-drive flow input log)\n     (set! flow-replay-log log)\n     (call/cc\n       (lambda (k)\n         (set! flow-suspend-k k)\n         (list (quote flow-done) (flow input)))))")
+
 (define
  flow-load-combinators!
  (fn
@@ -51,4 +47,5 @@
    (begin
      (scheme-eval-program (scheme-parse-all flow-combinators-src) env)
      (scheme-eval-program (scheme-parse-all flow-control-src) env)
+      (scheme-eval-program (scheme-parse-all flow-suspend-src) env)
      env)))