Remove unsound ScopedCoroutine #28
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This is unsound because it allows values on the stack to be forgotten without running their associated drop code, which is unsound for constructs like scoped threads. Fixes #27
zetanumbers
reviewed
Sep 9, 2024
Comment on lines
+103
to
+132
| /// A coroutine wraps a closure and allows suspending its execution more than | ||
| /// once, returning a value each time. | ||
| /// | ||
| /// # Dropping a coroutine | ||
| /// | ||
| /// When a coroutine is dropped, its stack must be unwound so that all object on | ||
| /// it are properly dropped. This is done by calling `force_unwind` to unwind | ||
| /// the stack. If `force_unwind` fails then the program is aborted. | ||
| /// | ||
| /// See the [`Coroutine::force_unwind`] function for more details. | ||
| /// | ||
| /// # `Send` | ||
| /// | ||
| /// In the general case, a coroutine can only be sent to another if all of the | ||
| /// data on its stack is `Send`. There is no way to guarantee this using Rust | ||
| /// language features so `Coroutine` does not implement the `Send` trait. | ||
| /// | ||
| /// However if all of the code executed by a coroutine is under your control and | ||
| /// you can ensure that all types on the stack when a coroutine is suspended | ||
| /// are `Send` then it is safe to manually implement `Send` for a coroutine. | ||
| #[cfg(not(feature = "default-stack"))] | ||
| pub struct Coroutine<Input, Yield, Return, Stack: stack::Stack> { | ||
| stack: Stack, | ||
| stack_ptr: Option<StackPointer>, | ||
| initial_stack_ptr: StackPointer, | ||
| drop_fn: unsafe fn(ptr: *mut u8), | ||
| marker: PhantomData<fn(Input) -> CoroutineResult<Yield, Return>>, | ||
| marker2: PhantomData<*mut ()>, | ||
| } | ||
|
|
There was a problem hiding this comment.
Why not use type alias to avoid duplicate definitions?
There was a problem hiding this comment.
Because it makes the documentation look better.
There was a problem hiding this comment.
There is #[doc(inline)] attribute in case you want the underlying definition to pop up in the documentation. Anyway, what's done is done.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is unsound because it allows values on the stack to be forgotten without running their associated drop code, which is unsound for constructs like scoped threads.
Fixes #27