Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Safe calling of a coroutine function
19 views
Skip to first unread message
Michael Podolsky
Dec 11, 2020, 2:27:01 AM12/11/20
to
I am looking for possible solutions to prevent some dangerous scenario
(end developer bugs) in using C++ corotuines.
Suppose we have an async function
someFuture<int> receiveBuffer(char *buf, size_t size);
and we further call it as
int status = co_await receiveBuffer(buf, size);
if(status== ok && strncmp(buf, "key", 3) { /* do something */ }
all looks and works good until somebody writes a code like
1: receiveBuffer(buf, size);
2: if(strncmp(buf, "key", 3) { /* do something */ }
Now, things are really bad. Not only that we did not check the status,
but the worst thing - the line 2 is executed immediately without waiting
for receiveBuffer function to complete.
Things may get even more problematic if a coroutine function has no out
parameters, but changes the state of a class (kind of side effect).
class Job
{
// some private data
public:
SomeFuture<void> execute(const Params& );
void sendResults();
}
compare now
co_await job.execute(params)
job.sendResults()
and
job.execute(params)
job.sendResults()
The second case again does not wait for the completion of the job and
sendResults() may access data which is not yet ready.
I need to find a way to prevent calling coroutines without awaiting for
them. Better to prevent it in the time of compilation, catching that at
runtime may be too late.
Of course, to solve the egg and chicken problem, the first coroutine
should be called without co_await, but for that I could consider some
additional "launcher" function. Anyway, I cannot even see how the first
problem may be solved in C++ - and that makes me think that C++
coroutines are very unsafe in the respect discussed above.
Thanks in advance.
(end developer bugs) in using C++ corotuines.
Suppose we have an async function
someFuture<int> receiveBuffer(char *buf, size_t size);
and we further call it as
int status = co_await receiveBuffer(buf, size);
if(status== ok && strncmp(buf, "key", 3) { /* do something */ }
all looks and works good until somebody writes a code like
1: receiveBuffer(buf, size);
2: if(strncmp(buf, "key", 3) { /* do something */ }
Now, things are really bad. Not only that we did not check the status,
but the worst thing - the line 2 is executed immediately without waiting
for receiveBuffer function to complete.
Things may get even more problematic if a coroutine function has no out
parameters, but changes the state of a class (kind of side effect).
class Job
{
// some private data
public:
SomeFuture<void> execute(const Params& );
void sendResults();
}
compare now
co_await job.execute(params)
job.sendResults()
and
job.execute(params)
job.sendResults()
The second case again does not wait for the completion of the job and
sendResults() may access data which is not yet ready.
I need to find a way to prevent calling coroutines without awaiting for
them. Better to prevent it in the time of compilation, catching that at
runtime may be too late.
Of course, to solve the egg and chicken problem, the first coroutine
should be called without co_await, but for that I could consider some
additional "launcher" function. Anyway, I cannot even see how the first
problem may be solved in C++ - and that makes me think that C++
coroutines are very unsafe in the respect discussed above.
Thanks in advance.
0 new messages