New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proposal: Allow unsafe code in iterators #2143

Closed
stephentoub opened this Issue Apr 21, 2015 · 7 comments

Comments

Projects
None yet
5 participants
@stephentoub
Member

stephentoub commented Apr 21, 2015

Today we disallow any usage of pointers in iterators, due to the issues involved with those pointers and the associated state moving to the heap. But we allow pointers in async methods (which have similar constraints) with the restriction that awaits can't be used in an unsafe context, e.g. this is allowed:

unsafe (...)
{
    ... // no awaits
}
await ...;
unsafe (...)
{
    ... // no awaits
}

but this is not allowed:

unsafe (...)
{
    await ...;
}

We could allow unsafe code in iterators, but with a similar constraint: yield is not allowed in unsafe contexts, e.g. this would be allowed:

unsafe (...)
{
    ... // no yields
}
yield return ...;
unsafe (...)
{
    ... // no yields
}
@paulomorgado

This comment has been minimized.

Show comment
Hide comment
@paulomorgado

paulomorgado Apr 28, 2015

That makes sense!

paulomorgado commented Apr 28, 2015

That makes sense!

@gistofj

This comment has been minimized.

Show comment
Hide comment
@gistofj

gistofj May 11, 2015

how do I thumbs up this?

er... +1!

gistofj commented May 11, 2015

how do I thumbs up this?

er... +1!

@gafter gafter added the 1 - Planning label Nov 20, 2015

@agocke

This comment has been minimized.

Show comment
Hide comment
@agocke

agocke May 13, 2016

Contributor

@stephentoub Seems fine to me.

More broadly, do you know of any CLR restrictions about spilling unmanaged pointers across the state machine? AFAIK, that seems the be the main restriction around async and unsafe, so theoretically the compiler could support spilling unmanaged pointers, as long as there are no issues with doing this in the CLR.

Contributor

agocke commented May 13, 2016

@stephentoub Seems fine to me.

More broadly, do you know of any CLR restrictions about spilling unmanaged pointers across the state machine? AFAIK, that seems the be the main restriction around async and unsafe, so theoretically the compiler could support spilling unmanaged pointers, as long as there are no issues with doing this in the CLR.

@stephentoub

This comment has been minimized.

Show comment
Hide comment
@stephentoub

stephentoub May 13, 2016

Member

More broadly, do you know of any CLR restrictions about spilling unmanaged pointers across the state machine?

Are you asking about enabling not just:

unsafe
{
    ... // no yields
}
yield return ...;
unsafe
{
    ... // no yields
}

but also:

unsafe
{
    ...
    yield return ...;
    ...
}

?

If so, even if it could be made to work (e.g. storing the pointers into the state machine), I think it would be dangerous, as it'd be incredibly easy to write bad code, e.g.

unsafe
{
    int* state = stackalloc int[1];
    state[0] = 42;
    yield return ...;
    Use(state[0]);
}
Member

stephentoub commented May 13, 2016

More broadly, do you know of any CLR restrictions about spilling unmanaged pointers across the state machine?

Are you asking about enabling not just:

unsafe
{
    ... // no yields
}
yield return ...;
unsafe
{
    ... // no yields
}

but also:

unsafe
{
    ...
    yield return ...;
    ...
}

?

If so, even if it could be made to work (e.g. storing the pointers into the state machine), I think it would be dangerous, as it'd be incredibly easy to write bad code, e.g.

unsafe
{
    int* state = stackalloc int[1];
    state[0] = 42;
    yield return ...;
    Use(state[0]);
}
@agocke

This comment has been minimized.

Show comment
Hide comment
@agocke

agocke May 13, 2016

Contributor

@stephentoub Yup, very dangerous, but it is unsafe, to be fair.

Contributor

agocke commented May 13, 2016

@stephentoub Yup, very dangerous, but it is unsafe, to be fair.

@agocke

This comment has been minimized.

Show comment
Hide comment
@agocke

agocke May 13, 2016

Contributor

Certain things, like fixed, would still have to be prohibited outright, obviously.

Contributor

agocke commented May 13, 2016

Certain things, like fixed, would still have to be prohibited outright, obviously.

@gafter

This comment has been minimized.

Show comment
Hide comment
@gafter

gafter Apr 28, 2017

Member

Issue moved to dotnet/csharplang #510 via ZenHub

Member

gafter commented Apr 28, 2017

Issue moved to dotnet/csharplang #510 via ZenHub

@gafter gafter closed this Apr 28, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment