-
Notifications
You must be signed in to change notification settings - Fork 289
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Discussions about UnwindSafe
/RefUnwindSafe
#1543
Comments
cc @Desdaemon - what do you think? (Everyone feel free to discuss here! But I guess this issue will be seen by almost nobody except when |
Personally I think approach two is alright, but maybe add an opt-out?(so that in the rare case if the user does care about unwindsafety they can opt-out |
Totally agree. Maybe we can firstly use approach 2, and when someone in the future wants to opt-out, he or she can create an issue, and we can implement that in the future. |
Tentative: #1574 |
One more related user report: #1575 |
Personally, the largest source of friction for me has been wrapping trait objects since its implementers are not guaranteed to be unwind-safe despite being so most of the time. Otherwise I appreciate the fine-grained approach to safety and don't mind a bit boilerplate, but it's good to have options. |
Looks reasonable! Then Maybe I will firstly use approach 2 to fix those several bug reports immediately, and consider approach 1 later. |
This thread has been automatically locked since there has not been any recent activity after it was closed. If you are still experiencing a similar issue, please open a new issue. |
Background
Firstly, it is inevitable to use
catch_unwind
, because we surely do not want the whole app to crash (Rust's "abort") if there is just a Rust panic. Instead, we want an exception thrown in Dart side. That's the current FRB behavior.Secondly, when using
catch_unwind
, Rust requires the related things areUnwindSafe
. When something is not automatically considered as UnwindSafe by the Rust compiler, the programmer needs to do something manually. One way is to useAssertUnwindSafe
, which is safe Rust code (not unsafe Rust code! so no big worries).The question
Approach 1: Currently, I choose to leave it to the end user, i.e. the users need to manually think and wrap AssertUnwindSafe here and there.
Approach 2: An alternative approach is to wrap AssertUnwindSafe unconditionally inside FRB core, thus the users do not need to worry about this, which makes development a bit more fluent, and also avoid some edge cases like #1573.
Related: Discussions around
AssertUnwindSafe
e.g. https://users.rust-lang.org/t/is-this-use-of-assertunwindsafe-safe-wrapping-a-future-that-is-send-static/73067
As for what to do if a type is not UnwindSafe:
Given alice's thoughts, it seems that it is good to use approach 2.
rust-lang/rust#40628
Following hyperlinks here and there, I see notes such as:
rust-lang/crates.io#7453
I quickly searched Pyo3:
https://github.com/search?q=repo%3APyO3%2Fpyo3+AssertUnwindSafe&type=code
And during my usage of pyo3, I am never required to add AssertUnwindSafe here and there.
Therefore, without deeper investigation, I guess pyo3 uses approach 2.
The text was updated successfully, but these errors were encountered: