N3679:Async() 未來的析構函數必須等待

[..] 由 async() 返回的具有 async 啟動策略的 Futures 在它們的析構函數中等待相關的共享狀態準備就緒.這可以防止出現關聯線程繼續運行的情況，并且不再有等待它完成的方法，因為關聯的未來已被銷毀.如果沒有英勇的努力以其他方式等待完成，這樣一個失控"的線程可以繼續運行超過它所依賴的對象的生命周期.

[例子]

最終結果很可能是跨線程內存粉碎".如果 get() 或 wait() 在它們 [期貨] 被銷毀之前被調用 [..]，這個問題當然可以避免.困難 [..] 是意外的異常可能會導致該代碼被繞過.因此，通常需要某種范圍保護裝置來確保安全.如果程序員忘記添加范圍保護，攻擊者可能會生成例如在適當的時候發生 bad_alloc 異常以利用疏忽，并導致堆棧被覆蓋.還可以控制用于覆蓋堆棧的數據，從而獲得對過程的控制.這是一個非常微妙的錯誤，根據我們的經驗，它很可能在實際代碼中被忽略.

更新:Michael Wong 的旅行報告還包含一些關于 2013 年 9 月會議成果的有趣信息:

關于異步析構函數不應阻塞的問題，我們對此進行了大量討論.[..] 唯一獲得大量支持的立場是 [..] 給出警告，即未來的析構函數不會阻塞，除非從 async 返回，使其成為顯著的例外.[..] 經過大量討論，我們嘗試攜帶的唯一部分是 N3776，試圖澄清 ~future 和 ~shared_future 不阻塞的立場，除了可能存在異步.有一次嘗試沿 C 的路線發出棄用. 棄用異步而不替換.這個議案實際上幾乎是提出來的.但是 [..] 它甚至在到達手術臺之前就已經死亡.

When trying to answer another Stackoverflow question, I realized that this simple C++11 snippet is implicitly blocking the calling thread:

std::async(std::launch::async, run_async_task)

To me this would have seemed the canonical C++11 way to launch a task asynchronously without caring about the result. Instead one has to apparently explicitly create and detach a thread (see answer to mentioned question) in order to achieve this.

So here's my question: Is there any reason in regards to safety/correctness that the destructor of a std::future has to be blocking? Wouldn't it be enough if it blocks on get only and otherwise, if I'm not interested in the return value or exception, it's simply fire and forget?

Blocking destructors of futures returned by std::async and of threads: That's a controversial topic. The following list of papers in chronological order reflects some of the discussions by the members of the committee:

• N2802: A plea to reconsider detach-on-destruction for thread objects by Hans Boehm
• N3630: async, ~future, and ~thread (Revision 1) by Herb Sutter
• N3636: ~thread Should Join by Herb Sutter
• N3637: async and ~future (Revision 3) by Herb Sutter, Chandler Carruth, Niklas Gustafsson
• N3679: Async() future destructors must wait by Hans Boehm
• N3773: async and ~future (Revision 4) by Herb Sutter, Chandler Carruth, Niklas Gustafsson
• N3776: Wording for ~future by Herb Sutter
• N3777: Wording for deprecating async by Herb Sutter

Although there was a lot of discussion, there are no changes planned for C++14 regarding the blocking behaviour of the destructors of std::future and std::thread.

Regarding your question, the most interesting paper is probably the second by Hans Boehm. I quote some parts to answer your question.

N3679: Async() future destructors must wait

[..] Futures returned by async() with async launch policy wait in their destructor for the associated shared state to become ready. This prevents a situation in which the associated thread continues to run, and there is no longer a means to wait for it to complete because the associated future has been destroyed. Without heroic efforts to otherwise wait for completion, such a "run-away" thread can continue to run past the lifetime of the objects on which it depends.

[Example]

The end result is likely to be a cross-thread "memory smash". This problem is of course avoided if get() or wait() is called [..] before they [the futures] are destroyed. The difficulty [..] is that an unexpected exception may cause that code to be bypassed. Thus some sort of scope guard is usually needed to ensure safety. If the programmer forgets to add the scope guard, it appears likely that an attacker could generate e.g. a bad_alloc exception at an opportune point to take advantage of the oversight, and cause a stack to be overwritten. It may be possible to also control the data used to overwrite the stack, and thus gain control over the process. This is a sufficiently subtle error that, in our experience, it is likely to be overlooked in real code.

Update: Michael Wong's Trip Report also contains some interesting information regarding the outcomes of the meeting in September 2013:

The View from the C++ Standard meeting September 2013 Part 2 of 2.

On the issue that async destructors should not block we devoted a great deal of discussion on it. [..] The only position that received considerable support was [..] giving advisory that future destructors will not block, unless returned from async, making it the notable exception. [..] After significant discussion, the only part that we tried to carry was N3776, an attempt to clarify the position that ~future and ~shared_future don’t block except possibly in the presence of async. There was an attempt to issue a deprecation along the lines of C. Deprecate async without replacement. This motion was actually almost put forward. But [..] it died even before it reached the operating table.

這篇關于為什么從`std::async` 阻塞返回未來的析構函數?的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！