libsync: Add safer abstraction for SPSC queue. #15995
Conversation
|
In general the concurrent queue types are not currently meant for general consumption, they would require extensive cleanup and scrutiny for that to be the case. Incremental improvements are always welcome, however! |
| queue: spsc::Queue<Message<T>>, // internal queue for all message | ||
| // internal queue for all message | ||
| producer: spsc::Producer<Message<T>>, | ||
| consumer: spsc::Consumer<Message<T>>, |
There was a problem hiding this comment.
This packet should probably contain just a Queue instead of both halves.
|
@alexcrichton Reverted |
| let producer = Producer { inner: arc }; | ||
|
|
||
| (consumer, producer) | ||
| } |
There was a problem hiding this comment.
There is currently not much precedent for a constructor of the form T::new() -> (U, V) where the return type is completely different from T. I would recommend taking the same approach as channels and have a top-level queue() or pair() function returning the tuple.
Our current naming conventions for a function such as this would mean that the "unchecked" modifier in the constructor below is out of place, and the function would be best named new s well (if this one was renamed).
There was a problem hiding this comment.
I'm in favor of renaming to top-level queue() and removing to the unchecked, so it's unsafe fn new....
If that's all ok I'll go ahead with a final rebase?
The current spsc implementation doesn't enforce single-producer
single-consumer usage and also allows unsafe memory use through
peek & pop.
For safer usage, `spsc_queue::queue` now returns a pair of owned objects which
only allow consumer or producer behaviours through an `Arc`.
Through restricting the mutability of the receiver to `mut` the
peek and pop behaviour becomes safe again, with the compiler
complaining about usage which could lead to problems.
To fix code broken from this, update:
Queue::new(x) -> unsafe { Queue::new(x) }
[breaking-change]
The current spsc implementation doesn't enforce single-producer
single-consumer usage and also allows unsafe memory use through
peek & pop.
For safer usage, `new` now returns a pair of owned objects which
only allow consumer or producer behaviors through an `Arc`.
Through restricting the mutability of the receiver to `mut` the
peek and pop behavior becomes safe again, with the compiler
complaining about usage which could lead to problems.
To fix code broken from this, update:
Queue::new(x) -> unsafe { Queue::unchecked_new(x) }
[breaking-change]
For an example of broken behavior, check the added test which uses the unchecked constructor.
The current spsc implementation doesn't enforce single-producer
single-consumer usage and also allows unsafe memory use through
peek & pop.
For safer usage,
newnow returns a pair of owned objects whichonly allow consumer or producer behaviors through an
Arc.Through restricting the mutability of the receiver to
mutthepeek and pop behavior becomes safe again, with the compiler
complaining about usage which could lead to problems.
To fix code broken from this, update:
Queue::new(x) -> unsafe { Queue::unchecked_new(x) }
[breaking-change]
For an example of broken behavior, check the added test which uses the unchecked constructor.