coroutine: allocate coroutine frame in a critical section

avikivity · avikivity · commit d91b2db1dd78 · 2025-08-04T18:14:57.000+03:00
Like continuations, coroutines are glue that cannot be allowed
to fail. For example, if cleanup coroutine fails to allocate
and returns an exception future, cleanup will not be done and
the system will enter an undefined state. Better to crash.

This conflicts with test code that tries to inject memory failures
and see how they are handled (file_io_test.cc handle_bad_alloc_test).
The coroutine will throw std::bad_alloc (since we don't define
get_return_object_on_allocation_failure()), and since it's declared
noexcept, will call std::terminate.

To avoid all this, follow future::schedule() and prevent memory
allocation failure injection from interfering with coroutine
frame allocation. In this regard a coroutine frame is just like
a continuation.

This is done by injecting class-specific operator new and operator
delete. Sized deallocation is also defined if supported by the compiler.
diff --git a/include/seastar/core/coroutine.hh b/include/seastar/core/coroutine.hh
@@ -30,16 +30,33 @@
 
 #ifndef SEASTAR_MODULE
 #include <coroutine>
+#include <new>
 #endif
 
 namespace seastar {
 
 namespace internal {
 
+class coroutine_allocators {
+public:
+    static void* operator new(size_t size) {
+        memory::scoped_critical_alloc_section _;
+        return ::operator new(size);
+    }
+    static void operator delete(void* ptr) noexcept {
+        ::operator delete(ptr);
+    }
+#ifdef __cpp_sized_deallocation
+    static void operator delete(void* ptr, std::size_t sz) noexcept {
+        ::operator delete(ptr, sz);
+    }
+#endif
+};
+
 template <typename T = void>
 class coroutine_traits_base {
 public:
-    class promise_type final : public seastar::task {
+    class promise_type final : public seastar::task, public coroutine_allocators {
         seastar::promise<T> _promise;
     public:
         promise_type() = default;
@@ -91,7 +108,7 @@ public:
 template <>
 class coroutine_traits_base<> {
 public:
-   class promise_type final : public seastar::task {
+   class promise_type final : public seastar::task, public coroutine_allocators {
         seastar::promise<> _promise;
     public:
         promise_type() = default;
