Abandon coroutine handles during IOCP shutdown to avoid stack overflow

Coroutine frames cannot be destroyed during the shutdown drain loop
because trampoline and inner-task coroutines have circular ownership
that causes re-entrant destruction. Instead, abandon the handles and
force outstanding_work_ to zero after draining both queues.

Also adds /EHsc to the benchmark target for MSVC so Asio comparison
files link correctly.

Author: sgerbino

include/boost/corosio/native/detail/iocp/win_acceptor_service.hpp

@@ -153,9 +153,6 @@ accept_op::do_complete(
 {
     auto* op = static_cast<accept_op*>(base);
 
-    // Destroy path (shutdown). Release resources owned by this
-    // op before destroying the coroutine frame, whose tcp_socket
-    // destructors will handle their own cleanup independently.
     if (!owner)
     {
         if (op->accepted_socket != INVALID_SOCKET)

include/boost/corosio/native/detail/iocp/win_overlapped_op.hpp

@@ -147,17 +147,11 @@ struct overlapped_op
         dispatch_coro(ex, h).resume();
     }
 
-    /** Cleanup without invoking handler (for destroy/shutdown path).
-        Destroys the waiting coroutine frame to prevent leaks.
-    */
+    /** Disarm cancellation and abandon the coroutine handle. */
     void cleanup_only()
     {
         stop_cb.reset();
-        if (h)
-        {
-            h.destroy();
-            h = {};
-        }
+        h = {};
     }
 };
 

include/boost/corosio/native/detail/iocp/win_scheduler.hpp

@@ -196,48 +196,49 @@ win_scheduler::shutdown()
 {
     ::InterlockedExchange(&shutdown_, 1);
 
-    // Stop timer wakeup mechanism
     if (timers_)
         timers_->stop();
 
-    // Drain all outstanding operations without invoking handlers
-    while (::InterlockedExchangeAdd(&outstanding_work_, 0) > 0)
+    for (;;)
     {
-        // First drain the fallback queue
         op_queue ops;
         {
             std::lock_guard<win_mutex> lock(dispatch_mutex_);
             ops.splice(completed_ops_);
         }
 
+        bool drained_any = false;
+
         while (auto* h = ops.pop())
         {
-            ::InterlockedDecrement(&outstanding_work_);
             h->destroy();
+            drained_any = true;
         }
 
-        // Then drain from IOCP with zero timeout (non-blocking)
         DWORD bytes;
         ULONG_PTR key;
         LPOVERLAPPED overlapped;
         ::GetQueuedCompletionStatus(iocp_, &bytes, &key, &overlapped, 0);
         if (overlapped)
         {
-            ::InterlockedDecrement(&outstanding_work_);
             if (key == key_posted)
             {
-                // Posted scheduler_op*
                 auto* op = reinterpret_cast<scheduler_op*>(overlapped);
                 op->destroy();
             }
             else
             {
-                // Actual I/O: convert OVERLAPPED* to overlapped_op*
                 auto* op = overlapped_to_op(overlapped);
                 op->destroy();
             }
+            drained_any = true;
         }
+
+        if (!drained_any)
+            break;
     }
+
+    ::InterlockedExchange(&outstanding_work_, 0);
 }
 
 inline void
@@ -253,9 +254,6 @@ win_scheduler::post(std::coroutine_handle<> h) const
             auto* self = static_cast<post_handler*>(base);
             if (!owner)
             {
-                // Destroy path: destroy the coroutine frame, then self
-                if (self->h_)
-                    self->h_.destroy();
                 delete self;
                 return;
             }

perf/bench/CMakeLists.txt

@@ -32,7 +32,8 @@ target_link_libraries(corosio_bench
         Threads::Threads)
 
 target_compile_options(corosio_bench PRIVATE
-    $<$<CXX_COMPILER_ID:GNU>:-fcoroutines>)
+    $<$<CXX_COMPILER_ID:GNU>:-fcoroutines>
+    $<$<CXX_COMPILER_ID:MSVC>:/EHsc>)
 
 set_property(TARGET corosio_bench PROPERTY FOLDER "perf/benchmarks")