-
Notifications
You must be signed in to change notification settings - Fork 1.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Fix a race condition in the Wasm type registry Under certain concurrent event orderings, the type registry was susceptible to double-unregistration bugs due to a race condition. Consider the following example where we have threads `A` and `B`, an existing rec group entry `E`, and another rec group entry `E'` that is a duplicate of `E`: | Thread A | Thread B | |-----------------------------------|--------------------------------| | `acquire(type registry lock)` | | | | `decref(E) --> 0` | | | `block_on(type registry lock)` | | `register(E') == incref(E) --> 1` | | | `release(type registry lock)` | | | `decref(E) --> 0` | | | `acquire(type registry lock)` | | | `unregister(E)` | | | `release(type registry lock)` | | | | `acquire(type registry lock)` | | | `unregister(E)` !!!!!! | As you can see, in the above event ordering, we would unregister `E` twice, leading to panics and potential type registry corruption. This commit adds an `unregistered` flag to each entry which is set when we commit to unregistering the entry and while we hold the type registry lock. When we are considering unregistering an entry at the beginning of `TypeRegistryInner::unregister_entry`, because we observed a zero-registrations count for that entry and then waited on the type registry's lock, we now check if that flag is already set (by some concurrent unregistration that happened between observing the zero-registrations count and acquiring the lock) before we actually perform the unregistration. Furthermore, in the process of writing a smoke test for concurrent module (and therefore type) loading and unloading, I discovered an index out-of-bounds panic during Wasm-to-CLIF module translation. This commit also includes the one-line fix for that bug and a `.wast` regression test for it as well. * Update test to trigger case requiring `unregistered` flag * Add another test further stressing concurrent interactions Try to get a module's function type to get typed the wrong way and/or get wasm to call with the wrong signature. * Add note about accessing `unregistered` and locking --------- Co-authored-by: Alex Crichton <alex@alexcrichton.com>
- Loading branch information
1 parent
b9865d8
commit 590674f
Showing
4 changed files
with
422 additions
and
31 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.