Skip to content

[Concurrency] Fix unsafe continuation validation when a continued task has been destroyed. #75274

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 19, 2024
Merged

[Concurrency] Fix unsafe continuation validation when a continued task has been destroyed. #75274

merged 1 commit into from
Jul 19, 2024

Conversation

mikeash
Copy link
Contributor

@mikeash mikeash commented Jul 16, 2024

SWIFT_DEBUG_VALIDATE_UNCHECKED_CONTINUATIONS works by tracking the context pointers of active continuations, and verifying that a resumed context is in the set of active continuations. However, the resume calls are passed the task pointer, not the context pointer. The context pointer is recovered from the task. If the task has been destroyed, the context pointer is invalid. This can result in a weird error message or it can crash if the context pointer is used before checking it against the active continuations.

Instead, track tasks that are suspended pending an unchecked continuation. If the task is destroyed, we'll still be passed the dangling pointer and check that pointer against the tracking info. We must be sure to check that before trying to use anything inside it.

rdar://131858544

@mikeash
[Concurrency] Fix unsafe continuation validation when a continued tas…
c1772eb 
…k has been destroyed.

SWIFT_DEBUG_VALIDATE_UNCHECKED_CONTINUATIONS works by tracking the context pointers of active continuations, and verifying that a resumed context is in the set of active continuations. However, the resume calls are passed the task pointer, not the context pointer. The context pointer is recovered from the task. If the task has been destroyed, the context pointer is invalid. This can result in a weird error message or it can crash if the context pointer is used before checking it against the active continuations.

Instead, track tasks that are suspended pending an unchecked continuation. If the task is destroyed, we'll still be passed the dangling pointer and check that pointer against the tracking info. We must be sure to check that before trying to use anything inside it.

rdar://131858544
@mikeash mikeash requested a review from ktoso as a code owner July 16, 2024 19:08
@mikeash
Copy link
Contributor Author

mikeash commented Jul 16, 2024

@swift-ci please test

ktoso
ktoso approved these changes Jul 19, 2024
View reviewed changes
Copy link
Contributor

@ktoso ktoso left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That seems Lola a good improvement, thank you!

@mikeash mikeash merged commit fa0f2b2 into swiftlang:main Jul 19, 2024
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ktoso ktoso ktoso approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mikeash @ktoso