[6.2] Fix IRGen to pass complete metadata to various concurrency builtins #84243
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fixes rdar://146155888
|
@swift-ci Please test |
hborla
approved these changes
Sep 11, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Type metadata can be initialized to varying levels of completeness. Most uses of type metadata in the language require "complete" metadata, which ensures that the type's layout is fully initialized. At the opposite end of the spectrum is "abstract" metadata, which basically just allocates the metadata and then fills in the identity of the type. Using abstract metadata when complete metadata is required can easily lead to memory corruption and crashes. Nonetheless, incomplete metadata is important because it allows self-referential types to be built, like a struct
Sthat contains a (resilient)Producer<S>stored property, or a classCwhose superclass isSuper<C>.The code for the builtins behind async let, task groups, and Task.runInline was incorrectly requesting abstract type metadata for the result type of the task, which could lead to crashes in the runtime if the type metadata happened to not already have been completed. Task.runInline is a non-standard operation that doesn't appear to be inlinable, and I couldn't convince the compiler to directly emit the task group builtin in user code; this means that those two bugs have probably skated by because the use in the runtime is always passing a value it received as a generic argument, and type metadata passed as generic arguments are required to already be complete. The async let case is definitely possible in user code, unfortunately.
Because the metadata runtime is generally rather eager about completing type metadata, and because it doesn't matter what level of initialization you request if the metadata is already complete, it can be rather hard to encounter this bug; the most likely scenario is a race between threads to request the metadata for the first time.
Fixes rdar://146155888.
6.2 version of #84242.
Scope: affects IR generation for
async let, leading to possible memory corruption and crashesRisk: low; fix is small and obviously correct
Reviewed by: @ktoso, @mikeash
Testing: new regression tests