rt: avoid dropping a task in calls to wake() (#1972)

Calls to tasks should not be nested. Currently, while a task is being executed and the runtime is shutting down, a call to wake() can result in the wake target to be dropped. This, in turn, results in the drop handler being called. If the user holds a ref cell borrow, a mutex guard, or any such value, dropping the task inline can result in a deadlock. The fix is to permit tasks to be scheduled during the shutdown process and dropping the tasks once they are popped from the queue. Fixes #1929, #1886
2025-10-01 12:20:39 +00:00 · 2019-12-17 20:52:09 -08:00 · 2019-12-17 20:52:09 -08:00 · 41d15ea212
commit 41d15ea212
parent 8add90210b
5 changed files with 141 additions and 26 deletions
--- a/tokio/src/runtime/basic_scheduler.rs
+++ b/tokio/src/runtime/basic_scheduler.rs
@ -84,7 +84,7 @@ where
        F::Output: Send + 'static,
    {
        let (task, handle) = task::joinable(future);
-        self.scheduler.schedule(task);
+        self.scheduler.schedule(task, true);
        handle
    }
@ -161,7 +161,7 @@ impl Spawner {
        F::Output: Send + 'static,
    {
        let (task, handle) = task::joinable(future);
-        self.scheduler.schedule(task);
+        self.scheduler.schedule(task, true);
        handle
    }
@ -230,6 +230,27 @@ impl SchedulerPriv {
        self.queues.push_local(task);
        handle
    }
    fn schedule(&self, task: Task<Self>, spawn: bool) {
        let is_current = ACTIVE.with(|cell| cell.get() == self as *const SchedulerPriv);
        if is_current {
            unsafe {
                // safety: this function is safe to call only from the
                // thread the basic scheduler is running on. If `is_current` is
                // then we are on that thread.
                self.queues.push_local(task)
            };
        } else {
            let mut lock = self.queues.remote();
            lock.schedule(task, spawn);
            // while locked, call unpark
            self.unpark.unpark();
            drop(lock);
        }
    }
 }
 impl Schedule for SchedulerPriv {
@ -260,24 +281,7 @@ impl Schedule for SchedulerPriv {
    }
    fn schedule(&self, task: Task<Self>) {
-        let is_current = ACTIVE.with(|cell| cell.get() == self as *const SchedulerPriv);
+        SchedulerPriv::schedule(self, task, false);
        if is_current {
            unsafe {
                // safety: this function is safe to call only from the
                // thread the basic scheduler is running on. If `is_current` is
                // then we are on that thread.
                self.queues.push_local(task)
            };
        } else {
            let mut lock = self.queues.remote();
            lock.schedule(task);
            // while locked, call unpark
            self.unpark.unpark();
            drop(lock);
        }
    }
 }
@ -298,10 +302,16 @@ where
        }
        // Wait until all tasks have been released.
-        while unsafe { self.scheduler.queues.has_tasks_remaining() } {
+        loop {
            self.local.park.park().ok().expect("park failed");
            unsafe {
                self.scheduler.queues.drain_pending_drop();
                self.scheduler.queues.drain_queues();
                if !self.scheduler.queues.has_tasks_remaining() {
                    break;
                }
                self.local.park.park().ok().expect("park failed");
            }
        }
    }
--- a/tokio/src/task/local.rs
+++ b/tokio/src/task/local.rs
@ -345,7 +345,7 @@ impl Schedule for Scheduler {
            unsafe { self.queues.push_local(task) };
        } else {
            let mut lock = self.queues.remote();
-            lock.schedule(task);
+            lock.schedule(task, false);
            self.waker.wake();
@ -437,8 +437,15 @@ impl Drop for Scheduler {
            // Wait until all tasks have been released.
            // XXX: this is a busy loop, but we don't really have any way to park
            // the thread here?
-            while self.queues.has_tasks_remaining() {
+            loop {
                self.queues.drain_pending_drop();
                self.queues.drain_queues();
                if !self.queues.has_tasks_remaining() {
                    break;
                }
                std::thread::yield_now();
            }
        }
    }
--- a/tokio/src/task/queue.rs
+++ b/tokio/src/task/queue.rs
@ -233,6 +233,16 @@ where
        self.drain_pending_drop();
    }
    /// Drain both the local and remote run queues, shutting down any tasks.
    ///
    /// # Safety
    ///
    /// This *must* be called only from the thread that owns the scheduler.
    pub(crate) unsafe fn drain_queues(&self) {
        self.close_local();
        self.close_remote();
    }
    /// Shut down the scheduler's owned task list.
    ///
    /// # Safety
@ -300,8 +310,10 @@ where
    /// If the queue is open to accept new tasks, the task is pushed to the back
    /// of the queue. Otherwise, if the queue is closed (the scheduler is
    /// shutting down), the new task will be shut down immediately.
-    pub(crate) fn schedule(&mut self, task: Task<S>) {
+    ///
-        if self.open {
+    /// `spawn` should be set if the caller is spawning a new task.
    pub(crate) fn schedule(&mut self, task: Task<S>, spawn: bool) {
        if !spawn || self.open {
            self.queue.push_back(task);
        } else {
            task.shutdown();
--- a/tokio/tests/rt_basic.rs
+++ b/tokio/tests/rt_basic.rs
@ -27,6 +27,42 @@ fn spawned_task_does_not_progress_without_block_on() {
    assert_eq!(out, "hello");
 }
 #[test]
 fn acquire_mutex_in_drop() {
    use futures::future::pending;
    use tokio::task;
    let (tx1, rx1) = oneshot::channel();
    let (tx2, rx2) = oneshot::channel();
    let mut rt = rt();
    rt.spawn(async move {
        let _ = rx2.await;
        unreachable!();
    });
    rt.spawn(async move {
        let _ = rx1.await;
        let _ = tx2.send(()).unwrap();
        unreachable!();
    });
    // Spawn a task that will never notify
    rt.spawn(async move {
        pending::<()>().await;
        tx1.send(()).unwrap();
    });
    // Tick the loop
    rt.block_on(async {
        task::yield_now().await;
    });
    // Drop the rt
    drop(rt);
 }
 fn rt() -> Runtime {
    tokio::runtime::Builder::new()
        .basic_scheduler()
--- a/tokio/tests/task_local_set.rs
+++ b/tokio/tests/task_local_set.rs
@ -0,0 +1,50 @@
 #![warn(rust_2018_idioms)]
 #![cfg(feature = "full")]
 use tokio::runtime::Runtime;
 use tokio::sync::oneshot;
 use tokio::task::{self, LocalSet};
 #[test]
 fn acquire_mutex_in_drop() {
    use futures::future::pending;
    let (tx1, rx1) = oneshot::channel();
    let (tx2, rx2) = oneshot::channel();
    let mut rt = rt();
    let local = LocalSet::new();
    local.spawn_local(async move {
        let _ = rx2.await;
        unreachable!();
    });
    local.spawn_local(async move {
        let _ = rx1.await;
        let _ = tx2.send(()).unwrap();
        unreachable!();
    });
    // Spawn a task that will never notify
    local.spawn_local(async move {
        pending::<()>().await;
        tx1.send(()).unwrap();
    });
    // Tick the loop
    local.block_on(&mut rt, async {
        task::yield_now().await;
    });
    // Drop the LocalSet
    drop(local);
 }
 fn rt() -> Runtime {
    tokio::runtime::Builder::new()
        .basic_scheduler()
        .enable_all()
        .build()
        .unwrap()
 }