stage2: improve handling of the generated file builtin.zig #10290
+124
−27
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
All Zig code is eligible to `@import("builtin")` which is mapped to a
generated file, build.zig, based on the target and other settings.
Zig invocations which share the same target settings will generate the
same builtin.zig file and thus the path to builtin.zig is in a shared
cache folder, and different projects can sometimes use the same file.
Before this commit, this led to race conditions where multiple
invocations of `zig` would race to write this file. If one process
wanted to *read* the file while the other process *wrote* the file, the
reading process could observe a truncated or partially written
builtin.zig file.
This commit makes the following improvements:
- limitations:
- avoid clobbering the inode, mtime in the hot path
- avoid creating a partially written file
- builtin.zig needs to be on disk for debug info / stack trace purposes
- don't mark the task as complete until the file is finished being populated
(possibly by an external process)
- strategy:
- create the `@import("builtin")` `Module.File` during the AstGen
work, based on generating the contents in memory rather than
loading from disk.
- write builtin.zig in a separate task that doesn't have
to complete until the end of the AstGen work queue so that it
can be done in parallel with everything else.
- when writing the file, first stat the file path. If it exists, we are done.
- otherwise, write the file to a temp file in the same directory and atomically
rename it into place (clobbering the inode, mtime in the cold path).
- summary:
- all limitations respected
- hot path: one stat() syscall that happens in a worker thread
This required adding a missing function to the standard library:
`std.fs.Dir.statFile`. In this commit, it does open() and then fstat()
which is two syscalls. It should be improved in a future commit to only
make one.
Fixes #9439.
|
If anyone who was experiencing the race condition wants to try this PR out, here is a build of this branch (cc @motiejus): |
matu3ba
reviewed
Dec 7, 2021
| @@ -2170,6 +2170,16 @@ pub const Dir = struct { | |||
| return file.stat(); | |||
| } | |||
|
|
|||
| pub const StatFileError = File.OpenError || StatError; | |||
|
|
|||
| // TODO: improve this to use the fstatat syscall instead of making 2 syscalls here. | |||
There was a problem hiding this comment.
Whenever stat involved, a reason about TOCTOU should be added.
A detailed reasoning of what weird things can happen, if one only uses stat before open: https://unparalleled.eu/publications/2021/advisory-unpar-2021-0.txt
So this should at least argue, why it is fine to use stat here.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
All Zig code is eligible to
@import("builtin")which is mapped to agenerated file, build.zig, based on the target and other settings.
Zig invocations which share the same target settings will generate the
same builtin.zig file and thus the path to builtin.zig is in a shared
cache folder, and different projects can sometimes use the same file.
Before this commit, this led to race conditions where multiple
invocations of
zigwould race to write this file. If one processwanted to read the file while the other process wrote the file, the
reading process could observe a truncated or partially written
builtin.zig file.
This commit makes the following improvements:
(possibly by an external process)
@import("builtin")Module.Fileduring the AstGenwork, based on generating the contents in memory rather than
loading from disk.
to complete until the end of the AstGen work queue so that it
can be done in parallel with everything else.
rename it into place (clobbering the inode, mtime in the cold path).
This required adding a missing function to the standard library:
std.fs.Dir.statFile. In this commit, it does open() and then fstat()which is two syscalls. It should be improved in a future commit to only
make one.
Fixes #9439.