finish implementing reentrance checks

dicej · dicej · commit 7cf1ed37b03b · 2025-01-15T16:53:47.000-07:00
Signed-off-by: Joel Dice &lt;joel.dice@fermyon.com&gt;
diff --git a/crates/wasmtime/src/runtime/component/concurrent.rs b/crates/wasmtime/src/runtime/component/concurrent.rs
@@ -1740,9 +1740,41 @@ pub(crate) extern "C" fn async_enter<T>(
     }
 }
 
+fn may_enter<T>(
+    store: &mut StoreContextMut<T>,
+    mut guest_task: TableId<GuestTask>,
+    guest_instance: RuntimeComponentInstanceIndex,
+) -> bool {
+    // Walk the task tree back to the root, looking for potential reentrance.
+    //
+    // TODO: This could be optimized by maintaining a per-`GuestTask` bitset
+    // such that each bit represents and instance which has been entered by that
+    // task or an ancestor of that task, in which case this would be a constant
+    // time check.
+    loop {
+        match &store
+            .concurrent_state()
+            .table
+            .get_mut(guest_task)
+            .unwrap()
+            .caller
+        {
+            Caller::Host(_) => break true,
+            Caller::Guest { task, instance } => {
+                if *instance == guest_instance {
+                    break false;
+                } else {
+                    guest_task = *task;
+                }
+            }
+        }
+    }
+}
+
 fn make_call<T>(
     guest_task: TableId<GuestTask>,
     callee: SendSyncPtr<VMFuncRef>,
+    callee_instance: RuntimeComponentInstanceIndex,
     param_count: usize,
     result_count: usize,
     flags: Option<InstanceFlags>,
@@ -1753,6 +1785,10 @@ fn make_call<T>(
        + Sync
        + 'static {
     move |mut cx: StoreContextMut<T>| {
+        if !may_enter(&mut cx, guest_task, callee_instance) {
+            bail!(crate::Trap::CannotEnterComponent);
+        }
+
         let mut storage = [MaybeUninit::uninit(); MAX_FLAT_PARAMS];
         let lower = cx
             .concurrent_state()
@@ -2021,6 +2057,7 @@ pub(crate) extern "C" fn async_exit<T>(
             let call = make_call(
                 guest_task,
                 callee,
+                callee_instance,
                 param_count,
                 result_count,
                 if callback.is_null() {
@@ -2123,6 +2160,7 @@ pub(crate) fn start_call<'a, T: Send, LowerParams: Copy, R: 'static>(
     let call = make_call(
         guest_task,
         SendSyncPtr::new(callee),
+        component_instance,
         mem::size_of::<LowerParams>() / mem::size_of::<ValRaw>(),
         1,
         if callback.is_none() {
diff --git a/tests/all/component_model/func.rs b/tests/all/component_model/func.rs
@@ -821,6 +821,119 @@ fn strings() -> Result<()> {
     Ok(())
 }
 
+#[tokio::test]
+async fn async_reentrance() -> Result<()> {
+    let component = r#"
+        (component
+            (core module $shim
+                (import "" "task.return" (func $task-return (param i32)))
+                (table (export "funcs") 1 1 funcref)
+                (func (export "export") (param i32) (result i32)
+                    (call_indirect (i32.const 0) (local.get 0))
+                )
+                (func (export "callback") (param i32 i32 i32 i32) (result i32) unreachable)
+            )
+            (core type $task-return-type (func (param i32)))
+            (core func $task-return (canon task.return $task-return-type))
+            (core instance $shim (instantiate $shim
+                (with "" (instance (export "task.return" (func $task-return))))
+            ))
+            (func $shim-export (param "p1" u32) (result u32)
+                (canon lift (core func $shim "export") async (callback (func $shim "callback")))
+            )
+
+            (component $inner
+                (import "import" (func $import (param "p1" u32) (result u32)))
+                (core module $libc (memory (export "memory") 1))
+                (core instance $libc (instantiate $libc))
+                (core func $import (canon lower (func $import) async (memory $libc "memory")))
+
+                (core module $m
+                    (import "libc" "memory" (memory 1))
+                    (import "" "import" (func $import (param i32 i32) (result i32)))
+                    (import "" "task.return" (func $task-return (param i32)))
+                    (func (export "export") (param i32) (result i32)
+                        (i32.store offset=0 (i32.const 1200) (local.get 0))
+                        (call $import (i32.const 1200) (i32.const 1204))
+                        drop
+                        (call $task-return (i32.load offset=0 (i32.const 1204)))
+                        i32.const 0
+                    )
+                    (func (export "callback") (param i32 i32 i32 i32) (result i32) unreachable)
+                )
+                (core type $task-return-type (func (param i32)))
+                (core func $task-return (canon task.return $task-return-type))
+                (core instance $i (instantiate $m
+                    (with "" (instance
+                        (export "task.return" (func $task-return))
+                        (export "import" (func $import))
+                    ))
+                    (with "libc" (instance $libc))
+                ))
+                (func (export "export") (param "p1" u32) (result u32)
+                    (canon lift (core func $i "export") async (callback (func $i "callback")))
+                )
+            )
+            (instance $inner (instantiate $inner (with "import" (func $shim-export))))
+
+            (core module $libc (memory (export "memory") 1))
+            (core instance $libc (instantiate $libc))
+            (core func $inner-export (canon lower (func $inner "export") async (memory $libc "memory")))
+
+            (core module $donut
+                (import "" "funcs" (table 1 1 funcref))
+                (import "libc" "memory" (memory 1))
+                (import "" "import" (func $import (param i32 i32) (result i32)))
+                (import "" "task.return" (func $task-return (param i32)))
+                (func $host-export (export "export") (param i32) (result i32)
+                    (i32.store offset=0 (i32.const 1200) (local.get 0))
+                    (call $import (i32.const 1200) (i32.const 1204))
+                    drop
+                    (call $task-return (i32.load offset=0 (i32.const 1204)))
+                    i32.const 0
+                )
+                (func $guest-export (export "guest-export") (param i32) (result i32) unreachable)
+                (func (export "callback") (param i32 i32 i32 i32) (result i32) unreachable)
+                (func $start
+                    (table.set (i32.const 0) (ref.func $guest-export))
+                )
+                (start $start)
+            )
+
+            (core instance $donut (instantiate $donut
+                (with "" (instance
+                    (export "task.return" (func $task-return))
+                    (export "import" (func $inner-export))
+                    (export "funcs" (table $shim "funcs"))
+                ))
+                (with "libc" (instance $libc))
+            ))
+            (func (export "export") (param "p1" u32) (result u32)
+                (canon lift (core func $donut "export") async (callback (func $donut "callback")))
+            )
+        )"#;
+
+    let mut config = Config::new();
+    config.wasm_component_model_async(true);
+    config.async_support(true);
+    let engine = &Engine::new(&config)?;
+    let component = Component::new(&engine, component)?;
+    let mut store = Store::new(&engine, ());
+
+    let instance = Linker::new(&engine)
+        .instantiate_async(&mut store, &component)
+        .await?;
+
+    let func = instance.get_typed_func::<(u32,), (u32,)>(&mut store, "export")?;
+
+    match func.call_concurrent(&mut store, (42,)).await {
+        Ok(_) => panic!(),
+        Err(e) => assert!(format!("{e:?}").contains("cannot enter component instance")),
+    }
+
+    Ok(())
+}
+
 #[tokio::test]
 async fn missing_task_return_call_stackless() -> Result<()> {
     test_missing_task_return_call(r#"(component
