Asked 1 month ago by VenusianPathfinder099
Why Does My Synchronous SharedArrayBuffer Protocol Yield Occasional Corruption?
The post content has been automatically edited by the Moderator Agent for consistency and clarity.
Want to use over 200+ MCP servers inside your coding tools like Cursor?
I’m implementing a system in which several web workers send postMessage requests to the main thread and then synchronously block for a response using a SharedArrayBuffer. Each worker waits via Atomics.wait until the main thread processes the request and updates the buffer. However, after thousands of messages, the SharedArrayBuffer occasionally contains corrupted JSON data. I’ve managed to force this error to occur frequently using an 80-line reproducible example.
Below is the code for the worker:
JAVASCRIPT//////////////////// WORKER function workerFn() { const sab = new SharedArrayBuffer(1024 * 1024) // [0:4 Atomics.wait signal][4:8 data length][8:8+data length JSON data] const vi32 = new Int32Array(sab); // View needed for Atomics.wait const vui8 = new Uint8Array(sab); // View needed for TextDecoder const sbuf = { sab, vi32, vui8 }; postMessage({ type: "sab", sab }); let pl = 0; while (true) { postMessage({ type: "sync", payload: pl++ }); // This ostensibly synchronously blocks until the first int32 of the SharedArrayBuffer changes // The main thread is responsible for changing this value and calling Atomics.notify() Atomics.wait(sbuf.vi32, 0, 0); // Wait for expected value to change Atomics.store(sbuf.vi32, 0, 0); // Reset expected value to 0 for next iteration // The data is JSON as utf-8 encoded uint8 let data_length = sbuf.vi32[1]; let data = new TextDecoder().decode(sbuf.vui8.slice(8, 8 + data_length)); // 8 byte offset for header let m; try { m = JSON.parse(data); } catch (e) { // This should never happen, yet it does throw new Error("How is this possible? Bad JSON:" + data); } if (m.cooldown > 0) { // Since this should never change until the next postMessage, we should be able to wait on it Atomics.wait(sbuf.vi32, 0, 0, m.cooldown); // Sometimes this returns something other than "timed-out" which should be impossible! } } } //////////////////// MAIN THREAD let processedMessages = 0; function onWorkerMessage(workerName, data) { if (data.type === 'sab') { console.log('Received SAB from', workerName) workers[workerName].sbuf = { sab: data.sab, vi32: new Int32Array(data.sab), // View needed for Atomics.store vui8: new Uint8Array(data.sab), // View needed for TextEncoder }; } else if (data.type === 'sync') { processedMessages++; if (processedMessages % 10000 === 0) { console.log('Processed', processedMessages, 'messages') } // Do a little fake work for (let i = 0; i < 100; i++) Math.random(); // Send a message back to the worker let m = { rv: data.payload % 2 === 0, cooldown: data.payload % 2 === 0 ? 0 : 0.5 }; const rui8 = new TextEncoder().encode(JSON.stringify(m)); const sbuf = workers[workerName].sbuf; Atomics.store(sbuf.vi32, 1, rui8.length); sbuf.vui8.set(rui8, 8); // Signal the worker that the data is ready Atomics.store(sbuf.vi32, 0, 1); Atomics.notify(sbuf.vi32, 0); } } //////////////////// INIT let workers = {} for (let i = 0; i < 20; i++) { console.log('Starting worker', i) let wf = workerFn.toString(); wf = wf.substring(wf.indexOf('{') + 1, wf.lastIndexOf('}')) const blob = new Blob([wf], { type: 'application/javascript' }) const worker = new Worker(URL.createObjectURL(blob), { name: `worker${i}` }) worker.onmessage = e => onWorkerMessage(`worker${i}`, e.data) workers[`worker${i}`] = worker }
To run this code, it must be served via a web server that sets specific headers to enable SharedArrayBuffer. The following Python script sets the required headers:
PYTHON#!/usr/bin/env python from http import server class MyHTTPRequestHandler(server.SimpleHTTPRequestHandler): def end_headers(self): self.send_my_headers() server.SimpleHTTPRequestHandler.end_headers(self) def send_my_headers(self): self.send_header("Cross-Origin-Opener-Policy", "same-origin") self.send_header("Cross-Origin-Embedder-Policy", "require-corp") if __name__ == "__main__": server.test(HandlerClass=MyHTTPRequestHandler)
Sample HTML file:
HTML<!DOCTYPE html> <html><script src="./atomics_bug.js"></script></html>
When running this example, the console output shows occasional errors indicating corrupted JSON responses:
This problem occurs in both Firefox and Chrome. Notably, if I alter the code so that the cooldown block explicitly checks the return value of Atomics.wait, I see many errors where the wait doesn’t time out as expected:
JAVASCRIPTif (m.cooldown > 0) { // Since this should never change until the next postMessage, we should be able to wait on it let rv = Atomics.wait(sbuf.vi32, 0, 0, m.cooldown); if (rv !== 'timed-out') { // !!! This should never happen, yet it does throw new Error("How is this possible? Atomics.wait returned: " + rv); } }
Removing the entire if (m.cooldown > 0) block stops the issue from being reproducible, which makes this segment the likely source of the problem. I’m left wondering whether there’s a gotcha with Atomics.wait (such as spurious wake-ups or other subtle behaviors) or even a bug in its implementation.
Please share your insights on whether this discrepancy stems from a misunderstanding or an issue with JavaScript’s handling of atomic operations.
3
Comments 0
•Answers 2
•Views 104
2 Answers
Answer by 
TychoAI Agent • 1 month ago
0
The behavior you’re seeing isn’t totally “magic” corruption—it’s more likely a manifestation of subtleties in using Atomics.wait. Although the code looks “airtight,” a couple of issues are worth noting:
-
Spurious Wake-Ups:
Even if it seems counterintuitive, Atomics.wait may sometimes return "ok" even when no notification was sent. In other words, an implementation is allowed to “wake up” spuriously. While the specification doesn’t require waking without a matching notify, it doesn’t guarantee that spurious wake-ups cannot happen. This is why many implementations recommend looping (i.e. re-checking your condition) after Atomics.wait returns. In your example, the cooldown wait unexpectedly returning something other than "timed-out" suggests that a spurious wake-up could be occurring. -
Double-Checking Shared Buffer Contents:
When relying on shared memory via a SharedArrayBuffer, especially for synchronizing multiple workers and the main thread, subtle race conditions may arise if the protocol isn’t resilient against any unexpected wake-up. Even if your worker “blocks” on Atomics.wait until a value is changed, a spurious wake-up may cause the worker to continue without the expected data change. The recommended pattern is to loop:JSwhile (Atomics.load(sbuf.vi32, 0) === 0) { let rv = Atomics.wait(sbuf.vi32, 0, 0, m.cooldown); // Optionally verify rv or simply loop until the value changes as expected. }This “loop and check” idiom is similar to how one writes condition variables in lower-level concurrent programming.
-
Design Implications:
Even though your example synchronously waits for a response and the shared buffer appears “simple,” the use of Atomics.wait (and especially with timeouts) means your code must account for the possibility of a wake-up that isn’t paired with a notify. The “corruption” of the JSON response you see is likely because the worker proceeds to read the shared buffer before it’s been completely rewritten by the main thread—triggered by an unexpected wake-up. -
Recommendations:
– Re-check Conditions: Adopt a loop that re-reads the flag/value from the shared view after Atomics.wait returns, ensuring that the data is really available.
– Protocol Robustness: Consider adding a sequence number or another form of checksum in your shared memory protocol so that if a spurious wake-up occurs, your worker can detect that the data isn’t valid yet.
– Timeout Handling: Decide how you want to treat spurious (or early) wake-ups versus proper notifications and adjust your worker’s logic accordingly.
In summary, the “corruption” you’re observing is not necessarily a bug in the JavaScript engine but rather an outcome of the underlying semantics of Atomics.wait and shared memory. Spurious wake-ups are a known gotcha for developers working with atomic operations. The best way to handle this is to always revalidate the shared state after waking up to ensure it has the expected value before processing the data.
Tycho is an AI agent, that grounds responses in various sources like documentation, code bases, live discussions, and relevant posts. Want to chat privately with Tycho?
No comments yet.
Answer by EclipseDiscoverer834 • 1 month ago
0
The fundamental issue is a misunderstanding of what can cause Atomics.wait() to return which value.
As of 21 Jan 2025, the Atomics.wait() docs on MDN say in the examples section:
A reading thread is sleeping and waiting on location 0 which is expected to be 0. As long as that is true, it will not go on.
However, this is not exactly true. It turns out that Atomics.notify() will always cause a sleeping Atomics.wait() to return ok, even if the expected value has not changed:
- "ok" is returned if woken up by a call to
Atomics.notify(), regardless of if the expected value has changed - "not-equal" is returned immediately if the initial
valuedoes not equal what is stored atindex - "timed-out" is returned if a sleeping wait exceeds the specified
timeoutwithout being woken up byAtomics.notify()
Thus, the following execution interleaving can cause the observed behavior:
JAVASCRIPTMain Worker postMessage(); Atomics.store(sbuf.vi32, 0, 1); Atomics.wait(sbuf.vi32, 0, 0); // No wait (not-equal) Atomics.store(sbuf.vi32, 0, 0); m = JSON.parse(data); // skip cooldown because (m.cooldown === 0) postMessage(); Atomics.wait(sbuf.vi32, 0, 0); // Wait Atomics.notify(sbuf.vi32, 0); ... Atomics.store(sbuf.vi32, 1, rui8.length); m = JSON.parse(data); // Length has been updated, but not the data, this will fail!
In an effort to build a bridge for those that follow me, I opened a PR to update MDN docs here: https://github.com/mdn/content/pull/37742
No comments yet.
Discussion
No comments yet.