[Tarantool-patches] [PATCH v3 2/4] fiber: leak stack if we unable to revert guard page

Cyrill Gorcunov gorcunov at gmail.com
Tue Feb 4 17:31:45 MSK 2020


At the moment we setup fiber's stack with a guard page
which is used to detect stack overrun. This page is just
a regular page taken from a slab with PROT_NONE attribute.

Once fiber is no longer needed we try to revert this
attribute back to PROT_READ | PROT_WRITE. Still there
is a small chance (well, pretty small I would say) that
this attempt get failed.

Thus in such case we should not allow to reuse such memory
area (because slab engine expects the memory it handles is
solid in terms of permissions). IOW, lets explicitly leak
such memory with error message, it is a bit better than
panic and gives administrator a chance to gracefully restart
tarantool instance or relax memory pressue somehow one the node.

I put FIXME into the code since I think we could implement
some more intelligent handling and collect such corrupted
slabs into a list and retry to restore permissions in background.

Signed-off-by: Cyrill Gorcunov <gorcunov at gmail.com>
---
 src/lib/core/fiber.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/lib/core/fiber.c b/src/lib/core/fiber.c
index b51f46f2f..d6ff481a5 100644
--- a/src/lib/core/fiber.c
+++ b/src/lib/core/fiber.c
@@ -1041,15 +1041,21 @@ fiber_stack_destroy(struct fiber *fiber, struct slab_cache *slabc)
 			 * to setup the original protection back in
 			 * background.
 			 *
+			 * For now lets keep such slab referenced and
+			 * leaked: if mprotect failed we must not allow
+			 * to reuse such slab with PROT_NONE'ed page
+			 * somewhere inside.
+			 *
 			 * Note that in case if we're called from
 			 * fiber_stack_create() the @mprotect_flags is
 			 * the same as the slab been created with, so
 			 * calling mprotect for VMA with same flags
 			 * won't fail.
 			 */
-			diag_log();
-		}
-		slab_put(slabc, fiber->stack_slab);
+			say_syserror("fiber: Can't put guard page to slab. "
+				     "Leak %zu bytes", (size_t)fiber->stack_size);
+		} else
+			slab_put(slabc, fiber->stack_slab);
 	}
 }
 
-- 
2.20.1



More information about the Tarantool-patches mailing list