[Tarantool-patches] [PATCH v2 2/2] fiber: exit with panic if we unable to revert guard page
Cyrill Gorcunov
gorcunov at gmail.com
Wed Jan 15 20:05:24 MSK 2020
At the moment we setup fiber's stack with a guard page
which is used to detect stack overrun. This page is just
a regular page taken from a slab with PROT_NONE attribute.
Once fiber is no longer needed we try to revert this
attribute back to PROT_READ | PROT_WRITE. Still there
is a pretty small chance that this attempt get failed.
Thus in such case we should not allow to proceed but rather
lets panic, otherwise the slab won't longer be solid r/w memory
area and attempt to write into this page will cause
an unpredictable exception.
Signed-off-by: Cyrill Gorcunov <gorcunov at gmail.com>
---
src/lib/core/fiber.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/lib/core/fiber.c b/src/lib/core/fiber.c
index b51f46f2f..fdad7607c 100644
--- a/src/lib/core/fiber.c
+++ b/src/lib/core/fiber.c
@@ -1041,13 +1041,17 @@ fiber_stack_destroy(struct fiber *fiber, struct slab_cache *slabc)
* to setup the original protection back in
* background.
*
+ * For now lets exit with panic: if mprotect
+ * failed we must not allow to reuse such slab
+ * with PROT_NONE'ed page somewhere inside.
+ *
* Note that in case if we're called from
* fiber_stack_create() the @mprotect_flags is
* the same as the slab been created with, so
* calling mprotect for VMA with same flags
* won't fail.
*/
- diag_log();
+ panic_syserror("fiber: Can't put guard page to slab");
}
slab_put(slabc, fiber->stack_slab);
}
--
2.20.1
More information about the Tarantool-patches
mailing list