From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-lj1-f196.google.com (mail-lj1-f196.google.com [209.85.208.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id 38F4A4696C3 for ; Wed, 15 Jan 2020 20:05:53 +0300 (MSK) Received: by mail-lj1-f196.google.com with SMTP id j26so19366288ljc.12 for ; Wed, 15 Jan 2020 09:05:53 -0800 (PST) From: Cyrill Gorcunov Date: Wed, 15 Jan 2020 20:05:24 +0300 Message-Id: <20200115170524.20471-3-gorcunov@gmail.com> In-Reply-To: <20200115170524.20471-1-gorcunov@gmail.com> References: <20200115170524.20471-1-gorcunov@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [Tarantool-patches] [PATCH v2 2/2] fiber: exit with panic if we unable to revert guard page List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: tml At the moment we setup fiber's stack with a guard page which is used to detect stack overrun. This page is just a regular page taken from a slab with PROT_NONE attribute. Once fiber is no longer needed we try to revert this attribute back to PROT_READ | PROT_WRITE. Still there is a pretty small chance that this attempt get failed. Thus in such case we should not allow to proceed but rather lets panic, otherwise the slab won't longer be solid r/w memory area and attempt to write into this page will cause an unpredictable exception. Signed-off-by: Cyrill Gorcunov --- src/lib/core/fiber.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/lib/core/fiber.c b/src/lib/core/fiber.c index b51f46f2f..fdad7607c 100644 --- a/src/lib/core/fiber.c +++ b/src/lib/core/fiber.c @@ -1041,13 +1041,17 @@ fiber_stack_destroy(struct fiber *fiber, struct slab_cache *slabc) * to setup the original protection back in * background. * + * For now lets exit with panic: if mprotect + * failed we must not allow to reuse such slab + * with PROT_NONE'ed page somewhere inside. + * * Note that in case if we're called from * fiber_stack_create() the @mprotect_flags is * the same as the slab been created with, so * calling mprotect for VMA with same flags * won't fail. */ - diag_log(); + panic_syserror("fiber: Can't put guard page to slab"); } slab_put(slabc, fiber->stack_slab); } -- 2.20.1