Tarantool development patches archive
 help / color / mirror / Atom feed
From: Maksim Kokryashkin via Tarantool-patches <tarantool-patches@dev.tarantool.org>
To: tarantool-patches@dev.tarantool.org, sergeyb@tarantool.org,
	skaplun@tarantool.org, m.kokryashkin@tarantool.org
Subject: [Tarantool-patches] [PATCH luajit] sysprof: disable runtime host symtab updates
Date: Fri,  8 Dec 2023 09:10:23 +0300	[thread overview]
Message-ID: <20231208061023.89512-1-max.kokryashkin@gmail.com> (raw)

From: Maxim Kokryashkin <m.kokryashkin@tarantool.org>

The symtab update for newly loaded shared libraries requires
memory allocation, which is not signal-safe and can cause
crashes. Updating symtab in a VM hook is not a viable option
either, as there are no guarantees that the symbol will be
dumped before its address is streamed. This patch completely
disables the runtime updates of the symtab for host symbols.
That means all Lua-C modules, FFI modules, and shared libraries
must be loaded before starting the profiler.

There is no test along with the patch for two main reasons:
1. The signal should land on an instruction inside the allocator
such that the second allocator call would cause a crash because of
an inconsistent inner state. Although we have ptrace-based
machinery for testing, the control is not that fine-grained. The
only option we have left is to rely on empirical offsets, which
is not a robust solution. Moreover, it is possible to build LuaJIT
with `malloc` as an allocator, and the test should be adapted to
that too. Needless to say, malloc sources may differ from
platform to platform, making the test unreliable.

2. Regression is unlikely here since this patch removes the only
call that could allocate memory inside the signal handler.

Resolves tarantool/tarantool#8140
---
Branch: https://github.com/tarantool/luajit/tree/fckxorg/gh-8140-crash-in-allocator
Issue: https://github.com/tarantool/tarantool/issues/8140
PR: https://github.com/tarantool/tarantool/pull/9460

 src/lj_sysprof.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/lj_sysprof.c b/src/lj_sysprof.c
index c6c20de2..88c7a41b 100644
--- a/src/lj_sysprof.c
+++ b/src/lj_sysprof.c
@@ -75,7 +75,6 @@ struct sysprof {
   luam_Sysprof_backtracer backtracer; /* Backtracing function for the host stack. */
   lj_profile_timer timer; /* Profiling timer. */
   int saved_errno; /* Saved errno when profiler failed. */
-  uint32_t lib_adds; /* Number of libs loaded. Monotonic. */
 };
 /*
 ** XXX: Only one VM can be profiled at a time.
@@ -100,7 +99,11 @@ static int is_unconfigured(struct sysprof *sp)
 
 static void stream_prologue(struct sysprof *sp)
 {
-  lj_symtab_dump(&sp->out, sp->g, &sp->lib_adds);
+  /*
+  ** XXX: Must be zero for the symtab module to dump all loaded libraries.
+  */
+  uint32_t unused_lib_adds = 0;
+  lj_symtab_dump(&sp->out, sp->g, &unused_lib_adds);
   lj_wbuf_addn(&sp->out, ljp_header, sizeof(ljp_header));
 }
 
@@ -256,8 +259,6 @@ static void stream_guest(struct sysprof *sp, uint32_t vmstate)
 
 static void stream_host(struct sysprof *sp, uint32_t vmstate)
 {
-  struct lua_State *L = gco2th(gcref(sp->g->cur_L));
-  lj_symtab_dump_newc(&sp->lib_adds, &sp->out, LJP_SYMTAB_CFUNC_EVENT, L);
   lj_wbuf_addbyte(&sp->out, (uint8_t)vmstate);
   stream_backtrace_host(sp);
 }
-- 
2.39.3 (Apple Git-145)


             reply	other threads:[~2023-12-08  6:10 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-12-08  6:10 Maksim Kokryashkin via Tarantool-patches [this message]
2023-12-12  9:46 ` Sergey Kaplun via Tarantool-patches
2023-12-29 13:05 ` Sergey Bronnikov via Tarantool-patches
2024-02-15 13:40 ` Igor Munkin via Tarantool-patches

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20231208061023.89512-1-max.kokryashkin@gmail.com \
    --to=tarantool-patches@dev.tarantool.org \
    --cc=m.kokryashkin@tarantool.org \
    --cc=max.kokryashkin@gmail.com \
    --cc=sergeyb@tarantool.org \
    --cc=skaplun@tarantool.org \
    --subject='Re: [Tarantool-patches] [PATCH luajit] sysprof: disable runtime host symtab updates' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox