From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from [87.239.111.99] (localhost [127.0.0.1]) by dev.tarantool.org (Postfix) with ESMTP id 05D5B6F865; Thu, 29 Apr 2021 14:10:36 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org 05D5B6F865 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tarantool.org; s=dev; t=1619694637; bh=xSUinj/GyKa4sFmD9e8yXXgWaF8ZaAoKvRztUGxaXrk=; h=Date:To:References:In-Reply-To:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=TypNbHHVuGutOsT1p96/cpfw7hkGpHZCKVd6Qz3yg0IJf4vzTaZ2Gc5LXsn6mac5g y6jHD99ekn/VyK3gx+9lTD12FIS2dCBOze5uJgREwlmya4RBdDw2LH6vweMvFsSdkk A4jro34q+MllpZpLQo9zSraS2IyXiDoA89piW9mg= Received: from mail-lf1-f47.google.com (mail-lf1-f47.google.com [209.85.167.47]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id 294FF6F865 for ; Thu, 29 Apr 2021 14:10:35 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org 294FF6F865 Received: by mail-lf1-f47.google.com with SMTP id x20so73877600lfu.6 for ; Thu, 29 Apr 2021 04:10:35 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=2D3FSvlluTAfXQwllx+OQN6rhEXNs3wFyqBSKUn5csU=; b=JDxe6tfEeVZaaHUpT9l5bMLvOCaByhl0z5jZ2b/BbV8a4K9My2ad6MPiOtKrZxyiAd iQjdKaqb79X5Chh6E77ift5zRTZFFdLG4tXscmJXvI1VLRnzCv/DrJCii6C6M/tShUcy Ag0xcv4T4OJ0dia/wsohr0Ne5fkUILeX00pG5+2aO7iU+mMJ1OnA1D9ezb+UX8Q3KRuc PJgOmH//c/TxsFFZQVdAFYtKzRn1ZfHhK+6JMJNjbPLwCVFmoT5zu+Th9t1wx6I6uuBm AvtDdn/jFhFiy+2oJUm45dQSm6fGDBH0/vTct2aL1tHRmM6i+YDq8lXcTE0ZPu/jwYAI mFdQ== X-Gm-Message-State: AOAM531kJn3JTcDWZWHIv0+Ik6xQ9VbBV1EI1EsrGsBHUAKQWrY4ewwf xnvA5QTr3fcXbf3fTQGS5SxB2Dtq3H/Rhw== X-Google-Smtp-Source: ABdhPJwtzt2WWpphGPjB0+iApDd7fAoz+5iRsxXuH32l/3dp9lso3+TgDxlSy6ANOKQRu6KgU3D9Yw== X-Received: by 2002:a19:f00a:: with SMTP id p10mr1402914lfc.510.1619694633771; Thu, 29 Apr 2021 04:10:33 -0700 (PDT) Received: from grain.localdomain ([5.18.199.94]) by smtp.gmail.com with ESMTPSA id j5sm493316lfe.9.2021.04.29.04.10.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 29 Apr 2021 04:10:32 -0700 (PDT) Received: by grain.localdomain (Postfix, from userid 1000) id 97B8A56015F; Thu, 29 Apr 2021 14:10:31 +0300 (MSK) Date: Thu, 29 Apr 2021 14:10:31 +0300 To: Vladislav Shpilevoy Message-ID: References: <20210428102251.552976-1-gorcunov@gmail.com> <20210428102251.552976-3-gorcunov@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/2.0.5 (2021-01-21) Subject: [Tarantool-patches] [PATCH v3 2/2] fiber: fiber_join -- don't crash on misuse X-BeenThere: tarantool-patches@dev.tarantool.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Cyrill Gorcunov via Tarantool-patches Reply-To: Cyrill Gorcunov Cc: tml Errors-To: tarantool-patches-bounces@dev.tarantool.org Sender: "Tarantool-patches" In case if we call fiber_join() over the non joinable fiber we trigger an assert and crash execution (on debug build). On release build the asserts will be zapped and won't cause problems but there is an another one -- the target fiber will cause double fiber_reset() calls which in result cause to unregister_fid() with id = 0 (not causing crash but definitely out of intention) and we will drop stack protection which might be not ours anymore. Since we're not allowed to break API on C level lets just panic early in case of such misuse, it is a way better than continue operating with potentially screwed data in memory. Fixes #6046 Signed-off-by: Cyrill Gorcunov --- issue https://github.com/tarantool/tarantool/issues/6046 branch gorcunov/gh-6046-fiber-join-3 changelogs/unreleased/gh-6046-fiber-join-misuse.md | 6 ++++++ src/lib/core/fiber.c | 3 ++- 2 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 changelogs/unreleased/gh-6046-fiber-join-misuse.md diff --git a/changelogs/unreleased/gh-6046-fiber-join-misuse.md b/changelogs/unreleased/gh-6046-fiber-join-misuse.md new file mode 100644 index 000000000..32c15566d --- /dev/null +++ b/changelogs/unreleased/gh-6046-fiber-join-misuse.md @@ -0,0 +1,6 @@ +## bugfix/core + +* Fixed lack of testing for non noinable fibers in `fiber_join()` call. + This could lead to unpredictable results. Note the issue affects C + level only, in Lua interface `fiber::join()`` the protection is + turned on already. diff --git a/src/lib/core/fiber.c b/src/lib/core/fiber.c index a4b60e864..196dffe26 100644 --- a/src/lib/core/fiber.c +++ b/src/lib/core/fiber.c @@ -620,7 +620,8 @@ fiber_join(struct fiber *fiber) int fiber_join_timeout(struct fiber *fiber, double timeout) { - assert(fiber->flags & FIBER_IS_JOINABLE); + if ((fiber->flags & FIBER_IS_JOINABLE) == 0) + panic("the fiber is not joinable"); if (! fiber_is_dead(fiber)) { bool exceeded = false; -- 2.30.2