Skip to content

Commit e921dc8

Browse files
vtjnashvtjnash
authored
Revert "Don't expose guard pages to malloc_stack API consumers" (#55555)
Reverts #54591 This cause the runtime to misbehave and crash, since all of the consumers of this information in the runtime assumed that the guard pages are accounted for correctly as part of the reserved allocation. Nothing in the runtime ever promised that it is valid to access the pages beyond the current redzone (indeed, ASAN would forbid it as well).
1 parent 7ea8a9a commit e921dc8

File tree

1 file changed

+5
-42
lines changed

1 file changed

+5
-42
lines changed

src/gc-stacks.c

Lines changed: 5 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -23,22 +23,13 @@
2323
// number of stacks to always keep available per pool
2424
#define MIN_STACK_MAPPINGS_PER_POOL 5
2525

26-
#if defined(_OS_WINDOWS_) || (!defined(_OS_OPENBSD_) && !defined(JL_HAVE_UCONTEXT) && !defined(JL_HAVE_SIGALTSTACK))
27-
#define JL_USE_GUARD_PAGE 1
2826
const size_t jl_guard_size = (4096 * 8);
29-
#else
30-
const size_t jl_guard_size = 0;
31-
#endif
32-
3327
static _Atomic(uint32_t) num_stack_mappings = 0;
3428

3529
#ifdef _OS_WINDOWS_
3630
#define MAP_FAILED NULL
3731
static void *malloc_stack(size_t bufsz) JL_NOTSAFEPOINT
3832
{
39-
size_t guard_size = LLT_ALIGN(jl_guard_size, jl_page_size);
40-
bufsz += guard_size;
41-
4233
void *stk = VirtualAlloc(NULL, bufsz, MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE);
4334
if (stk == NULL)
4435
return MAP_FAILED;
@@ -49,7 +40,6 @@ static void *malloc_stack(size_t bufsz) JL_NOTSAFEPOINT
4940
VirtualFree(stk, 0, MEM_RELEASE);
5041
return MAP_FAILED;
5142
}
52-
stk = (char *)stk + guard_size;
5343

5444
jl_atomic_fetch_add_relaxed(&num_stack_mappings, 1);
5545
return stk;
@@ -58,68 +48,41 @@ static void *malloc_stack(size_t bufsz) JL_NOTSAFEPOINT
5848

5949
static void free_stack(void *stkbuf, size_t bufsz) JL_NOTSAFEPOINT
6050
{
61-
#ifdef JL_USE_GUARD_PAGE
62-
size_t guard_size = LLT_ALIGN(jl_guard_size, jl_page_size);
63-
bufsz += guard_size;
64-
stkbuf = (char *)stkbuf - guard_size;
65-
#endif
66-
6751
VirtualFree(stkbuf, 0, MEM_RELEASE);
6852
jl_atomic_fetch_add_relaxed(&num_stack_mappings, -1);
6953
}
7054

7155
#else
7256

73-
# ifdef _OS_OPENBSD_
7457
static void *malloc_stack(size_t bufsz) JL_NOTSAFEPOINT
7558
{
76-
void* stk = mmap(0, bufsz, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, -1, 0);
77-
if (stk == MAP_FAILED)
78-
return MAP_FAILED;
79-
59+
# ifdef _OS_OPENBSD_
8060
// we don't set up a guard page to detect stack overflow: on OpenBSD, any
8161
// mmap-ed region has guard page managed by the kernel, so there is no
8262
// need for it. Additionally, a memory region used as stack (memory
8363
// allocated with MAP_STACK option) has strict permission, and you can't
8464
// "create" a guard page on such memory by using `mprotect` on it
85-
86-
jl_atomic_fetch_add_relaxed(&num_stack_mappings, 1);
87-
return stk;
88-
}
65+
void* stk = mmap(0, bufsz, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_STACK, -1, 0);
66+
if (stk == MAP_FAILED)
67+
return MAP_FAILED;
8968
# else
90-
static void *malloc_stack(size_t bufsz) JL_NOTSAFEPOINT
91-
{
92-
#ifdef JL_USE_GUARD_PAGE
93-
size_t guard_size = LLT_ALIGN(jl_guard_size, jl_page_size);
94-
bufsz += guard_size;
95-
#endif
96-
9769
void* stk = mmap(0, bufsz, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
9870
if (stk == MAP_FAILED)
9971
return MAP_FAILED;
10072

101-
#ifdef JL_USE_GUARD_PAGE
10273
// set up a guard page to detect stack overflow
10374
if (mprotect(stk, jl_guard_size, PROT_NONE) == -1) {
10475
munmap(stk, bufsz);
10576
return MAP_FAILED;
10677
}
107-
stk = (char *)stk + guard_size;
108-
#endif
78+
# endif
10979

11080
jl_atomic_fetch_add_relaxed(&num_stack_mappings, 1);
11181
return stk;
11282
}
113-
# endif
11483

11584
static void free_stack(void *stkbuf, size_t bufsz) JL_NOTSAFEPOINT
11685
{
117-
#ifdef JL_USE_GUARD_PAGE
118-
size_t guard_size = LLT_ALIGN(jl_guard_size, jl_page_size);
119-
bufsz += guard_size;
120-
stkbuf = (char *)stkbuf - guard_size;
121-
#endif
122-
12386
munmap(stkbuf, bufsz);
12487
jl_atomic_fetch_add_relaxed(&num_stack_mappings, -1);
12588
}

0 commit comments

Comments
 (0)