From: Willy Tarreau Date: Thu, 8 Aug 2019 05:38:19 +0000 (+0200) Subject: BUG/MINOR: pools: don't mark the thread harmless if already isolated X-Git-Tag: v2.1-dev2~220 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=229e739c21e96dd2020f6351fcc10546a1848b50;p=thirdparty%2Fhaproxy.git BUG/MINOR: pools: don't mark the thread harmless if already isolated Commit 85b2cae63 ("MINOR: pools: make the thread harmless during the mmap/munmap syscalls") was used to relax the pressure experienced by other threads when running in debug mode with UAF enabled. It places a pair of thread_harmless_now()/thread_harmless_end() around the call to mmap(), assuming callers are not sensitive to parallel activity. But there are a few cases like "show sess all" where this happens in isolated threads, and marking the thread as harmless there is a very bad idea, even worse when arriving to thread_harmless_end() which loops forever. Let's only do that when the thread is not isolated. No backport is needed as the patch above was only in 2.1-dev. --- diff --git a/include/common/memory.h b/include/common/memory.h index 3283d2be1e..ae1ad22977 100644 --- a/include/common/memory.h +++ b/include/common/memory.h @@ -416,9 +416,12 @@ static inline void pool_free_area(void *area, size_t __maybe_unused size) static inline void *pool_alloc_area(size_t size) { size_t pad = (4096 - size) & 0xFF0; + int isolated; void *ret; - thread_harmless_now(); + isolated = thread_isolated(); + if (!isolated) + thread_harmless_now(); ret = mmap(NULL, (size + 4095) & -4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); if (ret != MAP_FAILED) { /* let's dereference the page before returning so that the real @@ -431,7 +434,8 @@ static inline void *pool_alloc_area(size_t size) } else { ret = NULL; } - thread_harmless_end(); + if (!isolated) + thread_harmless_end(); return ret; }