Skip to content
Snippets Groups Projects
Select Git revision
  • sd/tuple_buf
  • 2.11.5-picodata default protected
  • sd/execute_result
  • gmoshkin/more-backports
  • gmoshkin/more-backports-WIP
  • sd/heap-after-free
  • sd/64-bit
  • sd/wf_fixups protected
  • sd/c813750b7
  • funbringer/2.11.5-extend-op-result-row
  • gmoshkin/fix-window-in-subquery protected
  • sd/fix_r10
  • sd/window
  • sd/fix_sq
  • sd/fix_window_sq_panic
  • picodata-25.1
  • funbringer/2.11.5-fix-select-param-having
  • ekhamitov/sd/window-v2
  • vshunkov/fix_path protected
  • vshunkov/ci_sock
  • 2.11.5 protected
  • 2.11.2.159 protected
  • 2.11.4 protected
  • 2.11.2.155 protected
  • 2.11.2.148 protected
  • 2.11.2.145 protected
  • 2.11.2.137 protected
  • 2.11.2.136 protected
  • 2.11.2.135 protected
  • 2.11.3 protected
  • 2.11.2.109 protected
  • 2.11.2.108 protected
  • 2.11.2.105 protected
  • 2.11.2.98 protected
  • 2.11.2.97 protected
  • 2.11.2.96 protected
  • 2.11.2.92 protected
  • 2.11.2 protected
  • 3.0.0-beta1 protected
  • 2.11.0.91 protected
40 results
Compare
user avatar
fiber: panic on cancel of a recycled fiber
Vladislav Shpilevoy authored 
There was a user who complained about this code crashing:

    f = fiber_new_ex(...);
    fiber_start(f);
    fiber_cancel(f);

The crash was at cancel. It happened because the fiber finished
immediately. It was already recycled after fiber_start() return.

Recycled fiber didn't have any flags, so fiber_cancel() didn't
see the fiber was already dead and tried to wake it up. It crashed
when the fiber tried to call its 'fiber->f' function which was
NULL.

In debug build the process fails earlier with an assertion on
'fiber->fid != 0'.

It can't be really fixed because the problem is the same as with
use-after-free. The fiber could be not recycled but already freed
completely, returned back to the mempool.

This patch tries to help the users by a panic with a message
saying that it wasn't just a crash, it is a bug in user's code.

There is an alternative - make fibers never return to the mempool.
Then fiber_cancel() could ignore recycled fibers. But it would
lead to another problem that if the fiber is already reused, then
fiber_cancel() would hit a totally irrelevant fiber who was
unlucky to reuse that fiber pointer. It seems worse than panic.

Same problem exists for `fiber_wakeup()`, but I couldn't figure
out how to add a panic there and not add an `if` on the normal
execution path (which includes 'ready' and 'running' fibers).

Closes #6837

NO_CHANGELOG=The same crash remains, but happens a bit earlier and
  with a message.

@TarantoolBot document
Title: `fiber_cancel()` C API clarification

The documentation must warn that the fiber passed to
`fiber_cancel()` must not be already dead unless it was set to be
joinable. Same for `fiber_wakeup()` and all the other fiber
functions. A dead non-joinable fiber could already be freed or
reused.

(cherry picked from commit dbb90274)
bb64b689
History
user avatar bb64b689
History
Name Last commit Last update
.github
FreeBSD/databases/tarantool
apk
asan
changelogs
cmake
debian
doc
extra
rpm
rump
src
static-build
test
third_party
tools
test-run @ f63d85eb
.appveyor.yml
.editorconfig
.gdbinit
.gitignore
.gitlab.mk
.gitmodules
.luacheckrc
.travis.mk
AUTHORS
CMakeLists.txt
Doxyfile
Doxyfile.API.in
Jenkinsfile
LICENSE
README.FreeBSD
README.MacOSX
README.OpenBSD
README.md
TODO
snapcraft.yaml
README.md

Tarantool

Build Status Build Status Code Coverage Telegram Slack Gitter Google Groups

https://tarantool.io/en/

Patch submissions and discussion of particular patches https://lists.tarantool.org/mailman/listinfo/tarantool-patches/

General development discussions https://lists.tarantool.org/mailman/listinfo/tarantool-discussions/

Tarantool is an in-memory database and application server.

Key features of the application server:

  • 100% compatible drop-in replacement for Lua 5.1, based on LuaJIT 2.1. Simply use #!/usr/bin/tarantool instead of #!/usr/bin/lua in your script.
  • full support for Lua modules and a rich set of own modules, including cooperative multitasking, non-blocking I/O, access to external databases, etc

Key features of the database:

  • ANSI SQL, including views, joins, referential and check constraints
  • MsgPack data format and MsgPack based client-server protocol
  • two data engines: 100% in-memory with optional persistence and an own implementation of LSM-tree, to use with large data sets
  • multiple index types: HASH, TREE, RTREE, BITSET
  • asynchronous master-master replication
  • authentication and access control
  • the database is just a C extension to the application server and can be turned off

Supported platforms are Linux/x86, FreeBSD/x86 and OpenBSD/x86, Mac OS X.

Tarantool is ideal for data-enriched components of scalable Web architecture: queue servers, caches, stateful Web applications.

To download and install Tarantool as a binary package for your OS, please visit https://tarantool.io/en/download/.

To build Tarantool from source, see detailed instructions in the Tarantool documentation at https://tarantool.io/en/doc/2.1/dev_guide/building_from_source/.

Please report bugs at https://github.com/tarantool/tarantool/issues We also warmly welcome your feedback in the discussion mailing list, tarantool@googlegroups.com.

Thank you for your interest in Tarantool!