[CDRIVER-4627] Fix possible crash if insufficient memory for performance counters Created: 26/Apr/23  Updated: 28/Oct/23  Resolved: 09/May/23

Status: Closed
Project: C Driver
Component/s: None
Affects Version/s: None
Fix Version/s: 1.23.5

Type: Bug Priority: Unknown
Reporter: Kevin Albertson Assignee: Kevin Albertson
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Tracks: https://github.com/mongodb/mongo-c-driver/pull/1244



 Comments   
Comment by Githook User [ 09/May/23 ]

Author:

{'name': 'Romain Geissler @ Amadeus', 'email': 'romain.geissler@amadeus.com', 'username': 'Romain-Geissler-1A'}

Message: CDRIVER-4627 use `posix_fallocate` when available (#1244)

Avoids an unexpected crash with SIGBUS when trying to allocate a /dev/shm shared memory but there is not enough memory.

Indeed ftruncate doesn't ensure memory is properly allocated, it ony
changes the file size from the VFS point of view, but doesn't actually
allocate any memory. So ftruncate might work despite we have no memory
left, and later when trying to zero-memset the mmapped buffer, we might
actually get a SIGBUS signal crashing the whole process.

Instead, make sure we can allocate the whole shared memory using
posix_fallocate and gracefully handle allocation problems, without
crashing.

The chromium project faced a similar issue in the past:
https://bugs.chromium.org/p/chromium/issues/detail?id=951431
Branch: r1.23
https://github.com/mongodb/mongo-c-driver/commit/86e23fcd6decede21e6c4f2519453b34e2a3e451

Comment by Githook User [ 09/May/23 ]

Author:

{'name': 'Romain Geissler @ Amadeus', 'email': 'romain.geissler@amadeus.com', 'username': 'Romain-Geissler-1A'}

Message: CDRIVER-4627 use `posix_fallocate` when available (#1244)

Avoids an unexpected crash with SIGBUS when trying to allocate a /dev/shm shared memory but there is not enough memory.

Indeed ftruncate doesn't ensure memory is properly allocated, it ony
changes the file size from the VFS point of view, but doesn't actually
allocate any memory. So ftruncate might work despite we have no memory
left, and later when trying to zero-memset the mmapped buffer, we might
actually get a SIGBUS signal crashing the whole process.

Instead, make sure we can allocate the whole shared memory using
posix_fallocate and gracefully handle allocation problems, without
crashing.

The chromium project faced a similar issue in the past:
https://bugs.chromium.org/p/chromium/issues/detail?id=951431
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/d83922ba19fa38f57aa9c1a6317caad5fb4071f1

Generated at Wed Feb 07 21:21:27 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.