From 9101037a209e6c26945c22a57996c011ef9ecfaa Mon Sep 17 00:00:00 2001
From: Arnaud Giersch <arnaud.giersch@iut-bm.univ-fcomte.fr>
Date: Wed, 12 Mar 2014 14:49:53 +0100
Subject: [PATCH] Use context/guard_size to protect context stacks against
 overflow.

Add a configurable number of protected pages at the top of each
stack.
---
 src/simix/smx_context.c        | 33 ++++++++++++++++++++++++++++++++-
 src/simix/smx_context_thread.c |  2 ++
 2 files changed, 34 insertions(+), 1 deletion(-)

diff --git a/src/simix/smx_context.c b/src/simix/smx_context.c
index 662f38288a..833ca8414a 100644
--- a/src/simix/smx_context.c
+++ b/src/simix/smx_context.c
@@ -13,6 +13,8 @@
 #include "smx_private.h"
 #include "simgrid/sg_config.h"
 #include "internal_config.h"
+#include "simgrid/modelchecker.h"
+#include <sys/mman.h>
 
 #ifdef HAVE_VALGRIND_VALGRIND_H
 # include <valgrind/valgrind.h>
@@ -107,7 +109,25 @@ void SIMIX_context_mod_exit(void)
 
 void *SIMIX_context_stack_new(void)
 {
-  void *stack = xbt_malloc0(smx_context_stack_size);
+  void *stack;
+
+  if (smx_context_guard_size > 0 && !MC_is_active()) {
+    size_t size = smx_context_stack_size + smx_context_guard_size;
+#ifdef HAVE_MC
+    /* Cannot use posix_memalign when HAVE_MC. Align stack by hand, and save the
+     * pointer returned by xbt_malloc0. */
+    char *alloc = xbt_malloc0(size + xbt_pagesize);
+    stack = alloc - ((uintptr_t)alloc & (xbt_pagesize - 1)) + xbt_pagesize;
+    *((void **)stack - 1) = alloc;
+#else
+    posix_memalign(&stack, xbt_pagesize, size);
+#endif
+    if (!stack || mprotect(stack, smx_context_guard_size, PROT_NONE) == -1)
+      xbt_die("Failed to allocate stack: %s", strerror(errno));
+    stack = (char *)stack + smx_context_guard_size;
+  } else {
+    stack = xbt_malloc0(smx_context_stack_size);
+  }
 
 #ifdef HAVE_VALGRIND_VALGRIND_H
   unsigned int valgrind_stack_id =
@@ -131,6 +151,17 @@ void SIMIX_context_stack_delete(void *stack)
   VALGRIND_STACK_DEREGISTER(valgrind_stack_id);
 #endif
 
+  if (smx_context_guard_size > 0 && !MC_is_active()) {
+    stack = (char *)stack - smx_context_guard_size;
+    if (mprotect(stack, smx_context_guard_size,
+                 PROT_READ | PROT_WRITE | PROT_EXEC) == -1)
+      XBT_WARN("Failed to remove page protection: %s", strerror(errno));
+    /* try to pursue anyway */
+#ifdef HAVE_MC
+    /* Retrieve the saved pointer.  See SIMIX_context_stack_new above. */
+    stack = *((void **)stack - 1);
+#endif
+  }
   xbt_free(stack);
 }
 
diff --git a/src/simix/smx_context_thread.c b/src/simix/smx_context_thread.c
index ea06db0105..060132a3b0 100644
--- a/src/simix/smx_context_thread.c
+++ b/src/simix/smx_context_thread.c
@@ -94,6 +94,8 @@ smx_ctx_thread_factory_create_context(xbt_main_func_t code, int argc,
     context->end = xbt_os_sem_init(0);
     if (smx_context_stack_size_was_set)
       xbt_os_thread_setstacksize(smx_context_stack_size);
+    if (smx_context_guard_size_was_set)
+      xbt_os_thread_setguardsize(smx_context_guard_size);
 
     /* create and start the process */
     /* NOTE: The first argument to xbt_os_thread_create used to be the process *
-- 
2.20.1