Mercurial > hg > octave-lojdl > gnulib-hg
view lib/c-stack.c @ 7302:8a1a9361108c
* _fpending.c: Include <config.h> unconditionally, since we no
longer worry about uses that don't define HAVE_CONFIG_H.
* acl.c, alloca.c, argmatch.c, atexit.c, backupfile.c:
* basename.c, c-stack.c, c-strtod.c, calloc.c, canon-host.c:
* canonicalize.c, chdir-long.c, chdir-safer.c, chown.c:
* cloexec.c, close-stream.c, closeout.c, creat-safer.c:
* cycle-check.c, diacrit.c, dirchownmod.c, dirfd.c, dirname.c:
* dup-safer.c, dup2.c, error.c, euidaccess.c, exclude.c:
* exitfail.c, fchmodat.c, fchown-stub.c, fd-safer.c:
* file-type.c, fileblocks.c, filemode.c, filenamecat.c:
* fnmatch.c, fopen-safer.c, fprintftime.c, free.c, fsusage.c:
* ftruncate.c, fts-cycle.c, fts.c, full-write.c, gai_strerror.c:
* getcwd.c, getdate.y, getdomainname.c, getgroups.c:
* gethostname.c, gethrxtime.c, getloadavg.c, getlogin_r.c:
* getndelim2.c, getnline.c, getopt.c, getopt1.c, getpass.c:
* gettime.c, gettimeofday.c, getugroups.c, getusershell.c:
* glob.c, group-member.c, hard-locale.c, hash-pjw.c, hash.c:
* human.c, idcache.c, inet_ntop.c, inet_pton.c, inttostr.c:
* isdir.c, lchown.c, linebuffer.c, long-options.c, lstat.c:
* malloc.c, md5.c, memcasecmp.c, memchr.c, memcmp.c, memcoll.c:
* memcpy.c, memmove.c, memrchr.c, mkancesdirs.c, mkdir-p.c:
* mkdir.c, mkdirat.c, mkstemp-safer.c, mkstemp.c, modechange.c:
* mountlist.c, nanosleep.c, obstack.c, open-safer.c:
* openat-die.c, openat.c, pagealign_alloc.c, physmem.c:
* pipe-safer.c, posixtm.c, posixver.c, putenv.c, quote.c:
* quotearg.c, raise.c, readtokens.c, readtokens0.c, readutmp.c:
* realloc.c, regex.c, rename.c, rmdir.c, rpmatch.c, safe-read.c:
* same.c, save-cwd.c, savedir.c, setenv.c, settime.c, sha1.c:
* sig2str.c, snprintf.c, strdup.c, strerror.c, strftime.c:
* stripslash.c, strndup.c, strnlen.c, strpbrk.c, strtod.c:
* strtoimax.c, strtol.c, strverscmp.c, tempname.c, time_r.c:
* timegm.c, tmpfile-safer.c, unlinkdir.c, userspec.c, utime.c:
* utimecmp.c, utimens.c, version-etc-fsf.c, version-etc.c:
* xalloc-die.c, xgetcwd.c, xgethostname.c, xmalloc.c:
* xmemcoll.c, xnanosleep.c, xreadlink.c, xstrtod.c:
* xstrtoimax.c, xstrtol.c, xstrtoumax.c, yesno.c:
Likewise.
| author | Paul Eggert <eggert@cs.ucla.edu> |
|---|---|
| date | Wed, 13 Sep 2006 22:38:14 +0000 |
| parents | 93d578c7aa44 |
| children | bbbbbf4cd1c5 |
line wrap: on
line source
/* Stack overflow handling. Copyright (C) 2002, 2004, 2006 Free Software Foundation, Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ /* Written by Paul Eggert. */ /* NOTES: A program that uses alloca, dynamic arrays, or large local variables may extend the stack by more than a page at a time. If so, when the stack overflows the operating system may not detect the overflow until the program uses the array, and this module may incorrectly report a program error instead of a stack overflow. To avoid this problem, allocate only small objects on the stack; a program should be OK if it limits single allocations to a page or less. Allocate larger arrays in static storage, or on the heap (e.g., with malloc). Yes, this is a pain, but we don't know of any better solution that is portable. No attempt has been made to deal with multithreaded applications. */ #include <config.h> #ifndef __attribute__ # if __GNUC__ < 3 || __STRICT_ANSI__ # define __attribute__(x) # endif #endif #include "gettext.h" #define _(msgid) gettext (msgid) #include <errno.h> #ifndef ENOTSUP # define ENOTSUP EINVAL #endif #ifndef EOVERFLOW # define EOVERFLOW EINVAL #endif #include <signal.h> #if ! HAVE_STACK_T && ! defined stack_t typedef struct sigaltstack stack_t; #endif #include <stdlib.h> #include <string.h> #if HAVE_SYS_RESOURCE_H /* Include sys/time.h here, because... SunOS-4.1.x <sys/resource.h> fails to include <sys/time.h>. This gives "incomplete type" errors for ru_utime and tu_stime. */ # if HAVE_SYS_TIME_H # include <sys/time.h> # endif # include <sys/resource.h> #endif #if HAVE_UCONTEXT_H # include <ucontext.h> #endif #include <unistd.h> #ifndef STDERR_FILENO # define STDERR_FILENO 2 #endif #if DEBUG # include <stdio.h> #endif #include "c-stack.h" #include "exitfail.h" #if (HAVE_STRUCT_SIGACTION_SA_SIGACTION && defined SA_NODEFER \ && defined SA_ONSTACK && defined SA_RESETHAND && defined SA_SIGINFO) # define SIGACTION_WORKS 1 #else # define SIGACTION_WORKS 0 #endif extern char *program_name; /* The user-specified action to take when a SEGV-related program error or stack overflow occurs. */ static void (* volatile segv_action) (int); /* Translated messages for program errors and stack overflow. Do not translate them in the signal handler, since gettext is not async-signal-safe. */ static char const * volatile program_error_message; static char const * volatile stack_overflow_message; /* Output an error message, then exit with status EXIT_FAILURE if it appears to have been a stack overflow, or with a core dump otherwise. This function is async-signal-safe. */ static void die (int) __attribute__ ((noreturn)); static void die (int signo) { char const *message; segv_action (signo); message = signo ? program_error_message : stack_overflow_message; write (STDERR_FILENO, program_name, strlen (program_name)); write (STDERR_FILENO, ": ", 2); write (STDERR_FILENO, message, strlen (message)); write (STDERR_FILENO, "\n", 1); if (! signo) _exit (exit_failure); kill (getpid (), signo); abort (); } #if HAVE_SIGALTSTACK && HAVE_DECL_SIGALTSTACK /* Direction of the C runtime stack. This function is async-signal-safe. */ # if STACK_DIRECTION # define find_stack_direction(ptr) STACK_DIRECTION # else static int find_stack_direction (char const *addr) { char dummy; return ! addr ? find_stack_direction (&dummy) : addr < &dummy ? 1 : -1; } # endif /* Storage for the alternate signal stack. */ static union { char buffer[SIGSTKSZ]; /* These other members are for proper alignment. There's no standard way to guarantee stack alignment, but this seems enough in practice. */ long double ld; long l; void *p; } alternate_signal_stack; # if SIGACTION_WORKS /* Handle a segmentation violation and exit. This function is async-signal-safe. */ static void segv_handler (int, siginfo_t *, void *) __attribute__((noreturn)); static void segv_handler (int signo, siginfo_t *info, void *context __attribute__ ((unused))) { /* Clear SIGNO if it seems to have been a stack overflow. */ if (0 < info->si_code) { # if ! HAVE_XSI_STACK_OVERFLOW_HEURISTIC /* We can't easily determine whether it is a stack overflow; so assume that the rest of our program is perfect (!) and that this segmentation violation is a stack overflow. */ signo = 0; # else /* If the faulting address is within the stack, or within one page of the stack end, assume that it is a stack overflow. */ ucontext_t const *user_context = context; char const *stack_base = user_context->uc_stack.ss_sp; size_t stack_size = user_context->uc_stack.ss_size; char const *faulting_address = info->si_addr; size_t s = faulting_address - stack_base; size_t page_size = sysconf (_SC_PAGESIZE); if (find_stack_direction (0) < 0) s += page_size; if (s < stack_size + page_size) signo = 0; # if DEBUG { char buf[1024]; sprintf (buf, "segv_handler fault=%p base=%p size=%lx page=%lx signo=%d\n", faulting_address, stack_base, (unsigned long) stack_size, (unsigned long) page_size, signo); write (STDERR_FILENO, buf, strlen (buf)); } # endif # endif } die (signo); } # endif static void null_action (int signo __attribute__ ((unused))) { } /* Set up ACTION so that it is invoked on C stack overflow. Return -1 (setting errno) if this cannot be done. When ACTION is called, it is passed an argument equal to SIGSEGV for a segmentation violation that does not appear related to stack overflow, and is passed zero otherwise. On many platforms it is hard to tell; when in doubt, zero is passed. A null ACTION acts like an action that does nothing. ACTION must be async-signal-safe. ACTION together with its callees must not require more than SIGSTKSZ bytes of stack space. */ int c_stack_action (void (*action) (int)) { int r; stack_t st; st.ss_flags = 0; st.ss_sp = alternate_signal_stack.buffer; st.ss_size = sizeof alternate_signal_stack.buffer; r = sigaltstack (&st, 0); if (r != 0) return r; segv_action = action ? action : null_action; program_error_message = _("program error"); stack_overflow_message = _("stack overflow"); { # if SIGACTION_WORKS struct sigaction act; sigemptyset (&act.sa_mask); /* POSIX 1003.1-2001 says SA_RESETHAND implies SA_NODEFER, but this is not true on Solaris 8 at least. It doesn't hurt to use SA_NODEFER here, so leave it in. */ act.sa_flags = SA_NODEFER | SA_ONSTACK | SA_RESETHAND | SA_SIGINFO; act.sa_sigaction = segv_handler; return sigaction (SIGSEGV, &act, 0); # else return signal (SIGSEGV, die) == SIG_ERR ? -1 : 0; # endif } } #else /* ! (HAVE_SIGALTSTACK && HAVE_DECL_SIGALTSTACK) */ int c_stack_action (void (*action) (int) __attribute__ ((unused))) { errno = ENOTSUP; return -1; } #endif #if DEBUG int volatile exit_failure; static long recurse (char *p) { char array[500]; array[0] = 1; return *p + recurse (array); } char *program_name; int main (int argc __attribute__ ((unused)), char **argv) { program_name = argv[0]; fprintf (stderr, "The last output line should contain \"stack overflow\".\n"); if (c_stack_action (0) == 0) return recurse ("\1"); perror ("c_stack_action"); return 1; } #endif /* DEBUG */ /* Local Variables: compile-command: "gcc -DDEBUG -g -O -Wall -W c-stack.c" End: */