On 2019-03-25 20:28 +0000, Jonny Grant wrote:
> Hi!
>
> On 25/03/2019 17:14, Florian Weimer wrote:
> > * Andrew Haley:
> >
> > > On 3/25/19 2:01 PM, Florian Weimer wrote:
> > > > * Xi Ruoyao:
> > > >
> > > > > On 2019-03-25 13:06 +0000, Jonny Grant wrote:
> > > > > > I built & ran with the Sanitizer, it seems it's also stack overflow
> > > > > > within the operator new()
> > > > > >
> > > > > > I had thoughts GCC would generate code that monitored the stack size
> > > > > > and
> > > > > > aborted with a clear message when the stack size was exceeded.
> > > > > > Looked
> > > > > > online, and it doesn't seem to be the case.
> > > > >
> > > > > Impossible. We can't distinguish "stack overflow" with other
> > > > > segmentation
> > > > > faults.
> > > >
> > > > I think “impossible” is too strong.
> > >
> > > It is. We do it with stack banging and a few guard pages in the HotSpot
> > > JVM.
> > > The problem is that recovering well enough to throw an exception requires
> > > some quite hairy non-portable code.
> >
> > Of course it's going to be non-portable. Ideally, this would be
> > handled out-of-process: the shell registers itself with the system
> > coredump handler, and the handler analyzes the crash and provides
> > information back to the shell for display.
> >
> > It's quite difficult to get there, but it's certainly not impossible.
> > We really should have lightweight tracebacks for aborts and the like
> > in C/C++ code. Right now, every moderately large piece of software
> > tries to write their robust in-process crash handler, with varying
> > results.
> > .
>
> Could GCC add a simple crash handler? maybe -fcrash-handler
I suggest -lcrash-handler. We can implement a crash handler, register it in
library initialization in libcrash-handler.so. Then we don't need to hack GCC
code.
We can borrow most of code from glibc libSegFault.so. Perhaps I'll do this work
if I can overcome my laziness.
> C++ exceptions show a few clues when there is a crash, which is helpful, eg:
>
> // g++-8 -Wall -o cpp cpp.cpp
> #include <vector>
> int main()
> {
> std::vector<int> v;
> return v.at(0);
> }
>
>
> $ ./cpp
> terminate called after throwing an instance of 'std::out_of_range'
> what(): vector::_M_range_check: __n (which is 0) >= this->size()
> (which is 0)
> Aborted
I'm not familiar with C++ exception. Maybe we can convert some instances of
unhandled signals to something like __gnu_cxx::unhandled_signal_exception, but I
believe that would require ABI changes.
--
Xi Ruoyao <xry111@xxxxxxxxxxxxxxxx>
School of Aerospace Science and Technology, Xidian University
