|
From: | Paul Eggert |
Subject: | Re: [RFC] sigaltstack + longjmp to protect from C stack overflow |
Date: | Mon, 25 Aug 2014 08:06:09 -0700 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.0 |
Thanks for looking into this. A few comments:'handle_sigsegv' tries to guess direction of stack growth, but shouldn't stack growth direction be determined at startup? That should be more reliable than guessing from what may be a stray pointer reference.
init_signals need not use xmalloc to allocate the alternate stack, since it's of fixed size and Emacs always needs it. We should be able to allocate the stack statically.
sys/resource.h is not available everywhere; include it only if HAVE_SYS_RESOURCE_H is defined. Similarly, use struct rlimit and getrlimit only if HAVE_GETRLIMIT is defined, and use sigaltstack only if HAVE_SIGALTSTACK is defined (you'll need to modify configure.ac for that). And the code should do the right thing (i.e., stick with thread_fatal_action instead of sigsegv_action) if SA_SIGINFO and/or SA_ONSTACK are not defined. Come to think of it, check for all the above issues and do the sigsegv_action stuff only if all the macros check out.
There's no need to abort if sigaltstack fails. Just let Emacs go on as it does now, and use thread_fatal_action.
[Prev in Thread] | Current Thread | [Next in Thread] |