c-stack.m4 11.8 KB
Newer Older
Jim Meyering's avatar
Jim Meyering committed
1 2
# Check prerequisites for compiling lib/c-stack.c.

3
# Copyright (C) 2002-2004, 2008-2018 Free Software Foundation, Inc.
4 5 6
# This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
Jim Meyering's avatar
Jim Meyering committed
7 8 9

# Written by Paul Eggert.

10
# serial 16
11

Jim Meyering's avatar
Jim Meyering committed
12
AC_DEFUN([AC_SYS_XSI_STACK_OVERFLOW_HEURISTIC],
13
  [
14
   AC_REQUIRE([AC_CANONICAL_HOST])
15 16
   AC_CHECK_FUNCS_ONCE([setrlimit])
   AC_CHECK_HEADERS_ONCE([ucontext.h])
Jim Meyering's avatar
Jim Meyering committed
17

18 19 20 21
   dnl List of signals that are sent when an invalid virtual memory address
   dnl is accessed, or when the stack overflows.
   dnl Either { SIGSEGV } or { SIGSEGV, SIGBUS }.
   case "$host_os" in
22
     sunos4* | freebsd* | dragonfly* | openbsd* | mirbsd* | netbsd* | kfreebsd* | knetbsd*) # BSD systems
23 24 25
       FAULT_YIELDS_SIGBUS=1 ;;
     hpux*) # HP-UX
       FAULT_YIELDS_SIGBUS=1 ;;
26
     macos* | darwin*) # Mac OS X
27 28 29 30 31 32 33 34 35
       FAULT_YIELDS_SIGBUS=1 ;;
     gnu*) # Hurd
       FAULT_YIELDS_SIGBUS=1 ;;
     *)
       FAULT_YIELDS_SIGBUS=0 ;;
   esac
   AC_DEFINE_UNQUOTED([FAULT_YIELDS_SIGBUS], [$FAULT_YIELDS_SIGBUS],
     [Define to 1 if an invalid memory address access may yield a SIGBUS.])

Jim Meyering's avatar
Jim Meyering committed
36
   AC_CACHE_CHECK([for working C stack overflow detection],
37
     [ac_cv_sys_stack_overflow_works],
38 39 40 41 42 43 44 45 46 47 48 49
     [AC_RUN_IFELSE([AC_LANG_SOURCE(
           [[
            #include <unistd.h>
            #include <signal.h>
            #if HAVE_SETRLIMIT
            # include <sys/types.h>
            # include <sys/time.h>
            # include <sys/resource.h>
            #endif
            #ifndef SIGSTKSZ
            # define SIGSTKSZ 16384
            #endif
50

51 52 53 54 55 56 57
            static union
            {
              char buffer[2 * SIGSTKSZ];
              long double ld;
              long u;
              void *p;
            } alternate_signal_stack;
58

59 60 61 62 63
            static void
            segv_handler (int signo)
            {
              _exit (0);
            }
64

65 66 67 68 69 70
            static int
            c_stack_action ()
            {
              stack_t st;
              struct sigaction act;
              int r;
71

72 73 74 75 76 77
              st.ss_flags = 0;
              /* Use the midpoint to avoid Irix sigaltstack bug.  */
              st.ss_sp = alternate_signal_stack.buffer + SIGSTKSZ;
              st.ss_size = SIGSTKSZ;
              r = sigaltstack (&st, 0);
              if (r != 0)
78
                return 1;
79

80 81 82 83 84
              sigemptyset (&act.sa_mask);
              act.sa_flags = SA_NODEFER | SA_ONSTACK | SA_RESETHAND;
              act.sa_handler = segv_handler;
              #if FAULT_YIELDS_SIGBUS
              if (sigaction (SIGBUS, &act, 0) < 0)
85
                return 2;
86
              #endif
87 88 89
              if (sigaction (SIGSEGV, &act, 0) < 0)
                return 3;
              return 0;
90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106
            }
            static volatile int *
            recurse_1 (volatile int n, volatile int *p)
            {
              if (n >= 0)
                *recurse_1 (n + 1, p) += n;
              return p;
            }
            static int
            recurse (volatile int n)
            {
              int sum = 0;
              return *recurse_1 (n, &sum);
            }
            int
            main ()
            {
107
              int result;
108 109 110 111 112 113 114 115 116
              #if HAVE_SETRLIMIT && defined RLIMIT_STACK
              /* Before starting the endless recursion, try to be friendly
                 to the user's machine.  On some Linux 2.2.x systems, there
                 is no stack limit for user processes at all.  We don't want
                 to kill such systems.  */
              struct rlimit rl;
              rl.rlim_cur = rl.rlim_max = 0x100000; /* 1 MB */
              setrlimit (RLIMIT_STACK, &rl);
              #endif
117

118 119 120 121
              result = c_stack_action ();
              if (result != 0)
                return result;
              return recurse (0);
122 123
            }
           ]])],
124 125
        [ac_cv_sys_stack_overflow_works=yes],
        [ac_cv_sys_stack_overflow_works=no],
126 127 128 129 130 131 132
        [case "$host_os" in
                   # Guess no on native Windows.
           mingw*) ac_cv_sys_stack_overflow_works="guessing no" ;;
           *)      ac_cv_sys_stack_overflow_works=cross-compiling ;;
         esac
        ])
     ])
133

134
  if test "$ac_cv_sys_stack_overflow_works" = yes; then
135 136 137 138 139
   AC_DEFINE([HAVE_STACK_OVERFLOW_HANDLING], [1],
     [Define to 1 if extending the stack slightly past the limit causes
      a SIGSEGV which can be handled on an alternate stack established
      with sigaltstack.])

140 141 142 143 144 145
    dnl The ss_sp field of a stack_t is, according to POSIX, the lowest address
    dnl of the memory block designated as an alternate stack. But IRIX 5.3
    dnl interprets it as the highest address!
    AC_CACHE_CHECK([for correct stack_t interpretation],
      [gl_cv_sigaltstack_low_base], [
      AC_RUN_IFELSE([
146
        AC_LANG_SOURCE([[
147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189
#include <stdlib.h>
#include <signal.h>
#if HAVE_SYS_SIGNAL_H
# include <sys/signal.h>
#endif
#ifndef SIGSTKSZ
# define SIGSTKSZ 16384
#endif
volatile char *stack_lower_bound;
volatile char *stack_upper_bound;
static void check_stack_location (volatile char *addr)
{
  if (addr >= stack_lower_bound && addr <= stack_upper_bound)
    exit (0);
  else
    exit (1);
}
static void stackoverflow_handler (int sig)
{
  char dummy;
  check_stack_location (&dummy);
}
int main ()
{
  char mystack[2 * SIGSTKSZ];
  stack_t altstack;
  struct sigaction action;
  /* Install the alternate stack.  */
  altstack.ss_sp = mystack + SIGSTKSZ;
  altstack.ss_size = SIGSTKSZ;
  stack_lower_bound = (char *) altstack.ss_sp;
  stack_upper_bound = (char *) altstack.ss_sp + altstack.ss_size - 1;
  altstack.ss_flags = 0; /* no SS_DISABLE */
  if (sigaltstack (&altstack, NULL) < 0)
    exit (2);
  /* Install the SIGSEGV handler.  */
  sigemptyset (&action.sa_mask);
  action.sa_handler = &stackoverflow_handler;
  action.sa_flags = SA_ONSTACK;
  if (sigaction (SIGSEGV, &action, (struct sigaction *) NULL) < 0)
    exit(3);
  /* Provoke a SIGSEGV.  */
  raise (SIGSEGV);
190
  exit (4);
191 192 193 194 195 196
}]])],
      [gl_cv_sigaltstack_low_base=yes],
      [gl_cv_sigaltstack_low_base=no],
      [gl_cv_sigaltstack_low_base=cross-compiling])])
   if test "$gl_cv_sigaltstack_low_base" = no; then
      AC_DEFINE([SIGALTSTACK_SS_REVERSED], [1],
197 198 199
        [Define if sigaltstack() interprets the stack_t.ss_sp field
         incorrectly, as the highest address of the alternate stack range
         rather than as the lowest address.])
200 201
    fi

202
   AC_CACHE_CHECK([for precise C stack overflow detection],
203
     [ac_cv_sys_xsi_stack_overflow_heuristic],
204 205 206 207 208 209 210 211 212 213 214 215 216 217 218
     [AC_RUN_IFELSE([AC_LANG_SOURCE(
           [[
            #include <unistd.h>
            #include <signal.h>
            #if HAVE_UCONTEXT_H
            # include <ucontext.h>
            #endif
            #if HAVE_SETRLIMIT
            # include <sys/types.h>
            # include <sys/time.h>
            # include <sys/resource.h>
            #endif
            #ifndef SIGSTKSZ
            # define SIGSTKSZ 16384
            #endif
Jim Meyering's avatar
Jim Meyering committed
219

220 221 222 223 224 225 226
            static union
            {
              char buffer[2 * SIGSTKSZ];
              long double ld;
              long u;
              void *p;
            } alternate_signal_stack;
Jim Meyering's avatar
Jim Meyering committed
227

228 229 230 231 232 233 234 235 236 237 238
            #if STACK_DIRECTION
            # define find_stack_direction(ptr) STACK_DIRECTION
            #else
            static int
            find_stack_direction (char const *addr)
            {
              char dummy;
              return (! addr ? find_stack_direction (&dummy)
                      : addr < &dummy ? 1 : -1);
            }
            #endif
Jim Meyering's avatar
Jim Meyering committed
239

240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257
            static void
            segv_handler (int signo, siginfo_t *info, void *context)
            {
              if (0 < info->si_code)
                {
                  /* For XSI heuristics to work, we need uc_stack to describe
                     the interrupted stack (as on Solaris), and not the
                     currently executing stack (as on Linux).  */
                  ucontext_t const *user_context = context;
                  char const *stack_min = user_context->uc_stack.ss_sp;
                  size_t stack_size = user_context->uc_stack.ss_size;
                  char const *faulting_address = info->si_addr;
                  size_t s = faulting_address - stack_min;
                  size_t page_size = sysconf (_SC_PAGESIZE);
                  if (find_stack_direction (0) < 0)
                    s += page_size;
                  if (s < stack_size + page_size)
                    _exit (0);
258
                  _exit (4);
259
                }
260
              _exit (5);
261
            }
Jim Meyering's avatar
Jim Meyering committed
262

263 264 265 266 267 268
            static int
            c_stack_action ()
            {
              stack_t st;
              struct sigaction act;
              int r;
Jim Meyering's avatar
Jim Meyering committed
269

270 271 272 273 274 275
              st.ss_flags = 0;
              /* Use the midpoint to avoid Irix sigaltstack bug.  */
              st.ss_sp = alternate_signal_stack.buffer + SIGSTKSZ;
              st.ss_size = SIGSTKSZ;
              r = sigaltstack (&st, 0);
              if (r != 0)
276
                return 1;
Jim Meyering's avatar
Jim Meyering committed
277

278 279 280 281 282
              sigemptyset (&act.sa_mask);
              act.sa_flags = SA_NODEFER | SA_ONSTACK | SA_RESETHAND | SA_SIGINFO;
              act.sa_sigaction = segv_handler;
              #if FAULT_YIELDS_SIGBUS
              if (sigaction (SIGBUS, &act, 0) < 0)
283
                return 2;
284
              #endif
285 286 287
              if (sigaction (SIGSEGV, &act, 0) < 0)
                return 3;
              return 0;
288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304
            }
            static volatile int *
            recurse_1 (volatile int n, volatile int *p)
            {
              if (n >= 0)
                *recurse_1 (n + 1, p) += n;
              return p;
            }
            static int
            recurse (volatile int n)
            {
              int sum = 0;
              return *recurse_1 (n, &sum);
            }
            int
            main ()
            {
305
              int result;
306 307 308 309 310 311 312 313 314
              #if HAVE_SETRLIMIT && defined RLIMIT_STACK
              /* Before starting the endless recursion, try to be friendly
                 to the user's machine.  On some Linux 2.2.x systems, there
                 is no stack limit for user processes at all.  We don't want
                 to kill such systems.  */
              struct rlimit rl;
              rl.rlim_cur = rl.rlim_max = 0x100000; /* 1 MB */
              setrlimit (RLIMIT_STACK, &rl);
              #endif
315

316 317 318 319
              result = c_stack_action ();
              if (result != 0)
                return result;
              return recurse (0);
320 321
            }
           ]])],
322 323 324
        [ac_cv_sys_xsi_stack_overflow_heuristic=yes],
        [ac_cv_sys_xsi_stack_overflow_heuristic=no],
        [ac_cv_sys_xsi_stack_overflow_heuristic=cross-compiling])])
Jim Meyering's avatar
Jim Meyering committed
325 326

   if test $ac_cv_sys_xsi_stack_overflow_heuristic = yes; then
327
     AC_DEFINE([HAVE_XSI_STACK_OVERFLOW_HEURISTIC], [1],
Jim Meyering's avatar
Jim Meyering committed
328
       [Define to 1 if extending the stack slightly past the limit causes
329 330 331 332 333 334
        a SIGSEGV, and an alternate stack can be established with sigaltstack,
        and the signal handler is passed a context that specifies the
        run time stack.  This behavior is defined by POSIX 1003.1-2001
        with the X/Open System Interface (XSI) option
        and is a standardized way to implement a SEGV-based stack
        overflow detection heuristic.])
335 336
   fi
  fi])
Jim Meyering's avatar
Jim Meyering committed
337 338


339
AC_DEFUN([gl_PREREQ_C_STACK],
Jim Meyering's avatar
Jim Meyering committed
340
  [AC_REQUIRE([AC_SYS_XSI_STACK_OVERFLOW_HEURISTIC])
341
   AC_REQUIRE([gl_LIBSIGSEGV])
Jim Meyering's avatar
Jim Meyering committed
342 343 344 345

   # for STACK_DIRECTION
   AC_REQUIRE([AC_FUNC_ALLOCA])

346
   AC_CHECK_FUNCS_ONCE([sigaltstack])
347
   AC_CHECK_DECLS([sigaltstack], , , [[#include <signal.h>]])
Jim Meyering's avatar
Jim Meyering committed
348

349
   AC_CHECK_HEADERS_ONCE([unistd.h ucontext.h])
Jim Meyering's avatar
Jim Meyering committed
350

351 352 353 354 355 356 357 358 359
   AC_CHECK_TYPES([stack_t], , , [#include <signal.h>])

   dnl c-stack does not need -lsigsegv if the system has XSI heuristics.
   if test "$gl_cv_lib_sigsegv" = yes \
       && test $"ac_cv_sys_xsi_stack_overflow_heuristic" != yes ; then
     AC_SUBST([LIBCSTACK], [$LIBSIGSEGV])
     AC_SUBST([LTLIBCSTACK], [$LTLIBSIGSEGV])
   fi
])
360 361 362 363

AC_DEFUN([gl_C_STACK],
[
  dnl Prerequisites of lib/c-stack.c.
364
  gl_PREREQ_C_STACK
365
])