libcxc / Blog: Recent posts

Arrrgh... too fast, too furious... :)
- Fixed: manpage: CX_THROW_MAIN() and cx_test_sigexc() description.
- Fixed: CX_THROW_MAIN() and cx_test_sigexc() should have "artificial" attribute, for debugging.

Files for v1.7.0 removed.

• Added two helper functions: CX_THROW_MAIN() and cx_test_sigexc(): manpage updated.
• Few small fixes.

Few small optimizations, which are improving the performance in common use cases.

• Added: (mislooked): An alias for CX_CATCH_SIGNAL, which is used by CX_CATCH_SIG_MASK().

Optimization: added aliases for some exported functions which are used internally. A bit faster code.

• Added: cx_get_signal(), cx_get_value(), cx_get_flags(): accessors for particular fields of cx_entry structure.
• Change: Dropped support for C++ programs whith exceptions enabled: using 2 exception handling systems leads to a mess.
• Update: returncode.h v0.7.1
• Few other small fixes.

• Update: returncode.h v0.6.9: fixed problem in c++ builds: define STDC_LIMIT_MACROS, fixed: RCD_SET_OK() should use RCD_OK as the rcode, not RCD_VAL.
• Fixed: make uninstall should remove the $(includedir)/cxc directory.

This version introduces a small optimisation:
cx_stk_t.sig_sa is now initialized once per thread - init code moved from CX_CATCH_SIGNAL() to CX_INIT().
(in fact this should be done long time ago :) )

BTW, for the first time I've checked how much time the test program takes to execute:
on my machine it's only 15 miliseconds...
In 15 miliseconds 11 threads are crashing (some of them several times and in different ways) and are overflowing the stacks and buffers... - and the program returns success, since every crash is catched ;)

During upgrade of one of existing projects to a new version of libcxc, it showed up that there is one more (minor) regression:
- Fixed: Some versions of gcc are refusing to inline CX_RESTART(), due to "noreturn" attribute -> now CX_RESTART is a macro.

• Fixed: an awful regression in v1.5.3 : CX_BREAK must not call cx_disconnect - never, ever - I must have been walking in a sleep when I've changed this :)
• Added: automatic thread crash detection: a special signal is sent to main thread when unhandled signal is deteced in one of sub-threads. See manpage.
• Change: safe implementation of cx_backtrace().
• Added: cx_backtrace_buf() - printing to a specified buffer.
• Change: removed instance counter - interlocking in cx_backtrace() is no longer needed.
• Change: updated returncode.h to v0.6.7... read more

This version introduces few important bug fixes, most important are:
- Fixed: (BUG) CX_BREAK must call cx_disconnect().
- Fixed: (BUG) CX_DESTROY() should check the cx_ret status.
- Fixed: CX_CATCH_SIGNAL() is now checking whether the handler is already installed.
- Fixed: (TEST) test_td_stack_ovf(): infinite loop in optimized builds: GCC can remove nested calls from level O2 up -> optimisations are now disabled for this test.... read more

• TEST: test with different kernels: x86/amd64/ARM, kernels: 2.6.31/2, 3.2.0, 3.16.0: PASSED! :)
• Cleanup: calls to perror() should be disabled in release build.

The problem with v1.4.4 is in fact documented: pthreads(7):
"If two threads handle signals on their shared alternate signal stack at the same time, unpredictable program failures are likely to occur."
...even if the handler is fully re-entrant and there's enough space on the stack?

• Fixed: CX_INIT(): possibly uninitialized smsize variable. Mislooked, discovered while testing with newer gcc version, which have issued a warning.

Files for v1.5.0 removed.

• Change: CX_INIT(): cx_stack and sig stack are now placed in a single protected buffer with an additional locked page in between. The final buffer map looks like this: [xx][cx_stack][xx][sig_stack][xx] (xx - locked page). This way 1 page is saved per thread.
• Change: changed some variable types to get more optimal executable code, what have caused small changes to lib iface. Added few local vars to hold tls variables, what makes debug builds behaving more similarily to optimized ones.
• Change: cx_sig_handler() sets cx_entry.uval to siginfo->si_code, if user handler is not provided for current nesting level. si_code is representing a reason for sending the signal, so it represents "a class" of signal. Address is not as meaningfull from the runtime point of view.
• Fixed: cx_ldini(): should initialise the cx_stack ptr to NULL;
• Fixed: CX_DESTROY(): should set cx_ret on error.
• Fixed: CX_INIT(): cx_ninst must be set before calling CX_DESTROY()

• Fixed: (BUG) Test program randomly fails a on single-core x86/amd64 CPUs or when the affinity is set to a single core. (stack access race).
  Apparently, the kernel fails when alternate signal stack is shared among threads.
  The situation looks like follows: when signal is delivered to sub-thread rather than to main (f.e. SIGSEGV), then sig handler blocks signals only for particular thread. If at the same time another signal is generated for another sub-thread, then it will/can interrupt currently executed handler, and tries to use the same stack.
  Normally this is not a problem - it works in single threaded programs - but it fails for mt.
  Solution: even though this is extremely rare situation, the lib must allocate per-thread alternate signal stacks.

Known BUGS:
1. Test program randomly fails on a single-core x86/amd64 CPUs or when the affinity is set to a single core. It's really hard to trace programs which are changing the stacks, so currently this problem is not solved. However, at this moment it seems that the kernel and/or pthread implemetation has a bug. The test have never failed on a single-core ARM build - this is interesting... (GCC bug?). None of the real-life apps have exposed this problem (but that's obviously not an excuse - just a hint).... read more

• Fixed: (old BUG) cx_backtrace() always prints full cx_stack, ignoring mode arg.
• Fixed: cx_backtrace() prints wrong cx_stack address.
• Fixed: manpage: bad explanation of CX_BREAK behaviour.
• Added: valgrind Client Request: VALGRIND_STACK_(DE)REGISTER in debug builds.

Full list in ChgLog.

Bugfix release:
- Fixed: (Regression) CX_INIT() fails when non-default sig_stksz is used.

Such situation was not checked in a test program, and it was catched in a completely separate project.
Test program updated.

Files for v1.4.0 removed.

Most important changes:
1. cx_secured_buf() and cx_free_sec_buf() are far more easier to use now, since the user no longer needs to care about secm_t - in fact, this struct is now "private".
2. new funcion: CX_CATCH_SIG_MASK() allows to register several signal handlers in a single call.

Manpage updated and improved. See ChangeLog for full list of changes.

Two important changes have been introduced in this version:

1. handler for SIGSEGV is no longer installed by default: it was not so good idea, cause f.e. the app could need to allow segfaults in debug builds.

2. new CXF_SIG_NC action flag added. This allows user' sig handler to prevent catching the signal. Of course the same behaviour could be achieved by just registering custom sigaction, but this solution allows to use already existing code, and additionally it leaves a trace on the cx_stack.... read more

Fixed:
Registered signal triggered outside of top-level TRY-CATCH-END section can create infinite loop trough propagation. Now, the cx_sig_handler() is checking whether the cx_stack was destroyed or if the current stack offset is negative. In such case it will call exit(3).

(perhaps the lib should be moved to c99 and use _exit() ... )

Few non-critical fixes and some cleanups...

Bugfix release:
- Fixed: test prog: main td: updated unwound macro code : don't call cx_get_entry().
- Fixed: cx_propagate(cx_entry* ent) declared as cx_propagate()
- Fixed: (package) missing library header afer installation (makefile bug).

Exceptions and signal handler stacks are now mprotect()-ed buffers.
New functions for handling the protected buffers and new CX_MARK macro.
Few small bugfixes and optimisations.

Manpage updated.

Although this lib is dedicated for C language, it can be used as part of C++ programs - and the __THROW macro in returncode.h didn't work in C++ mode - Fixed.