ansaurus

Question

SetJmp/LongJmp: Why is this throwing a segfault?

Answer 1

+6 A:

You can only longjmp() back up the call stack. The call to longjmp(b_buf, 1) is where things start to go wrong, because the stack frame referenced by b_buf no longer exists after the longjmp(a_buf).

From the documentation for longjmp:

The longjmp() routines may not be called after the routine which called the setjmp() routines returns.

This includes "returning" through a longjmp() out of the function.

Greg Hewgill 2009-09-04 23:28:07

Is there a way to longjmp down the stack frame? Is it possible to copy the stack from b to b_helper into the heap and executing from there?Also, why is the stack frame referenced by b_buf no longer valid after jumping up the call stack?

jameszhao00 2009-09-04 23:31:25

Once a part of the stack is released, it's completely invalid (other function calls, interrupts or whatever might overwrite the memory).

Michael Burr 2009-09-04 23:34:41

You can think of a `longjmp()` as an "extended return". A successful `longjmp()` works like a series of successive returns, unwinding the call stack until it reaches the corresponding `setjmp()`. Once the call stack frames are unwound, they are no longer valid. This is in contrast to implementations of coroutines (eg. Modula-2) or continuations (eg. Scheme) where the call stack remains valid after jumping somewhere else. C and C++ only support a single linear call stack, *unless* you use threads where you create multiple independent call stacks.

Greg Hewgill 2009-09-04 23:37:06

@jameszhao00 - I think that to have any hope of doing something like what it seems you're after will require dropping into assembly code. Whether it's a good idea to pursue is another question altogether.

Michael Burr 2009-09-04 23:38:08

Ah. So basically I can do a GCC force-inline of b_helper() and at the end of b_helper() longjmp back to a?

jameszhao00 2009-09-04 23:42:47

@jameszhao00: but if you are looking to do coroutines in C, take a look at http://www.chiark.greenend.org.uk/~sgtatham/coroutines.html whcih describes using state variables and switch statements to get a similar effect.

Michael Burr 2009-09-04 23:43:51

Also, I don't get why after I longjmp back to a from b_helper() the b_helper() frame is still valid. According to the docs it should've been unwound.

jameszhao00 2009-09-04 23:44:26

The point is the b_helper() frame is *not* valid, and `b_buf` refers to an invalid frame. The fact that execution continues to the end of `b_helper()` is an accident.

Greg Hewgill 2009-09-04 23:46:21

Ah I see. Thanks.

jameszhao00 2009-09-04 23:47:32

Answer 2

+2 A:

The standard says this about longjmp() (7.13.2.1 The longjmp function):

The longjmp function restores the environment saved by the most recent invocation of the setjmp macro in the same invocation of the program with the corresponding jmp_buf argument. If there has been no such invocation, or if the function containing the invocation of the setjmp macro has terminated execution in the interim

with a footnote that clarifies this a bit:

For example, by executing a return statement or because another longjmp call has caused a transfer to a setjmp invocation in a function earlier in the set of nested calls.

So you can't longjmp() back & forth across nested setjmp/longjmp sets.

Michael Burr 2009-09-04 23:30:47

ansaurus

tags:

views:

answers:

SetJmp/LongJmp: Why is this throwing a segfault?

related questions