[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Va
From: |
Eli Zaretskii |
Subject: |
bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Variable binding depth exceeds max-specpdl-size") |
Date: |
Thu, 17 Nov 2016 18:21:24 +0200 |
> From: npostavs@users.sourceforge.net
> Cc: 24751@debbugs.gnu.org
> Date: Wed, 16 Nov 2016 18:25:22 -0500
>
> One more question, is this comment (around line 1198) now obsolete? (if
> not, it sounds like we might still have some serious problems)
>
> /* Define MATCH_MAY_ALLOCATE unless we need to make sure that the
> searching and matching functions should not call alloca. On some
> systems, alloca is implemented in terms of malloc, and if we're
> using the relocating allocator routines, then malloc could cause a
> relocation, which might (if the strings being searched are in the
> ralloc heap) shift the data out from underneath the regexp
> routines.
>
> Here's another reason to avoid allocation: Emacs
> processes input from X in a signal handler; processing X input may
> call malloc; if input arrives while a matching routine is calling
> malloc, then we're scrod. But Emacs can't just block input while
> calling matching routines; then we don't notice interrupts when
> they come in. So, Emacs blocks input around all regexp calls
> except the matching calls, which it leaves unprotected, in the
> faith that they will not malloc. */
The second part is obsolete: we no longer do anything significant from
a signal handler, we just set a flag.
The first part is not obsolete, but its reasoning is backwards:
SAFE_ALLOCA indeed can call malloc, but it could only cause relocation
if REGEX_MALLOC is defined (and ralloc.c is compiled in). And when
you define REGEX_MALLOC, MATCH_MAY_ALLOCATE is undefined. So the text
there should be revised.
> Also this one (around line 430)
>
> /* Should we use malloc or alloca? If REGEX_MALLOC is not defined, we
> use `alloca' instead of `malloc'. This is because using malloc in
> re_search* or re_match* could cause memory leaks when C-g is used in
> Emacs; also, malloc is slower and causes storage fragmentation. On
> the other hand, malloc is more portable, and easier to debug.
>
> Because we sometimes use alloca, some routines have to be macros,
> not functions -- `alloca'-allocated space disappears at the end of the
> function it is called in. */
This is correct AFAIU, but perhaps it's worth adding that even if
SAFE_ALLOCA decides to call malloc, it takes care to set up
unwind-protect scheme that will free the allocated memory upon C-g (or
any other throw-type op), and avoid leaking memory.
Thanks.
- bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Variable binding depth exceeds max-specpdl-size"), Eli Zaretskii, 2016/11/04
- bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Variable binding depth exceeds max-specpdl-size"), npostavs, 2016/11/05
- bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Variable binding depth exceeds max-specpdl-size"), Eli Zaretskii, 2016/11/06
- bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Variable binding depth exceeds max-specpdl-size"), npostavs, 2016/11/13
- bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Variable binding depth exceeds max-specpdl-size"), Eli Zaretskii, 2016/11/13
- bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Variable binding depth exceeds max-specpdl-size"), npostavs, 2016/11/14
- bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Variable binding depth exceeds max-specpdl-size"), Eli Zaretskii, 2016/11/15
- bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Variable binding depth exceeds max-specpdl-size"), npostavs, 2016/11/15
- bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Variable binding depth exceeds max-specpdl-size"), Eli Zaretskii, 2016/11/16
- bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Variable binding depth exceeds max-specpdl-size"), npostavs, 2016/11/16
- bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Variable binding depth exceeds max-specpdl-size"),
Eli Zaretskii <=
- bug#24751: 26.0.50; Regex stack overflow not detected properly (gets "Variable binding depth exceeds max-specpdl-size"), Eli Zaretskii, 2016/11/19