On Wed, Aug 22, 2012 at 11:09 AM, Brandon Casey <draf...@gmail.com> wrote:
> On Wed, Aug 22, 2012 at 10:41 AM, Johannes Sixt <j...@kdbg.org> wrote:

>> Don't use x* wrappers in the compat layer, at least not those that
>> allocate memory: They behave unpredictably due to try_to_free_routine
>> and may lead to recursive invocations.
>
> I thought that rule only applied to die handlers.  i.e. don't use the
> x* wrappers to allocate memory in a die handler like
> compat/win32/syslog.c.  At least that's what I wrote in 040a6551 when
> you pointed out this issue back then.
>
> Admittedly, it could get pretty sticky trying to trace the die
> handlers to ensure they don't invoke your new compat/ function.  So,
> yeah, adopting this rule of not using x* wrappers that allocate memory
> in compat/ generally seems like a good idea.
>
> Should we also try to detect recursive invocation of die and friends?
> In theory recursion could be triggered by any die handler that makes
> use of a code path that calls an x* wrapper that allocates memory,
> couldn't it?

Perhaps something like:

diff --git a/usage.c b/usage.c
index a2a6678..2d0ff35 100644
--- a/usage.c
+++ b/usage.c
@@ -80,8 +80,15 @@ void NORETURN usage(const char *err)

 void NORETURN die(const char *err, ...)
 {
+       static int dying;
        va_list params;

+       if (dying) {
+               fputs("fatal: recursion detected in die handler\n", stderr);
+               exit(128);
+       }
+       dying = 1;
+
        va_start(params, err);
        die_routine(err, params);
        va_end(params);
@@ -89,11 +96,18 @@ void NORETURN die(const char *err, ...)

 void NORETURN die_errno(const char *fmt, ...)
 {
+       static int dying;
        va_list params;
        char fmt_with_err[1024];
        char str_error[256], *err;
        int i, j;

+       if (dying) {
+               fputs("fatal: recursion detected in die handler\n", stderr);
+               exit(128);
+       }
+       dying = 1;
+
        err = strerror(errno);
        for (i = j = 0; err[i] && j < sizeof(str_error) - 1; ) {
                if ((str_error[j++] = err[i++]) != '%')

-Brandon
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to