1 |
281 |
jeremybenn |
------------------------------------------------------------------------------
|
2 |
|
|
-- --
|
3 |
|
|
-- GNAT RUN-TIME LIBRARY (GNARL) COMPONENTS --
|
4 |
|
|
-- --
|
5 |
|
|
-- S Y S T E M . S T A C K _ C H E C K I N G . O P E R A T I O N S --
|
6 |
|
|
-- --
|
7 |
|
|
-- B o d y --
|
8 |
|
|
-- --
|
9 |
|
|
-- Copyright (C) 1999-2009, Free Software Foundation, Inc. --
|
10 |
|
|
-- --
|
11 |
|
|
-- GNARL is free software; you can redistribute it and/or modify it under --
|
12 |
|
|
-- terms of the GNU General Public License as published by the Free Soft- --
|
13 |
|
|
-- ware Foundation; either version 3, or (at your option) any later ver- --
|
14 |
|
|
-- sion. GNAT is distributed in the hope that it will be useful, but WITH- --
|
15 |
|
|
-- OUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY --
|
16 |
|
|
-- or FITNESS FOR A PARTICULAR PURPOSE. --
|
17 |
|
|
-- --
|
18 |
|
|
-- As a special exception under Section 7 of GPL version 3, you are granted --
|
19 |
|
|
-- additional permissions described in the GCC Runtime Library Exception, --
|
20 |
|
|
-- version 3.1, as published by the Free Software Foundation. --
|
21 |
|
|
-- --
|
22 |
|
|
-- You should have received a copy of the GNU General Public License and --
|
23 |
|
|
-- a copy of the GCC Runtime Library Exception along with this program; --
|
24 |
|
|
-- see the files COPYING3 and COPYING.RUNTIME respectively. If not, see --
|
25 |
|
|
-- <http://www.gnu.org/licenses/>. --
|
26 |
|
|
-- --
|
27 |
|
|
-- GNARL was developed by the GNARL team at Florida State University. --
|
28 |
|
|
-- Extensive contributions were provided by Ada Core Technologies, Inc. --
|
29 |
|
|
-- --
|
30 |
|
|
------------------------------------------------------------------------------
|
31 |
|
|
|
32 |
|
|
-- This is the general implementation of this package. There is a VxWorks
|
33 |
|
|
-- specific version of this package (s-stchop-vxworks.adb). This file should
|
34 |
|
|
-- be kept synchronized with it.
|
35 |
|
|
|
36 |
|
|
pragma Restrictions (No_Elaboration_Code);
|
37 |
|
|
-- We want to guarantee the absence of elaboration code because the
|
38 |
|
|
-- binder does not handle references to this package.
|
39 |
|
|
|
40 |
|
|
with System.Storage_Elements; use System.Storage_Elements;
|
41 |
|
|
with System.Parameters; use System.Parameters;
|
42 |
|
|
with System.Soft_Links;
|
43 |
|
|
with System.CRTL;
|
44 |
|
|
|
45 |
|
|
package body System.Stack_Checking.Operations is
|
46 |
|
|
|
47 |
|
|
Kilobyte : constant := 1024;
|
48 |
|
|
|
49 |
|
|
function Set_Stack_Info
|
50 |
|
|
(Stack : not null access Stack_Access) return Stack_Access;
|
51 |
|
|
|
52 |
|
|
-- The function Set_Stack_Info is the actual function that updates the
|
53 |
|
|
-- cache containing a pointer to the Stack_Info. It may also be used for
|
54 |
|
|
-- detecting asynchronous abort in combination with Invalidate_Self_Cache.
|
55 |
|
|
|
56 |
|
|
-- Set_Stack_Info should do the following things in order:
|
57 |
|
|
-- 1) Get the Stack_Access value for the current task
|
58 |
|
|
-- 2) Set Stack.all to the value obtained in 1)
|
59 |
|
|
-- 3) Optionally Poll to check for asynchronous abort
|
60 |
|
|
|
61 |
|
|
-- This order is important because if at any time a write to the stack
|
62 |
|
|
-- cache is pending, that write should be followed by a Poll to prevent
|
63 |
|
|
-- loosing signals.
|
64 |
|
|
|
65 |
|
|
-- Note: This function must be compiled with Polling turned off
|
66 |
|
|
|
67 |
|
|
-- Note: on systems like VxWorks and OS/2 with real thread-local storage,
|
68 |
|
|
-- Set_Stack_Info should return an access value for such local
|
69 |
|
|
-- storage. In those cases the cache will always be up-to-date.
|
70 |
|
|
|
71 |
|
|
-- The following constants should be imported from some system-specific
|
72 |
|
|
-- constants package. The constants must be static for performance reasons.
|
73 |
|
|
|
74 |
|
|
----------------------------
|
75 |
|
|
-- Invalidate_Stack_Cache --
|
76 |
|
|
----------------------------
|
77 |
|
|
|
78 |
|
|
procedure Invalidate_Stack_Cache (Any_Stack : Stack_Access) is
|
79 |
|
|
pragma Warnings (Off, Any_Stack);
|
80 |
|
|
begin
|
81 |
|
|
Cache := Null_Stack;
|
82 |
|
|
end Invalidate_Stack_Cache;
|
83 |
|
|
|
84 |
|
|
-----------------------------
|
85 |
|
|
-- Notify_Stack_Attributes --
|
86 |
|
|
-----------------------------
|
87 |
|
|
|
88 |
|
|
procedure Notify_Stack_Attributes
|
89 |
|
|
(Initial_SP : System.Address;
|
90 |
|
|
Size : System.Storage_Elements.Storage_Offset)
|
91 |
|
|
is
|
92 |
|
|
My_Stack : constant Stack_Access := Soft_Links.Get_Stack_Info.all;
|
93 |
|
|
|
94 |
|
|
-- We piggyback on the 'Limit' field to store what will be used as the
|
95 |
|
|
-- 'Base' and leave the 'Size' alone to not interfere with the logic in
|
96 |
|
|
-- Set_Stack_Info below.
|
97 |
|
|
|
98 |
|
|
pragma Unreferenced (Size);
|
99 |
|
|
|
100 |
|
|
begin
|
101 |
|
|
My_Stack.Limit := Initial_SP;
|
102 |
|
|
end Notify_Stack_Attributes;
|
103 |
|
|
|
104 |
|
|
--------------------
|
105 |
|
|
-- Set_Stack_Info --
|
106 |
|
|
--------------------
|
107 |
|
|
|
108 |
|
|
function Set_Stack_Info
|
109 |
|
|
(Stack : not null access Stack_Access) return Stack_Access
|
110 |
|
|
is
|
111 |
|
|
type Frame_Mark is null record;
|
112 |
|
|
Frame_Location : Frame_Mark;
|
113 |
|
|
Frame_Address : constant Address := Frame_Location'Address;
|
114 |
|
|
|
115 |
|
|
My_Stack : Stack_Access;
|
116 |
|
|
Limit_Chars : System.Address;
|
117 |
|
|
Limit : Integer;
|
118 |
|
|
|
119 |
|
|
begin
|
120 |
|
|
-- The order of steps 1 .. 3 is important, see specification
|
121 |
|
|
|
122 |
|
|
-- 1) Get the Stack_Access value for the current task
|
123 |
|
|
|
124 |
|
|
My_Stack := Soft_Links.Get_Stack_Info.all;
|
125 |
|
|
|
126 |
|
|
if My_Stack.Base = Null_Address then
|
127 |
|
|
|
128 |
|
|
-- First invocation, initialize based on the assumption that there
|
129 |
|
|
-- are Environment_Stack_Size bytes available beyond the current
|
130 |
|
|
-- frame address.
|
131 |
|
|
|
132 |
|
|
if My_Stack.Size = 0 then
|
133 |
|
|
My_Stack.Size := Storage_Offset (Default_Env_Stack_Size);
|
134 |
|
|
|
135 |
|
|
-- When the environment variable GNAT_STACK_LIMIT is set, set
|
136 |
|
|
-- Environment_Stack_Size to that number of kB.
|
137 |
|
|
|
138 |
|
|
Limit_Chars := System.CRTL.getenv ("GNAT_STACK_LIMIT" & ASCII.NUL);
|
139 |
|
|
|
140 |
|
|
if Limit_Chars /= Null_Address then
|
141 |
|
|
Limit := System.CRTL.atoi (Limit_Chars);
|
142 |
|
|
|
143 |
|
|
if Limit >= 0 then
|
144 |
|
|
My_Stack.Size := Storage_Offset (Limit) * Kilobyte;
|
145 |
|
|
end if;
|
146 |
|
|
end if;
|
147 |
|
|
end if;
|
148 |
|
|
|
149 |
|
|
-- If a stack base address has been registered, honor it. Fallback to
|
150 |
|
|
-- the address of a local object otherwise.
|
151 |
|
|
|
152 |
|
|
My_Stack.Base :=
|
153 |
|
|
(if My_Stack.Limit /= System.Null_Address
|
154 |
|
|
then My_Stack.Limit else Frame_Address);
|
155 |
|
|
|
156 |
|
|
if Stack_Grows_Down then
|
157 |
|
|
|
158 |
|
|
-- Prevent wrap-around on too big stack sizes
|
159 |
|
|
|
160 |
|
|
My_Stack.Limit := My_Stack.Base - My_Stack.Size;
|
161 |
|
|
|
162 |
|
|
if My_Stack.Limit > My_Stack.Base then
|
163 |
|
|
My_Stack.Limit := Address'First;
|
164 |
|
|
end if;
|
165 |
|
|
|
166 |
|
|
else
|
167 |
|
|
My_Stack.Limit := My_Stack.Base + My_Stack.Size;
|
168 |
|
|
|
169 |
|
|
-- Prevent wrap-around on too big stack sizes
|
170 |
|
|
|
171 |
|
|
if My_Stack.Limit < My_Stack.Base then
|
172 |
|
|
My_Stack.Limit := Address'Last;
|
173 |
|
|
end if;
|
174 |
|
|
end if;
|
175 |
|
|
end if;
|
176 |
|
|
|
177 |
|
|
-- 2) Set Stack.all to the value obtained in 1)
|
178 |
|
|
|
179 |
|
|
Stack.all := My_Stack;
|
180 |
|
|
|
181 |
|
|
-- 3) Optionally Poll to check for asynchronous abort
|
182 |
|
|
|
183 |
|
|
if Soft_Links.Check_Abort_Status.all /= 0 then
|
184 |
|
|
raise Standard'Abort_Signal;
|
185 |
|
|
end if;
|
186 |
|
|
|
187 |
|
|
-- Never trust the cached value, but return local copy!
|
188 |
|
|
|
189 |
|
|
return My_Stack;
|
190 |
|
|
end Set_Stack_Info;
|
191 |
|
|
|
192 |
|
|
-----------------
|
193 |
|
|
-- Stack_Check --
|
194 |
|
|
-----------------
|
195 |
|
|
|
196 |
|
|
function Stack_Check
|
197 |
|
|
(Stack_Address : System.Address) return Stack_Access
|
198 |
|
|
is
|
199 |
|
|
type Frame_Marker is null record;
|
200 |
|
|
Marker : Frame_Marker;
|
201 |
|
|
Cached_Stack : constant Stack_Access := Cache;
|
202 |
|
|
Frame_Address : constant System.Address := Marker'Address;
|
203 |
|
|
|
204 |
|
|
begin
|
205 |
|
|
-- The parameter may have wrapped around in System.Address arithmetics.
|
206 |
|
|
-- In that case, we have no other choices than raising the exception.
|
207 |
|
|
|
208 |
|
|
if (Stack_Grows_Down and then
|
209 |
|
|
Stack_Address > Frame_Address)
|
210 |
|
|
or else
|
211 |
|
|
(not Stack_Grows_Down and then
|
212 |
|
|
Stack_Address < Frame_Address)
|
213 |
|
|
then
|
214 |
|
|
raise Storage_Error with "stack overflow detected";
|
215 |
|
|
end if;
|
216 |
|
|
|
217 |
|
|
-- This function first does a "cheap" check which is correct if it
|
218 |
|
|
-- succeeds. In case of failure, the full check is done. Ideally the
|
219 |
|
|
-- cheap check should be done in an optimized manner, or be inlined.
|
220 |
|
|
|
221 |
|
|
if (Stack_Grows_Down and then
|
222 |
|
|
(Frame_Address <= Cached_Stack.Base
|
223 |
|
|
and then
|
224 |
|
|
Stack_Address > Cached_Stack.Limit))
|
225 |
|
|
or else
|
226 |
|
|
(not Stack_Grows_Down and then
|
227 |
|
|
(Frame_Address >= Cached_Stack.Base
|
228 |
|
|
and then
|
229 |
|
|
Stack_Address < Cached_Stack.Limit))
|
230 |
|
|
then
|
231 |
|
|
-- Cached_Stack is valid as it passed the stack check
|
232 |
|
|
|
233 |
|
|
return Cached_Stack;
|
234 |
|
|
end if;
|
235 |
|
|
|
236 |
|
|
Full_Check :
|
237 |
|
|
declare
|
238 |
|
|
My_Stack : constant Stack_Access := Set_Stack_Info (Cache'Access);
|
239 |
|
|
-- At this point Stack.all might already be invalid, so
|
240 |
|
|
-- it is essential to use our local copy of Stack!
|
241 |
|
|
|
242 |
|
|
begin
|
243 |
|
|
if (Stack_Grows_Down and then
|
244 |
|
|
(not (Frame_Address <= My_Stack.Base)))
|
245 |
|
|
or else
|
246 |
|
|
(not Stack_Grows_Down and then
|
247 |
|
|
(not (Frame_Address >= My_Stack.Base)))
|
248 |
|
|
then
|
249 |
|
|
-- The returned Base is lower than the stored one, so assume that
|
250 |
|
|
-- the original one wasn't right and use the current Frame_Address
|
251 |
|
|
-- as new one. This allows Base to be initialized with the
|
252 |
|
|
-- Frame_Address as approximation. During initialization the
|
253 |
|
|
-- Frame_Address will be close to the stack base anyway: the
|
254 |
|
|
-- difference should be compensated for in the stack reserve.
|
255 |
|
|
|
256 |
|
|
My_Stack.Base := Frame_Address;
|
257 |
|
|
end if;
|
258 |
|
|
|
259 |
|
|
if (Stack_Grows_Down
|
260 |
|
|
and then Stack_Address < My_Stack.Limit)
|
261 |
|
|
or else
|
262 |
|
|
(not Stack_Grows_Down
|
263 |
|
|
and then Stack_Address > My_Stack.Limit)
|
264 |
|
|
then
|
265 |
|
|
raise Storage_Error with "stack overflow detected";
|
266 |
|
|
end if;
|
267 |
|
|
|
268 |
|
|
return My_Stack;
|
269 |
|
|
end Full_Check;
|
270 |
|
|
end Stack_Check;
|
271 |
|
|
|
272 |
|
|
------------------------
|
273 |
|
|
-- Update_Stack_Cache --
|
274 |
|
|
------------------------
|
275 |
|
|
|
276 |
|
|
procedure Update_Stack_Cache (Stack : Stack_Access) is
|
277 |
|
|
begin
|
278 |
|
|
if not Multi_Processor then
|
279 |
|
|
Cache := Stack;
|
280 |
|
|
end if;
|
281 |
|
|
end Update_Stack_Cache;
|
282 |
|
|
|
283 |
|
|
end System.Stack_Checking.Operations;
|