On 7/31/2012 9:20 AM, Scott Lurndal wrote:
[...]
yeah, and nifty stuff can be done in signal handlers, potentially
including, among other things, triggering an exception to the thrown and
the stack to be unwound. whether or not this is a good idea is a
separate issue, normal C++ exceptions may not necessarily work (a custom
mechanism may be needed), and have not yet determined how portable or
versatile this is.
You cannot throw in a signal handler. The results are undefined
behavior. And it doesn't reliably work on any platform I know.
though, granted, some of this could be determined by testing it.
Testing won't give you many answers here. Throwing in a signal
handler is undefined behavior. It may work in your tests, but
not in any real application.
Hmm... if one is so "unfamiliar" with the language that he doesn't
even know about operator overloading then really one should not read
the code and worry about how mouch code is execute when one line of
source code is read. It's not as if C++ was the only language
offering operatior overloading. Of course if the only language one
has ever been exposed to is Java, one might find C++ operator
overloading a novel concept.
Operator overloading can have two effect:
A) Improve the code base and make it more readable and more
maintainable.
B) Obfuscate the code base and make it less maintainable.
The difference between A) and B) is good programmers vs crap
programmers. C++ philosophy is to give good programmers the tools to
write better programs. Protection against B) is not built in the
language.
I'm not sure it could be built into *any* language. If the language
is expressive enough to be useful then you give the programmer the
freedom to express things badly.
No. The former involves an unknown amount of code in any language. In
C++, the latter also involves an unknown amount of code (and that code
isn't limited to the definition of operator+, as copy or conversion
operators may be invoked before operator+ is called).
Operator overloading is the least of the issues; many languages allow
functions to have non-alphanumeric names. It's the constructors,
destructors, and conversion operators which are the main pitfall.
On 7/31/2012 9:20 AM, Scott Lurndal wrote:
[...]
yeah, and nifty stuff can be done in signal handlers, potentially
including, among other things, triggering an exception to the thrown and
the stack to be unwound. whether or not this is a good idea is a
separate issue, normal C++ exceptions may not necessarily work (a custom
mechanism may be needed), and have not yet determined how portable or
versatile this is.
You cannot throw in a signal handler. The results are undefined
behavior. And it doesn't reliably work on any platform I know.
though, granted, some of this could be determined by testing it.
Testing won't give you many answers here. Throwing in a signal
handler is undefined behavior. It may work in your tests, but
not in any real application.
probably it wouldn't be "throwing" via using C++ exceptions directly
within the signal handler, but probably rather via a different mechanism.
one possible strategy would be using siglongjmp to get out of the singal
handler, and then throw at this point using a different
exception-handling mechanism.
I am willing to agree that conversion operators have drawbacks that may
trump their benefits and that using ToInt(blah), ToString(foo) is quite
easy and make code clear. However, removing destructors from the language
would definitely make the language worse. They are one of the most
important thing in C++ and RAII is an fantastic tool to make code higher
quality, faster to write, easier to maintain.
James said:yeah, and nifty stuff can be done in signal handlers, potentially
including, among other things, triggering an exception to the thrown
and the stack to be unwound. [...]
You cannot throw in a signal handler. The results are undefined
behavior. And it doesn't reliably work on any platform I know.
James Kanze wrote:You cannot throw in a signal handler. The results are undefinedyeah, and nifty stuff can be done in signal handlers, potentially
including, among other things, triggering an exception to the thrown
and the stack to be unwound. [...]
behavior. And it doesn't reliably work on any platform I know.
What does then the following GCC option do? [1]
-fnon-call-exceptions
Generate code that allows trapping instructions to throw exceptions.
Note that this requires platform-specific runtime support that does
not exist everywhere. Moreover, it only allows trapping instructions
to throw exceptions, i.e. memory references or floating-point
instructions. It does not allow exceptions to be thrown from
arbitrary signal handlers such as SIGALRM.
I know that this is not portable, and that this is not defined in the
C++ standard. (In this sense it is "undefined behavior", but this
doesn't mean that a given compiler and platform can't define it.)
This seems to indicate that GCC allows to throw an exception in a signal
handler for a SIGSEGV, at least on some platforms.
James Kanze wrote:What does then the following GCC option do? [1]On Tuesday, July 31, 2012 8:12:11 PM UTC+1, BGB wrote:
yeah, and nifty stuff can be done in signal handlers, potentially
including, among other things, triggering an exception to the thrown
and the stack to be unwound. [...]
You cannot throw in a signal handler. The results are undefined
behavior. And it doesn't reliably work on any platform I know.
-fnon-call-exceptions
Generate code that allows trapping instructions to throw exceptions.
Note that this requires platform-specific runtime support that does
not exist everywhere. Moreover, it only allows trapping instructions
to throw exceptions, i.e. memory references or floating-point
instructions. It does not allow exceptions to be thrown from
arbitrary signal handlers such as SIGALRM.
I know that this is not portable, and that this is not defined in the
C++ standard. (In this sense it is "undefined behavior", but this
doesn't mean that a given compiler and platform can't define it.)
This seems to indicate that GCC allows to throw an exception in a signal
handler for a SIGSEGV, at least on some platforms.
James said "reliably". It's likely that it would work properly when
catching a SIGFPE. However, with SIGSEGV all bets are off, since the
unwind tables used during exception delivery could have been corrupted,
or some object referenced in the try/catch block may have been corrupted.
What if the destructor in question is responsible for ending some
threads accessing the object being destroyed?
James Kanze said:James Kanze wrote:On Tuesday, July 31, 2012 8:12:11 PM UTC+1, BGB wrote:
yeah, and nifty stuff can be done in signal handlers, potentially
including, among other things, triggering an exception to the thrown
and the stack to be unwound. [...]You cannot throw in a signal handler. The results are undefined
behavior. And it doesn't reliably work on any platform I know.What does then the following GCC option do? [1]-fnon-call-exceptions
Generate code that allows trapping instructions to throw exceptions.
Note that this requires platform-specific runtime support that does
not exist everywhere. Moreover, it only allows trapping instructions
to throw exceptions, i.e. memory references or floating-point
instructions. It does not allow exceptions to be thrown from
arbitrary signal handlers such as SIGALRM.I know that this is not portable, and that this is not defined in the
C++ standard. (In this sense it is "undefined behavior", but this
doesn't mean that a given compiler and platform can't define it.)This seems to indicate that GCC allows to throw an exception in a signal
handler for a SIGSEGV, at least on some platforms.
It does. I'd be interested in seeing how they implement it.
And on what platforms it's supported.
I suspect that the limitation to SIGSEGV is somehow linked to
the fact that you can't get a SIGSEGV at the critical moment,
after a successful call but before the necessary information has
been set up in the stack frame. Which isn't true for Intel
boxes, I don't think.
And does it work for all sources of SIGSEGV? Most Unix systems
I know convert stack overflow into SIGSEGV (which may mean that
you can't catch the signal).
If you setup an alternate stack for signals (sigaltstack(2)),
you should be ok as far as catching the signal goes.
You likely cannot throw an exeception then since the alternate
stack starts with the signal handler activation record. Siglongjmp
would work, but after the longjmp, you'd still have the problem
where you don't know _what_ corruption resulted in the SIGSEGV.
A perfect language would generate an exception with a stacktrace upon an
Access Violation, which is much more preferable to a Core Dump. For
generate such a dump when the exception is not caught (AFAIK, Win32 does
not offer a setting that generates dumps upon Access Violations).
Thanks in advance,
Stuart
That's a problem regarding the platform, *not* C++. The last
thing you want in such cases is for the stack to be unwound.
You want a dump of the state exactly where the error occurred.
A core dump, under Unix. (From what I understand, it's possible
to configure Windows to behave correctly as well.)
How is unwinding the stack preferrable to a core dump. The
stack trace tells where you were, but doesn't offer any
possiblity to see the surrounding state at each level.
Unwinding the stack looses important information.
The opposite is the case. Windows does generate dumps by default - always.
If no debugger is running the default debugger will be started.
- Either Dr. Watson or in newer versions of Windows Windows Error Reporting
is started.
- On Blue Screens (core dumps) a mini dump file will be written
These applications can send dump files to a central server (application
must be registered
by the developer for that), where they can be downloaded.
Optionally they can generated by calling a single Win API function or
copied from the Windows
temporary directory, which is generated by Dr. Watson / WER (Windows
Error Reporting).
Actually, I'm relying heavily on the stack unwind, since this
constitutes a kind of emergency stop procedure for me. The only
alternative would be to create a separate stack with emergency stop
actions that should be executed when an Access Violation occurs, but
that would be equally cumbersome. ....
So let me rephrase it: Ideally, I would like the language to dump when
an Access Violation occurs (gives me all the information to debug the
programming error later on), and then to unwind the stack (brings the
measurement machine back into a defined state).
Unfortunately, the C++
standard just says that upon Access Violations I will enter the land of UB.
I wonder how all those life-critical components for example in the
medical or aviation business are written. Probably with some compiler
that won't bust upon Access Violations.
I mean, what good is a core dump
when your plane is already cruising at an altitude of 10.000 feet?
So actually the destructor is one piece of code
where one actually does not need to worry about thread-safety at all.
There's possibly one non-C++ mechanism at play here.
If you're into controlling hardware (or other I/O not heavily
encapsulated by the OS) you often have OS mechanisms as a last resort.
E.g. if you control a flatbed scanner you want the light to go off and
the camera arm to move back to its parked position. A well-designed
device driver for that will see its file descriptor (in Unix) close as
the application crashes, and reset itself. Placing responsibility for
the reset on the application would be a very bad idea. Even if you
changed C++ so you could reliably do that before crashing, the device
could still not be safely used from C, Python, Perl, ...
Such software must always rely on assumptions not found in the C++
standard, e.g. what the OS promises. I think the situation would be
the same if you chose any other mainstream language.
Ever watch Discovery Channel? Lots of people are very interested in
finding out why a plane crashed. I'm sure there are very detailed
requirements for this.
but never even mentions that it generated a core dump file.
Thanks,
Stuart
BGB said:James Kanze said:On Tuesday, July 31, 2012 8:12:11 PM UTC+1, BGB wrote:
yeah, and nifty stuff can be done in signal handlers, potentially
including, among other things, triggering an exception to the thrown
and the stack to be unwound. [...]
You cannot throw in a signal handler. The results are undefined
behavior. And it doesn't reliably work on any platform I know.
What does then the following GCC option do? [1]
-fnon-call-exceptions
Generate code that allows trapping instructions to throw exceptions.
Note that this requires platform-specific runtime support that does
not exist everywhere. Moreover, it only allows trapping instructions
to throw exceptions, i.e. memory references or floating-point
instructions. It does not allow exceptions to be thrown from
arbitrary signal handlers such as SIGALRM.
I know that this is not portable, and that this is not defined in the
C++ standard. (In this sense it is "undefined behavior", but this
doesn't mean that a given compiler and platform can't define it.)
This seems to indicate that GCC allows to throw an exception in a signal
handler for a SIGSEGV, at least on some platforms.
It does. I'd be interested in seeing how they implement it.
And on what platforms it's supported.
I suspect that the limitation to SIGSEGV is somehow linked to
the fact that you can't get a SIGSEGV at the critical moment,
after a successful call but before the necessary information has
been set up in the stack frame. Which isn't true for Intel
boxes, I don't think.
And does it work for all sources of SIGSEGV? Most Unix systems
I know convert stack overflow into SIGSEGV (which may mean that
you can't catch the signal).
If you setup an alternate stack for signals (sigaltstack(2)),
you should be ok as far as catching the signal goes.
You likely cannot throw an exeception then since the alternate
stack starts with the signal handler activation record. Siglongjmp
would work, but after the longjmp, you'd still have the problem
where you don't know _what_ corruption resulted in the SIGSEGV.
in many/most cases, probably.
there are some cases though where one may know what caused it.
consider for example a person implementing a garbage collector which
scans the stack. upon trying to read from a guard-page, then a signal
may be generated, and can be fairly safely handled (the signal then
essentially serving as an indication that the end of the stack being
scanned has been reached). (whether or not this is a good way to
implement stack-scanning in a GC is a secondary issue).
likewise, in such a scenario, recovering from a signal may be
relatively safe (rather then in the general case, where a SIGSEGV or
similar can be taken as an indication that something went wrong).
BGB said:On Tuesday, July 31, 2012 8:12:11 PM UTC+1, BGB wrote:
yeah, and nifty stuff can be done in signal handlers, potentially
including, among other things, triggering an exception to the thrown
and the stack to be unwound. [...]
You cannot throw in a signal handler. The results are undefined
behavior. And it doesn't reliably work on any platform I know.
What does then the following GCC option do? [1]
-fnon-call-exceptions
Generate code that allows trapping instructions to throw exceptions.
Note that this requires platform-specific runtime support that does
not exist everywhere. Moreover, it only allows trapping instructions
to throw exceptions, i.e. memory references or floating-point
instructions. It does not allow exceptions to be thrown from
arbitrary signal handlers such as SIGALRM.
I know that this is not portable, and that this is not defined in the
C++ standard. (In this sense it is "undefined behavior", but this
doesn't mean that a given compiler and platform can't define it.)
This seems to indicate that GCC allows to throw an exception in a signal
handler for a SIGSEGV, at least on some platforms.
It does. I'd be interested in seeing how they implement it.
And on what platforms it's supported.
I suspect that the limitation to SIGSEGV is somehow linked to
the fact that you can't get a SIGSEGV at the critical moment,
after a successful call but before the necessary information has
been set up in the stack frame. Which isn't true for Intel
boxes, I don't think.
And does it work for all sources of SIGSEGV? Most Unix systems
I know convert stack overflow into SIGSEGV (which may mean that
you can't catch the signal).
If you setup an alternate stack for signals (sigaltstack(2)),
you should be ok as far as catching the signal goes.
You likely cannot throw an exeception then since the alternate
stack starts with the signal handler activation record. Siglongjmp
would work, but after the longjmp, you'd still have the problem
where you don't know _what_ corruption resulted in the SIGSEGV.
in many/most cases, probably.
there are some cases though where one may know what caused it.
consider for example a person implementing a garbage collector which
scans the stack. upon trying to read from a guard-page, then a signal
may be generated, and can be fairly safely handled (the signal then
essentially serving as an indication that the end of the stack being
scanned has been reached). (whether or not this is a good way to
implement stack-scanning in a GC is a secondary issue).
likewise, in such a scenario, recovering from a signal may be
relatively safe (rather then in the general case, where a SIGSEGV or
similar can be taken as an indication that something went wrong).
FWIW, it was such "controlled" segfaults of which I was thinking, not
the rogue type where you really don't know what and why.
I don't think it would work for SIGSEGVs because of stack overflow.
Either your stack is bad, or you're using a separate stack for signal
handlers, in which case it seems that the mechanism won't work.
I haven't yet found an answer to the platform support. (GCC
documentation only says "Note that this requires platform-specific
runtime support that does not exist everywhere.") If anybody happens to
have a pointer for documentation about the platform support of this
feature, I'd be grateful.
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.