Sometimes when your program detects an unusual situation inside a deeply
nested set of function calls, you would like to be able to immediately
return to an outer level of control. This section describes how you can
do such non-local exits using the setjmp and longjmp
functions.
As an example of a situation where a non-local exit can be useful,
suppose you have an interactive program that has a "main loop" that
prompts for and executes commands. Suppose the "read" command reads
input from a file, doing some lexical analysis and parsing of the input
while processing it. If a low-level input error is detected, it would
be useful to be able to return immediately to the "main loop" instead
of having to make each of the lexical analysis, parsing, and processing
phases all have to explicitly deal with error situations initially
detected by nested calls.
(On the other hand, if each of these phases has to do a substantial
amount of cleanup when it exits--such as closing files, deallocating
buffers or other data structures, and the like--then it can be more
appropriate to do a normal return and have each phase do its own
cleanup, because a non-local exit would bypass the intervening phases and
their associated cleanup code entirely. Alternatively, you could use a
non-local exit but do the cleanup explicitly either before or after
returning to the "main loop".)
In some ways, a non-local exit is similar to using the `return'
statement to return from a function. But while `return' abandons
only a single function call, transferring control back to the point at
which it was called, a non-local exit can potentially abandon many
levels of nested function calls.
You identify return points for non-local exits by calling the function
setjmp. This function saves information about the execution
environment in which the call to setjmp appears in an object of
type jmp_buf. Execution of the program continues normally after
the call to setjmp, but if an exit is later made to this return
point by calling longjmp with the corresponding jmp_buf
object, control is transferred back to the point where setjmp was
called. The return value from setjmp is used to distinguish
between an ordinary return and a return made by a call to
longjmp, so calls to setjmp usually appear in an `if'
statement.
Here is how the example program described above might be set up:
#include <setjmp.h>
#include <stdlib.h>
#include <stdio.h>
jmp_buf main_loop;
void
abort_to_main_loop (int status)
{
longjmp (main_loop, status);
}
int
main (void)
{
while (1)
if (setjmp (main_loop))
puts ("Back at main loop....");
else
do_command ();
}
void
do_command (void)
{
char buffer[128];
if (fgets (buffer, 128, stdin) == NULL)
abort_to_main_loop (-1);
else
exit (EXIT_SUCCESS);
}
The function abort_to_main_loop causes an immediate transfer of
control back to the main loop of the program, no matter where it is
called from.
The flow of control inside the main function may appear a little
mysterious at first, but it is actually a common idiom with
setjmp. A normal call to setjmp returns zero, so the
"else" clause of the conditional is executed. If
abort_to_main_loop is called somewhere within the execution of
do_command, then it actually appears as if the same call
to setjmp in main were returning a second time with a value
of -1.
So, the general pattern for using setjmp looks something like:
if (setjmp (buffer))
/* Code to clean up after premature return. */
...
else
/* Code to be executed normally after setting up the return point. */
...
Here are the details on the functions and data structures used for
performing non-local exits. These facilities are declared in
`setjmp.h'.
Data Type:jmp_buf
Objects of type jmp_buf hold the state information to
be restored by a non-local exit. The contents of a jmp_buf
identify a specific place to return to.
Macro: int setjmp(jmp_buf state)
When called normally, setjmp stores information about the
execution state of the program in state and returns zero. If
longjmp is later used to perform a non-local exit to this
state, setjmp returns a nonzero value.
Function: void longjmp(jmp_buf state, int value)
This function restores current execution to the state saved in
state, and continues execution from the call to setjmp that
established that return point. Returning from setjmp by means of
longjmp returns the value argument that was passed to
longjmp, rather than 0. (But if value is given as
0, setjmp returns 1).
There are a lot of obscure but important restrictions on the use of
setjmp and longjmp. Most of these restrictions are
present because non-local exits require a fair amount of magic on the
part of the C compiler and can interact with other parts of the language
in strange ways.
The setjmp function is actually a macro without an actual
function definition, so you shouldn't try to `#undef' it or take
its address. In addition, calls to setjmp are safe in only the
following contexts:
As the test expression of a selection or iteration
statement (such as `if', `switch', or `while').
As one operand of a equality or comparison operator that appears as the
test expression of a selection or iteration statement. The other
operand must be an integer constant expression.
As the operand of a unary `!' operator, that appears as the
test expression of a selection or iteration statement.
By itself as an expression statement.
Return points are valid only during the dynamic extent of the function
that called setjmp to establish them. If you longjmp to
a return point that was established in a function that has already
returned, unpredictable and disastrous things are likely to happen.
You should use a nonzero value argument to longjmp. While
longjmp refuses to pass back a zero argument as the return value
from setjmp, this is intended as a safety net against accidental
misuse and is not really good programming style.
When you perform a non-local exit, accessible objects generally retain
whatever values they had at the time longjmp was called. The
exception is that the values of automatic variables local to the
function containing the setjmp call that have been changed since
the call to setjmp are indeterminate, unless you have declared
them volatile.
In BSD Unix systems, setjmp and longjmp also save and
restore the set of blocked signals; see 24.7 Blocking Signals. However,
the POSIX.1 standard requires setjmp and longjmp not to
change the set of blocked signals, and provides an additional pair of
functions (sigsetjmp and siglongjmp) to get the BSD
behavior.
The behavior of setjmp and longjmp in the GNU library is
controlled by feature test macros; see 1.3.4 Feature Test Macros. The
default in the GNU system is the POSIX.1 behavior rather than the BSD
behavior.
The facilities in this section are declared in the header file
`setjmp.h'.
Data Type:sigjmp_buf
This is similar to jmp_buf, except that it can also store state
information about the set of blocked signals.
Function: int sigsetjmp(sigjmp_buf state, int savesigs)
This is similar to setjmp. If savesigs is nonzero, the set
of blocked signals is saved in state and will be restored if a
siglongjmp is later performed with this state.
Function: void siglongjmp(sigjmp_buf state, int value)
This is similar to longjmp except for the type of its state
argument. If the sigsetjmp call that set this state used a
nonzero savesigs flag, siglongjmp also restores the set of
blocked signals.
The Unix standard one more set of function to control the execution path
and these functions are more powerful than those discussed in this
chapter so far. These function were part of the original System V
API and by this route were added to the Unix API. Beside on branded
Unix implementations these interfaces are not widely available. Not all
platforms and/or architectures the GNU C Library is available on provide
this interface. Use `configure' to detect the availability.
Similar to the jmp_buf and sigjmp_buf types used for the
variables to contain the state of the longjmp functions the
interfaces of interest here have an appropriate type as well. Objects
of this type are normally much larger since more information is
contained. The type is also used in a few more places as we will see.
The types and functions described in this section are all defined and
declared respectively in the `ucontext.h' header file.
Data Type:ucontext_t
The ucontext_t type is defined as a structure with as least the
following elements:
ucontext_t *uc_link
This is a pointer to the next context structure which is used if the
context described in the current structure returns.
sigset_t uc_sigmask
Set of signals which are blocked when this context is used.
stack_t uc_stack
Stack used for this context. The value need not be (and normally is
not) the stack pointer. See section 24.9 Using a Separate Signal Stack.
mcontext_t uc_mcontext
This element contains the actual state of the process. The
mcontext_t type is also defined in this header but the definition
should be treated as opaque. Any use of knowledge of the type makes
applications less portable.
Objects of this type have to be created by the user. The initialization
and modification happens through one of the following functions:
Function: int getcontext(ucontext_t *ucp)
The getcontext function initializes the variable pointed to by
ucp with the context of the calling thread. The context contains
the content of the registers, the signal mask, and the current stack.
Executing the contents would start at the point where the
getcontext call just returned.
The function returns 0 if successful. Otherwise it returns
-1 and sets errno accordingly.
The getcontext function is similar to setjmp but it does
not provide an indication of whether the function returns for the first
time or whether the initialized context was used and the execution is
resumed at just that point. If this is necessary the user has to take
determine this herself. This must be done carefully since the context
contains registers which might contain register variables. This is a
good situation to define variables with volatile.
Once the context variable is initialized it can be used as is or it can
be modified. The latter is normally done to implement co-routines or
similar constructs. The makecontext function is what has to be
used to do that.
Function: void makecontext(ucontext_t *ucp, void (*func) (void), int argc, ...)
The ucp parameter passed to the makecontext shall be
initialized by a call to getcontext. The context will be
modified to in a way so that if the context is resumed it will start by
calling the function func which gets argc integer arguments
passed. The integer arguments which are to be passed should follow the
argc parameter in the call to makecontext.
Before the call to this function the uc_stack and uc_link
element of the ucp structure should be initialized. The
uc_stack element describes the stack which is used for this
context. No two contexts which are used at the same time should use the
same memory region for a stack.
The uc_link element of the object pointed to by ucp should
be a pointer to the context to be executed when the function func
returns or it should be a null pointer. See setcontext for more
information about the exact use.
While allocating the memory for the stack one has to be careful. Most
modern processors keep track of whether a certain memory region is
allowed to contain code which is executed or not. Data segments and
heap memory is normally not tagged to allow this. The result is that
programs would fail. Examples for such code include the calling
sequences the GNU C compiler generates for calls to nested functions.
Safe ways to allocate stacks correctly include using memory on the
original threads stack or explicitly allocate memory tagged for
execution using (see section 13.7 Memory-mapped I/O).
Compatibility note: The current Unix standard is very imprecise
about the way the stack is allocated. All implementations seem to agree
that the uc_stack element must be used but the values stored in
the elements of the stack_t value are unclear. The GNU C library
and most other Unix implementations require the ss_sp value of
the uc_stack element to point to the base of the memory region
allocated for the stack and the size of the memory region is stored in
ss_size. There are implements out there which require
ss_sp to be set to the value the stack pointer will have (which
can depending on the direction the stack grows be different). This
difference makes the makecontext function hard to use and it
requires detection of the platform at compile time.
Function: int setcontext(const ucontext_t *ucp)
The setcontext function restores the context described by
ucp. The context is not modified and can be reused as often as
wanted.
If the context was created by getcontext execution resumes with
the registers filled with the same values and the same stack as if the
getcontext call just returned.
If the context was modified with a call to makecontext execution
continues with the function passed to makecontext which gets the
specified parameters passed. If this function returns execution is
resumed in the context which was referenced by the uc_link
element of the context structure passed to makecontext at the
time of the call. If uc_link was a null pointer the application
terminates in this case.
Since the context contains information about the stack no two threads
should use the same context at the same time. The result in most cases
would be disastrous.
The setcontext function does not return unless an error occurred
in which case it returns -1.
The setcontext function simply replaces the current context with
the one described by the ucp parameter. This is often useful but
there are situations where the current context has to be preserved.
Function: int swapcontext(ucontext_t *restrict oucp, const ucontext_t *restrict ucp)
The swapcontext function is similar to setcontext but
instead of just replacing the current context the latter is first saved
in the object pointed to by oucp as if this was a call to
getcontext. The saved context would resume after the call to
swapcontext.
Once the current context is saved the context described in ucp is
installed and execution continues as described in this context.
If swapcontext succeeds the function does not return unless the
context oucp is used without prior modification by
makecontext. The return value in this case is 0. If the
function fails it returns -1 and set errno accordingly.
Example for SVID Context Handling
The easiest way to use the context handling functions is as a
replacement for setjmp and longjmp. The context contains
on most platforms more information which might lead to less surprises
but this also means using these functions is more expensive (beside
being less portable).
int
random_search (int n, int (*fp) (int, ucontext_t *))
{
volatile int cnt = 0;
ucontext_t uc;
/* Safe current context. */
if (getcontext (&uc) < 0)
return -1;
/* If we have not tried n times try again. */
if (cnt++ < n)
/* Call the function with a new random number
and the context. */
if (fp (rand (), &uc) != 0)
/* We found what we were looking for. */
return 1;
/* Not found. */
return 0;
}
Using contexts in such a way enables emulating exception handling. The
search functions passed in the fp parameter could be very large,
nested, and complex which would make it complicated (or at least would
require a lot of code) to leave the function with an error value which
has to be passed down to the caller. By using the context it is
possible to leave the search function in one step and allow restarting
the search which also has the nice side effect that it can be
significantly faster.
Something which is harder to implement with setjmp and
longjmp is to switch temporarily to a different execution path
and then resume where execution was stopped.
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <ucontext.h>
#include <sys/time.h>
/* Set by the signal handler. */
static volatile int expired;
/* The contexts. */
static ucontext_t uc[3];
/* We do only a certain number of switches. */
static int switches;
/* This is the function doing the work. It is just a
skeleton, real code has to be filled in. */
static void
f (int n)
{
int m = 0;
while (1)
{
/* This is where the work would be done. */
if (++m % 100 == 0)
{
putchar ('.');
fflush (stdout);
}
/* Regularly the expire variable must be checked. */
if (expired)
{
/* We do not want the program to run forever. */
if (++switches == 20)
return;
printf ("\nswitching from %d to %d\n", n, 3 - n);
expired = 0;
/* Switch to the other context, saving the current one. */
swapcontext (&uc[n], &uc[3 - n]);
}
}
}
/* This is the signal handler which simply set the variable. */
void
handler (int signal)
{
expired = 1;
}
int
main (void)
{
struct sigaction sa;
struct itimerval it;
char st1[8192];
char st2[8192];
/* Initialize the data structures for the interval timer. */
sa.sa_flags = SA_RESTART;
sigfillset (&sa.sa_mask);
sa.sa_handler = handler;
it.it_interval.tv_sec = 0;
it.it_interval.tv_usec = 1;
it.it_value = it.it_interval;
/* Install the timer and get the context we can manipulate. */
if (sigaction (SIGPROF, &sa, NULL) < 0
|| setitimer (ITIMER_PROF, &it, NULL) < 0
|| getcontext (&uc[1]) == -1
|| getcontext (&uc[2]) == -1)
abort ();
/* Create a context with a separate stack which causes the
function f to be call with the parameter 1.
Note that the uc_link points to the main context
which will cause the program to terminate once the function
return. */
uc[1].uc_link = &uc[0];
uc[1].uc_stack.ss_sp = st1;
uc[1].uc_stack.ss_size = sizeof st1;
makecontext (&uc[1], (void (*) (void)) f, 1, 1);
/* Similarly, but 2 is passed as the parameter to f. */
uc[2].uc_link = &uc[0];
uc[2].uc_stack.ss_sp = st2;
uc[2].uc_stack.ss_size = sizeof st2;
makecontext (&uc[2], (void (*) (void)) f, 1, 2);
/* Start running. */
swapcontext (&uc[0], &uc[1]);
putchar ('\n');
return 0;
}
This an example how the context functions can be used to implement
co-routines or cooperative multi-threading. All that has to be done is
to call every once in a while swapcontext to continue running a
different context. It is not allowed to do the context switching from
the signal handler directly since neither setcontext nor
swapcontext are functions which can be called from a signal
handler. But setting a variable in the signal handler and checking it
in the body of the functions which are executed. Since
swapcontext is saving the current context it is possible to have
multiple different scheduling points in the code. Execution will always
resume where it was left.