Fix warnings with gcc 12 about narrowing conversions of NTSTATUS
constants when used as case labels, e.g:
> ../../../../src/winsup/cygwin/exceptions.cc: In static member function ‘static int exception::handle(EXCEPTION_RECORD*, void*, CONTEXT*, PDISPATCHER_CONTEXT)’:
> ../../../../src/winsup/cygwin/exceptions.cc:670:10: error: narrowing conversion of ‘-1073741682’ from ‘NTSTATUS’ {aka ‘int’} to ‘unsigned int’ [-Wnarrowing]
See also: c5bdf60ac46401a51a7e974333d9622966e22d67
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
This disables a warning seen with gcc 12 caused by intrinsics used by
the inline implementation of NtCurrentTeb() inside w32api headers.
> In function ‘long long unsigned int __readgsqword(unsigned int)’,
> inlined from ‘_TEB* NtCurrentTeb()’ at /usr/include/w32api/winnt.h:10020:86,
> [...]
> /usr/include/w32api/psdk_inc/intrin-impl.h:838:1: error: array subscript 0 is outside array bounds of ‘long long unsigned int [0]’ [-Werror=array-bounds]
See also: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105523#c6
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
Previously, if two or more processes request to allocate a console at
the same time, the same device number could be accidentally allocated.
This patch fixes the issue by creating a named mutex (input_mutex) and
checking if GetLastError() is ERROR_ALREADY_EXIST or not to ensure
the unit number will be allocated in an atomic way. Thanks to this,
EnumWindow() is not necessary anymore to scan console units.
This also makes minor device numbers unique and console devices visible
across sessions. This disallows duplicated device number for different
sessions, so the MAX_CONS_DEV has been increased from 64 to 128.
Additionally, the console allocation and scanning will be faster as
a side effect of eliminating EnumWindows().
Fixes: 3721a756b0d8 ("Cygwin: console: Make the console accessible from other terminals.")
Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>
Previously, the following steps failed with error:
1) Open /dev/dsp with O_RDONLY
2) Open /dev/dsp with O_WRONLY
3) Issue SNDCTL_DSP_GETOSPACE ioctl() for 2)
This is because IS_WRITE() returns false for 2) due to incorrect
openflags handling in archetype instance. This patch fixes the
issue by adding open_setup() to fhandler_dev_dsp to set openflags
correctly for each instance.
Fixes: 92ddb7429065 ("* fhandler_dsp.cc (fhandler_dev_dsp::open): Remove archetype handling.")
Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>
To avoid race issues, pthread::once() uses pthread_mutex. This caused
the handle leak which was fixed by the commit 2c5433e5da82. However,
this fix introduced another race issue, i.e., the mutex may be used
after it is destroyed. This patch fixes the issue. Special thanks to
Bruno Haible for discussing how to fix this.
Addresses: https://cygwin.com/pipermail/cygwin/2024-May/255987.html
Reported-by: Bruno Haible <bruno@clisp.org>
Fixes: 2c5433e5da82 ("Cygwin: pthread: Fix handle leak in pthread_once.")
Reviewed-by: Ken Brown <kbrown@cornell.edu>
Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>
Commit 80f722e97cf7 ("Cygwin: opendir(3): move ENOTDIR check into main
function") introduced a bug in fhandler_virtual handling. While the
assertion that path_conv::check() already calls exists() and sets
FILE_ATTRIBUTE_DIRECTORY accordingly, the exists() function is called
on a fhandler_virtual object created for just this code snippet. The
side effect of this is that the fileid member in the calling
fhandler_virtual object is not set after path_conv::check().
Move the fhandler_virtual::fileid member to path_conv::_virt_fileid
and create matching path_conv::virt_fileid() and fhandler_virtual::fileid()
methods.
Let path_conv::check() propagate the fileid set in the local
fhandler_virtual::exists() call to its own _virt_fileid.
Use new fhandler_virtual::fileid() method throughout.
Fixes: 80f722e97cf7 ("Cygwin: opendir(3): move ENOTDIR check into main function")
Reported-by: Bruce Jerrick <bmj001@gmail.com>
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
SMBv1 is ultimately deprecated since Novemer 2023. It's also
not installed by default on latest Windows versions.
Drop using the WNet (SMBv1) API in favor of using Network Discovery.
Given there's no documented Win32 API for that, the code now uses
the Shell API.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
If pipe reader is a non-cygwin app first, and cygwin process reads
the same pipe after that, the pipe has been set to bclocking mode
for the cygwin app. However, the commit 9e4d308cd592 assumes the
pipe for cygwin process always is non-blocking mode. With this patch,
the pipe mode is reset to non-blocking when cygwin app is started.
Addresses: https://cygwin.com/pipermail/cygwin/2024-March/255644.html
Fixes: 9e4d308cd592 ("Cygwin: pipe: Adopt FILE_SYNCHRONOUS_IO_NONALERT flag for read pipe.")
Reported-by: wh <wh9692@protonmail.com>
Reviewed-by: Corinna Vinschen <corinna@vinschen.de>
Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>
Since commit 15e82eef3a40b ("Cygwin: getgrent: fix local SAM enumeration
on domain member machines") we skip enumerating local BUILTIN accounts
if we also enumerate AD. However, there are two local accounts which
are only available in local SAM, not in AD. Don't skip enumerating
those.
Fixes: 15e82eef3a40b ("Cygwin: getgrent: fix local SAM enumeration on domain member machines")
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Chances are high that Cygwin recalls offline files from remote
storage, even if the file is only accessed during stat(2) or
readdir(3).
To avoid this
- make sure Cygwin is placeholder-aware,
- open files in path_conv handling, as well as in stat(2)/readdir(3)
scenarios with FILE_OPEN_NO_RECALL, and
- during symlink checking or testing for executablility, don't even
try to open the file if one of the OFFLINE attributes is set.
Reported-by: Marcin Wisnicki <mwisnicki@gmail.com>
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This patch eliminates verbose NtQueryObject() calls in the procedure
to get query_hdl by storing pipe name into fhandler_base::pc when
the pipe is created. fhandler_pipe::temporary_query_hdl() uses the
storedpipe name rather than the name retrieved by NtQueryObject().
Suggested-by: Corinna Vinschen <corinna@vinschen.de>
Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>
Start at index 0 and use 32 bytes as minimal allocation size.
Reduce NBUCKETS, we don't have such big objects on the
cygheap anyway.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Use constexpr instead of const for errmap[] to allow static_assert
checks on its values.
Signed-off-by: Christian Franke <christian.franke@t-online.de>
If a removable (USB) device is disconnected after opening its raw
device, R/W attempts fail with ERROR_NO_SUCH_DEVICE(433). If the
raw device of a partition is used, ERROR_MEDIA_CHANGED(1110) is
returned instead. Both are mapped to ENODEV(19) because <errno.h>
does not offer a value which better matches ERROR_MEDIA_CHANGED.
Signed-off-by: Christian Franke <christian.franke@t-online.de>
Previously, three similar callback fuctions were used in console
code. This patch unifies these functions to ease maintenance cost.
Fixes: 8aad3a7edeb2 ("Cygwin: console: Fix a problem that minor ID is incorrect in ConEmu.")
Suggested-by: Johannes Schindelin <Johannes.Schindelin@gmx.de>
Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>
- Basically maintain a hidden DIR* inside fhandlers.
- lseek has to be tweaked to allow basic seeking on the directory
descriptor.
- the current implementation does not keep the dir positions
between duplicated descriptor in sync. In fact, every descriptor
keeps its own copy of the DIR* and after dup/fork/exec, the
directory position is reset to 0, i. e., to the start of the
directory, as if rewinddir() has been called on the new descriptors.
While this behaviour isn't yet covered by the Issue 8 draft,
a bug report along these lines exists and will probably be
picked up for TC1.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The content of DIR should never have been exposed into userspace.
Move struct __DIR to local dirent.h and only keep forward declaration
in exported dirent.h.
This allows to tweak the structure in future, for instance, to
add thread-safety.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- drop appending .exe.lnk to files
- drop exe_suffixes, it's the same as stat_suffixes for a long time
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Provide the same debugging opportunities for api_fatal() as we do for a
core-dumping signal:
1) Break into any attached debugger
2) Start JIT debugger (if configured) (keeping these under DEBUGGING doesn't seem helpful)
3) Write a coredump (if rlim_core > 1MB)
4) Write a stackdump (if that failed, or 0 < rlim_core <= 1MB)
Pre-format a command to be executed on a fatal error to run 'dumper'
(using an absolute path).
Factor out executing a pre-formatted command, so we can use that for
invoking the JIT debugger in try_to_debug() (if error_start is present
in the CYGWIN env var) and to invoke dumper when a fatal error occurs.
On a fatal error, if the core file size limit is greater than 1MB,
invoke dumper to write a core dump. Otherwise, if that limit is greater
than 0, write a .stackdump file, as previously.
Adjust and clarify the associated documentation.
Also: Fix so that the error_start JIT debugger is now invoked, even when
ulimit -c is zero.
Also: Fix uses of console_printf() inside exec_prepared_command(). It's
output is written via the Windows console device, so needs to use
Windows-style line endings.
Also: consistently return non-zero from try_to_debug() if we debugged.
Future work: Truncate or remove the file written, if it exceeds the
maximum size set by the ulimit.
Future work: Using the words "fatal error" could probably be improved
on. This means exiting on one of the "certain signals whose default
action is to cause the process to terminate and produce a core dump
file".
Given that SSDs don't have a seek penalty, we can enable
automatic sparsifying of files on SSDs, even if the "sparse"
mount option is not set.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
In preparation of using the FileFsSectorSizeInformation info class,
add a couple of missing definitions.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Split fhandler_disk_file::fallocate into multiple methods, each
implementing a different aspect of fallocate(2), thus adding
FALLOC_FL_PUNCH_HOLE and FALLOC_FL_ZERO_RANGE handling.
For more correctly implementing posix_fallocate(3) semantics, make
sure to re-allocate holes in the given range if the file is sparse.
While at it, change the way checking when to make a file sparse.
The rule is now, make file sparse if the hole created by the action
spans at least one sparse block, taking the allocation granularity
of sparse files into account.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
also, take mode flags parameter instead of just a bool.
Introduce __FALLOC_FL_TRUNCATE mode flag as internal flag to
indictae being called from ftruncate(2).
This is in preparation of an upcoming change introducing the
Linx-specific fallocate(2) call.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The new directories '/dev/disk/by-label' and '/dev/disk/by-uuid'
provide symlinks for each disk related volume label and serial
number:
'VOLUME_LABEL' -> '../../sdXN'
'VOLUME_SERIAL' -> '../../sdXN'
Signed-off-by: Christian Franke <christian.franke@t-online.de>
The new directory '/dev/disk/by-drive' provides symlinks for each
disk related drive letter:
'x' -> '../../sdXN'
The new directory '/dev/disk/by-voluuid' provides symlinks for each
disk related storage volume:
'MBR_SERIAL-OFFSET' -> '../../sdXN'
'VOLUME_GUID' -> '../../sdXN'
Both directories provide Windows specific information and do not
exist on Linux.
Signed-off-by: Christian Franke <christian.franke@t-online.de>
The new directory '/dev/disk/by-partuuid' provides symlinks for each
MBR or GPT disk partition:
'MBR_SERIAL-OFFSET' -> '../../sdXN'
'GPT_GUID' -> '../../sdXN'
Signed-off-by: Christian Franke <christian.franke@t-online.de>
The new directory '/dev/disk/by-id' provides symlinks for each
disk and its partitions:
'BUSTYPE-[VENDOR_]PRODUCT_SERIAL[-partN]' -> '../../sdX[N]'.
This is based on strings provided by STORAGE_DEVICE_DESCRIPTOR.
If this information is too short, a 128-bit hash of the
STORAGE_DEVICE_UNIQUE_IDENTIFIER raw data is added.
Administrator privileges are not required.
Signed-off-by: Christian Franke <christian.franke@t-online.de>
MSFT NFSv3 fakes DOS attributes based on file type and permissions.
Rather than just faking FILE_ATTRIBUTE_DIRECTORY for dirs, fetch the
"real" DOS attributes returned by NFS.
This allows to handle the "R/O" attribute on shortcut files and thus
reading and creating device shortcut files on NFS.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
With this patch, the response time of select()/poll() has been
improved by utilizing semaphore (select_sem) just like pipe and
fifo. In addition, notification of exceptional conditions has
been added.
Fixes: 2c06014f12b0 ("Cygwin: dsp: Implement select()/poll().")
Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>
Previously, sound device /dev/dsp did not support select()/poll().
These have been implemented with this patch.
Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>
This patch adds implementation of OSS-based sound mixer device. This
allows applications to change the sound playing volume.
NOTE: Currently, the recording volume cannot be changed.
Reviewed-by: Corinna Vinschen <corinna@vinschen.de>
Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>
Before commit 44f73c5a6206 ("Cygwin: Fix segfalt when too many command
line args are specified.") we had no actual argument size limit, except
for the fact that the child process created another copy of the argv
array on the stack, which could result in a stack overflow and a
subsequent SEGV. Commit 44f73c5a6206 changed that by allocating the
additional argv array via malloc, and it introduced a new SC_ARG_MAX
limit along the lines of the typical Linux limit.
However, this new limit is artificial. Cygwin allocates all argument
and environment data on the cygheap. We only run out of ARG_MAX space
if we're out of memory resources.
Change argument size handling accordingly:
- Drop the args size check from child_info_spawn::worker.
- Return -1 from sysconf (SC_ARG_MAX), i. e., the argument size limit
is undefined.
- Change argv handling in class av, so that a failing cmalloc is not
fatal. This allows the parent process to return E2BIG if it's out
of cygheap resources.
- In the child, add a check around the new malloc call, so that it
doesn't result in a SEGV if the child process gets unexpectedly into
an ENOMEM situation at this point. In this (unlikely) case, proceed
with the original __argv array instead. Add comment to explain why.
Fixes: 44f73c5a6206 ("Cygwin: Fix segfalt when too many command line args are specified.")
Tested-by: Takashi Yano <takashi.yano@nifty.ne.jp>
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Previously, the number of command line args was not checked for
cygwin process. Due to this, segmentation fault was caused if too
many command line args are specified.
https://cygwin.com/pipermail/cygwin/2023-August/254333.html
Since char *argv[argc + 1] is placed on the stack in dll_crt0_1(),
STATUS_STACK_OVERFLOW occurs if the stack does not have enough
space.
With this patch, char *argv[] is placed in heap instead of stack
and ARG_MAX is increased from 32000 to 2097152 which is default
value of Linux. The argument length is also compared with ARG_MAX
and spawnve() returns E2BIG if it is too long.
Reported-by: Ed Morton
Reviewed-by: Corinna Vinschen <corinna@vinschen.de>
Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>
After the commit fbfea31dd9b9, switch_to_nat_pipe is not cleared
properly when non-cygwin app is terminated in the case where the
pseudo console is disabled. This is because get_winpid_to_hand_over()
sometimes returns PID of cygwin process even though it should return
only PID of non-cygwin process. This patch fixes the issue by adding
a new argument which requests only PID of non-cygwin process to
get_console_process_id().
Fixes: fbfea31dd9b9 ("Cygwin: pty: Avoid cutting the branch the pty master is sitting on.")
Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>
Previously, though readahead buffer handling in pty master was not
fully thread-safe, accept_input() was called from peek_pipe() thread
in select.cc. This caused the problem reported in:
https://cygwin.com/pipermail/cygwin/2023-July/253984.html
The mechanism of the problem is:
1) accept_input() which is called from peek_pipe() thread calls
eat_readahead(-1) before reading readahead buffer. This allows
writing to the readahead buffer from another (main) thread.
2) The main thread calls fhandler_pty_master::write() just after
eat_readahead(-1) was called and before reading the readahead
buffer by accept_input() called from peek_pipe() thread. This
overwrites the readahead buffer.
3) The read result from readahead buffer which was overwritten is
sent to the slave.
This patch makes readahead buffer handling fully thread-safe using
input_mutex to resolve this issue.
Fixes: 7b03b0d8cee0 ("select.cc (peek_pipe): Call flush_to_slave whenever we're checking for a pty master.")
Reported-by: Thomas Wolff <towo@towo.net>
Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>
Add uchar.h accordingly.
For the c32 functions, use the internal functions wirtomb and mbrtowi
as base, and convert wirtomb and mbrtowi to inline functions calling
the c32 functions.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
While st_rdev returned by fstat() for /dev/tty should be FH_TTY,
the current cygwin1.dll returns FH_PTYS+minor or FH_CONS+minor.
Similarly, fstat() does not return correct value for /dev/console,
/dev/conout, /dev/conin or /dev/ptmx.
This patch fixes the issue by:
1) Introduce dev_referred_via in fhandler_termios.
2) Add new argument, which has dev_t value referred by open(),
for constructors of fhandler_pty_slave and fhandler_pty_master to
set the value of dev_referred_via.
3) Set st_rdev using dev_referred_via in fhandler_termios::fstat()
if it is available.
Reviewed-by: Corinna Vinschen <corinna@vinschen.de>
Signed-off-by: Takashi Yano <takashi.yano@nifty.ne.jp>
