glibc's tst-makecontext2 testcase uncovered a bug in
__cont_link_context. If the function misses to reserve
shadow space for the calls to setcontext/cygwin_exit,
both functions could overwrite memory beyond the stack
configured in uc_stack.
* exceptions.cc (__cont_link_context): x86_64: align stack and reserve
shadow space for subsequent function calls, otherwise suffer potential
buffer overflow.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* uinfo.cc (cygheap_user::ontherange): Ignore $HOME if it's not
starting with a slash (aka, absolute POSIX Path).
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* libc/include/machine/setjmp.h (siglongjmp): Declare as function on
Cygwin.
(sigsetjmp): Ditto.
(_longjmp): Mark as noreturn function on Cygwin.
* common.din (siglongjmp): Export.
(sigsetjmp): Export.
* gendef: Change formatting of some comments.
(sigsetjmp): Implement.
(siglongjmp): Implement.
(__setjmpex): x86_64 only: Drop entry point.
(setjmp): x86_64 only: Store tls stackptr in Frame now, store MXCSR
and FPUCW registers in Spare, as MSVCRT does.
(longjmp): x86_64 only: Restore tls stackptr from Frame now, restore
MXCSR and FPUCW registers from Spare.
* include/cygwin/version.h (CYGWIN_VERSION_API_MINOR): Bump.
* new-features.xml (ov-new2.2): Document sigsetjmp, siglongjmp.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* dcrt0.cc (initial_env): Reduce size of local path buffers to
PATH_MAX. Allocate debugger_command from process heap.
(init_windows_system_directory): Very early initialize new global
variable global_progname.
* dll_init.cc (dll_list::alloc): Make path buffer static. Explain why.
(dll_list::populate_deps): Use tmp_pathbuf for local path buffer.
* exceptions.cc (debugger_command): Convert to PWCHAR.
(error_start_init): Allocate debugger_command and fill with wide char
strings. Only allocate if NULL.
(try_to_debug): Just check if debugger_command is a NULL pointer to
return. Drop conversion from char to WCHAR and drop local variable
dbg_cmd.
* globals.cc (global_progname): New global variable to store Windows
application path.
* pinfo.cc (pinfo_basic::pinfo_basic): Just copy progname over from
global_progname.
(pinfo::status_exit): Let path_conv create the POSIX path to
avoid local buffer.
* pseudo_reloc.cc (__report_error): Utilize global_progname, drop local
buffer.
* smallprint.cc (__small_vsprintf): Just utilize global_progname for
%P format specifier.
(__small_vswprintf): Ditto.
* strace.cc (PROTECT): Change to reflect x being a pointer. Reformat.
(CHECK): Ditto. Reformat.
(strace::activate): Utilize global_progname, drop local buffer.
Fix formatting.
(strace::vsprntf): Reduce size of local progname buffer to NAME_MAX.
Copy and, if necessary, convert only the last path component to
progname.
(strace_buf_guard): New muto.
(buf): New static pointer.
(strace::vprntf): Use buf under strace_buf_guard lock only. Allocate
buffer space for buf on Windows heap.
* wow64.cc (wow64_respawn_process): Utilize global_progname, drop
local path buffer.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* exceptions.cc (__unwind_single_frame): Define empty macro on i686.
(_cygtls::call_signal_handler): Try to make sure signal context makes
sense in case we're generating context here. Add comment to explain.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* exceptions.cc (__unwind_single_frame): Move up in file to be
accessible from other places. Move comment to getcontext.
(stack_info::walk): Call __unwind_single_frame in 64 bit case. Fix
preceeding comment.
(myfault_altstack_handler): Call __unwind_single_frame.
(getcontext): Give comment from __unwind_single_frame a new home.
(swapcontext): Fix comment.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
x86_64 only:
* cygtls.cc (san::leave): Restore _my_tls.andreas.
* cygtls.h (class san): Add _clemente as in 32 bit case. Add ret and
frame members.
(san::san): Handle _my_tls.andreas as on 32 bit. Take parameter and
write it to new member ret. Store current stack pointer in frame.
(san::~san): New destructor to restore _my_tls.andreas.
(__try): Use __l_except address as parameter to san::san.
* dcrt0.cc (dll_crt0_0): Add myfault_altstack_handler as vectored
continuation handler.
* exception.h (myfault_altstack_handler): Declare.
* exceptions.cc (myfault_altstack_handler): New function. Explain what
it's good for.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* miscfuncs.cc (struct pthread_wrapper_arg): Add member guardsize.
(pthread_wrapper): Set thread stack guarantee according to guardsize.
Tweak assembler code so that $rax/$eax is not required by GCC to
prepare the wrapper_arg value.
(CygwinCreateThread): Fix deadzone handling. Drop setting a "POSIX"
guardpage (aka page w/ PAGE_NOACCESS). Always use Windows guard
pages instead. On post-XP systems (providing SetThreadStackGuarantee)
always set up stack Windows like with reserved/commited areas and
movable guard pages. Only on XP set up stack fully commited if the
guardpage size is not the default system guardpage size.
Fill out pthread_wrapper_arg::guardsize. Improve comments.
* resource.cc: Implement RSTACK_LIMIT Linux-like.
(DEFAULT_STACKSIZE): New macro.
(DEFAULT_STACKGUARD): Ditto.
(rlimit_stack_guard): New muto.
(rlimit_stack): New global variable holding current RSTACK_LIMIT values.
(__set_rlimit_stack): Set rlimit_stack under lock.
(__get_rlimit_stack): Initialize rlimit_stack from executable header
and return rlimit_stack values under lock.
(get_rlimit_stack): Filtering function to return useful default
stacksize from rlimit_stack.rlim_cur value.
(getrlimit): Call __get_rlimit_stack in RLIMIT_STACK case.
(setrlimit): Call __set_rlimit_stack in RLIMIT_STACK case.
* thread.cc (pthread::create): Fetch default stacksize calling
get_rlimit_stack.
(pthread_attr::pthread_attr): Fetch default guardsize calling
wincap.def_guard_page_size.
(pthread_attr_getstacksize): Fetch default stacksize calling
get_rlimit_stack.
* thread.h (PTHREAD_DEFAULT_STACKSIZE): Remove.
(PTHREAD_DEFAULT_GUARDSIZE): Remove.
(get_rlimit_stack): Declare.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* autoload.cc (SetThreadStackGuarantee): Import.
* cygtls.h (struct _cygtls): Replace thread_context with a ucontext_t
called context.
* exceptions.cc (exception::handle): Exit from process via signal_exit
in case sig_send returns from handling a stack overflow SIGSEGV.
Explain why.
(dumpstack_overflow_wrapper): Thread wrapper to create a stackdump
from another thread.
(signal_exit): Fix argument list to reflect three-arg signal handler.
In case we have to create a stackdump for a stack overflow condition,
do so from a separate thread. Explain why.
(sigpacket::process): Don't run signal_exit on alternate stack.
(altstack_wrapper): Wrapper function to do stack correction when
calling the signal handler on an alternate stack to handle a stack
overflow. Make sure to have lots of comments.
(_cygtls::call_signal_handler): Drop local context variable to reduce
stack pressure. Use this->context instead. Change inline assembler
to call altstack_wrapper.
(_cygtls::signal_debugger): Accommodate aforementioned change to
struct _cygtls.
* tlsoffset.h: Regenerate.
* tlsoffset64.h: Regenerate.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fork.cc (frok::parent): Set stacktop value based on requested stack
pointer value in child. Explain why.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* exceptions.cc (_cygtls::call_signal_handler): Drop manipulating
thread's ss_flags here. It's not safe against longjmp.
* signal.cc (sigaltstack): Check if we're running on the alternate
stack and set ss_flags returned in oss to SS_ONSTACK.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* include/cygwin/signal.h: Revert to define MINSIGSTKSZ and SIGSTKSZ
here with bigger values to allow _cygtls to reside on signal stack,
should it turn out to be required at one point.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* resource.cc (getrlimit): Fix values returned by RLIMIT_STACK.
Explain why this had to be changed.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* exceptions.cc (_cygtls::call_signal_handler): Drop pushing a register
on the original stack, it confuses GCC. Rearrange the assembler code
so that $rax/$eax is not used by GCC to prepare an argument value.
Use $rax/$eax without saving. Drop clearing $rbp/$epb.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* exceptions.cc (_cygtls::call_signal_handler): Drop subtracting 16
bytes from the alternate stack, it's not necessary. Safe all clobbered
registers. Safe one on the orignal stack, the others on the alternate
stack on both platforms.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_socket.cc (LOCK_EVENTS): Don't enter critical section with
invalid mutex handle since then socket has been closed.
(UNLOCK_EVENTS): Close critical section.
(fhandler_socket::evaluate_events): Handle calling connect on shutdown
socket.
(fhandler_socket::wait_for_events): Try for pthread_testcancel in case
of WAIT_FAILED. Try to come up with a better errno in case we waited
on an invalid handle.
(fhandler_socket::release_events): Change wsock_mtx and wsock_evt to
NULL under lock to avoid accessing invalid handle.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* exceptions.cc (_cygtls::call_signal_handler): Disable enforcing
SA_RESTART in non-main threads to allow returning with EINTR from
system calls.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>