fifo_reader_id_t::operator == and != have been defined without type
accidentally. For some weird reason, only x86 gcc complains about
this problem, not x86_64 gcc.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The beginning of fhandler_fifo.cc contains a long comment giving an
overview of the FIFO implementation. This is now updated to describe
the support for multiple readers.
Although we can have multiple readers open because of dup/fork/exec,
the current code does not support multiple readers opening a FIFO by
explicitly calling 'open'.
The main complication in supporting this is that when a blocking
reader tries to open and there's already one open, it has to check
whether there any writers open. It can't rely on the write_ready
event, whose state hasn't changed since the first writer opened.
To fix this, add two new named events, check_write_ready_evt and
write_ready_ok_evt, and a new method, check_write_ready().
The first event signals the owner's reader thread to call
check_write_ready(), which polls the fc_handler list to check for
connected writers. If it finds none, it checks to see if there's a
writer in the process and then sets/resets write_ready appropriately.
When check_write_ready() finishes it sets write_ready_ok_evt to signal
the reader that write_ready has been updated.
The polling is done via fifo_client_handler::pipe_state(). As long as
it's calling that function anyway, check_write_ready() updates the
state of each handler.
Also add a new lock to prevent a race if two readers are trying to
open simultaneously.
Add a take_ownership method, used by raw_read and select.cc:peek_fifo.
It wakes up all fifo_reader_threads and allows the caller to become
owner. The work is done by the fifo_reader_threads.
For synchronization we introduce several new fhandler_fifo data
members and methods:
- update_needed_evt signals the current owner to stop listening for
writer connections and update its fc_handler list.
- shared_fc_handler() gets and sets the status of the fc_handler
update process.
- get_pending_owner() and set_pending_owner() get and set the reader
that is requesting ownership.
Finally, a new 'reading_lock' prevents two readers from trying to take
ownership simultaneously.
If the owning reader is closing, wait for another reader (if there is
one) to take ownership before closing the owner's pipe handles.
To synchronize the ownership transfer, add events owner_needed_evt and
owner_found_evt, and add methods owner_needed and owner_found to
set/reset them.
Modify the fifo_reader_thread function to wake up all non-owners when
a new owner is needed.
Make a cosmetic change in close so that fhandler_base::close is called
only if we have a write handle. This prevents strace output from
being littered with statements that the null handle is being closed.
If fixup_after_exec is called on a non-close-on-exec reader whose
parent is the owner, transfer ownership to the child. Otherwise the
parent's pipe handles will be closed before any other reader can
duplicate them.
To help with this, make the cancel_evt and thr_sync_evt handles
inheritable, so that the child can terminate the parent's
fifo_reader_thread (and the parent will update the shared fc_handler
list).
Add an optional argument 'from_exec' to update_my_handlers to simplify
its use in this case; no handle duplication is required.
This is in a new shared memory section. We will use it for temporary
storage of the owner's fc_handler list when we need to change owner.
The new owner can then duplicate the pipe handles from that list
before taking ownership.
Add several shared data members and methods that are needed for the
duplication process
Add methods update_my_handlers and update_shared_handlers that carry
out the duplication.
Allow the shared list to grow dynamically, up to a point. Do this by
initially reserving a block of memory (currently 100 pages) and only
committing pages as needed.
Add methods create_shared_fc_handler, reopen_shared_fc_handler, and
remap_shared_fc_handler to create the new shared memory section,
reopen it, and commit new pages. The first is called in open, the
second is called in dup/fork/exec, and the third is called in
update_shared_handlers if more shared memory is needed.
Modify the fifo_reader_thread function to call update_my_handlers when
it finds that there is no owner. Also make it call
update_shared_handlers when the owner's thread terminates, so that the
new owner will have an accurate shared fc_handler list from which to
duplicate.
For convenience, add new methods cleanup_handlers and
close_all_handlers. And add an optional arg to add_client_handler
that allows it to create a new fifo_client_handler without creating a
new pipe instance.
Make fc_handler a pointer to malloc'd memory instead of a fixed-size
array. The size is now a new data member 'shandlers'. Call realloc
in add_client_handler if we need to grow the array.
free fc_handler in close. As long as we're touching that code, also
remove an unneeded lock.
Among all the open readers of a FIFO, one is declared to be the owner.
This is the only reader that listens for client connections, and it is
the only one that has an accurate fc_handler list.
Add shared data and methods for getting and setting the owner, as well
as a lock to prevent more than one reader from accessing these data
simultaneously.
Modify the fifo_reader_thread so that it checks the owner at the
beginning of its loop. If there is no owner, it takes ownership. If
there is an owner but it is a different reader, the thread just waits
to be canceled. Otherwise, it listens for client connections as
before.
Remove the 'first' argument from create_pipe_instance. It is not
needed, and it may be confusing in the future since only the owner
knows whether a pipe instance is the first.
When opening a reader, don't return until the fifo_reader_thread has
time to set an owner.
If the owner closes, indicate that there is no longer an owner.
Clear the child's fc_handler list in dup, and don't bother duplicating
the handles. The child never starts out as owner, so it can't use
those handles.
Do the same thing in fixup_after_fork in the close-on-exec case. In
the non-close-on-exec case, the child inherits an fc_handler list that
it can't use, but we can just leave it alone; the handles will be
closed when the child is closed.
This uniquely identifies an fhandler_fifo open for reading in any
process.
Add a new data member 'me' of this type, which is set in open, dup,
fork, and exec.
Add data and methods to the shared memory that keep track of the
number of open readers.
Increment this number in open, dup, fork, and exec. Decrement it in
close. Reset read_ready if there are no readers left.
Even though we currently allow a FIFO to be opened for reading only
once, we can still have more than one reader open because of dup and
fork. Add a named shared memory section accessible to all readers of
a given FIFO. In future commits we will add information needed by all
readers to this section
Add a class fifo_shmem_t that lets us access this information.
Add a method create_shmem that is called when a reader opens, and add
a method reopen_shmem that is called by dup, fork, and exec. (Each
new reader needs its own view of the shared memory.)
This will simplify future work.
Rename the thread from "listen_client_thread" to "fifo_reader_thread"
because it will be used for more than just listening.
Remove the fixup_before stuff, which won't be needed after future
changes to fixup_after_fork and fixup_after_exec.
- Make read_ready a manual-reset event.
- Signal read_ready in open instead of in the listen_client_thread.
- Don't reset read_ready when the listen_client thread terminates;
instead do it in close().
- Rearrange open and change its error handling.
- Add a wait_open_pipe method that waits for a pipe instance to be
available and then calls open_pipe. Use it when opening a writer if
we can't connect immediately. This can happen if the system is
heavily loaded and/or if many writers are trying to open
simultaneously.
According to Posix, a FIFO open for reading is at EOF if it is empty
and there are no writers open.
The only way to test this is to poll the fifo_client_handlers as in
raw_read and select.cc:peek_fifo. The current hit_eof instead relies
on the value of nconnected, which can be out of date. On the one
hand, it doesn't take into account writers that were connected but
have since closed. On the other hand, it doesn't take into account
writers that are in the process of opening but haven't yet connected.
Fix this by introducing a maybe_eof method that tentatively assumes
EOF if there are no connected writers after polling. Then check for
writers currently opening (via a new 'writer_opening' event), and wait
for the fifo_reader_thread to record any new connection that was made
while we were polling.
To handle the needs of peek_fifo, replace the get_fc_handle method
by a get_fc_handler method, and add a fifo_client_handler::get_state
method.
Remove the is_connected method, which was used only in peek_fifo and
is no longer needed.
Remove the nconnected data member, which was used only for the flawed
hit_eof.
Add some comments about events to fhandler.h.
Always return 0; no one is doing anything with the return value
anyway.
Remove the return value from stop_listen_client.
Make the connection event auto-reset, so that we don't have to reset
it later.
Simplify the process of connecting a bogus client when thread
termination is signaled.
Make some failures fatal.
Remove the unnecessary extra check for thread termination near the end
of listen_client_thread.
Make the values correspond to the possible return values of
fifo_client_handler::pipe_state().
When cleaning up the fc_handler list in listen_client_thread(), don't
delete handlers in the fc_closing state. I think the pipe might still
have input to be read in that case.
Set the state to fc_closing later in the same function if a connection
is made and the status returned by NtFsControlFile is
STATUS_PIPE_CLOSING.
In raw_read, don't error out if NtReadFile returns an unexpected
status; just set the state of that handler to fc_error. One writer in
a bad state doesn't justify giving up on reading.
Replace the 'fhandler_base *' member by a HANDLE to the server side of
the Windows named pipe instance. Make the corresponding
simplifications throughout.
When `cygwin-console-helper.exe` is either missing, or corresponds to a
different Cygwin runtime, we currently wait forever while setting up
access to the pseudo console, even long after the process is gone that
was supposed to signal that it set up access to the pseudo console.
Let's handle that more gracefully: if the process exited without
signaling, we cannot use the pseudo console. In that case, let's just
fall back to not using it.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
The workaround to access the full disk required since Vista
and described in http://support.microsoft.com/kb/942448
(NOT ACCESSIBLE at the time of writing this commit message)
is required on floppy drives as well.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The cast to generate the return value uses a DWORD variable
as test and set value. The error case is the constant -1.
Given the type of the other half of the conditioal expression,
-1 is cast to DWORD as well.
On 64 bit, this results in the error case returning a 32 bit
-1 value which is equivalent to (ssize_t) 4294967295 rather
than (ssize_t) -1.
Add a fixing cast.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The return type of fhandler write methods is ssize_t. Don't
use an int to store the return value, use ssize_t. Use ptrdiff_t
for the buffer size.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The implicit assumption seemed to be that any subsequent occurence of
the same setting in nsswitch.conf is supposed to rewrite the previous
ones completely. This was not the case if the third or any further
schema was previously defined and the last line defined less than that
(but at least 2), for example:
```
db_home: windows cygwin /myhome/%U
db_home: cygwin desc
```
Let's document this behavior as well.
Signed-off-by: David Macek <david.macek.0@gmail.com>
If the cygdrive prefix is /, then the following happens right now:
$ ln -s /tmp/foo .
$ ls -l foo
lrwxrwxrwx 1 user group 12 Apr 15 23:44 foo -> /mnt/tmp/foo
Fix this by skipping cygdrive prefix conversion to WSL drive
prefix "/mnt", if the cygdrive prefix is just "/". There's no
satisfying way to do the right thing all the time in this case
anyway. For a description and the alternatives, see
https://cygwin.com/pipermail/cygwin-developers/2020-April/011859.html
Also, fix a typo in a comment.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
If the first scheme in db_* was invalid, the code would think there
were no schemes specified and replace the second scheme with
NSS_SCHEME_DESC.
Signed-off-by: David Macek <david.macek.0@gmail.com>
So far Cygwin was jumping through hoops to restrict memory
allocation to specific regions. With the advent of VirtualAlloc2
and MapViewOfFile3 (and it's NT counterpart NtMapViewOfSectionEx),
we can skip searching for free space in the specific regions
and just call these functions and let the OS do the job more
efficiently and less racy.
Use VirtualAlloc2 on W10 1803 and later in thread stack allocation.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
So far Cygwin was jumping through hoops to restrict memory
allocation to specific regions. With the advent of VirtualAlloc2
and MapViewOfFile3 (and it's NT counterpart NtMapViewOfSectionEx),
we can skip searching for free space in the specific regions
and just call these functions and let the OS do the job more
efficiently and less racy.
Use the new functions on W10 1803 and later in mmap.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Windows 10 1803 introduced an extended memory API allowing
to specify memory regions allocations are to be taken off.
In preparation of using this API, define the struct
MEM_EXTENDED_PARAMETER and friends. Declare and allow to
autoload the functions VirtualAlloc2 and NtMapViewOfSectionEx.
Introduce a wincap flag has_extended_mem_api.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Otherwise big stacks have a higher probability to collide with
randomized PEBs and TEBs after fork.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Unfortunately Windows doesn't understand WSL symlinks,
despite being a really easy job. NT functions trying
to access paths traversing WSL symlinks return the status
code STATUS_IO_REPARSE_TAG_NOT_HANDLED. Handle this
status code same as STATUS_OBJECT_PATH_NOT_FOUND in
symlink_info::check to align behaviour to traversing
paths with other non-NTFS type symlinks.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
WSL symlinks are reparse points containing a POSIX path in UTF-8.
On filesystems supporting reparse points, use this symlink type.
On other filesystems, or in case of error, fall back to the good
old plain SYSTEM file.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Commit 4a36897af3 allowed to convert /mnt/<drive> path
prefixes to Cygwin cygdrive prefixes on the fly. However,
the patch neglected WSL symlinks pointing to the /mnt
directory. Rearrange path conversion so /mnt is converted
to the cygdrive prefix path itself.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Treat WSL symlinks just like other symlinks. Convert
absolute paths pointing to Windows drives via
/mnt/<driveletter> to Windows-style paths <driveletter>:
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This reverts commit 082f2513c7.
Turns out, Linux as well as BSD really only wait for the smaller
number, MIN or # of requested bytes.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Per termios, read waits for MIN chars even if the number of requested
bytes is less. This requires to add WaitCommEvent to wait non-busily
for MIN chars prior to calling ReadFile, so, reintroduce it.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Sharing the OVERLAPPED struct and event object in there between
read and select calls in the fhandler might have been a nice
optimization way back when, but it is a dangerous, not thread-safe
approach. Fix this by creating per-fhandler, per-call OVERLAPPED
structs and event objects on demand.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- make sure event object is reset
- set read_ready to true if WaitCommEvent returns success
- improve debugging
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
tcsetattr checks if the VTIME and VMIN values changed and only
calls SetCommTimeouts if so. That's a problem if tcsetattr
is supposed to set VTIME and VIMN to 0, because these are the
start values anyway. But this requires to set ReadIntervalTimeout
to MAXDWORD, which just doesn't happen.
Fix this by dropping the over-optimization of checking the old
values before calling SetCommTimeouts,
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
After changing the type of fhandler_serial::vtime_ to cc_t, vtime_
must be stored in 10s of seconds, not in milliseconds.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Get rid of WaitCommEvent and using overlapped_armed to share the
same overlapped operation between read and select. Rather, make
sure to cancel the overlapped IO before leaving any of these functions.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Datatypes were incorrect, especially vmin_ and vtime_.
Change them to cc_t, as in user space.
- Error checking had a gap or two. Debug output used the
wrong formatting.
- Don't use ev member for ClearCommError and WaitCommEvent.
Both returned values are different (error value vs. event
code). The values are not used elsewhere so it doesn't make
sense to store them in the object. Therefore, drop ev member.
- Some variable names were not very helpful. Especially using
n as lpNumberOfBytesTransferred from GetOverlappedResult and
then actually printing it as if it makes sense was quite
puzzeling.
- Rework the loop and the definition of minchars so that it
still makes sense when looping.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Don't use ev member for ClearCommError and WaitCommEvent.
Both returned values are different (error value vs. event
code). The values are not used elsewhere so it doesn't make
sense to store them in the object.
- Drop local variable ready which is used inconsequentially.
- Since WFSO already waits 10 ms, don't wait again if no char
is in the inbound queue.
- Avoid else if chains.
- Only print one line of debug output on error.
- Drop overlapped_armed < 0 check. This value is only set in
fhandler_serial::raw_read if VTIME > 0, and even then it's only
set to be immediately reset to 0 before calling ReadFile. So
overlapped_armed is never actually < 0 when calling select.
- Fix a screwed up statement order.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Passing a pointer to a local variable to WriteConsoleA is
not actually needed if we're not going to do anything with
what WriteConsoleA would put in there.
For the wpbuf class the pointer argument was made optional,
so it can be just left out; other call places now pass a
NULL pointer instead. The local variables `wn' and `n'
are no unused, so they go away.
Replace direct access to a pair of co-dependent variables
by calls to methods of a class that encapsulates their relation.
Also replace C #define by C++ class constant.
- In xterm compatible mode, "ESC 7" and "ESC 8" do not work properly
in the senario:
1) Execute /bin/ls /bin to fill screen.
2) Sned CSI?1049h to alternate screen.
3) Reduce window size.
4) Send CSI?1049l to resume screen.
5) Send "ESC 7" and "ESC 8".
After sending "ESC 8", the cursor goes to incorrect position. This
patch adds a workaround for this issue.
- This patch fixes the issue that xterm compatible mode for input
is not correctly set/unset in some situation such as:
1) cat is stopped by ctrl-c.
2) The window size is changed in less.
In case 1), request_xterm_mode_input(true) is called in read(),
however, cat is stopped without request_xterm_mode_input(false).
In case 2), less uses longjmp in signal handler, therefore,
corresponding request_xterm_mode_input(false) is not called if
the SIGWINCH signal is sent within read(). With this patch,
InterlockedExchange() is used instead of InterlockedIncrement/
Decrement().
So far ioctl(TIOCINQ) could end up returning -1 with errno set to EINVAL
if a non-zero device error mask has been returned by ClearCommError.
This doesn't reflect Linux behaviour, which always returns the number of
chars in the inbound queue, independent of any I/O error condition.
EINVAL was a pretty weird error code to use in this scenario, too.
Fix this by dropping all checking for device errors in the TIOCINQ
case. Just return the number of chars in the inbound queue.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- This patch makes some detailed behaviour of ESC sequences such as
"CSI Ps L" (IL), "CSI Ps M" (DL) and "ESC M" (RI) in xterm mode
match with real xterm.
fhandler_socket_unix::fixup_after_exec incorrectly calls
fhandler_socket_unix::fixup_after_fork with a NULL parent process
handle. Not only that calling DuplicateHandle with a NULL parent
handle fails, but it's utterly wrong trying to duplicate the handles
at all here.
Rather just set some important values to NULL and reopen the shared
memory region. Create a fixup_helper method to call common code from
fixup_after_fork and fixup_after_exec.
Add comments to other invocations of fixup_after_fork with NULL
handle to mark them as correct this way.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Aligning the stack pointer using an asm statement isn't any longer
supported. gcc-9.2.0 generates the following warning:
init.cc:33:46: error: listing the stack pointer register '%esp'
in a clobber list is deprecated [-Werror=deprecated]
[...]
init.cc:33:46: note: the value of the stack pointer after an
'asm' statement must be the same as it was before the statement
Replace the asm expression with the gcc function attribute
`force_align_arg_pointer'. This aligns the stack exactly as
required.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
reopen_shmem is accidentally called on the parent fhandler
rather than the child fhandler, and it's called too early.
Make sure to call it on the child and only after its shmem_handle
is valid.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- In Win10 upto 1809, xterm compatible mode does not have REP
escape sequence which terminfo declares. This patch adds support
for "CSI Ps b" (REP). With this patch, bvi (binary editor) works
normally in Win10 1809. Also, xterm compatible mode does not have
"CSI Pm `" (HPA), "CSI Pm a" (HPR) and "CSI Ps e" (VPR). However,
they do not appear to be declared by terminfo. Therefore, these
have been pending.
- Cygwin console with xterm compatible mode causes problem reported
in https://www.cygwin.com/ml/cygwin-patches/2020-q1/msg00212.html
if background/foreground colors are set to gray/black respectively
in Win10 1903/1909. This is caused by "CSI Ps L" (IL), "CSI Ps M"
(DL) and "ESC M" (RI) control sequences which are broken. This
patch adds a workaround for the issue.
...from structs used for data exchange between clients and cygserver.
All of the structs have the same size and member offsets, packed or
unpacked. Keeping the packed attribute results in ominous warnings
from gcc-9.2.0:
cygserver.cc:259:10: warning: taking address of packed member of
'client_request_attach_tty::request_attach_tty' may result in an
unaligned pointer value [-Waddress-of-packed-member]
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
gcc-9.2.0 has an execve builtin which uses the nothrow attribute.
This results in an error when aliasing execve to _execve for newlib:
exec.cc:88:23: error: 'int _execve(const char*, char* const*, char*
const*)' specifies less restrictive attribute than its target
'int execve(const char*, char* const*, char* const*)': 'nothrow'
[-Werror=missing-attributes]
88 | EXPORT_ALIAS (execve, _execve) /* For newlib */
Add the -fno-builtin-execve CFLAGS when building exec.o to override
the gcc builtin.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The variable returning the overrun count from the tracker object after
disarming the overrun counter was not correctly initialized. For some
reason this has only been noticed by gcc-9.2.0, not by the formerly used
gcc-7.4.0.
This problem should not have had any runtime impact. The method
timer_tracker::disarm_overrun_event is supposed to be called in
lock-step with timer_tracker::arm_overrun_event, which in turn
results in the variable getting a valid value.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
linux 4.6 x86/cpu: Add advanced power management bits
Bit 11 of CPUID 8000_0007 edx is processor feedback interface.
Bit 12 of CPUID 8000_0007 edx is accumulated power.
Print proper names in /proc/cpuinfo
[missed enabling this 2016 change during previous major cpuinfo update
as no power related changes were made to the Linux files since then]
- Accessing shared_console_info before initialization causes access
violation because it is a NULL pointer. The cause of the problem
reported in https://cygwin.com/ml/cygwin/2020-02/msg00197.html is
this NULL pointer access in request_xterm_mode_output() when it is
called from close(). This patch makes sure that shared_console_info
is not NULL before calling request_xterm_mode_output().
Added in Linux 5.6:
Check FSRM and use REP MOVSB for short copies on systems that have it.
>From the Intel Optimization Reference Manual:
3.7.6.1 Fast Short REP MOVSB
Beginning with processors based on Ice Lake Client microarchitecture,
REP MOVSB performance is enhanced with string lengths up to 128 bytes.
Support for fast-short REP MOVSB is indicated by the CPUID feature flag:
CPUID [EAX=7H, ECX=0H).EDX.FAST_SHORT_REP_MOVSB[bit 4] = 1.
There is no change in the REP STOS performance.
A NUL byte in the output stream got accidentally not handled as IGN char
in xterm console mode. The internal mbtowc conversion doesn't handle
embedded NUL values gracefully, it always stops converting at NUL bytes.
This broke the output of strings with embedded NUL bytes.
Fix this by always skipping IGN chars in the "normal char output loop"
and make sure not to move the cursor one position to the right, as in
legacy console mode.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
NSIG is a deprecated symbol only visible under MISC visibility.
_NSIG is used widely instead, and on most systems NSIG is
defined in terms of _NSIG.
Follow suit: Change NSIG to _NSIG throughout and change visiblity
of NSIG to be defined only in __MISC_VISIBLE case.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- If two cygwin programs are executed simultaneousley with pipes
in cmd.exe, xterm compatible mode is accidentally disabled by
the process which ends first. After that, escape sequences are
not handled correctly in the other app. This is the problem 2
reported in https://cygwin.com/ml/cygwin/2020-02/msg00116.html.
This patch fixes the issue. This patch also fixes the problem 3.
For these issues, the timing of setting and unsetting xterm
compatible mode is changed. For read, xterm compatible mode is
enabled only within read() or select() functions. For write, it
is enabled every time write() is called, and restored on close().
- In push_to_pcon_screenbuffer(), open() and ioctl() are called.
Since push_to_pcon_screenbuffer() is called in read() and write(),
errno which is set in read() and write() code may be overwritten
in open() or ioctl() call. This patch prevent this situation.
- PTY has a bug reported in:
https://cygwin.com/ml/cygwin/2020-02/msg00067.html.
This is the result of state mismatch between real pseudo console
attaching state and state variable. This patch fixes the issue.
- PTY has a problem that the key input, which is typed during
windows native app is running, disappear when it returns to shell.
(Problem 3 in https://cygwin.com/ml/cygwin/2020-02/msg00007.html)
This is beacuse pty has two input pipes, one is for cygwin apps
and the other one is for native windows apps. The key input during
windows native program is running is sent to the second input pipe
while cygwin shell reads input from the first input pipe.
This patch realize transfering input data between these two pipes.
- Debug codes used in the early stage of pseudo console support are
removed. (Regarding ALWAYS_USE_PCON and USE_API_HOOK) Along with
this, the codes related to this change are organized.
- PTY code has a problem that tcsh is terminated if the following
command is executed.
true; chcp &
This seems to be caused by invalid pointer access which occurs
when the process exits during the kill() code is execuetd. This
patch avoids the issue by not using kill().
- With this patch, foreground color and background color are allowed
to be set simultaneously by 24 bit color escape sequence such as
ESC[38;2;0;0;255;48;2;128;128;0m in legacy console mode.
When fhandler_base::fstat_helper is called, the handle h returned by
get_stat_handle() should be pc.handle() and should be safe to use for
getting the file information. Previously, the call to
get_file_attribute() for FIFOs set the first argument to NULL instead
of h, thereby forcing the file to be opened for fetching the security
descriptor in get_file_sd().
Make fhandler_socket_local::dup and fhandler_socket_local::fcntl (a
new method) call fhandler_base::dup and fhandler_base::fcntl if O_PATH
is set.
We're viewing the socket as a disk file here, but there's no need to
implement the actions of fhandler_disk_file::dup and
fhandler_disk_file::fcntl, which do nothing useful in this case beyond
what the fhandler_base methods do. (The extra actions are only useful
when I/O is going to be done on the file.)
If O_PATH is set, then the fhandler_socket_local object has a handle
that can be used for getting the statvfs information. Use it by
calling fhandler_base::fstatvfs_by_handle. Without this change,
fhandler_disk_file::fstatfvs would be called on a new fhandler_disk
object, which would then have to be opened.
If an AF_LOCAL socket is opened with O_PATH, all socket system calls
that take a file descriptor argument fail on the resulting descriptor.
Make sure that errno is set as on Linux for those calls that are
implemented on Linux. In almost all cases it is ENOTSOCK. There are
two exceptions:
- sockatatmark(3); errno is EBADF.
- bindresvport(3); errno is EAFNOSUPPORT if the second argument sin
(of type struct sockaddr_in *) is non-NULL and satisfies
sin->sin_family == AF_INET.
Finally, there are two BSD socket system calls implemented on Cygwin
but not Linux: getpeereid(3) and bindresvport_sa(3). Set errno to
ENOTSOCK for these for consistency with the majority of the other
calls.
If that flag is not set, or if an attempt is made to open a different
type of socket, the errno is now EOPNOTSUPP instead of ENXIO. This is
consistent with POSIX, starting with the 2016 edition. Earlier
editions were silent on this issue.
Opening is done in a (new) fhandler_socket_local::open method by
calling fhandler_base::open_fs.
Also add a corresponding fhandler_socket_local::close method.
This edits licenses held by Berkeley and NetBSD, both of which
have removed the advertising requirement from their licenses.
Signed-off-by: Keith Packard <keithp@keithp.com>
This option has been disabled long ago and nobody missed it.
Removing drops a bit of unneeded code
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
If O_PATH is set, then the fhandler_fifo object has a handle that can
be used for getting the statvfs information. Use it by calling
fhandler_base::fstatvfs_by_handle. Before this change,
fhandler_disk_file::fstatfvs was called on a new fhandler_disk_file
object, which would then have to be opened.
Define a new method fhandler_base::fstatvfs_by_handle, extracted from
fhandler_disk_file::fstatvfs, which gets the statvfs information when
a handle is available.
This will be used in future commits for special files that have been
opened with O_PATH.
Treat a special file opened with O_PATH the same as a regular file,
i.e., use its handle to get the stat information.
Before this change, fstat_fs opened the file a second time, with the
wrong flags and without closing the existing handle. A side effect
was to change the openflags of the file, possibly causing further
system calls to fail.
Currently this change only affects FIFOs, but it will affect
AF_LOCAL/AF_UNIX sockets too once they support O_PATH.
mknod32 actually creates a path_conv, just to call mknod_worker
with a win32 path. This doesn't only require to create path_conv
twice, it also breaks permissions on filesystems supporting ACLs.
Fix this by passing the path_conv created in the caller down to
symlink_worker. Also, while at it, simplify the handling of trailing
slashes and move it out of symlink_worker. Especially use the
new PC_SYM_NOFOLLOW_DIR flag to avoid fiddeling with creating
a new path copy without the trailing slash.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Usually a trailing slash requires to follow an existing symlink,
even with PC_SYM_NOFOLLOW. The reason is that "foo/" is equivalent
to "foo/." so the symlink is in fact not the last path component,
"." is. This is default for almost all scenarios.
PC_SYM_NOFOLLOW_DIR now allows the caller to request not to
follow the symlink even if a trailing slash is given. This can
be used in callers to perform certain functions Linux-compatible.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- After commit 6cc299f0e2, outputs of
cygwin programs which call both printf() and WriteConsole() are
frequently distorted. This patch fixes the issue.
- The cause of the problem reported in
https://www.cygwin.com/ml/cygwin/2020-01/msg00220.html is that the
chars input before dup() cannot be read from the new file descriptor.
This is because the readahead buffer (rabuf) in the console is newly
created by dup(), and does not inherit from the parent. This patch
fixes the issue.
If the O_PATH flag is set, fhandler_fifo::open now simply calls
fhandler_base::open_fs.
The previous attempt to handle O_PATH in commit aa55d22c, "Cygwin:
honor the O_PATH flag when opening a FIFO", fixed a hang but otherwise
didn't do anything useful.
If O_PATH is set in the flags argument of
fhandler_base::device_access_denied, return false. No
read/write/execute access should be required in this case.
Previously, the call to device_access_denied in open(2) would lead to
an attempt to open the file with read access even if the O_PATH flag
was set.
rdpru flag is cpuid xfn 80000008 ebx bit 4 added in linux 5.5;
see AMD64 Architecture Programmer's Manual Volume 3:
General-Purpose and System Instructions
https://www.amd.com/system/files/TechDocs/24594.pdf#page=329
and elsewhere in that document
- For programs which does not work properly with pseudo console,
disable_pcon in environment CYGWIN is introduced. If disable_pcon
is set, pseudo console support is disabled.
- For programs compiled with -mwindows option, reopening slave is
needed in push_to_pcon_screenbuffer(), however, it was not at
appropriate place. This causes the problem reported in
https://www.cygwin.com/ml/cygwin/2020-01/msg00161.html. This
patch fixes the issue.
- Though this rarely happens, sometimes the first printing of non-
cygwin process does not displayed correctly. To fix this issue,
the code for waiting for forwarding by master_fwd_thread is revised.
Following Linux, allow the pathname argument to be an empty string if
the AT_EMPTY_PATH flag is specified. In this case the dirfd argument
can refer to any type of file, not just a directory, and the call
operates on that file. In particular, dirfd can refer to a symlink
that was opened with O_PATH | O_NOFOLLOW.
Following Linux, allow the pathname argument to be an empty string,
provided the dirfd argument refers to a symlink opened with
O_PATH | O_NOFOLLOW. The readlinkat call then operates on that
symlink.
Commit 283cb372, "Cygwin: normalize_win32_path: improve error
checking", required a prefix '\\?\' or '\??\' in the source path to be
followed by 'UNC\' or 'X:\', where X is a drive letter. That was too
restrictive, since it disallowed the paths '\\?\X: and '\??\X:'. This
caused problems when a user tried to use the root of a drive as the
Cygwin installation root, as reported here:
https://cygwin.com/ml/cygwin/2020-01/msg00111.html
Modify the requirement so that '\??\X:' and '\\?\X:' are now allowed
as source paths, without a trailing backslash.
- In octave gui, sometimes state mismatch between real pty state
and state variable occurs. For example, this occurs when 'ls'
command is executed in octave gui. This patch fixes the issue.
- After commit e1a0775dc0, the problem
reported in https://www.cygwin.com/ml/cygwin/2020-01/msg00093.html
occurs. For Gnu scren and tmux, calling FreeConsole() on pty close
is necessary. However, if FreeConsole() is called, cygwin setup
with '-h' option does not work. Therefore, the commit
e1a0775dc0 delayed closing pty.
This is the cause of the problem above. Now, instead of delaying
pty close, FreeConsole() is not called if the process is non cygwin
processes such as cygwin setup.
- The console with 24bit color support has a problem that console
mode is changed if cygwin process is executed in cmd.exe which
started in cygwin shell. For example, cursor keys become not
working if bash -> cmd -> true are executed in this order.
This patch fixes the issue.
- In Win10 1809, the cursor position sometimes goes out of screen
by clear command in console. This seems to be caused by escape
sequence CSI3J (ESC[3J). This happens only for 1809. This patch
is a workaround for the issue.
- Special function keys such as arrow keys or function keys do not
work in ConEmu with cygwin-connector after commit
6a06c6bc8f. This patch fixes the
issue.
- PTY code which support pseudo console has a problem that causes
handle leaks. Four of these are bug in pty code, and the other
one seems to be a bug of Windows10. ClosePseudoConsole() fails
to close one internal handle. This patch fixes the issue.
- If two PTYs are opened in the same process and the first one
is closed, the helper process for the first PTY remains running.
This patch fixes the issue.
- The slowing down issue of X11 forwarding using ssh -Y, reported
in https://www.cygwin.com/ml/cygwin/2019-12/msg00295.html,
is due to the change of select() code for pty in the commit
915fcd0ae8. cygthread::detach()
takes at most about 10msec because Sleep() is used in the thread.
For this issue, this patch uses cygwait() instead of Sleep() and
introduces an event to abort the wait. For not only pty, but pipe
and fifo also have the same problem potentially, so this patch
applies same strategy to them as well.
Though our implementation of cpu sets doesn't need it, software from
Linux environments expects this definition to be present. It's
documented on the Linux CPU_SET(3) man page but was left out due to
oversight.
Addresses https://cygwin.com/ml/cygwin/2019-12/msg00248.html
Add that flag to the pipe type argument when creating the Windows
named pipe. And add a definition of that flag to ntdll.h (copied from
/usr/include/w32api/ddk/ntifs.h).
- Even with commit fe512b2b12, pty
still has a problem in ESC[?3h and ESC[?3l handling if invalid
sequence such as ESC[?$ is sent. This patch fixes the issue.
Both functions were introduce with Windows 7 only, so we need to
autoload them for the sake of Vista/2008.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
On certain error conditions there is a code snippet that checks
whether the last component of the path has a trailing dot or space or
a leading space. Skip this check if the last component is empty,
i.e., if the path ends with a backslash. This avoids an assertion
failure if the trailing backslash is the only backslash in the path,
as is the case for a DOS drive 'X:\'.
Addresses: https://cygwin.com/ml/cygwin/2019-12/msg00016.html
- Pseudo console clears console screen buffer if ESC[?3h or ESC[?3l
is sent. However, xterm/vt100 does not clear screen. This cause
mismatch between real screen and console screen buffer. Therefore,
this patch triggers redraw screen in that situation so that the
synchronization is done on the next execution of native app.
This solves the problem reported in:
https://www.cygwin.com/ml/cygwin-patches/2019-q4/msg00116.html
- Previously, pty cleared screen at startup for synchronization
between the real screen and console screen buffer for pseudo
console. With this patch, instead of clearing screen, the screen
is redrawn when the first native program is executed after pty
is created. In other words, synchronization is deferred until
the native app is executed. Moreover, this realizes excluding
$TERM dependent code.
fhandler_console::create_invisible_console_workaround() does not use the
lpApplicationName parameter and neglects to quote its command name on
lpCommandLine in the call to CreateProcessW.
Given CreateProcessW's brain-dead method to evaluate the application
path given on the command line, this opens up a security problem if
Cygwin is installed into a path with spaces in it.
Fix this by using the lpApplicationName parameter and quoting of the
application path in the lpCommandLine parameter (used as argv[0] in
the called console helper.
For extended paranoia, make the argument string array big enough to
fit full 64 bit pointer values into it. Handles usually only use
the lower 32 bit, but better safe than sorry.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
FH_CONS_MAX should refelect the fact that we allow 128 consoles, even if
it's unused.
Suggested-by: Achim Gratz <Stromeko@nexgo.de>
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Commit 5a0f2c00aa "Cygwin: fork/exec: fix child process permissions"
removed the PROCESS_DUP_HANDLE handle permission of the parent process
handle in the child to avoid a security problem.
It turned out that this broke the following scenario: If a process forks
and then the parent execs, the child loses the ability to register the
parent's death. To wit, after the parent died the child process does
not set its own PPID to 1 anymore.
The current exec mechanism copies required handle values (handles to
keep contact to the child processes) into the child_info for the
about-to-be-exec'ed process. The exec'ed process is supposed to
duplicate these handles. This fails, given that we don't allow the
exec'ed process PROCESS_DUP_HANDLE access to the exec'ing process since
commit 5a0f2c00aa.
The fix is to avoid the DuplicateHandle calls in the exec'ed process.
This patch sets the affected handles to "inheritable" in the exec'ing
process at exec time. The exec'ed process just copies the handle values
and resets handle inheritance to "non-inheritable". The exec'ing
process doesn't have to reset handle inheritance, it exits after setting
up the exec'ed process anyway.
Testcase: $ ssh-agent /bin/sleep 3
ssh-agent forks and the parent exec's sleep. After sleep exits, `ps'
should show ssh-agent to have PPID 1, and eventually ssh-agent exits.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Call find_exec with the FE_NNF flag to enforce a NULL return when the
executable isn't found in $PATH. Convert NULL to "". This aligns
spawnvp and spawnvpe with execvp and execvpe.
If the directory name has the form 'x:' followed by one or more
slashes or backslashes, and if there's at least one backslash, assume
that the user is referring to 'x:\', the root directory of drive x,
and don't strip the backslash.
Previously all trailing slashes and backslashes were stripped, and the
name was treated as a relative file name containing a literal colon.
Addresses https://cygwin.com/ml/cygwin/2019-08/msg00334.html.
Add feature test print macro that makes feature, bit, and flag text
comparison and checking easier. Handle as common former Intel only
feature flags also supported on AMD. Change order and some flag names
to agree with current Linux.
If the source path starts with the Win32 long path prefix '\\?\' or
the NT object directory prefix '\??\', require the prefix to be
followed by 'UNC\' or '<drive letter>:\'. Otherwise return EINVAL.
This fixes the assertion failure in symlink_info::check that was
reported here:
https://cygwin.com/ml/cygwin/2019-09/msg00228.html
That assertion failure was caused by normalize_win32_path returning a
path with no backslashes when the source path was '\\?\DRIVE'.
If the last component of the directory name is a symlink followed by a
slash, rmdir now fails, following Linux but not POSIX, even if the
symlink resolves to an existing empty directory.
mkdir was similarly changed in 2009 in commit
52dba6a5c4. Modify a comment to clarify
the purpose of that commit.
Addresses https://cygwin.com/ml/cygwin/2019-09/msg00221.html.
Prior to commit b0717aae, path_conv::check had the following code:
if (strncmp (path, "\\\\.\\", 4))
{
/* Windows ignores trailing dots and spaces in the last path
component, and ignores exactly one trailing dot in inner
path components. */
char *tail = NULL;
[...]
if (!tail || tail == path)
/* nothing */;
else if (tail[-1] != '\\')
{
*tail = '\0';
[...]
}
Commit b0717aae0 intended to disable this code, but it inadvertently
disabled only part of it. In particular, the declaration of the local
tail variable was in the disabled code, but the following remained:
if (!tail || tail == path)
/* nothing */;
else if (tail[-1] != '\\')
{
*tail = '\0';
[...]
}
[A later commit removed the disabled code.]
The tail variable here points into a string different from path,
causing that string to be truncated under some circumstances. See
https://cygwin.com/ml/cygwin/2019-09/msg00001.html
for more details.
This commit fixes the problem by removing the leftover code
that was intended to be removed in b0717aae.
- The autoload feature is used rather than GetModuleHandle(),
GetProcAddress() for CreatePseudoConsole(), ResizePseudoConsole()
and ClosePseudoConsole().
- Since calling system __loadlocale() caused execution error,
PTY used its own NLS function. The cause of the error has been
found, the corresponding code has been rewritten using system
function.
The CPU_SET macros defined in Cygwin's include/sys/cpuset.h must not
be visible in an application's namespace unless _GNU_SOURCE has been
#defined. Internally this means wrapping them in #if __GNU_VISIBLE.
- In non-canonical mode, cygwin console returned only one character
even if several keys are typed before read() called. This patch
fixes this behaviour.
- Previously, input and output pipes were switched together between
the traditional pty and the pseudo console. However, for example,
if stdin is redirected to another device, it is better to leave
input pipe traditional pty side even for non-cygwin program. This
patch realizes such behaviour.
- If screen alternated while pseudo console switching, it sometimes
failed. This might happen when the output of the non-cygwin program
is piped to less. This patch fixes this issue.
- When the I/O pipe is switched to the pseudo console side, the
behaviour of Ctrl-C was unstable. This rarely happens, however,
for example, shell sometimes crashes by Ctrl-C in that situation.
Furthermore, Ctrl-C was ignored if output of non-cygwin program
is redirected to pipe. This patch fixes these issues.
- Forcibly attach to pseudo console in advance so that the error
messages by system_printf() are displayed to screen reliably.
This is needed when stdout is redirected to another pty. In this
case, process has two ptys opened. However, process can attach
to only one console. So it is necessary to change console attached.
- PTY with pseudo console support sitll has problem which potentially
cause state mismatch between state variable and real console state.
This patch fixes this issue.
- select() did not work correctly when both read and except are
polled simultaneously for the same fd and the r/w pipe is switched
to pseudo console side. This patch fixes this isseu.
- Pseudo console support introduced by commit
169d65a577 shows garbage ^[[H^[[J in
some of emacs screens. These screens do not handle ANSI escape
sequences. Therefore, clear screen is disabled on these screens.
- Pseudo console support introduced by commit
169d65a577 sometimes cause random
crash or freeze by pressing ^C while cygwin and non-cygwin
processes are executed simultaneously in the same pty. This
patch is a workaround for this issue.
- API hook used for pseudo console support causes slow down.
This patch limits API hook to only program which is linked
with the corresponding APIs. Normal cygwin program is not
linked with such APIs (such as WriteFile, etc...) directly,
therefore, no slow down occurs. However, console access by
cygwin.dll itself cannot switch the r/w pipe to pseudo console
side. Therefore, the code to switch it forcely to pseudo
console side is added to smallprint.cc and strace.cc.
- Pseudo console support introduced by commit
169d65a577 has some bugs which
cause mismatch between state variables and real pseudo console
state regarding console attaching and r/w pipe switching. This
patch fixes this issue by redesigning the state management.
- PTY uses Win32 API hook for pseudo console suppot. The function
hook_api() is used for this purpose and defined in fhandler_tty.cc
previously. This patch moves it into hookapi.cc.
- Support pseudo console in PTY. Pseudo console is a new feature
in Windows 10 1809, which provides console APIs on virtual
terminal. With this patch, native console applications can work
in PTYs such as mintty, ssh, gnu screen or tmux.
Rather than waiting for signalfd_select_wait in a thread, which is racy,
create a global event "my_pendingsigs_evt" which is set and reset by
wait_sig depending only on the fact if blocked signals are pending or not.
This in turn allows to WFMO on this event in select as soon as signalfds
are present in the read descriptor set. Select's peek and verify
will then check if one of the present signalfds is affected.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
On sigwaitinfo or reading from a signalfd, signal processing sets up
signal handling via sigdelayed even if the handler address is NULL.
This doesn't have any impact on sigwaitinfo scenarios (or at least, I
wasn't able to come up with a reproducer) but it breaks signalfd
scenarios, where eventually a call to call_signal_handler from
sigdelayed will try to call the NULL function.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- If screen is alternated on console, cursor position is not restored
correctly in the case of xterm compatible mode is enabled. For example,
the shell prompt is shown at incorrect position after using vim.
This patch fixes this problem.
- The horizontal tab positions are broken after resizing console window.
This seems to be a bug of xterm compatible mode of windows console.
This workaround fixes this problem.
The default implementation of the fenv.h methods return
-EOPNOTSUP. Some of these have implementations appropriate
for soft-float.
The intention of the new fenv.h is that it be portable
and that architectures provide their own implementation
of sys/fenv.h.
This avoids collisions of shmat maps with Windows own datastructures
when allocating top-down.
This patch moves the mmap_allocator class definition into its
own files and just uses it from mmap and shmat.
Adding default winvar 'PATH=C:\cygwin64\binZ' to an environment that is
already allocated for 'SYSTEMROOT=ZWINDIR=Z', we need to count that
trailing (Z)ero as well. Otherwise we trigger this assertion failure:
$ /bin/env -i SYSTEMROOT= WINDIR= /bin/env
assertion "(s - envblock) <= tl" failed: file "/home/corinna/src/cygwin/cygwin-3.0.7/cygwin-3.0.7-1.x86_64/src/newlib-cygwin/winsup/cygwin/environ.cc", line 1302, function: char** build_env(const char* const*, WCHAR*&, int&, bool, HANDLE)
Aborted (core dumped)
When the exec family of functions is called for a script-like
file, the av::setup function handles the exec[vl]p case as
well. The execve case for files not starting with a she-bang
is handled first by returning ENOEXEC. Only after that, the
file's executability is checked.
This leads to the problem that ENOEXEC is returned for non-executable
files as well. A calling shell interprets this as a file it should try
to run as script. This is not desired for non-executable files.
Fix this problem by checking the file for executability first. Only
after that, follow the other potential code paths.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This patch supplies an implementation of the CPU_SET(3) processor
affinity macros as documented on the relevant Linux man page.
There is a mostly superset implementation of cpusets under newlib's
libc/sys/RTEMS/include/sys that has Linux and FreeBSD compatibility
and is built on top of FreeBSD bitsets. This Cygwin implementation
and the RTEMS one could be combined if desired at some future point.
Do not attach to the child before it was successfully initialized, or we
would need more sophisticated cleanup on child initialization failure,
like suppressing SIGCHILD delivery with multiple threads ("waitproc")
involved.
Improves "Cygwin: fork: Remember child not before success.",
commit f03ea8e1c5, which leads to fork
problems if cygserver is running:
https://cygwin.com/ml/cygwin-patches/2019-q2/msg00155.html
During fork, the child process requires the process table to be
initialized for fixup_shms_after_fork, while still allowing subsequent
dlls.load_after_fork to fail silently (for when the "forkable" hardlinks
are not created yet).
pinfo::remember not performing reattach anymore requires explicit
pinfo::reattach now where appropriate.
Prepares to improve "Cygwin: fork: Remember child not before success."
commit f03ea8e1c5, which leads to fork
problems if cygserver is running:
https://cygwin.com/ml/cygwin-patches/2019-q2/msg00155.html
Introducing an independent Cygwin PID introduced a regression:
The expectation is that the myself pinfo pointer always points to a
specific address right in front of the loaded Cygwin DLL.
However, the independent Cygwin PID changes broke this. To create
myself at the right address requires to call init with h0 set to
INVALID_HANDLE_VALUE or an existing address:
void
pinfo::init (pid_t n, DWORD flag, HANDLE h0)
{
[...]
if (!h0 || myself.h)
[...]
else
{
shloc = SH_MYSELF;
if (h0 == INVALID_HANDLE_VALUE) <-- !!!
h0 = NULL;
}
The aforementioned commits changed that so h0 was always NULL, this way
creating myself at an arbitrary address.
This patch makes sure to set the handle to INVALID_HANDLE_VALUE again
when creating a new process, so init knows that myself has to be created
in the right spot. While at it, fix a potential uninitialized handle
value in child_info_spawn::handle_spawn.
Fixes: b5e1003722 ("Cygwin: processes: use dedicated Cygwin PID rather than Windows PID")
Fixes: 88605243a1 ("Cygwin: fix child getting another pid after spawnve")
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
_pinfo::set_ctty sets myself's pgid to the ctty pgid if the process has
been started from a non-Cygwin process. This isn't the right thing to
do when started from GDB. GDB starts the application via standard
Windows means, not via Cygwin fork/exec, so it's treated as being
a non-Cygwin parent.
But we want the app running in it's own process group. So skip this
step when running under a debugger
Signed-off-by: Corinna Vinschen <corinna-cygwin@cygwin.com>
Return -1 with EINVAL if pgid < 0.
Previously tcsetpgrp() would blindly go ahead and set the pgid of the
controlling terminal to a negative value, causing later calls to
various functions to fail.
For example, gdb has code like the following:
tcsetpgrp (0, getpgid (inf->pid));
If getpgid (inf->pid) fails (returns -1), then this code would set the
pgid of fd 0 to -1, so that some later calls to getpgid() would also
return -1. This caused the problem reported here:
https://cygwin.com/ml/cygwin/2019-07/msg00166.html.
So far negative values were denoting files, positive values
denoting directories. We should prefer a less error prone
method. Redefine virtual_ftype_t to contain only positive
values and replace checks for negativ or positive values with
inline functions virt_ftype_isfile() and virt_ftype_isdir().
Drop outdcated comments referring to numerical virtual_ftype_t
values.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
commit 2607639992 "Improve error handling in /proc/[pid]/
virtual files." changed the return value of the /proc/PID
formatting functions to return -1 instead of 0 in the error
case to allow a filesize of 0.
The patch neglected to change this behaviour for /proc/PID/fd
content. This patch fixes that.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Change path_conv::is_lnk_special() so that it returns false on socket
files.
is_lnk_special() is called by rename2() in order to deal with special
files (FIFOs and symlinks, for example) whose Win32 names usually have
a ".lnk" suffix. Socket files do not fall into this category, and
this change prevents ".lnk" from being appended erroneously when such
files are renamed.
Remove a now redundant !pc.issocket() from fhandler_disk_file::link().
It is used only once, and the name is supposed to suggest "device that
is not based on the filesystem". This intended meaning is clearer if
we just replace is_auto_device() by its definition at the place where
it's used.
The sigpending mechanism failed to check if the pending signal was a
process-wide signal, or a signal for the curent thread. Fix that by
adding a matching conditional to wait_sig's __SIGPENDING code.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
So far sig_send's return type is int. The problem with this is
that sig_send returns a sigset_t on __SIGPENDING, and sigset_t
is defined as long type. So the function only returns the lower
32 bit of sigset_t, which is fine on 32 bit, but casts away the
pending RT signals on 64 bit.
Fix this by changing the return type of sig_send to sigset_t, so
as not to narrow down the sigset when returning from handling
__SIGPENDING. Make sure to cast correctly in all invocations
of sig_send.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Have sched_getaffinity() interface like glibc's, and provide an
undocumented internal interface __sched_getaffinity_sys() like the Linux
kernel's sched_getaffinity() for benefit of taskset(1).
Add a function timerfd_tracker::enter_critical_section_cancelable,
which is like enter_critical_section but honors a cancel event. Call
this when a timer expires while the timerfd thread is in its inner
loop. This avoids a deadlock if timerfd_tracker::dtor has entered its
critical section and is trying to cancel the thread. See
https://cygwin.com/ml/cygwin/2019-06/msg00096.html.
This patch set implements the Linux syscalls sched_getaffinity,
sched_setaffinity, pthread_getaffinity_np, and pthread_setaffinity_np.
Linux has a straightforward view of the cpu sets used in affinity masks.
They are simply long (1024-bit) bit masks. This code emulates that view
while internally dealing with Windows' distribution of available CPUs among
processor groups.
Make it a manual reset event. It's only used once to allow a reader
to open, and there's no reason to ever reset it. Defensively set it
when a client connection is recorded, even though it should be set by
the writer that connected.
Call NtReadFile directly instead of calling fhandler_base::raw_read.
In addition to being simpler, this gives us access to the return value
from NtReadFile.
Add a method fifo_client_handler::pipe_state that queries Windows for
the state of a pipe instance. Use this to help terminate the
listen_client thread cleanly.
If the last client handler is useless, delete it instead of declaring
it invalid.
fhandler_fifo::close could be called from a signal handler or another
thread at a time when another function is holding the fifo_client
lock. This could prevent the listen_client thread from acting on the
thread termination event. Avoid a deadlock by calling
fifo_client_unlock at the beginning of fhandler_fifo::close.
libX11 provides <X11/Xlocale.h>. The build of libX11 itself adds
include/X11 to the compiler's include path. This results in a name
collision with /usr/include/xlocale.h on case-insensitive filesystems.
Commit 90e35b1eb3 renamed sys/_locale.h to xlocale.h in March 2017 under
the assumption that we should provide the locale_t type in the same file
as on Linux, FreeBSD, and Darwin.
A few weeks later (June 2017), glibc removed the xlocale.h file in favor
of bits/types/locale_t.h, which shouldn't be included directly anyway.
For reference and the reasoning, see
https://sourceware.org/git/?p=glibc.git;a=commit;h=f0be25b6336d
Given the above, revert 90e35b1eb3 and
fix additional usage of xlocale.h.
32 bit Cygwin performs a POSIX-compatible mapping after EOF which
is not supported in this form on Windows. The 64 bit Windows
kernel never supported the AT_ROUND_TO_PAGE mapping flag, so we
couldn't page-aligned map the space right after the file's EOF.
So mapping beyond EOF was disabled in 64 bit Windows and WOW64.
However, if mmap works, a matching munmap should work as well,
*and* it should not accidentally unmap unrelated memory.
Therefore we enable mapping beyond EOF on 64 bit as well. Since
that mapping is always 64K aligned, the are between the last file
page and the next 64K allocation boundary will be unallocated.
There's no way around that.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When using NtCreateFile when creating a directory that already exists,
it will correctly return 'STATUS_OBJECT_NAME_COLLISION'.
However using this function to create a directory (and all its parents)
a normal use would be to start with mkdir(‘/cygdrive/c’) which translates
to ‘C:\’ for which it'll instead return ‘STATUS_ACCESS_DENIED’.
64 bit Windows started out with a 44 bit address space due to a
restriction of the AMD64 CPUs at the time. Starting with Windows
8.1, these CPUs are not supported anymore and Windows switched to
the full 48 bit address space supported by AMD64.
Cygwin didn't follow suit yet so mmaps are still restricted to
the lower 44 bit address space. Fix that by using a system-specific
upper address for mmap allocations, 44 bit up to Windows 8, 48 bit
starting with Windows 8.1.
While at it, move the heap by another 8 Gigs to leave some space
for a potential extension of DLL address space, and restrict the
mmap lower address so the heap can grow to 32 Gigs before colliding
with mmaps.
Do not remember the child before it was successfully initialized, or we
would need more sophisticated cleanup on child initialization failure,
like cleaning up the process table and suppressing SIGCHILD delivery
with multiple threads ("waitproc") involved. Compared to that, the
potential slowdown due to an extra yield () call should be negligible.
Pause the child process after performing fork fixups even if there were
no dynamically loaded dlls with extra data/bss transfers to wait for.
This allows the parent process to cancel the current fork call even if
the child process was successfully initialized already.
This is a preparation for when the parent does remember the child no
earlier than after successful child initialization.
Querying the ntlength and existence of the /var/run/cygfork directory in
the very first Cygwin process should not use nt_max_path_buf, as that
one is used by dll_list::alloc already.
NtQueryVirtualMemory for MemorySectionName may return some old path even
if the process was just started, for when some directory in between was
renamed - maybe because the NT file cache is hot for the old path still.
This was seen during gcc bootstrap, returning a MemorySectionName of
".../gcc/xgcc.exe" even if started as ".../prev-gcc/xgcc.exe", where the
directory rename from "gcc" to "prev-gcc" was done the moment before.
As we stat the module's real file right after loading now, there is no
point in using NtQueryVirtualMemory with MemorySectionName any more, and
we can use what GetModuleFileName returned instead.
-Add vendor identification
-Support in get_cpu_cache
Background:
Chengdu Haiguang IC Design Co., Ltd (Hygon) is a Joint Venture
between AMD and Haiguang Information Technology Co.,Ltd., aims at
providing high performance x86 processor for China server market.
Its first generation processor codename is Dhyana, which
originates from AMD technology and shares most of the
architecture with AMD's family 17h, but with different CPU Vendor
ID("HygonGenuine")/Family series number(Family 18h).
Related Hygon kernel patch can be found on:
http://lkml.kernel.org/r/5ce86123a7b9dad925ac583d88d2f921040e859b.1538583282.git.puwen@hygon.cn
Signed-off-by: Jinke Fan <fanjinke@hygon.cn>
There's no longer a need to consider the connect_evt after fork/exec.
After stopping the listen_client thread, all client handlers should be
in the fc_connected or fc_invalid states, so their connect_evt members
won't be used again.
Also remove code in fhandler_fifo::dup that just repeats things
already done in stop_listen_client.
Add a method fhandler_fifo::check_listen_client_thread that checks
whether the thread is running. Use it in raw_read instead of just
testing the handle listen_client_thr.
On exit from the listen_client thread, make sure there's no pending
FSCTL_PIPE_LISTEN request. Otherwise we might get a client connection
after restarting the thread, and we won't have a handle for
communicating with that client.
Remove the retry loop in the case of STATUS_PIPE_LISTENING; that case
shouldn't occur.
Remove the now-unused fc_connecting value from
fifo_client_connect_state.
It's now up to the caller to pass a handle to open_pipe and, if
desired, to call set_handle on return.
This will be useful for a future commit, in which we will open a
client connection without setting an io_handle.
When opening a duplexer, open a client connection to the first client
handler. Previously we gave the duplexer a bogus write handle, which
was just a duplicate of the first client handler's handle. This meant
that we had a pipe server with no clients connected, and all I/O
attempts failed with STATUS_PIPE_LISTENING.
Extend the last fcntl change to duplexers.
Remove a now unused fifo_client_handler constructor, as well as the
long unusued method fifo_client_handler::connect.
Don't create the pipe in duplex mode; the server handle will only be
used for reading.
NtQueryVirtualMemory for MemorySectionName does not reliable return the
changed dll file name when another process does move the file around,
and we may end up creating forkable hardlinks to wrong dll files.
So query the file id when loading the dll rather than before fork.
Make stat_real_file_once a method of struct dll, to be more flexible on
where to use. Also, debug print memory section name queried for a dll.
This is a preparation to query the file id when loading the dll.
The blocking mode of the Windows pipe underlying a writer is set to
match that of the writer itself when the latter is opened. Define
fhandler_fifo::fcntl to keep the pipe and the writer in sync if the
blocking mode is changed via fcntl.
* Change default fallback for failed winsock error -> POSIX error
mappings to EACCES, which is a valid errno for more socket-related
syscalls.
* Added a few previously missing entries to the wsock_errmap table
that have obvious POSIX errno.h analogues.
Add methods need_fixup_before, init_fixup_before, and
fixup_before_fork_exec to accomplish this. Stopping the thread makes
sure that the client handler lists of the parent and child remain in
sync while the forking/execing is in progress.
Don't use the same i/o handle for the first client handler as is used
for the fhandler itself; this can lead to a later attempt to close the
same handle twice. Instead use a duplicate.
* Pre-release version still reporting kernel version 6.4.
* Windows 10 1511 is out of support since 2017-10-10.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Define fhandler:fifo::fixup_after_exec, which sets listen_client_thr
and lct_termination_evt to NULL. This forces the listen_client thread
to restart on the first attempt to read after an exec. Previously the
exec'd process could hang in fhandler_fifo::raw_read.
Remove fifo_client_handler::connect and move its code into
listen_client_thread. That way we can check the return status when a
client handler's connect_evt is signaled. Previously we incorrectly
assumed there was a successful connection.
Also simplify listen_client_thread in the following ways:
- Replace fhandler_fifo::disconnect_and_reconnect by a new
delete_client_handler method. Now we just delete invalid client
handlers rather than trying to re-use them.
- Try to maintain a client handler list that consists of connected
client handlers and exactly one that is listening for a connection.
This allows us to call WaitForMultipleObjects with only two wait
objects.
- Remove 'dummy_evt' from the fifo_client_handler struct; it is no
longer needed.
- On exit from listen_client_thread, delete the "extra" (listening)
client handler. Otherwise there could be a connection that doesn't
get recorded in the client handler list. This could happen when a
file descriptor is being duplicated.
Don't set the write end of the pipe to non-blocking mode if the FIFO
is opened in blocking mode.
In fhandler_fifo::raw_write in blocking mode, wait for the write to
complete rather than returning -1 with EAGAIN.
If the amount to write is large, write in smaller chunks (of size
determined by a new data member max_atomic_write), as in
fhandler_base_overlapped.
For convenience, add two new NTSTATUS codes, STATUS_THREAD_SIGNALED
and STATUS_THREAD_CANCELED, to ntdll.h.
After copyto is called, make the new fhandler's pipe_name point to the
new fhandler's pipe_name_buf, which is a *copy* of the old fhandler's
pipe_name_buf. Previously, get_pipe_name would return the wrong
result after a clone/dup, causing create_pipe_instance and open_pipe
to fail.
Also, stop the listen_client thread when cloning. Otherwise the
thread can keep accepting connections that the cloned fhandler won't
know about.
Do this via a new method fhandler_fifo::stop_listen_client, extracted
from fhandler_fifo::close.
Make read_ready a manual reset event. It should always be set shortly
after startup of the listen_client thread and remain set until the
thread terminates. (We don't want writers to connect without being
recorded in the client handler list.)
Remove the unnecessary code that checks for read_ready when a reader
is opening.
Add data members 'reader', 'writer', and 'duplexer' to the
fhandler_fifo class. Set them in fhandler_fifo::open. ('duplexer'
replaces the previous '_duplexer'.)
This will be useful in later commits.
The word "client" suggests something that holds a handle to the client
side of the pipe (in Windows terminology). But our
fifo_client_handlers hold a handle the server side of the pipe, and
they *connect* to clients.
Rather than newest last write time of all dlls loaded, use the forking
process' windows pid and windows thread id as directory name to create
the forkable hardlinks into. While this may create hardlinks more
often, it does avoid conflicts between dlls not having the newest last
write time.
* Changes error handling to allow /proc/[pid]/ virtual files to be
empty in some cases (in this case the file's formatter should return
-1 upon error, not 0).
* Better error handling of /proc/[pid]/stat for zombie processes:
previously trying to open this file on zombie processes resulted
in an EINVAL being returned by open(). Now the file can be read,
and fields that can no longer be read are just zeroed.
* Similarly for /proc/[pid]/statm for zombie processes.
* Similarly for /proc/[pid]/maps for zombie processes (in this case the
file can be read but is zero-length, which is consistent with observed
behavior on Linux.
- After 24 bit color support patch, arrow keys and function keys
do not work properly in native console applications if they
are started in cygwin console. This patch fixes this issue.
In case SA_SIGINFO flag is given, the signal handler may change
the context and the application is supposed to pick up from the
changed context. So far we don't do that, so the context given
to the signal handler is basically read-only, unless the signal
handler calls setcontext or swapcontext.
For a start, restore the thread's signal mask from the uc_sigmask
value of the context given to the signal handler.
If that's feasible for Cygwin, we restore the entire context from
the context changed by the signal handler in a followup patch.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
commit d1be0a59d4,
"Cygwin: winpids: Fix getting process multiple times"
fixed duplicate processes in ps -W output, but it fixed
the symptom, not the cause. It also didn't fix the problem
that the `ps' process itself may show up twice in its own
output.
This patch fixes it. The spawn worker only deleted the
"winpid.PID" symlink of the current process if the child is
a non-Cygwin process, under the assumption that the exec'ing
process exits anyway. However, the Window in which both
winpid.PID symlinks point to the same cygpid.PID area is just
too long. The spawn worker now also deletes its own winpid.PID
symlink if the exec'ed process is a Cygwin process.
Additionally the fix from d1be0a59d4
is now performed on the calling process, too.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Add 24 bit color support using xterm compatibility mode in
Windows 10 1703 or later.
- Add fake 24 bit color support for legacy console, which uses
the nearest color from 16 system colors.
In dll_crt0_0, both threadinterface->Init and sigproc_init allocate
windows object handles using unpredictable memory regions, which may
collide with dynamically loaded dlls when they were relocated.
Make fhandler_base::clear_readahead virtual, and implement
fhandler_fifo::clear_readahead. This is called by
dtable::fixup_after_exec; it clears the readahead in each client.
Starting w/ the intro of S4U, seteuid32() calls lsaprivkeyauth(), then
s4uauth(). s4uauth calls LsaRegisterLogonProcess().
LsaRegisterLogonProcess fails w/ STATUS_PORT_CONNECTION_REFUSED, if the
proper privileges are not held.
Because of RtlNtStatusToDosError(), this status would be mapped to
ERROR_ACCESS_DENIED, which in turn would map to EACCES. Therefore it is
useless to add this status to errmap[] (errno.cc), as s4auauth() should
return EPERM as errno here (i.e. if process is not privileged).
Hence the kludge.
Before the intro of S4U, seteuid32() called lsaprivkeyauth(), then
lsaauth(), then create_token(). Before the intro of Vista, the latter
would have called NtCreateToken().
NtCreateToken() would have failed w/ STATUS_PRIVILEGE_NOT_HELD for a
process w/o the proper privileges. In that case, calling seteuid32()
would have returned EPERM (as required).
Since the intro of Vista, and if the process had been started from an
UNelevated shell, create_token() does NOT reach NtCreateToken()!
As create_token() failed to properly set errno in that case, calling
seteuid32() would return errno as set by lsaauth(), i.e. EACCES, not
in agreement w/ Posix (a bug which was present for years).
(lsaauth() called LsaRegisterLogonProcess() which would fail)
If a FIFO is opened with O_RDWR access, create the pipe with
read/write access, and make the first client have the handle of that
pipe as its I/O handle.
Adjust fhandler_fifo::raw_read to account for the result of trying to
read from that client if there's no data.
fhandler_fifo::clone called fhandler_base::clone on each client
fhandler. But those fhandlers are actually fhandler_fifo objects, so
when fhandler_base::clone calls copyto, it's actually
fhandler_fifo::copyto that gets called. This can lead to mysterious
crashes.
Fix this by simply calling clone (which translates to
fhandler_fifo::clone) on each client fhandler.
Add static functions peek_fifo, thread_fifo, start_thread_fifo, and
fifo_cleanup to select.cc. These are based on the corresponding pipe
functions, the main difference being that peek_fifo loops through the
connected clients to see if any of them have data available for
reading.
Add the fhandler_fifo methods select_read, select_write, and
select_except.
Add accessor methods get_nclients, get_handle, and is_connected that
are needed by peek_fifo.
Add a hit_eof method that tries to detect whether any clients are
connected. Before concluding that there are none, it gives the
listen_client thread time to update the client data.
Introduce a 'fifo_client_handler' structure that can be used by a
reader to communicate with a writer using an instance of the named
pipe. An fhandler_fifo opened for reading creates a thread that does
the following:
- maintains a list of fifo_client_handlers
- listens for_clients trying to connect
- creates new pipe instances as needed so that there's always at
least one available for connecting.
The pipe instances are initially created in blocking mode, but they
are set to be non-blocking after a connection is made.
fhandler_fifo::raw_read now loops through the connected clients and
reads from the first one that has data available.
New fhandler_fifo methods: add_client, listen_client,
listen_client_thread, check_listen_client_thread.
Replace the create_pipe method by create_pipe_instance, which allows
unlimited pipe instances.
New helper functions: create_event, set_pipe_non_blocking.
Make fhandler_fifo a derived class of fhandler_base instead of
fhandler_base_overlapped.
Replace the create_pipe macro, which is based on
fhandler_pipe::create, by new create_pipe and open_pipe methods.
These use NT functions instead of Win32 functions. Replace fifo_name
by get_pipe_name, which returns a pointer to a UNICODE_STRING.
Remove the fnevent macro, which would now be needed only once.
Add a raw_write method, adapted from fhandler_base::raw_write.
Adapt all functions to the changes above.
Switching to Cywin-only PIDs introduced a new problem when collecting
Cygwin processes for `ps -W': A process can show up multiple times
again, if the Cygwin procinfo has been opened for a just execing
process. The execed process then shows up twice, once as Cygwin
process, but with the wrong Windows PID of the execing process,
once as Windows-only process.
The mechanism used to exclude these stray processes didn't work with
the new Cygwin pid handling anymore. To fix this
* check if the incoming Windows PID is the same as the PID in the
procinfo. If not, we have the PID of the execing process while
procinfo was already changed,
* always check if the process has already been handled, not only
for processes we got a procinfo for,
* simplify adding pid to pidlist since pid is now always correct.
While at it, fix comments and comment formatting.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
strace only printed the Windows PID in event output so far.
Especially now that Windows and Cygwin PID are decoupled, the
strace user might like to see the Cygwin pid in event output as
well. However, at process startup, the process might not have
a Cygwin PID yet.
To mitigate this, always print the Windows PID and only add the
Cygwin pid if it exists.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
commit c0d7d3e1a2 removed the usage of the
LCMAP_BYTEREV flag in the call to LCMapStringW to workaround a strange
bug in LCMapStringW. This patch didn't take a userspace call of
wcsxfrm{_l} with NULL buffer and 0 size to evaluate the required buffer
size into account. This introduced a crash trying to byte swap the
NULL buffer. This patch fixes that problem.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
3.0.0 changed uname but missed to align /proc/version
which then used the old uname function on the new uname
struct.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When logging in via ssh with an unprivileged account,
PdhAddEnglishCounter returns with status 0x800007D0,
PDH_CSTATUS_NO_MACHINE. We didn't find any workaround
but the changes to improve debugging output may help
in future. Using UNICODE instead of ANSI functions is
a result of trying to fix this problem.
Also drop the prototype workaround for PdhAddEnglishCounterA.
It's not required anymore since Mingw-w64's pdh.h catched up.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Create process with standard rights, plus
PROCESS_QUERY_LIMITED_INFORMATION for authenticated users. This
allows to fetch basic process information and thus /proc/<PID>/stat
to succeed on foreign processes.
While at it, fix formatting in CreateProcess calls.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
There's no good reason to return blank if some of the info
couldn't be collected. Drop useless call collecting
SystemProcessorPerformanceInformation. Always return some
valid start_time, even if we couldn't collect ProcessTimes.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The OpenProcess call to generate /proc/<PID>/stat info requests
PROCESS_VM_READ, but that's not required. Drop it.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Creating /proc/<PID>/cmdline requires permissions to communicate
with the target process via its signal pipe. If that fails, the
output is "<defunct>" which doesn't make sense most of the time.
Rather, call format_process_exename in this case to get more useful
process name info, albeit not the full cmdline.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The winpid symlinks got created with no query permissions, so
only admins could see all Cygwin processes. Create symlinks
so everyone has query permissions instead.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Canceling the timer thread runs under lock. The thread uses the same
lock to guard its timer_tracker struct access. If the timing is bad,
timer_settime or timer_delete grab the lock at the same time, the timer
expires. In the end, cancel waits for the thread sync while the thread
waits for ther lock to be released.
Fix this by not waiting for the thread sync under lock.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
On setting the timer, the thread is accidentally only canceled when
disarming the timer. This leaks one thread per timer_settimer call.
Move the thread cancellation where it belongs.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
We don't support setting groups via /etc/groups anymore. Also, the
initgroups group list is created via S4U, so we have "Interactive" vs.
"Network" token, an artificial and entirely irrelevant difference.
So, "verifying" the lsaprivkeyauth token may lead to rejecting a prefectly
valid token. Just remove the verify_token call.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Revert "Cywin: user profile: unload impersonation user profile on exit"
Revert "Cygwin: seteuid: allow inheriting impersonation user profile handle"
Revert "Cygwin: user profile: add debug output to unload_user_profile"
Revert "Cygwin: user profile: Make an effort to unload unused user profiles"
This reverts commit bcb33dc4f0.
This reverts commit dd3730ed9c.
This reverts commit 8eee25241e.
This reverts commit 71b8777a71.
This patchset actually results in the following problem:
- After a couple of ssh logon/logoff attempts, an interactive session
of the same user loging in, is broken.
Apparently UnloadUserProfile manages to unload the user's profile
even while a parallel interactive session still uses the user's
profile.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Per MSDN VirtualQueryEx requires PROCESS_QUERY_INFORMATION.
Testing showed that PROCESS_QUERY_LIMITED_INFORMATION is sufficient
since Windows 8.1. The assumption that Windows 8 is the same as
Windows 8 was not correct, it requires PROCESS_QUERY_INFORMATION
as well.
Fix that by splitting the Windows 8 wincaps into one for Windows 8
and one for Windows 8.1. Set needs_query_information for Windows 8.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
If the user domain is the primary domain, LDAP is supposed to
use the default naming context. This is accomplished by setting
domain name to NULL in the call to cyg_ldap::fetch_ad_account.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
cyg_ldap::fetch_ad_account creates a naming context from the
incoming domain, if it's not NULL. The algorithm overwrites
dots with \0 in domain while creating the naming context, but
neglects to restore the dots.
Fix that by never overwriting the incoming domain name.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- feenableexcept,fedisableexcept, fegetexcept are GNU-only
- fegetprec, fesetprec are Solaris, use __MISC_VISIBLE
- _feinitialise is Cygwin-internal only
- Replace self-named FP precision values to values from
http://www.open-std.org/jtc1/sc22//WG14/www/docs/n752.htm
as used by Solaris.
- Change return value of fesetprec to adhere to the above document
and Solaris.
- Document fegetprec, fesetprec as Solaris functions, not as GNU
functions
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
...before calling any of its method. It's no safe bet that
it's already initialized when calling s4uauth and adding it
to load_user_profile certainly doesn't hurt.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
In case of a local machine account login, pi.lpProfilePath points
to the buffer returned by NetUserGetInfo, but NetApiBufferFree
is called prior to calling LoadUserProfileW. Fix by copying over
usri3_profile to the local userpath buffer, just as in the AD case.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This never really worked. While at it, restructure code to
do common stuff only in one spot. Improve debug output.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Inspecting the content of case-sensitive directories
on remote machines results in lots of errors like
disappearing diretories and files, file not found, etc.
This is not feasible as default behaviour
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
A sleep is required on Windows 10 64 bit only before calling
RegisterClassW in the timerfd thread, and only when running
under strace. One of the child processes inheriting the timerfd
descriptor will get a STATUS_FLOAT_INEXACT_RESULT exception inside
of msvcrt.dll. It's apparently some timing problem. It occurs
in 4 out of 5 runs under strace only. WOW64 and Windows 7 64 bit
don't have this problem.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The share section was created using the PAGE_SIZE constant,
but PAGE_SIZE is 64K. Fix that by using wincap.page_size()
instead, which returns the desired actual page size of 4K.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
timerfd_tracker and timerfd_shared classes:
- Just because handles are shared, we don't have to store them in
shared memory. Move share handles into timerfd_tracker class.
- Drop shared instance counter since it's not required anymore.
timerfd_shared only stores the actual timer data.
- Drop timerfd_shared::create, just set clock id.
- Drop timerfd_shared::dtor, it's not required anymore.
- Drop timerfd_tracker::close, just call dtor where required.
- Rename timerfd_tracker::increment_instances to timerfd_tracker::dup.
It's the only reason it exists...
- timerfd_tracker::dtor now checks the non-shared pointers for NULL
before attempting to close them.
- timerfd_tracker::dtor handles decrementing the local instance count
by itself.
- Add a method timerfd_tracker::init_fixup_after_fork_exec to set
non-shared pointers to NULL. Together with the dtor patches it
fixes a problem with close_on_exec timerfd descriptors.
- Fix a bug in handling the thread synchronization event. It's
actually nice to create it before using it...
- Drop using sec_none{_nih} in InitializeObjectAttributes. It's
an unnecessary roundabout route just to get a NULL pointer.
- Slightly rework timechange window handling.
- Add more comments to explain what happens.
fhandler_timerfd:
- Drop cnew macro, it just hides what happens.
- fhandler_timerfd::fixup_after_exec now calls
timerfd_tracker::init_fixup_after_fork_exec first, so a subsequent
call to timerfd_tracker::dtor only works on valid handles.
- fhandler_timerfd::close directly calls timerfd_tracker::dtor now.
- Drop dtor call in fhandler_timerfd destructor.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
timerfd_tracker::fixup_after_fork_exec always tries to restore
the shared timer region at the same address as in the parent.
This is entirely unnecessary and wasn't intended, rather some
kind of copy/paste thinko. Fix that. Print NtMapViewOfSection
status code in api_fatal on failure for debugging.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The "optimized" condition to recognize an unarmed timer was plain
wrong. Replace it by checking the stored it_value against 0.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The child process needs access to the handle to be able to
unload it when switching user context.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Does this work? There's not much feedback given.
TODO: We might want to try unloading the user profile at process
exit as well, FWIW.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
curr_primary_token is either NO_IMPERSONATION or the external_token
or the internal_token, so it's never required to be closed by itself.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Commit 649911fb40 avoids the
calls to NetUserGetGroups and NetUserGetLocalGroups since
these can take a lot of time. The same problem potentially
occurs when loading the user profile. The code fetches
the roaming profile path calling NetUserGetInfo, which also
can be rather slow.
To avoid this problem, fetch the profile patch using LDAP.
Also, don't bail out early if the user's registry hive already
exists. This may result in outdated information.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
NetUserGetGroups and NetUserGetLocalGroups sometimes take a lot of time
(up to more than 2 mins) for no apparent reason.
Call s4uauth to generate an identification token for the user and fetch
the group list from there. This is *much* faster.
Keep the old code only for the sake of WOW64 on Vista and Windows 7,
which don't implement MsV1_0S4ULogon.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
s4uath was only callable to create an impersonation token so
far. Rework the function to allow creating an identification
token for informational purposes even from untrusted processes.
Take domainname and username instead of a passwd pointer to be
more multi-purpose.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Commit 4e34a39b5c made sure all user and
group names are case-correct, but it introduced a hefty performance hit
on starting the first Cygwin process.
Adding an ldap call for each AD group in a user token takes its toll in
bigger AD environments with lots of groups in a user token. Real-life
example: 300 groups w/ roundtrip time to the LDAP server of 0.25 secs
per call...
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Up to Vista CreateProcessAsUser only worked with primary tokens,
so convert S4U impersonation token to primary token. MSDN still
documents it that way, but actually an impersonation token is
sufficient since Windows 7.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Under WOW64 on 64 bit Windows 7, MsV1_0S4ULogon appears to be
unimplemented, probably under Vista as well. Re-enable
create_token method, to allow basic seteuid on W7 WOW64 and
Vista as well.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
for domain accounts we try KerbS4ULogon first, MsV1_0S4ULogon
second. But we only fetch the package id for the supporting
authentication package (Kerberos/MsV1_0) once at the start.
Duplicate LsaLookupAuthenticationPackage call and move into the
Kerb/MsV1_0 branches so that it fetches the correct package id
for the method we call next.
Curious enough this worked before. Apparently both methods
work with the MICROSOFT_KERBEROS_NAME_A package id. However,
requesting and using the right authentication package id is
the prudent thing to do.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This reverts commit 7c34811440.
This potentially allows to circumvent OpenSSHs user/group name matching,
unless the Admin knows to add every local user twice or to use patterns,
e.g.:
Match user MACHINE+user,.+user
Match user *+user
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Commit c1023ee353 changed the way
path_conv::binmode() works. Rather than returning three states,
O_BINARY, O_TEXT, 0, it only returned 2 states, O_BINARY, O_TEXT. Since
mounts are only binary if they are explicitely mounted binary by setting
the MOUNT_BINARY flag, textmode is default.
This introduced a new bug. When inheriting stdio HANDLEs from native
Windows processes, the fhandler and its path_conv are created from a
device struct only. None of the path or mount flags get set this way.
So the mount flags are 0 and path_conv::binmode() returned 0.
After the path_conv::binmode() change it returned O_TEXT since, as
explained above, the default mount mode is textmode.
Rather than just enforcing binary mode for path_conv's created from
device structs, this patch changes the default mount mode to binary:
Replace MOUNT_BINARY flag with MOUNT_TEXT flag with opposite meaning.
Drop all explicit setting of MOUNT_BINARY. Drop local set_flags
function, it doesn't add any value.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When recognizing a negative pid, optind is off by one. The
code correcting this has been erroneously removed by commit
8de660271f. Revert that.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The solution from commit 9a3cc77b2a
didn't work for foreign domain accounts. Rather than calling
LookupAccountSid we now use the info when we fetch it anyway
via LDAP or Net*GetInfo. Only in case of domain groups we have
to add an LDAP call explicitly.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Make sure a domain+username fits into the local name buffer.
The former buffer size didn't take adding a domain name to
a really_really_long_user_name into account.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When looking up valid accounts by name, LookupAccountName returns
a SID and a case-correct domain name. However, the name was input
and LookupAccountName is case-insensitive, so the name is not
necessarily written the same way as in SAM or AD.
Fix that by doing a reverse lookup on the just fetched SID. This
fetches the account name in the correct case. Override the
incoming name with the case correct name from LookupAccountSid.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This is a really old and crappy API, as the previous commit shows.
Use NtQueryInformationFile(FilePositionInformation) here instead.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
dtable::set_file_pointers_for_exec is called from
child_info_spawn::worker to move the file position of O_APPEND
files to EOF if the child is a native child.
However, this only works correctly for the first O_APPEND
file descriptor:
- set_file_pointers_for_exec calls SetFilePointer. The higher
4 bytes of the desired file offset are given to SetFilePointer
as pointer to a DWORD value. On return, SetFilePointer returns
the higher 4 bytes of the new file position in this DWORD.
- So for the second and subsequent descriptors the higher 4 byte
of the file position depend on what the actual file position
of the previous file has been set to:
- If the file is > 2 Gigs, the high offset will not be 0 anymore.
- If the desciptor points to a non-seekable file (i.e., a pipe
or socket), SetFilePosition returns an error and sets the high
position to -1.
Fix this by calling SetFilePointerEx instead, which does not
modify the incoming position value.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When calling spawnve, in contrast to execve, the parent has
to create the pid for the child. With the old technique
this was simply the Windows pid, but now we have to inform
the child about its new pid.
Add a cygpid member to class child_info_spawn. Set it in
child_info_spawn::worker, just prior to calling CreateProcess
rather than afterwards. Overwrite cygheap->pid in
child_info_spawn::handle_spawn before calling pinfo::thisproc.
Make sure pinfo::thisproc knows the pid is already set by
setting the handle argument to INVALID_HANDLE_VALUE.
Also set procinfo->dwProcessId to myself_initial.dwProcessId
instead of to myself_initial.pid for clarity.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When the current process has renamed (to bin) a readonly dll, we get
STATUS_TRANSACTION_NOT_ACTIVE for unknown reason when subsequently
creating the forkable hardlink. A workaround is to open the original
file with FILE_WRITE_ATTRIBUTES access, but that fails with permission
denied for users not owning the original file.
* forkable.cc (dll::create_forkable): Retry hardlink creation using the
original file's handle opened with FILE_WRITE_ATTRIBUTES access when the
first attempt fails with STATUS_TRANSACTION_NOT_ACTIVE.
* Rename cygwin_shared->prefer_forkable_hardlinks to
forkable_hardlink_support, with values
0 for Unknown, 1 for Supported, -1 for Unsupported.
Upon first dll loaded ever, dll_list::forkable_ntnamesize checks the
/var/run/cygfork directory to both exist and reside on NTFS, setting
cygwin_shared->forkable_hardlink_support accordingly.
* Replace enum forkables_needs by bool forkables_created: Set
to True by request_forkables after creating forkable hardlinks.
To avoid the need for each process to check the filesystem to detect
that hardlink creation is impossible or disabled, cache this fact in
shared memory. Removing cygfork directory while in use does disable
hardlinks creation. To (re-)enable hardlinks creation, the cygfork
directory has to exist before the first cygwin process does fork.
* forkable.cc (dll_list::forkable_ntnamesize): Short cut
forkables needs to impossible when disabled via shared memory.
(dll_list::update_forkables_needs): When detecting hardlink
creation as impossible (not on NTFS) while still (we are the
first one checking) enabled via shared memory, disable the
shared memory value.
(dll_list::request_forkables): Disable the shared memory value
when hardlinks creation became disabled, that is when the
cygfork directory was removed.
* include/cygwin/version.h: Bump CYGWIN_VERSION_SHARED_DATA 6.
* shared_info.h (struct shared_info): Add member
prefer_forkable_hardlinks. Update CURR_SHARED_MAGIC.
* shared.cc (shared_info::initialize): Initialize
prefer_forkable_hardlinks to 1 (Yes).
To support in-cygwin package managers, the fork() implementation must
not rely on .exe and .dll files to stay in their original location, as
the package manager's job is to replace these files. Instead, when the
first fork try fails, and we have NTFS, we use hardlinks to the original
binaries in /var/run/cygfork/ to create the child process during the
second fork try, along the main.exe.local file to enable the "DotLocal
Dll Redirection" feature for the dlls.
The (probably few) users that need an update-safe fork manually have to
create the /var/run/cygfork/ directory for now, using:
mkdir --mode=a=rwxt /var/run/cygfork
* child_info.h: Bump CURR_CHILD_INFO_MAGIC.
(enum child_status): Add _CI_SILENTFAIL flag.
(struct child_info): Add silentfail setter and getter.
* winsup.h (child_copy): Add bool silentfail parameter.
* cygheap.cc: Pass silentfail parameter to child_copy.
* dcrt0.cc: Ditto.
* dll_init.h (struct dll): Define public inline method forkedntname.
(struct dll_list): Declare private method find_by_forkedntname.
* dll_init.cc (struct dll_list): Implement find_by_forkedntname.
(dll_list::alloc): Use find_by_forkedntname when in load after fork.
(dll_list::load_after_fork_impl): Load dlls using dll::forkedntname.
* fork.cc (frok::parent): Set silentfail child info flag. Pass
silentfail parameter to child_copy. Use forkedntname of
dlls.main_executable.
(fork): When first dofork run failed and did not use forkables,
run dofork again with_forkables set to true.
(child_copy): Use debug_printf if silentfail is true,
system_printf otherwise.
In preparation to protect fork() against dll- and exe-updates, create
hardlinks to the main executable and each loaded dll in subdirectories
of /var/run/cygfork/, if that one exists on the NTFS file system.
The directory names consist of the user sid, the main executable's NTFS
IndexNumber, and the most recent LastWriteTime of all involved binaries
(dlls and main executable). Next to the main.exe hardlink we create the
empty file main.exe.local to enable dll redirection.
The name of the mutex to synchronize hardlink creation/cleanup also is
assembled from these directory names, to allow for synchronized cleanup
of even orphaned hardlink directories.
The hardlink to each dynamically loaded dll goes into another directory,
named using the NTFS IndexNumber of the dll's original directory.
* Makefile.in (DLL_OFILES): Add forkable.o.
* dll_init.h (struct dll): Declare member variables fbi, fii,
forkable_ntname. Declare methods nominate_forkable,
create_forkable.
(struct dll_list): Declare enum forkables_needs. Declare member
variables forkables_dirx_size, forkables_dirx_ntname,
forkables_mutex_name, forkables_mutex. Declare private methods
forkable_ntnamesize, prepare_forkables_nomination,
update_forkables_needs, update_forkables, create_forkables,
denominate_forkables, close_mutex, try_remove_forkables,
set_forkables_inheritance, request_forkables. Declare public
static methods ntopenfile, read_fii, read_fbi. Declare public
methods release_forkables, cleanup_forkables. Define public
inline method setup_forkables.
* dll_init.cc (dll_list::alloc): Allocate memory to hold the
name of the hardlink in struct dll member forkable_ntname.
Initialize struct dll members fbi, fii.
(dll_list::load_after_fork): Call release_forkables method.
* fork.cc: Rename public fork function to static dofork, add
with_forkables as bool pointer parameter. Add new fork function
calling dofork. (struct frok): Add bool pointer member
with_forkables, add as constructor parameter.
(frok::parent): Call dlls.setup_forkables before CreateProcessW,
dlls.release_forkables afterwards.
* pinfo.cc (pinfo::exit): Call dlls.cleanup_forkables.
* syscalls.cc (_unlink_nt): Rename public unlink_nt function to
static _unlink_nt, with 'shareable' as additional argument.
(unlink_nt): New, wrap _unlink_nt for original behaviour.
(unlink_nt_shareable): New, wrap _unlink_nt to keep a binary
file still loadable while removing one of its hardlinks.
* forkable.cc: New file.
Implement static functions mkdirs, rmdirs, rmdirs_synchronized,
stat_real_file_once, format_IndexNumber, rootname, sidname,
exename, lwtimename. Define static array forkable_nameparts.
(struct dll): Implement nominate_forkable, create_forkable.
(struct dll_list): Implement static methods ntopenfile,
read_fii, read_fbi. Implement forkable_ntnamesize,
Even for the main executable and cygwin1.dll store the file name as full
NT path. Create the child process using the main executable's file name
converted from the full NT path stored before.
* dll_init.cc (dll_list::alloc): Search for DLL_SELF type entry
with module name like for DLL_LINK, use full NT path to search
for DLL_LOAD type only. For DLL_SELF type do not indicate
having a destructor to be called.
(dll_list::find): Ignore DLL_SELF type entries.
(dll_list::init): Ditto. Call track_self method.
(dll_list::track_self): New.
(dll_list::load_after_fork): Call track_self method.
* dll_init.h (enum dll_type): Add DLL_SELF, for the main
executable and cygwin1.dll.
(struct dll_list): Declare private method track_self. Declare
member variable main_executable.
* fork.cc (frok::parent): Use ntname from dlls.main_executable
to create child process, converted to short path using
dll_list::buffered_shortname.
Store loaded dll's file name as full NT path.
* dll_init.h (struct dll): Rename member variable name to ntname.
(struct dll_list): Declare private static member variable
nt_max_path_buffer. Declare public static methods form_ntname,
form_shortname. Define public static methods nt_max_path_buf,
buffered_shortname.
(dll_list::operator []): Use PCWCHAR rather than const PWCHAR.
(dll_list::find_by_modname): Ditto.
* dll_init.cc (in_load_after_fork): Define earlier in file.
(struct dll_list): Rename member variable name to ntname.
Define nt_max_path_buffer variable.
Implement static methods form_ntname, form_shortname.
(dll_list::operator []): Use PCWCHAR rather than const PWCHAR.
(dll_list::find_by_modname): Ditto.
(reserve_at): Ditto.
(release_at): Ditto.
(dll_list::alloc): Use nt_max_path_buf method instead of local
buffer. Store module file name as full NT path, convert using
the form_ntname static method.
(dll_list::load_after_fork): Call load_after_fork_impl only when
reload_on_fork is set.
* fork.cc (frok::child): Call dlls.load_after_fork even without
need to dynamically load dlls.
(frok::parent): Move syscall_printf into the retry loop.
Trying to delete in-use executables and DLLs using
FILE_DISPOSITION_POSIX_SEMANTICS returns STATUS_CANNOT_DELETE.
Fall back to the former method if that error occurs to allow
unlinking these files.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The symlink target of /proc/PID/fd files pointing to pipes and
sockets are just artificial filenames referencing the object using
some internal number. The pipe open code expects a path specifying
process pid and the internal number so it access the right process
and pipe.
- Set the posix path of the pipe to the simple pipe name only,
as it shows up in /proc/PID/fd. A /proc/self prefix is just
as wrong as a /dev/fd prefix.
- Revert thinko in fhandler_pipe::open expecting the name as
/proc/self/fd/... In fact this should never happen.
- Fix up the path before re-opening the pipe instead.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The reopen code neglected to pass along the requested open
mode correctly. This may end up reopening the file with
incorrect access mask, or duplicating the wrong pipe handle.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Move TerminateProcess call into cleanup code to make sure child
doesn't linger in some border cases.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When fork finally fails although both CreateProcess and creating the
"cygpid.N" shared memory section succeeded, we have to release that
shared memory section as well - before releasing the process handle.
Otherways we leave an orphan "cygpid.N" shared memory section, and any
subsequent cygwin process receiving the same PID fails to initialize.
* fork.cc (frok::parent): Call child.allow_remove in cleanup code.
- If the execve'ed process is a non-Cygwin process, we have to
create the matching winpid symlink and remove the old one
ourselves.
- If we spawn a child, the winpid symlink has to be maintained
by the child process, otherwise it disappears if the parent
process exits.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The arguments are not used anyway, so drop them. When called,
procinfo->dwProcessId is already set right, so we don't have
to access myself_initial.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Since commit b5e1003722, native
Windows processes not started by Cygwin processes don't have a
Cygwin PID anymore. This breaks ps -W and kill -f <WINPID>.
Introduce MAX_PID (65536 for now).
Cygwin processes as well as native Windows processes started
from a Cygwin process get a PID < MAX_PID. All other native
Windows processes get a faked Cygwin PID >= MAX_PID.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Using the Windows PID as Cygwin PID has a few drawbacks:
- the PIDs on Windows get reused quickly. Some POSIX applications choke
on that, so we need extra code to avoid too quick PID reuse.
- The code to avoid PID reuse keeps parent process handles and
(depending on a build option) child processes open unnecessarily.
- After an execve, the process has a split personality: Its Windows PID
is a new PID, while its Cygwin PID is the PID of the execve caller
process. This requires to keep two procinfo shared sections open, the
second just to redirect process info requests to the first, correct
one.
This patch changes the way Cygwin PIDs are generated:
- Cygwin PIDs are generated independently of the Windows PID, in a way
expected by POSIX processes. The PIDs are created incrementally in
the range between 2 and 65535, round-robin.
- On startup of the first Cygwin process, choose a semi-random start PID
for the first process in the lower PID range to make the PIDs slightly
unpredictable. This may not be necessary but it seems kind of inviting
to know that the first Cygwin process always starts with PID 2.
- Every process not only creates the shared procinfo section, but also a
symlink in the NT namespace, symlinking the Windows PID to the Cygwin
PID. This drops the need for the extra procinfo section after execve.
- Don't keep other process handles around unnecessarily.
- Simplify the code creating/opening the shared procinfo section and
make a clear distinction between interfaces getting a Cygwin PID and
interfaces getting a Windows PID.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
If a process is just exiting, requesting memory info may fail
with STATUS_PROCESS_IS_TERMINATING. Right now the code just bails
out if fetching mem info fails. However, the rest of the info is
still valuable for procps, so just carry on.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
After creating a pthread, the stack gets moved to the desired memory
location. While the 32 bit thread wrapper copies the exception handler
information to the new stack (so we have at least *some* exception
handler present), the x86_64 code didn't perform any exception handler
magic. Fix that.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
VirtualQueryEx, called by fixup_mmaps_after_fork, requires
PROCESS_QUERY_INFORMATION permissions per MSDN. However, testing
shows that PROCESS_QUERY_LIMITED_INFORMATION is sufficient when
running the same code on Windows 8.1 or Windows 10. Fix the code
to give the forked child always PROCESS_QUERY_INFORMATION perms
on Windows Vista/7 and respective server releases.
Revert now unneeded patch to check_token_membership as well.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
POSIX requires that raise(3) is equivalent to
pthread_kill(pthread_self(), sig);
in multi-threaded applications. Our raise just called kill(sig).
Fix that.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Keeping an inheritable handle open results in that handle being
spilled over into grandchild processes, which is not desired.
Duplicate original parent handle into a non-inheritable one with
minimal SYNCHRONIZE permissions and close the original handle.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Exec'ed/spawned processes don't need PROCESS_DUP_HANDLE. Remove that
permission from the parent handle.
- PROCESS_QUERY_LIMITED_INFORMATION doesn't work for Windows 7 if the
process is started as a service. Add PROCESS_QUERY_INFORMATION for
pre-Windows 8 in that case.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The version info only depends on the object files. This results
in the version info not being rebuild immediately if a source
file is changed. Rather, the version info is only rebuilt on the
next make run.
Fix that by making the version info build rule dependent on the
source files.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- This simple and official method replaces cyglsa and "create token"
methods. No network share access, same as before.
- lsaauth and create_token are disabled now. If problems crop up,
they can be easily reactivated. If no problems crop up, they
can be removed in a while, together with the lsaauth subdir.
- Bump Cygwin version to 3.0.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The previous patch failed with password-less auth because in
that case the return code from get_server_groups wasn't tested.
Fix that. Also make sure that get_server_groups does not
check if the account is disabled or locked out when just fetching
the group list for initgroups or getgrouplist.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
So far seteuid could change uid to any existing account, given
sufficient permissions of the caller. This is kind of bad since
it disallows admins to refuse login to disabled or locked out
accounts.
Add check for the account's UF_ACCOUNTDISABLE or UF_LOCKOUT flags
and don't let the user in, if one of the flags is set.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Use info from same source (GetNetworkParams).
Also move getdomainname near gethostname in source.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
If gethostname() fails we call GetComputerNameEx with
ComputerNameDnsFullyQualified. This is wrong, gethostname should return
the hostname only, not the FQDN. Fix this by calling GetComputerNameEx
with ComputerNameDnsHostname.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When reusing a cygthread, the stub method fails to set the thread name
to the new name. The name is only set when actually creating the
thread. Fix that by moving the SetThreadName call right in front of the
thread function call.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Combine with a bit of cleanup:
- Drop overrun_event_running in favor of overrun_count being -1.
- Fix include guard in posix_timer.h.
- Drop ununsed function timespec_to_us.
- Don't use Interlocked functions without need.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Allocating on the cygheap would copy information of the tracker into
the child process. A forked child knows the timer id and could simply
still access the (free'd but still valid) timer_tracker on the heap,
which is dangerous and very certainly doesn't reflect POSIX semantics.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Rename files timer.* to posix_timer.*.
- Reimplement using an OS timer rather than a handcrafted wait loop.
- Use a Slim R/W Lock for synchronization.
- Drop timer chaining. It doesn't server a purpose since all timers
are local only.
- Rename ttstart to itimer_tracker to better reflect its purpose.
It's not the anchor for a timer chain anymore anyway.
- Drop fixup_timers_after_fork. Everything is process-local, nothing
gets inherited.
- Rename timer_tracker::disarm_event to disarm_overrun_event for
better readability.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- When correcting the next expiration timestamp, the number of
expirations gets computed correctly, just the expiration timestamp
itself is then only incremented by a single interval, rather than
the just computed expired intervals. Fix that.
- drop the local clock variable in timerfd_tracker::create. It doesn't
serve any purpose.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- split into to __try/__except blocks to make sure
leave_critical_section is always called when required.
- Actually fill time_spec in settime so it_interval is returned
correctly.
- Return all 0 if timer is disarmed.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The value returned by reading from a timerfd is not an overrun
count in the same sense as for posix timers, it's an expiry counter.
Reflect that in the name.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Drop erroneous initial computation of overrun count in settime
for absolute non-realtime clocks. It's repeated in thread_func
and thus counted twice.
- Fix overrun computation for timestamp offsets being a multiple of
the timer interval. The timestamp has to be corrected after the
first offset, otherwise the correction loop counts the intervals
again.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Non-CLOCK_REALTIME counters always use a relative DueTime in NtSetTimer.
However, relative DueTime has to be negative, but the code
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- On systems with inexact realtime clock, the current timestamp may
be fractionally smaller than the desired timestamp. This breaks the
computation for incrementing overrun_count so overrun_count may end
up as 0. Expiring the timer with an overrun_count of 0 is a no-go.
Make sure we always increment overrun_count by at least one after
timer expiry.
- Do not expire the timer when another process deletes its timer_tracker.
This, too, may result in a 0 overrun_count.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Using posix timers "timer_tracker" as base class for timerfd was flawed.
Posix timers are not inherited by child processes and don't survive
execve. The method used by posix timers didn't allow to share timers
between processes. The timers were still per-process timers and worked
entirely separate from each other. Reading from these timers via
different descriptors was only synchronized within the same process.
This does not reflect the timerfd semantics in Linux: The per-file
timers can be dup'ed and survive fork and execve. They are still just
descriptors pointing to the same timer object originally created by
timerfd_create. Synchronization is performed between all descriptor
instances of the same timer, system-wide.
Thus, reimplement timerfd using a timer instance in shared memory,
a kernel timer, and a handful of sync objects.
Every process maintains a per-process timerfd struct on the cygheap
maintaining a per-process thread. Every process sharing the same
timerfd will run this thread checking the state of the timer, similar
to the posix timer thread, just working on the shared objects and
synchronizing its job with each other thread.
Drop the timerfd implementation in the posix timer code and move the
public API to fhandler_timerfd.c. Keep the ttstart timer_tracker
anchor out of "NO_COPY" since the fixup_after_fork code should run to
avoid memory leakage.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Linux returns EINVAL, "fd is attached to an object which is unsuitable
for writing". If we don't handle write locally, write returns EBADF.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Puzzeling: Commit ec98d19a08
changed ttstart to NO_COPY but kept all the code to handle
fixup after fork. Revert to not-NO_COPY and make timerfd
fork work.
- On fixup_after_fork, keep timerfd timers and restart thread
if they were armed in the parent.
- Move timerfd timer_trackers to cygheap. Overload timer_tracker
new and delete methods to handle timers accordingly. This is not
exactly required for fork, but exec will be grateful.
- Give up on TFD_TIMER_CANCEL_ON_SET for now. There's no easy way
to recognize a discontinuous change in a clock.
- Be paranoid when cleaning out ttstart.
- Fix some minor issues.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Drop initial overrun computation from timer_tracker::settimer.
It's performed in timer_tracker::thread_func anyway.
- Fix regression in returning correct overrun count narrowed down to
int from timer_getoverrun. This has been introduced by changing
overrun_count_curr to LONG64.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
First cut of a timerfd implementation.
Still TODO:
- fork/exec semantics
- timerfd_settime TFD_TIMER_CANCEL_ON_SET flag
- ioctl(TFD_IOC_SET_TICKS)
- bug fixes
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
In case sigwait_common returns EINTR, read wrongly ignores it,
so read can't be interrupt by a signal. Fix that.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
While FileRenameInformationEx is defined starting with Windows
10 1709 per MSDN, it only starts working in W10 1809, apparently.
Users of 1803 report "Function not implemented".
Introduce wincap_10_1809 and change the version check in
wincapc::init accordingly. Split has_posix_file_info into
has_posix_unlink_semantics and has_posix_rename_semantics.
Enable the latter only starting with W10 1809.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Allow the signal thread to recognize we're called in consequence of
select on a signalfd. If the signal is part of the wait mask, don't
call any signal handler and don't remove the signal from the queue,
so a subsequent read (or sigwaitinfo/sigtimedwait) still gets the
signal. Instead, just signal the event object at
_cygtls::signalfd_select_wait for the thread running select.
The addition of signalfd_select_wait to _cygtls unearthed the alignment
problem of the context member again. To make sure this doesn't get lost,
improve the related comment in the header file so that this (hopefully)
doesn't get lost (again).
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
First cut of a signalfd implementation.
Still TODO: Non-polling select.
This should mostly work as on Linux except for missing support
for some members of struct signalfd_siginfo, namely ssi_fd,
ssi_band (both SIGIO/SIGPOLL, not fully implemented) and ssi_trapno
(HW exception, required HW support).
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
There's a long-standing bug in select. If we have poll-only
descriptors in the fd set, select overwrites the incoming
fd sets with the polling result. If none of the fds is ready,
select has to loop again. But now the fd sets are set to all
zero and select hangs.
Fix this by utilizing the local fd sets r, w, e as storage for
the incoming fd sets and use them to initialize select_stuff.
If we have to loop, overwritung the incoming fd sets doesn't matter.
While at it, rename r, w, e to readfds_in, writefds_in, exceptfds_in.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- use int64_t instead of long long
- make is_timer_tracker const
- improve copyright header comment
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
So far we check the recycler name all the time, and the last interation
also only managed to handle two ways to write the recycler. However,
an adventurous user might change the case of the recycler arbitrarily.
Fix this problem by keeping track of the name in a somewhat relaxed
fashion. Use camel back on drive C by default, all upper case elsewhere.
Only if the rename op fails do we fix the recycler name on the fly
when trying to create it, and it turns out it already existed.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
If the first rename fails, we reopen the rootdir for creating a subdir.
The rootdir handle can change its value at this point, but the code
doesn't take this into account. The subsequent rename then fails with
STATUS_INVALID_HANDLE. Fix this by copying the new rootdir value to
pfri->RootDirectory.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
So far we reopened the file if it was opened case sensitive to
workaround the problem that the recycler could be named in
camel back or all upper case, depending on who created it.
That's a problem for O_TMPFILE on pre-W10. As soon as the
original HANDLE gets closed, delete-on-close is converted to full
delete disposition and all useful operations on the file cease to
work (STATUS_ACCESS_DENIED or STATUS_FILE_DELETED).
To avoid that problem drop the reopen code and check for the exact
recycler filename, either $Recycle.Bin or $RECYCLE.BIN, if the file
has been opened case sensitive.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
On pre-W10 systems there's no way to reopen a file by handle if
the delete disposition is set. We try to get around with
duplicating the handle.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The new proc fd code accidentally allowed to linkat an O_TMPFILE
even if the file has been opened with O_EXCL. This patch fixes it.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
move special fd symlink code into own fhandler_process_fd class
to simplify further additions to /proc/PID/fd/DESCRIPTOR symlink
handling.
Add a method to handle stat(2) on such a proc fd symlink by handle.
This allows correct reply from stat(2) if the target file has been
deleted. This eventually fixes `awk -f /dev/fd/3 3<<eof'.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
path_conv now sets the PATH_RESOLVE_PROCFD flag in path_flags if
the PC_SYM_NOFOLLOW_PROCFD pathconv_arg flag has been set on input
*and* the file is actually a proc fd symlink.
Add matching path_conv::follow_fd_symlink method for checking and
use it in open(2).
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Remove another unfortunate amalgamation: Mount flags (MOUNT_xxx)
are converted to path_types (PATH_xxx) and mixed with non-mount
path_types flags in the same storage, leading to a tangled,
pell-mell usage of mount flags and path flags in path_conv and
symlink_info.
- There's also the case of PC_NONULLEMPTY. It's used in exactly
one place with a path_conv constructor only used in this single
place, just to override the automatic PC_NULLEMPTY addition
when calling the other path_conv constructors. Crazily,
PC_NONULLEMPTY is a define, no path_types flag, despite its
name.
- It doesn't help that the binary flag exists as mount and path
flag, while the text flag only exists as path flag. This leads
to mount code using path flags to set text/binary. Very confusing
is the fact that a text mount/path flag is not actually required;
the mount code sets the text flag on non binary mounts anyway, so
there are only two states. However, to puzzle people a bit more,
path_conv::binary wrongly implies there's a third, non-binary/non-text
state.
Clean up this mess:
- Store path flags separately from mount flags in path_conv and
symlink_info classes and change all checks and testing inline
methods accordingly.
- Make PC_NONULLEMPTY a simple path_types flag and drop the
redundant path_check constructor.
- Clean up the definition of pathconv_arg, path_types, and mount flags.
Use _BIT expression, newly define in cygwin/bits.h.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
There's an unfortunate amalgamation of caller-provided pathconv_arg
flags with path_types flags which in turn are mostly mount flags.
This leads to a confusion of flag values in sylink_info::pflags and,
in turn, in path_conv::path_flags.
This patch decouples pathconv_flags from the other flags by making
sure that a pathconv_flag is never copied into a variable used for
path_types flags. Also, remove PATH_NO_ACCESS_CHECK since it's
not necessary.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Along the same lines as the previous patch: By reopening an
O_TMPFILE by handle, we can now move the file to the bin at
open time and thus free'ing up the parent dir and *still*
open the file as /proc/PID/fd/DESCRIPTOR by linkat(2).
Allows expressions along the lines of `cat /proc/self/fd/0 <<EOF'.
The problem here is that the temporary file used for the here script
has already been deleted by the shell. Opening by filename, as
implemented so far, doesn't work because the file has been moved
to the bin.
Allow reopening files by handle the same way from another process
as long as we have sufficient permissions on the foreign process.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
To allow reopening a file open in another process by HANDLE, introduce
a matching file_pathconv method, taking a file descriptor as parameter.
The result is a serialized path_conv and a HANDLE value. The HANDLE is
valid in the foreign process and MUST be duplicated into the target
process before usage.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
So far io_handle is NULL when calling fhandler_base::open to
open or create a file. Add a check for io_handle to allow
priming the fhandler with a HANDLE value so we can reopen a
file from a HANDLE on file systems supporting it. This allows
to open already deleted files for further action. This will
be used by open("/proc/PID/fd/DESCRIPTOR") scenarios.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The commit message of commit 07e0a9584f
and the expectation set therein, are wrong.
There's no POSIX semantics allowing to link a file with a link
count of 0 and making it available in the file system again.
In fact, the Linux linkat extension AT_EMPTY_PATH explicitely
disallows to link a file descriptor to a file with a link count
of 0, except for O_TMPFILE without O_EXCL.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Turns out, the definition of POSIX unlink semantics is half-hearted
so far: It's not possible to link an open file HANDLE if it has
been deleted with POSIX semantics, nor is it possible to remove
the delete disposition. This breaks linkat on an O_TMPFILE.
Tested with W10 1809.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
On Windows 10 1803 and later, create dirs under the Cygwin
installation dir as case sensitive, if WSL is installed.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- short-circuit most code in unlink_nt since it's not necessary
anymore if FILE_DISPOSITION_POSIX_SEMANTICS is supported.
- Immediately remove O_TMPFILE from filesystem after creation.
Disable code for now because we have to implement /proc/self/fd
opening by handle first, lest linkat fails.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Newer FAT32 and exFAT add FILE_SUPPORTS_ENCRYPTION to their
flags which wasn't handled by Cygwin yet.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Various new file info class members adding important POSIX semantics
have been added with W10 1709. We may want to utilize them, so add
a matching wincaps.
Rearrange checking the W10 build number to prefer the latest builds
over the older builds. Rename wincap_10 to wincap_10_1507 for
enhanced clarity.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Add missing members added in later OS versions
- Rearrange accompanying FILE_foo_INFORMATION structs
ordered by info class
- Add promising FILE_foo_INFORMATION structs of later
Windows 10 releases plus accompanying enums
- Drop "Checked on 64 bit" comments since that's self-evident
these days
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The check for the TEB being allocated beyond the first 2GB area is not
valid anymore. At least on W10 WOW64, the TEB is allocated in the
lower 2GB even in large-address aware executables. Use VirtualQuery
instead. It fails for invalid addresses so that's a simple enough test.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
While reformatting the script, backticks `` were replaced with
brackets $(). This in turn invalidated the \\( ... \\) expressions in the
sed script because backslash resolution in $() works differently from
backslash resolution in ``. Only a single backslash is valid now.
While at it, fix up the uname(2) date representation when building a
snapshot.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
when calling clocks too early in DLL init, the vtables are not correctly
set up for some reason. Calls to init() from now() fail because the init
pointer in the vtable is NULL.
Real life example is mintty which runs into a minor problem at startup,
triggering a system_printf call. Strace is another problem, it's called
the first time prior to any class initialization.
Workaround is to make sure that no virtual methods are called in an
early stage. Make init() non-virtual and convert resolution() to a
virtual method instead. Add a special non-virtual
clk_monotonic_t::strace_usecs.
While at it:
- Inline internal-only methods.
- Drop the `inited' member. Convert period/ticks_per_sec toa union.
Initialize period/ticks_per_sec via InterlockeExchange64.
- Fix GetTickCount64 usage. No, it's not returning ticks but
milliseconds since boot (unbiased).
- Fix comment indentation.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Use whatever native unit the system provides for the resolution of
a timer to avoid rounding problems
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Drop hires_[nm]s clocks, rename hires.h to clock.h.
- Implement clk_t class as an extensible clock class in new file clock.cc.
- Introduce get_clock(clock_id) returning a pointer to the clk_t instance
for clock_id. Provide the following methods along the lines of the former
hires classes:
void clk_t::nsecs (struct timespec *);
ULONGLONG clk_t::nsecs ();
LONGLONG clk_t::usecs ();
LONGLONG clk_t::msecs ();
void clk_t::resolution (struct timespec *);
- Add CLOCK_REALTIME_COARSE, CLOCK_MONOTONIC_RAW, CLOCK_MONOTONIC_COARSE
and CLOCK_BOOTTIME clocks.
- Allow clock_nanosleep, pthread_condattr_setclock and timer_create to use
all new clocks (both clocks should be usable with a small tweak, though).
- Bump DLL major version to 2.12.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
clock_setres is a questionable function only existing on QNX.
Disable the function, just return success for CLOCK_REALTIME
to maintain backward compatibility.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The current method to make hires_ns priming thread-safe isn't
thread-safe. Rather than hoping that running the thread in
TIME_CRITICAL priority is doing the right thing, use a spinlock.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
LARGE_INTEGER has QuadPart anyway, no reason to compute the
64 bit value from HighPart and LowPart.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
fhandler_socket_wsock::set_socket_handle calls set_flags after
setting the O_NONBLOCK/O_CLOEXEC flags, thus overwriting them.
It also turns out that fhandler_socket_wsock::init_events is called
too late. The inheritence flags are changed before creating the
socket event handling objects. Thus, inheritence flags for
those objects are wrong with SOCK_CLOEXEC.
Fix this by reordering the calls and setting the file flags through
fhandler_base::set_flags.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Regression introduced with 2.11.0:
The failure paths in socket, socketpair and accept4 functions and
methods accidentally release *unused* cygheap_fdmanip objects. The
subsequently called dtable::release method was designed to be called for
*used* cygheap_fdmanip objects only. Using them on unused objects leads
to NULL pointer member dereferencing.
Worse, the inet/local accept4 methods only release the cygheap_fdmanip
object but neglect to delete the just created fhandler_socket_* object.
Fix this by removing the erroneous release calls in the aforementioned
failure paths and delete the fhandler_socket_* object in accept4 instead.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The fhandler_base_overlapped::copyto clears atomic_write_buf on the
clone, but none of the derived classes were doing this. This allowed
the destructor to double-free the buffer and corrupt cygheap.
Clear atomic_write_buf in copyto of all derived classes.
Move common content of the various <sys/dirent.h> and the latest FreeBSD
<dirent.h> to <dirent.h>.
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Drop Cygwin-specific nanl in favor of a generic implementation
in newlib. Requires GCC 3.3 or later.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The current loop condition is borderline. Make sure it ends and
choose a replacement char in the unlikely case the current console
font isn't recognized at all.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Rather than relying on an index variable, store the current
replacement char and use that directly in WriteConsoleW.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
EnumFontFamiliesExW fails if the font is "Terminal" (aka "Raster Fonts")
and lfCharSet requests ANSI_CHARSET. Using DEFAULT_CHARSET fixes this.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Make sure device context is not copied to forked process.
It is a process-specific datastructure.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Try various Unicode characters which may be used as a replacement
character in case an invalid character has to be printed.
Current list is 0xfffd "REPLACEMENT CHARACTER", 0x25a1 "WHITE SQUARE",
and 0x2592 "MEDIUM SHADE" in that order.
Additionally workaround a problem with some fonts (namely DejaVu
Sans Mono) which are returned wit ha broken fontname with trailing
stray characters.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
So far we printed a half filled square (0x2592) if the input char is
invalid, but using REPLACEMENT CHARACTER (0xfffd) is apparently the way
to go.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Commit 35998fc2fa fixed the buffer underun
in win32 path normalization, but introduced a new bug: A wrong
assumption led to the inability to backtrack the path outside of the
current working directory in case of relative paths.
This patch fixes this problem, together with a minor problem if the CWD
is on a network share: The result erroneously started with tripple
backslash if the src path starts with a single backslash.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Starting with Windows 10, LookupAccountSid/Name return valid
info for the login session with new SID_NAME_USE value
SidTypeLogonSession. To return the same info as on pre-Windows 10,
we have to handle this type.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
cygpsid::get_id neglects to set the type to 0 (ACL_UNDEFINED_TAG
in POSIX speak) if the SID can not be translated into a valid
uid or gid. This in turn leads to incorrect handling of uid/gid -1
entries.
Fix this by setting type to 0 if the id is unknown.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This patch follows glibc. Original commit message:
Author: Florian Weimer <fweimer@redhat.com>
Date: Thu, 14 Apr 2016 06:54:57 +0000
Remove union wait [BZ #19613]
The overloading approach in the W* macros was incompatible with
integer expressions of a type different from int. Applications
using union wait and these macros will have to migrate to the
POSIX-specified int status type.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Add __nl_item to <sys/_types.h> for FreeBSD compatibility. Use it in
<langinfo.h> and the Cygwin <nl_types.h>. Make the enum __nl_item in
<langinfo.h> anonymous.
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
This reverts commit 8a32c24a7b.
Replacing page_size() with allocation_granularity() was incorrect.
The values returned by get_mem_values() are # of pages of size
page_size(). Multiplying with allocation_granularity() here
results in values 16 times too big.
By excluding the denormal-operand exception from FE_ALL_EXCEPT, it will not
be possible anymore to UNmask this exception by means of the API defined by
/usr/include/fenv.h
Note: terminology has changed since IEEE Std 854-1987; denormalized numbers
are called subnormal numbers nowadays.
This modification has basically been motivated by the fact that it is also
not possible on Linux to manipulate the denormal-operand exception by means
of the interface as defined by /usr/include/fenv.h. This has been the state
of affairs on Linux since 2001 (Andreas Jaeger).
The exceptions required by the standard (IEEE Std 754), in case they can be
supported by the implementation, are:
FE_INEXACT, FE_UNDERFLOW, FE_OVERFLOW, FE_DIVBYZERO and FE_INVALID.
Although it is allowed to define additional exceptions, there is no reason
to support the "denormal-operand exception" in this case (fenv.h), because
the subnormal numbers can be handled almost as fast the normalized numbers
by the hardware of the x86/x86_64 architecture. Said differently, a reason
to trap on the input of subnormal numbers does not exist. At least that is
what William Kahan and others at Intel asserted around 2000.
(that is William Kahan of the K-C-S draft, the precursor to the standard)
This commit modifies winsup/cygwin/include/fenv.h as follows:
- redefines FE_ALL_EXCEPT from 0x3f to 0x3d
- removes the definition for FE_DENORMAL
- introduces __FE_DENORM (0x2) (enum in Linux also uses __FE_DENORM)
- introduces FE_ALL_EXCEPT_X86 (0x3f), i.e. ALL x86/x86_64 FP exceptions
* create new function __get_cpus_per_group to evaluate # of CPU groups
* Call from format_proc_cpuinfo and sched_getcpu
* Bump API minor version
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
fnstenv MUST be followed by fldenv in fegetenv(), as the former disables all
exceptions in the x87 FPU, which is not appropriate here (fegetenv() ).
fldenv after fnstenv should reload the x87 FPU w/ the configuration that was
saved by fnstenv, i.e. a configuration that might have exceptions enabled.
Note: x86_64 uses SSE for floating-point, not the x87 FPU. However, because
feraiseexcept() attempts to provoke an exception using the x87 FPU, the bug
in fegetenv() will make this attempt futile here (x86_64).
Note: WoW uses the x87 FPU for floating-point, not SSE. Here anything that
would normally result in triggering an exception, not only feraiseexcept(),
will not be able to, as result of the bug in fegetenv().
Updates to misc files to integrate AIO into the Cygwin source tree.
Much of it has to be done when adding any new syscalls. There are
some updates to limits.h for AIO-specific limits. And some doc mods.
This code is where the AIO implementation is wired into existing Cygwin
mechanisms for file and device I/O: the fhandler* functions. It makes
use of an existing internal routine prw_open to supply a "shadow fd"
that permits asynchronous operations on a file the user app accesses
via its own fd. This allows AIO to read or write at arbitrary locations
within a file without disturbing the app's file pointer. (This was
already the case with normal pread|pwrite; we're just adding "async"
to the mix.)
This is the core of the AIO implementation: aio.cc and aio.h. The
latter is used within the Cygwin DLL by aio.cc and the fhandler* modules,
as well as by user programs wanting the AIO functionality.
Bug in current ARM64 WOW64: GetNativeSystemInfo returns
PROCESSOR_ARCHITECTURE_INTEL rather than PROCESSOR_ARCHITECTURE_ARM64.
Provide for this.
Make code better readable.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Guard the entire operation with the FastPebLock critical section
used by RtlSetCurrentDirectory_U as well, thus eliminating the
race between concurrent chdir/fchdir/SetCurrentDirectory calls.
Streamline comment explaining the fallback method.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_socket_local.cc (get_inet_addr_local): Change type from
'static int' to 'int' to be callable from syslog.cc.
* syslog.cc (connect_syslogd): Use get_inet_addr_local() instead of
getsockname() to retrieve name information of the syslogd socket.
Our local ntsecapi.h wrapper corrects a bug in the definition of
SystemFunction036 which otherwise leads to crashes on 32 bit when
using RtlGenRandom. The fhandler_socket_local.cc file accidentally
included the incorrect w32api version of that file, rather than the
local wrapper. Fix it.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Certain tape drives (known example: QUANTUM_ULTRIUM-HH6) return
the non-standard ERROR_NOT_READY rather than ERROR_NO_MEDIA_IN_DRIVE
if no media is present. ERROR_NOT_READY is not documented as valid
return code from GetTapeStatus. Without handling this error code
Cygwin's tape code can't report an offline state to user space.
Fix this by converting ERROR_NOT_READY to ERROR_NO_MEDIA_IN_DRIVE
where appropriate.
Add a debug_printf to mtinfo_drive::get_status to allow requesting
user info without having to rebuild the DLL.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
pthread_timedjoin_np returns ETIMEDOUT if a thread is still running,
not EBUSY as pthread_tryjoin_np.
Also, clean up initializing timeout in pthread_tryjoin_np.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Move pthread_join to thread.cc to have all `join' calls in
the same file (pthread_timedjoin_np needs pthread_convert_abstime
which is static inline in thread.cc)
- Bump API version
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler.h (class fhandler_socket_inet): Add variable bool oobinline.
* fhandler_socket_inet.cc (fhandler_socket_inet::fhandler_socket_inet):
Initialize variable oobinline.
(fhandler_socket_inet::recv_internal): Make the handling of OOB data
as consistent with POSIX as possible. Add simulation of inline mode
for OOB data as a workaround for broken winsock behavior.
(fhandler_socket_inet::setsockopt): Ditto.
(fhandler_socket_inet::getsockopt): Ditto.
(fhandler_socket_wsock::ioctl): Fix return value of SIOCATMARK command.
The return value of SIOCATMARK of winsock is almost opposite to
expectation.
* fhandler_socket_local.cc (fhandler_socket_local::recv_internal):
Remove the handling of OOB data from AF_LOCAL domain socket. Operation
related to OOB data will result in an error like Linux does.
(fhandler_socket_local::sendto): Ditto.
(fhandler_socket_local::sendmsg): Ditto.
This fixes the issue reported in following post.
https://cygwin.com/ml/cygwin/2018-06/msg00143.html
Commit ebd645e on 2001-10-03 made environ.cc:_addenv() add unneeded
space at the end of the environment block to "work around problems
with some buggy applications." This clutters the code and is
presumably no longer needed.
Thanks to Ken Harris <Ken.Harris@mathworks.com> for the diagnosis.
When backing up tail to handle a "..", the code only checked that
it didn't underrun the destination buffer while removing path
components. It did *not* take into account that the first backslash
in the path had to be kept intact. Example path to trigger the
problem: "C:\A..\..\..\B'
Fix this by moving the dst pointer to the first backslash so subsequent
tests cannot underrun this position. Also make sure that we always
*have* a backslash.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Thanks to Ken Harris <Ken.Harris@mathworks.com> for the diagnosis
which led to a buffer underrun in this loop.
Revert before release.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
GCC 7 is able to see straight through this trick, so use a more formal
method to avoid the warning.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
There are systems with a MaximumProcessorCount not
reflecting the actually available CPUs. The ActiveProcessorCount
is correct though. So we use ActiveProcessorCount rather than
MaximumProcessorCount per group to set group affinity correctly.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* Change set_socket_type/get_socket_type to virtual methods
* Move various variables into af_unix_shmem_t
* Change sun_name_t to match new usage pattern
* Move shut_state definition and add a name for the 0 value
* Allow marking packet as administrative packet. This allows
filtering out info packets exchange between peers and tweak
data accordingly.
* Rename send_my_name to send_sock_info and send credentials
if not called from bind (so the socket was already connected)
* Handle SO_PASSCRED in setsockopt/getsockopt
* Add input size checking to setsockopt/getsockopt
* Use NT functions where appropriate
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
We need to share socket info between threads *and* processes.
SRWLOCKs are single-process only, unfortunately. Provide a
sharable low-profile spinlock instead.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
E.g. arm ABI requires -fshort-enums for bare-metal toolchains.
Given there are only 29 category enums, the compiler chooses an
8 bit enum type, so a size of 11 bits for the bitfield leads to
a compile time error:
error: width of 'cat' exceeds its type
enum category cat: 11;
^~~
Fix this by aligning the size of the category members to byte
borders.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Per-socket info in fhandler isn't correctly shared between multiple
instances of th same descriptor. Implement a basic shared info which
is shared between all instances of a socket.
This also requires to move the fhandler_socket status bits into
fhandler_socket_wsock since the data is moved to the shared region
for AF_UNIX sockets.
Also, drop backing file requirement for socketpair server socket.
This will be handled differently in recvmsg/sendmsg.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* don't abort on failing allocation, just return with error
* make sure the allocation is restricted to a single process
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Bad idea. A file hidden from directory listings is not seen by
rm either, so it never calls unlink for the file and a recursive
removal of the parent directory fails with "directory not empty".
Fix comments accordingly.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* Use correct cygwait/WFSO invocation to not die on cancel and signals
uncontrolled.
* Manage io handles under io_lock.
* Copy peer address to user space under SEH to avoid a resource leak.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Using TerminateThread potentially leaks resources. In our case,
the connect wait thread may be forcefully terminated after
having successfully opened a client side pipe handle. If this
occurs, we have a stale pipe server instance, so the pipe will
never be closed as long as the process lives.
Avoid this by changing the npfs handle to non-blocking, so we can
wait on a termination event object from inside the thread itself
and cleanly exit from the thread instead of terminating.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Depending on the exact circumstances, some erros are indicated
by different status codes. Add helper macros to handle them
together.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The handle to the device is never needed. As the name impies,
FSCTL_PIPE_WAIT works on the file system, not on the device level.
Drop opening the device and make sure to open only one handle to NPFS.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
They are only used there anyway and it allows to use the AF_UNIX
macro without tweaking header files. While at it, improve
both constructors. The default constructor now creates the name
of an unnamed socket, the constructor taking parameters carefully
checks its input.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
...plus lots of helper functions. Add comment to explain how everything
works. This comment will be improved while implementing the yet missing
parts.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This function is going to be used for transposing sun_path of
abstract sockets. This also adds a transposition of the NUL
character to tfx_chars since NUL-bytes in abstract socket names
are perfectly valid.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Add constructors and new/delete operators to make sure sun_name_t
objects are allocated on the cygheap.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* check_reparse_point_target returns a path flag mask, rather than
just 1. Return PATH_SYMLINK | PATH_REP for symlinks and directory
mount points, PATH_SOCKET | PATH_REP for AF_UNIX sockets.
* Define Cygwin AF_UNIX socket reparse tag and GUID in ntdll.h.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* Rearrange includes and drop unneccessary ones.
* Don't pull in cygwin/socket.h into sys/un.h just to get
sa_family_t. Include sys/types.h and use __sa_family_t instead.
* start including Windows headers using the w32api/ path prefix
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
fhandler_cygdrive has a size of 696 bytes on x86_64, while the next
biggest fhandler type, fhandler_pty_master, is 584 bytes. The members
responsible for the size are private to opendir/readdir/closedir usage.
fhandler_disk_file stores private readdir data in DIR->__d_internal
instead. Use equivalent method with fhandler_cygdrive. This drops
the size to 464 bytes.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* Make distinct from AF_LOCAL for testing purposes. This will have
to be reverted as soon as fhandler_socket_unix goes life.
* Move saw_reuseaddr flag back to fhandler_socket status
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Insert another class fhandler_socket_wsock between fhandler_socket
and fhandler_socket_inet/fhandler_socket_local.
Also, add a new method fhandler::is_wsock_socket to allow asking
for sockets in general (is_socket) vs. Winsock-based sockets
(is_wsock_socket).
This allows to develop a new handler_socket_unix class as derived
class from fhandler_socket without any trace of wsock code left
in fhandler_socket.
While this is basically a temporary measure at this time, it may
prove useful for later interoperability with the upcoming Windows 10
AF_UNIX implementation at one point.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* Rename DEV_TCP_MAJOR to DEV_SOCK_MAJOR
* Drop FH_TCP, FH_UDP, FH_ICMP in favor of single FH_INET
* Drop FH_UNIX, FH_STREAM, FH_DGRAM in favor of single FH_LOCAL
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
First cut, still incomplete
* fhandler_socket is now base class for other socket classes
* fhandler_socket_inet handles AF_INET and AF_INET6 sockets
* fhandler_socket_local handles AF_LOCAL/AF_UNIX sockets
* finally get rid of fdsock by using set_socket_handle in accept4
* align file-related calls (fstat, fstatvfs, fchown, fchmod, facl)
to Linux.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Move definition of windows to POSIX error mapping struct into
cygerrno.h
- Move declaration of winsock errno functions to cygerrno.h
- Input to error mapping functions is DWORD
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Dropping the 'LL' specifier leads to 32 bit truncation during timestamp
computation. Revert it. Exempt MSPERSEC which is used for 32 bit values.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Add fhandler_socket::socket method
Add fhandler_socket::set_socket_handle method, basically duplicating
what fdsock is doing. This is the first step in getting rid of fdsock.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Windows does not remove FILE_ATTRIBUTE_TEMPORARY by itself after a
file has been closed. It's just some attribute which can be set or
removed at will, despite its purpose.
Apparently there are tools out there which use FILE_ATTRIBUTE_TEMPORARY
accidentally or wrongly, even Microsoft's own tools are affected. In
the end, the filesystem is potentially full of files with this attribute
set.
Implement O_TMPFILE files with FILE_ATTRIBUTE_TEMPORARY and
FILE_ATTRIBUTE_HIDDEN set. This combination is pretty unlikely.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* Fix an incorrect condition to recognize AF_LOCAL sockets in
file-related functions (fchmod, fchown, fstat, fsttavfs, facl, link).
* Return successfully when called on unnamed or abstract AF_LOCAL sockets,
except link, just as on Linux.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* Use 64 bit timestamps
* Use System boot and process start time to compute starttime value per
Linux proc.5 description.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The previous patch introduced a compiler warning on x86.
Given time_t is only 4 bytes on x86 we get a long vs. unsigned long
comparison in timeval_to_ms. Fix it by careful casting.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* Redefine NSPERSEC to NS100PERSEC
* Define NSPERSEC as nanosecs per second
* Define USPERSEC as microsecs per second
* Use above constants throughout where appropriate
* Rename to_us to timespec_to_us and inline
* Rename it_bad to timespec_bad and inline
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Rearrange setsockopt/getsockopt into per level/per optname
preprocessing switch, actual call, per level/per optname
postprocessing switch for better readability as well as
extensibility.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Workaround the problem that bind doesn't fail with EADDRINUSE
if a socket with the same local address is still in TIME_WAIT.
Use IP Helper functions to check if such a socket exist and don't
even try this port, if so.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Assuming the address parameter is non-NULL, the test in
cygwin_bindresvport_sa only tests if the address family is
supported at all, which is insufficient.
Check if the incoming address family matches the socket
address family and for being AF_INET in cygwin_bindresvport
since the latter doesn't support any other family.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
We're still using ~SO_REUSEADDR because SO_EXCLUSIVEADDRUSE wasn't
defined in Mingw. But it is in Mingw-w64, so fix it.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This new function returns the name of the calling thread; works for both
cygthreads and pthreads. All calls to cygthread::name(/*void*/) replaced
by calls to mythreadname(/*void*/).
While POSIX mandates that certain socket types shall be defined by the
inclusing of <netinet/in.h>, it also says that this header may also make
visible all <sys/socket.h> symbols. Glibc does this, and without out it,
some packages end up requiring an additional #include <sys/socket.h>.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
POSIX does not mention the inclusion of <sys/time.h> in <sys/socket.h>
or <netinet/in.h>, nor is there anything in the latter two that would
require the former.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
When reading/writing block devices, Cygwin emulates Linux, providing
a byte-exact file position, albeit the underlying device drivers don't.
Unfortunately this only worked correctly for reading. The raw_write
method failed to revalidate the buffer after the read-modify-write
cycle in case len is not a multiple of the sector length. This in
turn resulted in lseek reporting a wrong file pointer.
Also, fix a condition for invalidating the buffer after writing from
a remaining read buffer.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Rounddown incoming addr on a page boundary. Without this, we may end
up with a fork error for private, anonymous maps. The reason is, we
use VirtualAlloc in this case which will potentially overcommit if
addr is not on a page boundary. This isn't taken into account in
bookkeeping, but fixup_mmaps_after_fork will eventually stumble over
this when trying to reproduce the copy-on-write pages: VirtualQuery
returns a region reaching beyond the supposedly allocated address
range and from there it goes downhill.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* change memcpy to internal _memcpy not setting the return value in %rax
* implement all memcpy-like functions as caller to _memcpy, setting %rax
to correct return value beforehand. This is possible because _memcpy
does not use %rax at all
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Since commit 8128f5482f, we have all the
non-tracing functions listed in posixoptions(7). The tracing functions
are gated by their own option, and are obsolecent anyway.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
* Don't use a bool var to store three states (-1, 0, 1).
* Correctly check for NT_SUCCESS of a function returning NTSTATUS.
* Straighten out code for better readability.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Commit 603ef545bd broke this snippet and
commit 5b312b4747 didn't help at all since
FILE_CREATE is exactly *not* the situation the test was originally
supposed to handle.
In fact, none of the open flags used by fhandler_base::open actually
hits this problem anymore, so just drop the code.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Difference to Linux: We can't create files which don't show up
in the filesystem due to OS restrictions. As a kludge, make a
(half-hearted) attempt to hide the file in the filesystem.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* Fix the maximum number of sockets allowed in the session to 2048,
instead of making it relative to sizeof(wsa_event).
The original choice of 2048 was in order to fit the wsa_events array
in the .cygwin_dll_common shared section, but there is still enough
room to grow there to have 2048 sockets on 64-bit as well.
* Return an error and set errno=ENOBUF if a socket can't be created
due to this limit being reached.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Also updates the fhandler_*::ftruncate implementations to adhere to the same
semantics. The error handling semantics of those syscalls that use
fhandler_*::ftruncate are moved to the implementations of those syscalls (
in particular ftruncate() and friends still set errno and return -1 on error
but that logic is handled in the syscall implementation).
Under some not quite clear conditions, NFS fails to use its
unlink workaround to rename a file to ".nfsXYZ". The problem has been
reproduced with the GAWK testext.awk testcase. To workaround this in
Cygwin, we now call try_to_bin on NFS, too. For some reason NFS doesn't
fail to rename the .cygXYZ file to .nfsXYZ after this Cygwin rename.
Fix comment in unlink_nt accordingly.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The "final trick" code in try_to_bin accidentally never worked on
remote drives because it relies on rootdir. Which isn't set for
remote unlinks. The code now creates a full path for remote files.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The try_to_bin function isn't called for netapp FSes anyway, so testing
for this FS type in the function is moot.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The first argument of gethostbyaddr needs to accept a generic pointer
to be compatible with e.g. struct in_addr *. This caused an issue
compiling krb5-1.15.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
herror etc. are MISC, rcmd etc. are BSD, addrinfo functions are
POSIX.1-2001, except for IDN functionality which is GNU.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
When fork fails, we can use "%s" now with system_sprintf for the errmsg
rather than a (potentially too small) buffer for the format string.
* fork.cc (fork): Use "%s" with system_printf now.
With "%C" format string, argument may convert in up to MB_LEN_MAX bytes.
Relying on sys_wcstombs to add a trailing zero here requires us to
provide a large enough buffer.
* smallprint.c (__small_vsprintf): Use MB_LEN_MAX+1 bufsize for "%C".
The third argument of RtlLookupFunctionEntry actually is documented as
_Inout_opt_ for both x64 and ARM, although generic doc says _Out_ only.
* exceptions.cc (__unwind_single_frame): Initialize hist variable.
In order to avoid the year 2038 problem, define time_t to a signed
integer with at least 64-bits. The type for time_t can be forced to
long with the --enable-newlib-long-time_t configure option or with the
_USE_LONG_TIME_T system configuration define.
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Always use the __-decorated form of an attribute name in public
headers, as the bareword form is in the user's namespace, and we
don't want compilation to break just because the user defines the
bareword to mean something else.
Signed-off-by: Eric Blake <eblake@redhat.com>
- pthread_mutex::lock now takes a PLARGE_INTEGER timeout pointer
and uses that in the call to cygwait.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Introduce inline helper pthread_convert_abstime. It converts
an absolute timespec to a Windows LARGE_INTEGER timestamp,
depending on the used clock.
- Use this function from pthread_cond_timedwait and semaphore::timedwait
- Merge semaphore::_wait and semaphore::_timedwait into single _wait
method, taking a LARGER_INTEGER timestamp.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This is copied from musl (MIT license). This is newer and more thorough
than that of FreeBSD currently shipped only on Cygwin.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
For historical reasons peek_console was calling the functions
PeekConsoleInputA and ReadConsoleInputA. However, these functions are
not working correctly under at least codepage 65001 (UTF-8) on systems
prior to Windows 10.
Use PeekConsoleInputW and ReadConsoleInputW instead, which work
correctly under all systems and all codepages.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
FillConsoleOutputCharacterA doesn't work correctly in codepage 65001
(UTF-8). Looks like the character conversion function from ascii char
to unicode char works incorrectly then. Use FillConsoleOutputCharacterW
instead.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
So far we had two functions checking the content of a reparse point,
readdir_check_reparse_point in fhandler_disk_file.cc for the sake of
readdir, and symlink_info::check_reparse_point for the sake of
generic path checking.
* Rename check_reparse_point_target helper to check_reparse_point_string
and convert to static function.
* Create new check_reparse_point_target helper containing the core
reparse point checking code
* Just call check_reparse_point_target from readdir_check_reparse_point
and symlink_info::check_reparse_point and only perform the unique
task in those functions.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
struct sigaction is POSIX.1-1990 but siginfo_t, which is used by its
sa_sigaction member, is POSIX.1b-1993. Therefore it needs to be guarded
as well, and as part of a union, the struct size is protected.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
When SA_RESTART is not set on a socket, a blocking send() that is
interrupted mid-transition by a signal should return success (and
report just how many bytes were actually transmitted).
The err variable used here was not always guaranteed to be set
correctly in the loop, so better to just remove it and call
WSAGetLastError() explicitly.
There are two common sigpause variants, both of which take an int argument.
If you request _XOPEN_SOURCE or _GNU_SOURCE, you get the System V version,
which removes the given signal from the process's signal mask; otherwise
you get the BSD version, which sets the process's signal mask to the given
value.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
So far Cygwin's readdir returned the inode number of a mount target
in d_ino, rather than the actual inode number of the mount point in
the underlying filesystem. This not only results in a performance
hit if the mount target is a remote FS, it is also not done on other
POSIX systems.
Remove the code evaluating the mount target inode number.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This patch fixes a minor compatibility issue w/ cygwin mount point handling in
readdir(), compared to equivalent behavior of Linux and MacOS. dentry.d_ino
should indicate the INO of the mount point itself, not the target volume root
folder.
Changed return type from readdir_check_reparse_point to uint8_t, to avoid
unnecessarily being implicitly cast to and from a signed int.
Renamed a related local variable "attr" to "oattr" that was eclipsing a member
variable with the same name.
Joe L.
Mingw-w64 (where the code has been taken from) has 4 byte longs
independently of the architecture but x86_64 Cygwin has 64 bit longs.
So use fistpll instead of fistpl on x86_64 Cygwin.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Workaround a bug (or undocumented behaviour) in LCMapStringW:
It's documented(*) that the cchDest parameter is a byte count with
LCMAP_SORTKEY, but a character count otherwise. But the docs don't
state what happens if you combine LCMAP_SORTKEY with LCMAP_BYTEREV.
Tests indicate that LCMAP_SORTKEY treats cchDest as byte count, but
then LCMAP_BYTEREV treats it as char count in the same call. So the
latter swaps twice as much bytes in the destination buffer than the
byte count it returns, which potentially results in writing past the
end of the given output buffer.
Solution: Don't specify LCMAP_BYTEREV in the LCMapStringW(LCMAP_SORTKEY)
call, rather byte swap afterwards.
(*) https://msdn.microsoft.com/en-us/library/windows/desktop/dd318702(v=vs.85).aspx
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This leads to excessive lag when stracing processes if the inferior
process checks the process table. The reason is that ppid isn't set
in the procinfo memory of the dynamically loading strace itself.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Add new SYMBOLIC_LINK_FLAG_ALLOW_UNPRIVILEGED_CREATE flag to
CreateSymbolicLinkW call when running on W10 1703 or later.
Don't do that on older versions to avoid ERROR_INVALID_PARAMETER.
Preliminary, needs testing. There's an off-chance that the
flag results in the same ERROR_INVALID_PARAMETER on 1703 if the
developer settings are not enabled.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
RtlGetNtVersionNumbers returns the build number with some upper bits
set for no apparent reason. The fact that RtlGetNtVersionNumbers is
undocumented doesn't exactly help.
Just filter out the upper WORD for now. If build numbers are in
danger to become 6 digit numbers, re-evaluate.
Always retrieve FileCompressionInformation for non-empty
files if FileStandardInformation returns 0 allocated blocks.
This fixes stat.st_blocks for files compressed with CompactOS method.
Signed-off-by: Christian Franke <franke@computer.org>
previous commit 4c90db7bc8 introduced
a compile time error because libm/common/s_infconst.c used the remove
__fmath, __dmath, and __ldmath union types.
Since this is very old, and unused for a very long time, just drop the
file and thus the __infinity constants entirely.
Exception: Cygwin exports __infinity from the beginning. There's a very,
VERY low probability that any existing executable or lib still uses this
constant, but we just keep it in for backward compat, nevertheless.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Explicitly format the contents of /proc/loadavg to avoid the decimal point
getting localized according to LC_NUMERIC. Using anything other than '.' is
wrong and breaks top.
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
v2:
autoload PerfDataHelper functions
Keep loadavg in shared memory
Guard loadavg access by a mutex
Initialize loadavg to the current load
v3:
Shared memory version bump isn't needed if we are only extending it
Remove unused autoload
Mark inititalized flags as NO_COPY for correct behaviour in fork child
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
The locale_t type is provided by <xlocale.h> on Linux, FreeBSD, and Darwin.
While, like on some of those systems, it is automatically included by
<locale.h> with the proper feature test macros, its presence under this
particular name is still presumed in real-world software.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
The original dll_init code was living under the wrong assumption that
dll_dllcrt0_1 and in turn dll_list::alloc will be called for each
LoadLibrary call. The same wrong assumption was made for
cygwin_detach_dll/dll_list::detach called via FreeLibrary.
In reality, dll_dllcrt0_1 gets only called once at first LoadLibrary
and cygwin_detach_dll once at last FreeLibrary.
In effect, reference counting for DLLs was completely broken after fork:
parent:
l1 = dlopen ("lib1"); // LoadLibrary, LoadCount = 1
l2 = dlopen ("lib1"); // LoadLibrary, LoadCount = 2
fork (); // LoadLibrary in the child, LoadCount = 1!
child:
dlclose (l1); // FreeLibrary actually frees the lib
x = dlsym (l2); // SEGV
* Move reference counting to dlopen/dlclose since only those functions
have to keep track of loading/unloading DLLs in the application context.
* Remove broken accounting code from dll_list::alloc and dll_list::detach.
* Fix error handling in dlclose.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Windows NUL device returns only the lower 32 bit of the number of
bytes written. Implement a fake write function to ignore the underlying
NUL device.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
So far we copy *_impure_ptr into _main_tls->local_clib if the child
process has been forked from a pthread. But that's not required.
The local_clib area of the new thread is on the stack and the stack
gets copied from the parent anyway (in frok::parent). So we only
have to make sure _main_tls is pointing to the right address and
do the simple post-fork thread init.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This test was broken from the start. It leads to creating a completely
new stack for the main thread of the child process when started from
the main thread of the parent. However, the main thread of a process
can easily running on a completely different stack, if the parent's main
thread was created by calling fork() from a pthread. For an example,
see https://cygwin.com/ml/cygwin/2017-03/msg00113.html
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
We use errno AKA _REENT->_errno since the last century and only set
_impure_ptr->_errno for backward compat. Stop that. Also, remove
the last check for _impure_ptr->_errno in Cygwin code.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Note that this always returns with dli_sname and dli_saddr set to NULL,
indicating no symbol matching addr could be found.
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
POSIX states as follows about pthread_cond_wait:
If a signal is delivered to a thread waiting for a condition variable,
upon return from the signal handler the thread resumes waiting for the
condition variable as if it was not interrupted, or it returns zero
due to spurious wakeup.
Cygwin so far employs the latter behaviour, while Linux and BSD employ
the former one.
Align Cygwin behaviour to Linux and BSD.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
There are certain, very obscure scenarios, which render the Windows
CWD handle inaccessible for reopening. An easy one is, the handle can
be NULL if the permissions of the CWD changed under the parent processes
feet.
Originally we just set errno and returned, but in case of init at
process startup that left the "posix" member NULL and subsequent
calls to getcwd failed with EFAULT.
We now check for a NULL handle and change the reopen approach
accordingly. If that doesn't work, try to duplicate the handle instead.
If duplicating fails, too, we set the dir handle to NULL and carry on.
This will at least set posix to some valid path and subsequent getcwd
calls won't fail. A NULL dir handle is ok, because we already do this
for virtual paths.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This patch alters the behaviour of dll_list::topsort to preserve the
order of dlopen'd units.
The load order of unrelated DLLs is reversed every time fork is called,
since dll_list::topsort finds the tail of the list and then unwinds to
reinsert items. My change takes advantage of what should be undefined
behaviour in dll_list::populate_deps (ndeps non-zero and ndeps and deps
not initialised) to allow the deps field to be initialised prior to the
call and appended to, rather than overwritten.
All DLLs which have been dlopen'd have their deps list initialised with
the list of all previously dlopen'd units. These extra dependencies mean
that the unwind preserves the order of dlopen'd units.
The motivation for this is the FlexDLL linker used in OCaml. The FlexDLL
linker allows a dlopen'd unit to refer to symbols in previously dlopen'd
units and it resolves these symbols in DllMain before anything else has
initialised (including the Cygwin DLL). This means that dependencies may
exist between dlopen'd units (which the OCaml runtime system
understands) but which Windows is unaware of. During fork, the
process-level table which FlexDLL uses to get the symbol table of each
DLL is copied over but because the load order of dlopen'd DLLs is
reversed, it is possible for FlexDLL to attempt to access memory in the
DLL before it has been loaded and hence it fails with an access
violation. Because the list is reversed on each call to fork, it means
that a subsequent call to fork puts the DLLs back into the correct
order, hence "even" invocations of fork work!
An interesting side-effect is that this only occurs if the DLLs load at
their preferred base address - if they have to be rebased, then FlexDLL
works because at the time that the dependent unit is loaded out of
order, there is still in memory the "dummy" DONT_RESOLVE_DLL_REFERENCES
version of the dependency which, as it happens, will contain the correct
symbol table in the data section. For my tests, this initially appeared
to be an x86-only problem, but that was only because the two DLLs on x64
should have been rebased.
Signed-off-by: David Allsopp <david.allsopp@metastack.com>
Match glibc behaviour to expose the public bswap_* macros only with an
explicity #include <byteswap.h>; #include'ing <endian.h> should not expose
them.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
Don't set SO_RCVBUF/SO_SNDBUF to fixed values, thus disabling autotuning.
Patch modeled after a patch suggestion from Daniel Havey <dhavey@gmail.com>
in https://cygwin.com/ml/cygwin-patches/2017-q1/msg00010.html:
At Windows we love what you are doing with Cygwin. However, we have
been getting reports from our hardware vendors that iperf is slow on
Windows. Iperf is of course compiled against the cygwin1.dll and we
believe we have traced the problem down to the function fdsock in
net.cc. SO_RCVBUF and SO_SNDBUF are being manually set. The comments
indicate that the idea was to increase the buffer size, but, this code
must have been written long ago because Windows has used autotuning
for a very long time now. Please do not manually set SO_RCVBUF or
SO_SNDBUF as this will limit your internet speed.
I am providing a patch, an STC and my cygcheck -svr output. Hope we
can fix this. Please let me know if I can help further.
Simple Test Case:
I have a script that pings 4 times and then iperfs for 10 seconds to
debit.k-net.fr
With patch
$ bash buffer_test.sh 178.250.209.22
usage: bash buffer_test.sh <iperf server name>
Pinging 178.250.209.22 with 32 bytes of data:
Reply from 178.250.209.22: bytes=32 time=167ms TTL=34
Reply from 178.250.209.22: bytes=32 time=173ms TTL=34
Reply from 178.250.209.22: bytes=32 time=173ms TTL=34
Reply from 178.250.209.22: bytes=32 time=169ms TTL=34
Ping statistics for 178.250.209.22:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 167ms, Maximum = 173ms, Average = 170ms
------------------------------------------------------------
Client connecting to 178.250.209.22, TCP port 5001
TCP window size: 64.0 KByte (default)
------------------------------------------------------------
[ 3] local 10.137.196.108 port 58512 connected with 178.250.209.22 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0- 1.0 sec 768 KBytes 6.29 Mbits/sec
[ 3] 1.0- 2.0 sec 9.25 MBytes 77.6 Mbits/sec
[ 3] 2.0- 3.0 sec 18.0 MBytes 151 Mbits/sec
[ 3] 3.0- 4.0 sec 18.0 MBytes 151 Mbits/sec
[ 3] 4.0- 5.0 sec 18.0 MBytes 151 Mbits/sec
[ 3] 5.0- 6.0 sec 18.0 MBytes 151 Mbits/sec
[ 3] 6.0- 7.0 sec 18.0 MBytes 151 Mbits/sec
[ 3] 7.0- 8.0 sec 18.0 MBytes 151 Mbits/sec
[ 3] 8.0- 9.0 sec 18.0 MBytes 151 Mbits/sec
[ 3] 9.0-10.0 sec 18.0 MBytes 151 Mbits/sec
[ 3] 0.0-10.0 sec 154 MBytes 129 Mbits/sec
Without patch:
dahavey@DMH-DESKTOP ~
$ bash buffer_test.sh 178.250.209.22
Pinging 178.250.209.22 with 32 bytes of data:
Reply from 178.250.209.22: bytes=32 time=168ms TTL=34
Reply from 178.250.209.22: bytes=32 time=167ms TTL=34
Reply from 178.250.209.22: bytes=32 time=170ms TTL=34
Reply from 178.250.209.22: bytes=32 time=169ms TTL=34
Ping statistics for 178.250.209.22:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 167ms, Maximum = 170ms, Average = 168ms
------------------------------------------------------------
Client connecting to 178.250.209.22, TCP port 5001
TCP window size: 208 KByte (default)
------------------------------------------------------------
[ 3] local 10.137.196.108 port 58443 connected with 178.250.209.22 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0- 1.0 sec 512 KBytes 4.19 Mbits/sec
[ 3] 1.0- 2.0 sec 1.50 MBytes 12.6 Mbits/sec
[ 3] 2.0- 3.0 sec 1.50 MBytes 12.6 Mbits/sec
[ 3] 3.0- 4.0 sec 1.50 MBytes 12.6 Mbits/sec
[ 3] 4.0- 5.0 sec 1.50 MBytes 12.6 Mbits/sec
[ 3] 5.0- 6.0 sec 1.50 MBytes 12.6 Mbits/sec
[ 3] 6.0- 7.0 sec 1.50 MBytes 12.6 Mbits/sec
[ 3] 7.0- 8.0 sec 1.50 MBytes 12.6 Mbits/sec
[ 3] 8.0- 9.0 sec 1.50 MBytes 12.6 Mbits/sec
[ 3] 9.0-10.0 sec 1.50 MBytes 12.6 Mbits/sec
[ 3] 0.0-10.1 sec 14.1 MBytes 11.7 Mbits/sec
The output shows that the RTT from my machine to the iperf server is
similar in both cases (about 170ms) however with the patch the
throughput averages 129 Mbps while without the patch the throughput
only averages 11.7 Mbps. If we calculate the maximum throughput using
Bandwidth = Queue/RTT we get (212992 * 8)/0.170 = 10.0231 Mbps. This
is just about what iperf is showing us without the patch since the
buffer size is set to 212992 I believe that the buffer size is
limiting the throughput. With the patch we have no buffer limitation
(autotuning) and can develop the full potential bandwidth on the link.
If you want to duplicate the STC you will have to find an iperf server
(I found an extreme case) that has a large enough RTT distance from
you and try a few times. I get varying results depending on Internet
traffic but without the patch never exceed the limit caused by the
buffering.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The termios code doesn't handle erasing of multibyte characters
in canonical mode, it always erases a single byte. When entering
a multibyte character and then pressing VERASE, the input ends up
with an invalid character.
Following Linux we introduce the IUTF8 input flag now, set by
default. When this flag is set, VERASE or VWERASE will check
if the just erased input byte is a UTF-8 continuation byte. If
so, it erases another byte and checks again until the entire
UTF-8 character has been removed from the input buffer.
Note that this (just as on Linux) does NOT work with arbitrary
multibyte codesets. This only works with UTF-8.
For a discussion what happens, see
https://cygwin.com/ml/cygwin/2017-01/msg00299.html
Sidenote: The eat_readahead function is now member of fhandler_termios,
not fhandler_base. That's necessary to get access to the terminal's
termios flags.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Drop virtual_key_code (only used once)
- Convert macros wch and control_key_state to const vars
unicode_char and ctrl_key_state.
- Fix formatting
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Create two new inline functions is_alt_numpad_key(PINPUT_RECORD) and
is_alt_numpad_event(PINPUT_RECORD) which contain the actual checks.
Call these functions from fhandler_console::read and peek_console for
better readability.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
{p}select/{p}poll completely ignored Alt+Numpad key sequences in console
input which results in newer readline using pselect to fail handling such
sequences correctly. See https://cygwin.com/ml/cygwin/2017-01/msg00135.html
During debugging and testing it turned out that while reading console
input, single key presses during an Alt+Numpad sequences where not
ignored, so ultimately a sequence like
Alt-down Numpad-1 Numpad-2 Numpad-3
whihc is supposed to result in a single character in the input stream
will actually result in 4 chars in the input stream, three control
sequences and the actual character.
Both problems should be fixed by this patch.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This patch fixes the following problem:
Commit 9636c426 refactored the pipe code especially to make sure
to call WriteFile only with chunks matching the maximum atomic write
count. This accidentally introduced a small change in behaviour
on blocking pipes due to the success case falling through into the
error case. Rather then writing atomic chunks until all bytes are
written, the code immediately broke from the loop after writing
the first chunk, basically the same as in case of non-blocking
writes. This behaviour is not compliant to POSIX which requires
"Write requests to a pipe or FIFO [...]
* If the O_NONBLOCK flag is clear, a write request may cause the
thread to block, but on normal completion it shall return nbyte."
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
If newfile already exists and is in use, trying to overwrite it with
NtSetInformationFile(FileRenameInformation) fails exactly as if we
don't have the permissions to delete it. Unfortunately the return code
is the same STATUS_ACCESS_DENIED, so we have no way to distinguish
these cases. What we do here so far is to start a transaction to delete
newfile. If this open fails with a transactional error we stop the
transaction and retry opening the file without transaction.
But, here's the problem: If newfile is in use, NtOpenFile(oldfile)
naturally does NOT fail with a transactional error. Rather, the
subsequent call to unlink_nt(newfile) does, because there's another
handle open to newfile outside a transaction. However, the code does
not check if unlink_nt fails with a transactional error and so fails
to retry without transaction.
This patch recifies the problem and checks unlink_nt's status as well.
Refactor code to get rid of goto into another code block.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
A *very* recent Windows build adds more code to the preamble of
RtlGetCurrentDirectory_U() so that the previous heuristic failed to find
the call to the locking routine.
This only affects the 64-bit version of ntdll, where the 0xe8 byte is
now found at offset 40, not the 32-bit version. However, let's just
double the area we search for said byte for good measure.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Returns the process's environment concatenated into a single block of
null-terminated strings, along with the length of the environment block.
Adds an associated PICOM_ENVIRON commune_process handler.
win32env_to_cygwenv handles converting wchar to char and some other
minor taks. Optionally it handles converting any paths in variables to
posix paths.
This will be useful for implementing /proc/<pid>/environ
commit 67fd2101 introduced a bad bug. Changing sys_privs to a static
area and just returning a pointer is nice... *if* the calling code doesn't
call free() on it. Make sure callers check pointer for sys_privs and
refrain from calling free, if so.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Include ntsecapi.h where required and just redefine RtlGenRandom
correctly in the ntsecapi.h wrapper.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
In preparation of exporting getentropy/getrandom to userspace, rearrange
code a bit:
- Define RtlGenRandom in ntdll.h.
- Drop calls to getentropy in favor of RtlGenRandom (fhandler_socket,
fhandler_dev_random).
- Add try/except blocks in fhandler_dev_random to return EFAULT rather
than crashing if buffer pointer is invalid.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
NtOpenFile/NtCreateFile on non-existent paths on network drives has a
bug. Assuming a path Z:\dir\file. Further assuming that Z:\dir does
not exist.
The first NtOpenFile("Z:\dir\file") correctly returns
STATUS_OBJECT_PATH_NOT_FOUND. Subsequent calls incorrectly
return STATUS_OBJECT_NAME_NOT_FOUND.
This appears to be some kind of caching behaviour. Waiting a while
before repeating the call correctly returns STATUS_OBJECT_PATH_NOT_FOUND
again.
This patch works around the observed misbehaviour.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
So far, when converting from POSIX to Windows notation, cygwin_conv_path
fails to check for .exe suffix, so /path/foo did not return /path/foo.exe
even if this file exists.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The original code only skipped the "./", but missed to test if more
trailing slashes are present. This in turn leads to invalid conversion.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Don't allow signal 0 in signal(2), sigaction(2), siginterrupt(3).
Don't allow any signal in sigqueue(3) but explicitely handle
signal 0 as in kill(2).
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Provide <memory.h> for all standard Newlib targets and remove
Cygwin-specific header. Most POSIX like systems provide this historic
header.
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
This makes it possible provide operating system specific types for
<pthread.h>. It is in line with the FreeBSD header file structure and
allows a future cleanup of <pthread.h> to not expose unrelated things
via <sys/types.h> and <unistd.h>. Glibc uses the similar
<bits/pthreadtypes.h> for this purpose.
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Update the getconf utility to support the new flag as well as
_PC_POSIX_PERMISSIONS and _PC_POSIX_SECURITY. These were previously
unsupported, probably as an oversight.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Additionally to eccefd97, we need to ensure the exception handler is
installed for the _ljfault used to implement _try/_except to get called.
Also use the correct macro for x86 conditional compilation.
Addresses https://cygwin.com/ml/cygwin/2016-09/msg00143.html
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
Long-standing problem in one of the corner cases of rename(2):
If we rename a directory a check is performed to see if newpath is
identical to oldpath or a subdir of oldpath. This check is
(accidentally? no hints anywhere in ChangeLogs or code) performed
case-insensitive for as long as we use Unicode paths and NT functions.
This leads to the problems described in
https://cygwin.com/ml/cygwin/2016-09/msg00264.html
Change this to be conditional case-sensitive as all other checks but
let's take this with a grain of salt. There may be corner-cases in
this corner-case which require to chek parts of the path always
case-insensitive. Off the top of my head I can't construct such a
case but that's no proof they don't exist :}
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Commit d16a5630 dropped usage of cygheap's locale functions
in favor of local on-the-fly usage of UTF-8 instead of ASCII.
This allowed to use the current local rather than a fixed
system-wide locale set at startup time. d16a5630 just missed
to add the ASCII->UTF-8 conversion in the console as well.
Fixes https://cygwin.com/ml/cygwin/2016-10/msg00000.html
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
On 09/02/2016 11:03 AM, Corinna Vinschen wrote:
> On Sep 2 10:46, Michael Haubenwallner wrote:
>> On 09/01/2016 03:32 PM, Corinna Vinschen wrote:
>>> You could just use the global variable program_invocation_name. If in
>>> doubt, use the Windows path global_progname and convert it to full POSIX
>>> via cygwin_conv_path.
>>
>> Patch updated, using global_progname now.
>
> Looks good and you're right to do it this way since I just noticed
> that program_invocation_name may return a relative pathname.
Yep.
> Btw., in other calls which require the full POSIX path we use
> mount_table->conv_to_posix_path instead of cygwin_conv_path (see
> e. g. fillout_pinfo()). It's a bit faster. Maybe something for a
> followup patch.
No problem - attached.
This renders the original patch 4/4 valid again.
> Note for some later improvement: I really wonder why we don't store
> the absolute POSIX path of the current executable globally yet...
Same here.
Thanks!
/haubi/
>From f7255edd33cb4abe34f27188aab8dccdfa5dd2a0 Mon Sep 17 00:00:00 2001
From: Michael Haubenwallner <michael.haubenwallner@ssi-schaefer.com>
Date: Wed, 31 Aug 2016 18:05:11 +0200
Subject: [PATCH 3/4] dlopen: on x/lib search x/bin if exe is in x/bin
citing https://cygwin.com/ml/cygwin-developers/2016-08/msg00020.html
> Consider the file /usr/bin/cygz.dll:
> - dlopen (libz.so) success
> - dlopen (/usr/bin/libz.so) success
> - dlopen (/usr/lib/libz.so) fails
* dlfcn.c (dlopen): For dlopen("x/lib/N"), when the application
executable is in "x/bin/", search for "x/bin/N" before "x/lib/N".
Rather than searching all search dirs per one basename,
search for all basenames within per one search dir.
pathfinder.h (check_path_access): Interchange dir- and basename-loops.
Instead of find_exec, without changing behaviour use new pathfinder
class with new allocator_interface around tmp_pathbuf and new vstrlist
class.
* pathfinder.h (pathfinder): New file.
* vstrlist.h (allocator_interface, allocated_type, vstrlist): New file.
* dlfcn.cc (dlopen): Avoid redundant GetModuleHandleExW with RTLD_NOLOAD
and RTLD_NODELETE. Switch to new pathfinder class, using
(tmp_pathbuf_allocator): New class.
(get_full_path_of_dll): Drop.
On Windows 8.1 and later, the NetUserChangePassword call apparently
doesn't accept the usual "\\server" string anymore, but requires to
use the "domain" instead, otherwise it emits en error code 1265,
ERROR_DOWNGRADE_DETECTED. Since this is accepted by pre-8.1 as well,
use the domain indiscriminately when calling NetUserChangePassword
from passwd(1).
While at it, do some minor cleanup in passwd.c.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Keep __ctype_ptr__ available on Cygwin only, for backward compatibility
with existing apps referencing it via the ctype macros.
Otherwise initialize __global_locale.ctype_ptr and __C_locale.ctype_ptr
and use them throughout.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Corinna Vinschen
Ken Brown
Johannes Schindelin
David Macek via Cygwin-patches
Brian Inglis
Biswapriyo Nath
Åke Rehnman
Takashi Yano
Hans-Bernhard Broeker
Keith Packard
Arseniy Lartsev
Mark Geisert
Achim Gratz
Martin Storsjö
Joel Sherrill
Lavrentiev, Anton
Michael Haubenwallner
Corinna Vinschen
Ben Wijen
Jinke Fan
Erik M. Bray
J.H. van de Water
Yaakov Selkowitz
Jozef Lawrynowicz
David McFarland
Sebastian Huber
Sergejs Lukanihins
Xiaofeng Liu
Yaakov Selkowitz
Eric Blake
David Macek
Joe_Lowe
Jon Turney
Christian Franke
David Allsopp
Erik M. Bray