Ken Brown [Thu, 20 Aug 2020 13:47:47 +0000 (09:47 -0400)]
Cygwin: strace: ignore GCC exceptions
Any C++ app that calls 'throw' on 64-bit Cygwin results in an
exception of type STATUS_GCC_THROW (0x20474343) generated by the C++
runtime. Don't pollute the strace output by printing information
about this and other GCC exceptions.
Ken Brown [Mon, 17 Aug 2020 20:24:59 +0000 (16:24 -0400)]
Cygwin: main exception handler (64-bit): continue GCC exceptions
This is necessary in order to be consistent with the following comment
in the definition of _Unwind_RaiseException() in the GCC source file
libgcc/unwind-seh.c:
The exception handler installed in crt0 will continue any GCC
exception that reaches there (and isn't marked non-continuable).
Previously we failed to do this and, as a consequence, the C++ runtime
didn't call std::terminate after an unhandled exception.
Cygwin: pty: Change the timing of set_locale() call again.
- After commit 095972ce5b1d319915501a7e381802914bed790c, charset
conversion in mintty is broken if charset is set to other than
UTF-8. This seems to be caused because mintty does not set locale
yet at fork() call. This patch changes the timing of set_locale()
call again to avoid this issue.
Cygwin: pty: Change the timing of setup_locale() call.
- If native app is exec()'ed in a new pty, setup_locale() loses the
chance to be called. For example, with "mintty -e cmd", charset
conversion does not work as expected. This patch fixes the issue.
In file included from .../newlib/newlib/libc/stdlib/nano-mallocr.c:38:
.../newlib/newlib/libc/include/malloc.h:42:25: note: expected 'struct _reent *' but argument is of type 'ptrdiff_t' {aka 'int'}
42 | extern void *_malloc_r (struct _reent *, size_t);
| ^~~~~~~~~~~~~~~
.../newlib/newlib/libc/stdlib/nano-mallocr.c:67:22: error: too few arguments to function '_malloc_r'
67 | #define nano_malloc _malloc_r
| ^~~~~~~~~
.../newlib/newlib/libc/stdlib/nano-mallocr.c:456:11: note: in expansion of macro 'nano_malloc'
456 | mem = nano_malloc(bytes);
| ^~~~~~~~~~~
In file included from .../newlib/newlib/libc/stdlib/nano-mallocr.c:38:
.../newlib/newlib/libc/include/malloc.h:42:14: note: declared here
42 | extern void *_malloc_r (struct _reent *, size_t);
| ^~~~~~~~~
.../newlib/newlib/libc/stdlib/nano-mallocr.c:43: warning: "assert" redefined
43 | #define assert(x) ((void)0)
|
This patch adds a missing RCALL to the args when calling nano_malloc
from nano_calloc, so that if the call is reentrant, reent_ptr is passed
as the first argument.
The variable `bytes` (also added in 588a5e1d) has been changed from a
`ptrdiff_t` to `malloc_size_t` as it does not need to be signed. It is
used to store the product of two unsigned malloc_size_t variables and
then iff there was no overflow is it passed to malloc and memset which
both expect size_t which is unsigned.
Takashi Yano [Tue, 11 Aug 2020 04:16:52 +0000 (13:16 +0900)]
Cygwin: pty: Add a workaround for issue of starting a lot of mintty.
- If a lot of mintty are started in a short time from a mintty, some
of them hang with empty screen, crash immediately or hang on exiting
mintty. The following report seems to be related to this issue.
https://cygwin.com/pipermail/cygwin/2020-August/245751.html
The cause is not clear at all, but this patch seems to solve the
issue.
libm/machine/arm: Add optimized fmaf and fma when available
When HAVE_FAST_FMAF is set, use the vfma.f32 instruction, when
HAVE_FAST_FMA is set, use the vfma.f64 instruction.
Usually the compiler built-ins will already have inlined these
instructions, but provide these symbols for cases where that doesn't
work instead of falling back to the (inaccurate) common code versions.
libm/math: ensure that expf(-huge) sets FE_UNDERFLOW exception
It was calling __math_uflow(0) instead of __math_uflowf(0), which
resulted in no exception being set on machines with exception support
for float but not double.
MSP430: Increase the amount of main memory available in sim ld scripts
The main memory region of the GDB simulator ends at address 0xFFBF,
but the simulator linker scripts do not make full use of this available
memory.
>From 61f3d212741acee583e21ff2c2808775584ecad6 Mon Sep 17 00:00:00 2001
From: Jozef Lawrynowicz <jozef.l@mittosystems.com>
Date: Mon, 3 Aug 2020 19:38:23 +0100
Subject: [PATCH 2/2] MSP430: Increase the amount of main memory available in
sim ld scripts
The main memory region of the GDB simulator ends at address 0xFFBF,
but the simulator linker scripts do not make full use of this available
memory.
MSP430: Word align __*_array_start symbols in sim linker scripts
__{preinit,init,fini}_array_start symbols must be word aligned in
linker scripts. If the section preceding the __*_array_start symbol
has an odd size, then a NULL byte will be present between the start
symbol and the .*_array section itself, when the section gets
automatically word-aligned.
This results in a branch to an invalid address when the CRT startup
code tries to run through the functions listed in the array sections.
>From de115144d05ecbaa82c9c737cc261715ca4b7d67 Mon Sep 17 00:00:00 2001
From: Jozef Lawrynowicz <jozef.l@mittosystems.com>
Date: Mon, 3 Aug 2020 19:09:46 +0100
Subject: [PATCH 1/2] MSP430: Word align __*_array_start symbols in sim linker
scripts
__{preinit,init,fini}_array_start symbols must be word aligned in
linker scripts. If the section preceding the __*_array_start symbol
has an odd size, then a NULL byte will be present between the start
symbol and the .*_array section itself, when the section gets
automatically word-aligned.
This results in a branch to an invalid address when the CRT startup
code tries to run through the functions listed in the array sections.
libm: Control errno support with _IEEE_LIBM configuration parameter
This removes the run-time configuration of errno support present in
portions of the math library and unifies all of the compile-time errno
configuration under a single parameter so that the whole library
is consistent.
The run-time support provided by _LIB_VERSION is no longer present in
the public API, although it is still used internally to disable errno
setting in some functions. Now that it is a constant, the compiler should
remove that code when errno is not supported.
This removes s_lib_ver.c as _LIB_VERSION is no longer variable.
libm/math: Don't modify __ieee754_pow return values in pow
The __ieee754 functions already return the right value in exception
cases, so don't modify those. Setting the library to _POSIX_/_IEEE_
mode now only affects whether errno is modified.
Cygwin: Add 'fallthrough' pseudo keyword for switch/case use
This patch has been inspired by the Linux kernel patch
294f69e662d1 compiler_attributes.h: Add 'fallthrough' pseudo keyword for switch/case use
written by Joe Perches <joe AT perches DOT com> based on an idea from
Dan Carpenter <dan DOT carpenter AT oracle DOT com>. The following text
is from the original log message:
Reserve the pseudo keyword 'fallthrough' for the ability to convert the
various case block /* fallthrough */ style comments to appear to be an
actual reserved word with the same gcc case block missing fallthrough
warning capability.
libm: Set math_errhandling to match library and hardware [v2]
math_errhandling is specified to contain two bits of information:
1. MATH_ERRNO -- Set when the library sets errno
2. MATH_ERREXCEPT -- Set when math operations report exceptions
MATH_ERRNO should match whether the original math code is compiled in
_IEEE_LIBM mode and the new math code has WANT_ERRNO == 1.
MATH_ERREXCEPT should match whether the underlying hardware has
exception support. This patch adds configurations of this value for
RISC-V, ARM, Aarch64, x86 and x86_64 when using HW float.
libm/common: Set WANT_ERRNO based on _IEEE_LIBM value
_IEEE_LIBM is the configuration value which controls whether the
original libm functions modify errno. Use that in the new math code as
well so that the resulting library is internally consistent.
Ken Brown [Mon, 3 Aug 2020 13:44:31 +0000 (09:44 -0400)]
Cygwin: FIFO: add a third pass to raw_read
Currently raw_read makes two passes through the list of clients. On
the first pass it tries to read from the client from which it last
read successfully. On the second pass it tries to read from all
connected clients.
Add a new pass in between these two, in which raw_read tries to read
from all clients that are in the fc_input_avail case. This should be
more efficient in case select was previously called and detected input
available.
Slightly tweak the first pass. If a client is marked as having the
last successful read but reading from it now finds no input, don't
unmark it unless we successfully read from a different client on one
of the later passes.
Ken Brown [Mon, 3 Aug 2020 13:38:08 +0000 (09:38 -0400)]
Cygwin: FIFO: synchronize the fifo_reader and fifosel threads
The fifo_reader thread function and the function select.cc:peek_fifo()
can both change the state of a fifo_client_handler. These changes are
made under fifo_client_lock, so there is no race, but the changes can
still be incompatible.
Add code to make sure that only one of these functions can change the
state from its initial fc_listening state. Whichever function does
this calls the fhandler_fifo::record_connection method, which is now
public so that peek_fifo can call it.
Slightly modify that method to make it suitable for being called by
peek_fifo.
Make a few other small changes to the fifo_reader thread function to
change how it deals with the STATUS_PIPE_CLOSING value that can
(rarely) be returned by NtFsControlFile.
Add commentary to fhandler_fifo.cc to explain fifo_client connect
states and where they can be changed.
Ken Brown [Mon, 3 Aug 2020 13:35:00 +0000 (09:35 -0400)]
Cygwin: FIFO: don't read from pipes that are closing
Don't try to read from fifo_client_handlers that are in the fc_closing
state. Experiments have shown that this always yields
STATUS_PIPE_BROKEN, so it just wastes a Windows system call.
Re-order the values in enum fifo_client_connect_state to reflect the
new status of fc_closing.
Ken Brown [Mon, 3 Aug 2020 13:32:30 +0000 (09:32 -0400)]
Cygwin: FIFO: reorganize some fifo_client_handler methods
Rename the existing set_state() to query_and_set_state() to reflect
what it really does. (It queries the O/S for the pipe state.) Add a
new set_state() method, which is a standard setter, and a
corresponding getter get_state().
Ken Brown [Mon, 3 Aug 2020 13:17:06 +0000 (09:17 -0400)]
Cygwin: FIFO: add a timeout to take_ownership
fhandler_fifo::take_ownership() is called from select.cc::peek_fifo
and fhandler_fifo::raw_read and could potentially block indefinitely
if something goes wrong. This is always undesirable in peek_fifo, and
it is undesirable in a nonblocking read. Fix this by adding a timeout
parameter to take_ownership.
Arbitrarily use a 1 ms timeout in peek_fifo and a 10 ms timeout in
raw_read. These numbers may have to be tweaked based on experience.
Replace the call to cygwait in take_ownership by a call to WFSO.
There's no need to allow interruption now that we have a timeout.
Ken Brown [Sun, 2 Aug 2020 20:38:24 +0000 (16:38 -0400)]
Cygwin: FIFO: fix timing issue with owner change
fhandler_fifo::take_ownership() tacitly assumes that the current
owner's fifo_reader_thread will be woken up from WFMO when
update_needed_evt is signaled. But it's possible that the the current
owner's fifo_reader_thread is at the beginning of its main loop rather
than in its WFMO call when that event is signaled.
In this case the owner will never see that the event has been
signaled, and it will never update the shared fifo_client_handlers.
The reader that wants to take ownership will then spin its wheels
forever.
Fix this by having the current owner call update_shared_handlers at
the beginning of its loop, if necessary.
Brian Inglis [Tue, 4 Aug 2020 06:51:56 +0000 (00:51 -0600)]
fhandler_proc.cc(format_proc_cpuinfo): use _small_sprintf %X for microcode
microcode is unsigned long long, printed by _small_sprintf using %x;
Cygwin32 used last 4 bytes of microcode for next field MHz, printing 0;
use correct _small_sprintf format %X to print microcode, producing
correct MHz value under Cygwin32
Brian Inglis [Mon, 3 Aug 2020 16:22:46 +0000 (10:22 -0600)]
fhandler_proc.cc(format_proc_cpuinfo): add SERIALIZE instruction flag
CPUID 7:0 EDX[14] serialize added in linux-next 5.8 by Ricardo Neri-Calderon:
The Intel architecture defines a set of Serializing Instructions (a
detailed definition can be found in Vol.3 Section 8.3 of the Intel "main"
manual, SDM). However, these instructions do more than what is required,
have side effects and/or may be rather invasive. Furthermore, some of
these instructions are only available in kernel mode or may cause VMExits.
Thus, software using these instructions only to serialize execution (as
defined in the manual) must handle the undesired side effects.
As indicated in the name, SERIALIZE is a new Intel architecture
Serializing Instruction. Crucially, it does not have any of the mentioned
side effects. Also, it does not cause VMExit and can be used in user mode.
This new instruction is currently documented in the latest "extensions"
manual (ISE). It will appear in the "main" manual in the future.
Keith Packard [Thu, 30 Jul 2020 23:41:05 +0000 (16:41 -0700)]
libm/math: Use __math_xflow in obsolete math code [v2]
C compilers may fold const values at compile time, so expressions
which try to elicit underflow/overflow by performing simple
arithemetic on suitable values will not generate the required
exceptions.
Work around this by replacing code which does these arithmetic
operations with calls to the existing __math_xflow functions that are
designed to do this correctly.
Signed-off-by: Keith Packard <keithp@keithp.com>
----
v2:
libm/math: Pass sign to __math_xflow instead of muliplying result
Cygwin: posix_spawn: add Cygwin-specific code fixing process synchronisation
Newlib's posix_spawn has been taken from FreeBSD. The code relies on
BSD-specific behaviour of vfork, namely the fact that vfork blocks
the parent until the child exits or calls execve as well as the fact
that the child shares parent memory in non-COW mode.
This behaviour can't be emulated by Cygwin. Cygwin's vfork is
equivalent to fork. This is POSIX-compliant, but it's lacking BSD's
vfork ingrained synchronization of the parent to wait for the child
calling execve, or the chance to just write a variable and the parent
will see the result.
So this requires a Cygwin-specific solution. The core function of
posix_spawn, called do_posix_spawn is now implemented twice, once using
the BSD method, and once for Cygwin using Windows synchronization under
the hood waiting for the child to call execve and signalling errors
upstream. The Windows specifics are hidden inside Cygwin, so newlib
only calls internal Cygwin functions.
Use the already existing stub files if possible. These files are
necessary to override the stub implementation with the machine-specific
implementation through the build system.
Reviewed-by: Sebastian Huber <sebastian.huber@embedded-brains.de> Signed-off-by: Eshan dhawan <eshandhawan51@gmail.com>
The previous fenv support for ARM used the soft-float implementation of
FreeBSD. Newlib uses the one from libgcc by default. They are not
compatible. Having an GCC incompatible soft-float fenv support in
Newlib makes no sense. A long-term solution could be to provide a
libgcc compatible soft-float support. This likely requires changes in
the GCC configuration. For now, provide a stub implementation for
soft-float multilibs similar to RISC-V.
Move implementation to one file and delete now unused files. Hide
implementation details. Remove function parameter names from header
file to avoid name conflicts.
Provide VFP support if __SOFTFP__ is not defined like glibc.
Reviewed-by: Sebastian Huber <sebastian.huber@embedded-brains.de> Signed-off-by: Eshan dhawan <eshandhawan51@gmail.com>
This patch fixes a bug in RISC-V's memcpy implementation where an
integer wraparound occurs when src + size < 8 * sizeof(long), causing
the word-sized copy loop to be incorrectly entered.
Jon Turney [Tue, 7 Jul 2020 19:54:27 +0000 (20:54 +0100)]
Cygwin: Use MEMORY_WORKING_SET_EX_INFORMATION in dumper
Use the (undocumented) MEMORY_WORKING_SET_EX_INFORMATION in dumper to
determine if a MEM_IMAGE region is unsharable, and hence has been
modified.
After this, we will end up dumping memory regions where:
- state is MEM_COMMIT (i.e. is not MEM_RESERVE or MEM_FREE), and
-- type is MEM_PRIVATE and protection allows reads (i.e. not a guardpage), or
-- type is MEM_IMAGE and attribute is non-sharable (i.e. it was WC, got
written to, and is now a RW copy)
Jon Turney [Sun, 5 Jul 2020 13:42:59 +0000 (14:42 +0100)]
Cygwin: Don't dump non-writable image regions
After this, we will end up dumping memory regions where:
- state is MEM_COMMIT (i.e. is not MEM_RESERVE or MEM_FREE), and
-- type is MEM_PRIVATE and protection allows reads (i.e. not a guardpage), or
-- type is MEM_IMAGE and protection allows writes
Making this decision based on the current protection isn't 100% correct,
because it may have been changed using VirtualProtect(). But we don't
know how to determine if a region is shareable.
(As a practical matter, anything which gets us the stack (MEM_PRIVATE)
and .data/.bss (RW MEM_IMAGE) is going to be enough for 99% of cases)
Ken Brown [Mon, 20 Jul 2020 12:59:09 +0000 (08:59 -0400)]
Cygwin: mmap: fix mapping beyond EOF on 64 bit
Commit 605bdcd410384dda6db66b9b8cd19e863702e1bb enabled mapping beyond
EOF in 64 bit environments. But the variable 'orig_len' did not get
rounded up to a multiple of 64K. This rounding was done on 32 bit
only. Fix this by rounding up orig_len on 64 bit, in the same place
where 'len' is rounded up.
Rounding up is needed to make sigbus_page_len a multiple of the
allocation granularity.
In addition, failing to round up could cause orig_len to be smaller
than len. Since these are both unsigned values, the statement
'orig_len -= len' could then cause orig_len to be huge, and mmap would
fail with errno EFBIG.
I observed this failure while debugging the problem reported in
Cygwin: pty: Fix a bug on redirecting something to /dev/pty*.
- After commit 0365031ce1347600d854a23f30f1355745a1765c, key input
becomes not working by following steps.
1) Start cmd.exe in mintty.
2) Open another mintty.
3) Execute "echo AAA > /dev/pty*" (pty* is the pty opened in 1.)
This patch fixes the issue.
Ken Brown [Mon, 13 Jul 2020 11:01:57 +0000 (07:01 -0400)]
Cygwin: FIFO: allow take_ownership to be interrupted
Use cygwait in take_ownership to allow interruption while waiting to
become owner. Return the cygwait return value or a suitable value to
indicate an error.
raw_read now checks the return value and acts accordingly.
Ken Brown [Sat, 11 Jul 2020 19:20:45 +0000 (15:20 -0400)]
Cygwin: FIFO: make certain errors non-fatal
If update_my_handlers fails to duplicate one or more handles, just
mark the corresponding handlers as being in an error state.
But if update_my_handlers is unable to open the process of the
previous owner, it's likely that something serious has gone wrong, so
we continue to make that a fatal error.
Ken Brown [Sat, 11 Jul 2020 18:52:55 +0000 (14:52 -0400)]
Cygwin: FIFO: improve taking ownership in fifo_reader_thread
When a reader takes ownership in fifo_reader_thread, it now goes
directly to the part of the main loop that listens for a connection.
Previously it went back to the beginning of the loop.
Also, if the reader has to delay taking ownership because the previous
owner has not finished updating the shared fifo_client handlers, it
now checks to see if cancel_evt has been set. Previously it might
have had to spin its wheels unnecessarily only to eventually find that
its thread had been canceled.
Ken Brown [Sat, 11 Jul 2020 18:34:24 +0000 (14:34 -0400)]
Cygwin: FIFO: reduce I/O interleaving
Add a bool member 'last_read' to the fifo_client_handler structure,
which is set to true on a successful read. This is used by raw_read
as follows.
When raw_read is called, it first locates the writer (if any) for
which last_read is true. raw_read tries to read from that writer and
returns if there is input available. Otherwise, it proceeds to poll
all the writers, as before.
The effect of this is that if a writer writes some data that is only
partially read, the next attempt to read will continue to read from
the same writer. This should reduce the interleaving of output from
different writers.
Ken Brown [Sat, 11 Jul 2020 18:05:23 +0000 (14:05 -0400)]
Cygwin: FIFO: keep a writer count in shared memory
When a reader opens, it needs to block if there are no writers open
(unless is is opened with O_NONBLOCK). This is easy for the first
reader to test, since it can just wait for a writer to signal that it
is open (via the write_ready event). But when a second reader wants
to open, all writers might have closed.
To check this, use a new '_nwriters' member of struct fifo_shmem_t,
which keeps track of the number of open writers. This should be more
reliable than the previous method.
Add nwriters_lock to control access to shmem->_nwriters, and remove
reader_opening_lock, which is no longer needed.
Previously only readers had access to the shared memory, but now
writers access it too so that they can increment _nwriters during
open/dup/fork/exec and decrement it during close.
Add an optional 'only_open' argument to create_shmem for use by
writers, which only open the shared memory rather than first trying to
create it. Since writers don't need to access the shared memory until
they have successfully connected to a pipe instance, they can safely
assume that a reader has already created the shared memory.
For debugging purposes, change create_shmem to return 1 instead of 0
when a reader successfully opens the shared memory after finding that
it had already been created.
Remove check_write_ready_evt, write_ready_ok_evt, and
check_write_ready(), which are no longer needed.
When opening a writer and looping to try to get a connection, recheck
read_ready at the top of the loop since the number of readers might
have changed.
To slightly speed up the process of opening the first reader, take
ownership immediately rather than waiting for the fifo_reader_thread
to handle it.
Ken Brown [Wed, 15 Jul 2020 13:46:42 +0000 (09:46 -0400)]
Cygwin: FIFO: fix problems finding new owner
When the owning reader closes and there are still readers open, the
owner needs to wait for a new owner to be found before closing its
fifo_client handlers. This involves a loop in which dec_nreaders is
called at the beginning and inc_nreaders is called at the end. Any
other reader that tries to access shmem->_nreaders during this loop
will therefore get an inaccurate answer.
Fix this by adding an nreaders method and using it instead of
dec_nreaders and inc_nreaders. Also add nreaders_lock to control
access to the shmem->_nreaders.
Make various other changes to improve the reliability of finding a new
owner.
If __HAVE_LOCALE_INFO__ is not defined, then the locale in the
locale-specific ctype functions is ignored. In the previous
implementation this resulted in compiler warnings. For example:
gcc -Wall main.c
main.c: In function 'main':
main.c:6:11: warning: variable 'locale' set but not used [-Wunused-but-set-variable]
6 | locale_t locale;
| ^~~~~~
Marc Hoersken [Wed, 15 Jul 2020 18:53:21 +0000 (20:53 +0200)]
Cygwin: make sure failed sockets always signal writability
Since FD_CONNECT is only given once, we manually need to set
FD_WRITE for connection failed sockets to have consistent
behaviour in programs calling poll/select multiple times.
Example test to non-listening port: curl -v 127.0.0.1:47
Brian Inglis [Mon, 13 Jul 2020 12:58:56 +0000 (06:58 -0600)]
Cygwin: FAQ 1.5: Clarify "What version is this"
Patch to:
https://sourceware.org/git/?p=newlib-cygwin.git;f=winsup/doc/faq-what.xml;a=blob
as a result of thread:
https://cygwin.com/pipermail/cygwin/2020-July/245442.html
and comments:
https://cygwin.com/pipermail/cygwin-patches/2020q3/010331.html
Relate Cygwin DLL to Unix kernel,
add required options to command examples,
differentiate Unix and Cygwin commands;
mention that the cygwin package contains the DLL,
replace setup.exe reference by Cygwin Setup program wording.
testsuite: Fix iconv tests to use new encoding config defines
_ICONV_CONVERTER -> ICONV_FROM_ENCODING. It's not perfect, as the
library can support different from/to encodings now, but at least in
the default configurations the tests now work.
libc/iconv: find_alias was mis-computing remaining alias table length
This caused the strnstr to walk off the end of the alias array and
fetch invalid data. Instead of attempting to update 'len', just
re-compute it based on the table end pointer that is already known.
Cygwin: convert sys_wcstombs/sys_mbstowcs wrapper to inline functions
This should slightly speed up especially path conversions,
given there's one less function call rearranging all function
arguments in registers/stack (and less stack pressure).
For clarity, rename overloaded sys_wcstombs to _sys_wcstombs
and sys_cp_mbstowcs to _sys_mbstowcs.
Re: CPU microcode reported wrong in /proc/cpuinfo
https://sourceware.org/pipermail/cygwin/2020-May/245063.html
earlier Windows releases used different registry values to store microcode
revisions depending on the MSR name being used to get microcode revisions:
add these alternative registry values to the cpuinfo registry value lookup;
iterate thru the registry data until a valid microcode revision is found;
some revision values are in the high bits, so if the low bits are all clear,
shift the revision value down into the low bits
sys_mbstowcs is called with the destination buffer length
set to MaximumLength from the receiving UNICODE_STRING buffer.
This is twice as much as the actual size of the buffer in
wchar_t units, which is the unit expected by sys_mbstowcs.
sys_mbstowcs always attaches a NUL, within the destination
buffersize given. But if the string is exactly one wchar_t
less than the actual buffer, and the buffersize is given too
large, sys_mbstowcs writes a NUL one wchar_t beyond the buffer.
This has only been exposed with Cygwin 3.1.5 because alloca
on newer gcc 9 apparently allocates more tightly. The alloca
buffer here is requested with 16 bytes, which is exactly the
number of bytes required for the string L"cmd.exe". Older gcc
apparently allocated a few more bytes on the stack, while gcc 9
allocates in 16 byte granularity...
Fix this by giving the correct destination buffer size to
sys_mbstowcs.