Corinna Vinschen [Fri, 28 Oct 2022 08:00:17 +0000 (10:00 +0200)]
Cygwin: /proc/<PID>/maps: output cygheap info
Now that the cygheap isn't part of the CYgwin DLL anymore, we have a
known memory location which is not known in maps output. Fix that by
checking for cygheap address (same in all processes) and add to output.
Corinna Vinschen [Thu, 27 Oct 2022 11:05:36 +0000 (13:05 +0200)]
Cygwin: drop objcopy .gnu_debuglink juggle
Prior to 591fec858d01 ("Cygwin: decouple cygheap from Cygwin DLL")
the .cygheap section was required to stay the last section in the
final binary. That required some juggling with objcopy to make
sure the .gnu_debuglink section is prior to the .cygheap section
in the final DLL.
Corinna Vinschen [Wed, 26 Oct 2022 19:22:19 +0000 (21:22 +0200)]
Cygwin: decouple shared mem regions from Cygwin DLL
Another reason ASLR may fail is the coupling of the standard shared
mem regions (global, userinfo, process info, shared console) to the
address of the Cygwin DLL. They are always placed in fixed addresses
preceeding the Cygwin DLL's address. With ASLR this is bound to fail.
Use a fixed, unused memory area to place the shared mem regions.
This also allows to simplify the shared memory creation. There's
no reason anymore to rebase the regions and rather than offsets,
just use the addresses directly.
Corinna Vinschen [Wed, 26 Oct 2022 19:16:35 +0000 (21:16 +0200)]
Cygwin: decouple cygheap from Cygwin DLL
One reason that ASLR is tricky is the fact that the cygheap
is placed at the end of the DLL and especially that it's expected
to be growable. To support ASLR, this construct must go.
Define dedicated cygheap memory region and reserve entire region.
Commit 3 Megs, as was the default size of the cygheap before.
Fix linker script accordingly, drop a now useless version check
in get_cygwin_startup_info().
Sebastian Huber [Mon, 24 Oct 2022 09:05:14 +0000 (11:05 +0200)]
powerpc/setjmp: Fix 64-bit support
The first attempt to support the 64-bit mode had two bugs:
1. The saved general-purpose register 31 value was overwritten with the saved
link register value.
2. The link register was saved and restored using 32-bit instructions.
Use 64-bit store/load instructions to save/restore the link register. Make
sure that the general-purpose register 31 and the link register storage areas
do not overlap.
Corinna Vinschen [Fri, 28 Oct 2022 10:42:51 +0000 (12:42 +0200)]
Cygwin: stop handling files with .com suffix like .exe files
.com is a remnant from the past. There are only five executables
left:
chcp.com
format.com
mode.com
more.com
tree.com
Calling them on the command line already requires to use the
suffix anyway. So drop useless .com test from the execve test
for scripts (they are handled earlier in the same function
as executables) and do not handle them like .exe suffixes in
other functions.
The previous commit 14816de9af69 ("Cygwin: spawn: drop special handling
for cmd.exe and command.com") make this patch unnecessary. The filename
argument (i. e., run_path in the caller) is now always non-NULL.
Corinna Vinschen [Fri, 28 Oct 2022 10:24:13 +0000 (12:24 +0200)]
Cygwin: spawn: drop special handling for cmd.exe and command.com
Apparently at one point handling cmd.exe and command.com special
made sense, but what that should be has never been documented.
There's also no clear reason why cmd.exe is different from any
other native executable. Additionaly, checking for command.com
is entirely useless on 64 bit Windows anyway.
Jon Turney [Thu, 27 Oct 2022 21:51:28 +0000 (22:51 +0100)]
Fix warning during manpage generaton
> ERROR: xref linking to Stubs has no generated link text.
> Error: no ID for constraint linkend: Stubs.
(Despite saying "ERROR", this is actually a warning, and manpages are
still generated)
Improve chapter-texi2docbook so it generates elements for texinfo
sections as well, so that a cross-reference to the "Stubs" section
contains a valid element ID.
- If the command executed is 'cmd.exe /c [...]', runpath in spawn.cc
will be NULL. In this case, is_console_app(runpath) check causes
access violation. This case also the command executed is obviously
console app., therefore, treat it as console app to fix this issue.
Simon Cook [Tue, 18 Oct 2022 19:48:56 +0000 (21:48 +0200)]
libgloss: riscv: Install machine/syscall.h
A recent change to the Makefile.in for riscv resulted in the
machine/syscall.h header not being installed. This updates the file
to install this file again.
Signed-off-by: Simon Cook <simon.cook@embecosm.com>
Ken Brown [Fri, 23 Sep 2022 14:24:04 +0000 (10:24 -0400)]
Cygwin: select: don't report read ready on a FIFO never opened for writing
According to POSIX and the Linux man page, select(2) is supposed to
report read ready if a file is at EOF. In the case of a FIFO, this
means that the pipe is empty and there are no writers. But there
seems to be an undocumented exception, observed on Linux and other
platforms: If no writer has ever been opened, then select(2) does not
report read ready. This can happen if a reader is opened with
O_NONBLOCK before any writers have opened.
This commit makes Cygwin consistent with those other platforms by
introducing a special EOF test, fhandler_fifo::select_hit_eof, which
returns false if there's never been a writer opened.
To implement this we use a new variable '_writer_opened' in the FIFO's
shared memory, which is set to 1 the first time a writer opens. New
methods writer_opened() and set_writer_opened() are used to test and
set this variable.
ld: B/arm-none-eabi/lib/libg.a(libc_a-mallocr.o): in function `malloc_extend_top':
S/newlib-cygwin/newlib/libc/stdlib/_mallocr.c:2161: undefined reference to `sysconf'
Jeff Johnston [Fri, 16 Sep 2022 20:04:21 +0000 (16:04 -0400)]
Implement sysconf for Arm
- add support for using sysconf to get page size in _mallocr.c via
HAVE_SYSCONF_PAGESIZE flag set in configure.host
- set flag in configure.host for arm and add a default sysconf implementation
in libc/sys/arm that returns the page size
- the default implementation can be overridden outside newlib to allow a
different page size to improve malloc on devices with a small footprint
without needing to rebuild newlib
- this patch is based on a contribution from Torbjorn Svensson and
Niklas Dahlquist (https://ecos.sourceware.org/ml/newlib/current/017616.html)
deraadt [Sun, 24 Mar 2019 17:56:54 +0000 (17:56 +0000)]
upstream OpenBSD: arc4random: replace abort() with _exit()
In the incredibly unbelievable circumstance where _rs_init() fails to
allocate pages, don't call abort() because of corefile data leakage
concerns, but simply _exit(). The reasoning is _rs_init() will only fail
if someone finds a way to apply specific pressure against this failure
point, for the purpose of leaking information into a core which they can
read. We don't need a corefile in this instance to debug that. So take
this "lever" away from whoever in the future wants to do that.
The patch fixing the alignment of _cygtls::context accidentally
pushed the desperate attempt to automate the alignment by using
another, non-working variation of attribute((aligned)). Drop it.
In the nano version of malloc, when the last chunk is to be extended,
there is no need to acount for the header again as it's already taken
into account in the overall "alloc_size" at the beginning of the
function.
When using nano malloc and the remaning heap space is not big enough to
fullfill the allocation, malloc will attempt to merge the last chunk in
the free list with a new allocation in order to create a bigger chunk.
This is successful, but the chunk still remains in the free_list, so
any later call to malloc can give out the same region without it first
being freed.
Restore _lock initialization in non-single threaded mode
When __SINGLE_THREAD__ is not defined, stdin, stdout and stderr needs
to have their _lock instance initialized. The __sfp() method is not
invoked for the 3 mentioned fds thus, the std() method needs to handle
the initialization of the lock.
Corinna Vinschen [Mon, 29 Aug 2022 13:18:53 +0000 (15:18 +0200)]
Cygwin: cygtls: fix context alignment
A hang was encountered, apparently triggered by commit 63b503916d42,
changing tls_pathbufs from malloc'ed to HeapAlloc'ed memory. After
lengthy debugging it transpired that adding the heap handle to the
tls_pathbuf struct added 8 bytes to the cygtls area, thus moving
the "context" member by 8 bytes, too, so it was suddently unaligned.
Fix this for now by changing the alignment.
Fix this once and for all, by adding code to the gentls_offsets script
to check if the alignment of the "context" member is 16 bytes. If not,
print a matching error message, remove the just generated file, and exit
with error.
FIXME: It would be really nice to find a way to auomate the correct
alignment of the "context" member, but I don't see any way to use
alignment attributes to get what we need here.
Corinna Vinschen [Mon, 29 Aug 2022 10:25:24 +0000 (12:25 +0200)]
Cygwin: fork: fix a potential hang in fork
while debugging a problem introduced in commit 63b503916d42 ("Cygwin: tls_pathbuf: Use Windows heap")
a hang in fork was encountered using the original implementation
of tls_pathbuf:
Using tmp_pathbuf inside the code block guarded by __malloc_trylock
may call malloc from tmp_pathbuf::w_get and thus trying to lock an
exclusive SRW lock recursively, which results in a deadlock.
Allocate a small SECURITY_ATTRIBUTES block on the stack rather than
allocating a 64K tmp_pathbuf. This avoids the potential malloc call.
Drop the __malloc_trylock call entirely. There must not be a malloc
call inside the frok::parent block guarded by __malloc_lock, and
just trying to lock is too dangerous inside fork while other threads
might actually chage the content of the heap. Additionally, add a
comment frowning on malloc usage inside tis code block.
Corinna Vinschen [Tue, 23 Aug 2022 08:59:18 +0000 (10:59 +0200)]
Cygwin: tls_pathbuf: Use Windows heap
Rather than using malloc/free for the buffers, we're now using
HeapAlloc/HeapFree on a HEAP_NO_SERIALIZE heap created for this
thread.
Advantages:
- Less contention. Our malloc/free doesn't scale well in
multithreaded scenarios
- Even faster heap allocation by using a non serialized heap.
- Internal, local, temporary data not cluttering the user heap.
- Internal, local, temporary data not copied over to child process
at fork().
Disadvantage:
- A forked process has to start allocating temporary buffers from
scratch. However, this should be alleviated by the fact that
buffer allocation usually reaches its peak very early in process
runtime, so the longer the proceess runs, the less buffers have
to allocated, and, only few processes don't exec after fork
anyway.
Corinna Vinschen [Mon, 22 Aug 2022 12:28:11 +0000 (14:28 +0200)]
Cygwin: shm: Convert muto into SRWLOCK and avoid overlocking
shmat may call shmget. shmget locks by itself as necessary,
so there's no reason to keep the lock active and recurse into
the lock. Use SRWLOCK and only lock as required.
Corinna Vinschen [Mon, 22 Aug 2022 12:25:05 +0000 (14:25 +0200)]
Cygwin: authz: Use dedicated locks per datastructure
So far we use a single muto to guard three different datastructures
inside class authz_ctx: the authz HANDLE, the user context HANDLE
and the context cache list. Split the single muto into three
independent SRWLOCKs and guard all datastrcutures as necessary to
avoid thread contention.
Corinna Vinschen [Mon, 22 Aug 2022 10:01:15 +0000 (12:01 +0200)]
Cygwin: smallprint.cc: Convert tmpbuf to lockless
The old technique was from a time when we had to reduce stack pressure
by moving 64K buffers elsewhere. It was implemented using a static
global buffer, guarded by a muto. However, that adds a lock which may
unnecessarily serialize threads.
Use Windows heap buffers per invocation instead. HeapAlloc/HeapFree are
pretty fast, scale nicely in multithreaded scenarios and don't serialize
threads unnecessarily.
Corinna Vinschen [Sat, 20 Aug 2022 19:14:57 +0000 (21:14 +0200)]
Cygwin: profiler: Fix linking when building with -DDEBUGGING
CloseHandle gets redefined to a macro calling an internal function
in debug.h when building with -DDEBUGGING, but profiler has no access
to that function.
This patch makes syscalls for SH architecture respecting the global option
"--disable-newlib-supplied-syscalls". This is useful when a bare-metal
toolchain is needed.
is sufficient to reproduce a crash in _newlocale_r. After the first call
to newlocale, `st' points to __C_locale, which is const. When using `st'
as locale base in the second call, _newlocale_r tries to set pointers
inside base to NULL. This is bad if base is __C_locale, obviously.
Add a test to avoid trying to overwrite pointer values inside base if
base is __C_locale.
Corinna Vinschen [Wed, 10 Aug 2022 15:40:06 +0000 (17:40 +0200)]
Cygwin: rename CygwinCreateThread to create_posix_thread
Rename CygwinCreateThread to create_posix_thread and move
from miscfuncs.cc to create_posix_thread.cc, inbcluding all
related functions. Analogue for the prototypes.
Ken Brown [Tue, 9 Aug 2022 19:14:07 +0000 (15:14 -0400)]
Cygwin: fix return value of symlink_info::check
Currently it is possible for symlink_info::check to return -1 in case
we're searching for foo and find foo.lnk that is not a Cygwin symlink.
This contradicts the new meaning attached to a negative return value
in commit 19d59ce75d. Fix this by setting "res" to 0 at the beginning
of the main loop and not seting it to -1 later.
Also fix the commentary preceding the function definition to reflect
the current behavior.
provide entire internal and external pthread API from inside the
same file.
While I dislike to have another even larger file, this is basically
cleaning up the source and grouping the external API into useful
chunks. Splitting the file cleanly is tricky due to usage of inline
methods is_good_object and verifyable_object_isvalid.
- DevDocs: doc files
- fhandler: fhandler sources, split fhandler.cc into base.cc and null.cc
- local_includes: local include files
- scripts: scripts called during build
- sec: security sources
Cygwin: use locale-aware conversion to UNICODE_STRING checking mount points
mount_info::get_mounts_here used RtlCreateUnicodeStringFromAsciiz
which translates bytes into wide chars verbatim.
Create a new function sys_mbstouni_alloc which can be used from
mount_info::get_mounts_here to convert multibyte mount point
strings to UNICODE_STRINGS in a locale-aware way.
For symmetry, create a function mount_info::free_mounts_here,
so the knwoledge how to free the UNICODE_STRING buffers is
encapsulated in the same class.
Ken Brown [Wed, 3 Aug 2022 20:45:23 +0000 (16:45 -0400)]
Cygwin: syscalls.cc: remove ".dll" from blessed_executable_suffixes
This reverts commit d9e9c7b5a7. The latter added ".dll" to the
blessed_executable_suffixes array because on 32-bit Windows, the
GetBinaryType function would report that a 64-bit DLL is an
executable, contrary to the documentation of that function.
That anomaly does not exist on 64-bit Windows, so we can remove ".dll"
from the list. Reverting the commit does, however, change the
behavior of the rename(2) syscall in the following unlikely situation:
Suppose we have an executable foo.exe and we make the call
rename ("foo", "bar.dll");
Previously, foo.exe would be renamed to bar.dll. So bar.dll would
then be an executable without the .exe extension. The new behavior is
that foo.exe will be renamed to bar.dll.exe. [Exception: If there
already existed an executable (not a DLL!) with the name bar.dll, then
.exe will not be appended.]
Cygwin: syscalls.cc: drop masking macros for standard IO functions
The actual reason for these wrappers are lost in time, there's no
hint even in the pre-2000 ChangeLog files. Apparently they were
masking the prototypes or, alternatively, macros from newlib to
clash with the definitions in syscalls.cc.
They are not needed anymore, so just drop them.
This uncovered that the buffer pointer to pwrite is erronously
non-const. Fix this on the way out.