[newlib-cygwin/main] Cygwin: signals: pop return address from signal stack earlier

Corinna Vinschen via Cygwin-cvs Fri, 14 Mar 2025 07:32:08 -0700

https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=11a9cfe82f1e27f76fc17144c90034ea091d6ae1


commit 11a9cfe82f1e27f76fc17144c90034ea091d6ae1
Author:     Takashi Yano <takashi.y...@nifty.ne.jp>
AuthorDate: Thu Mar 13 23:28:53 2025 +0100
Commit:     Corinna Vinschen <cori...@vinschen.de>
CommitDate: Fri Mar 14 15:12:46 2025 +0100

    Cygwin: signals: pop return address from signal stack earlier
    
    Commit a942476236b5 ("Cygwin: sigdelayed: pop return address from
    signal stack earlier")  failed to take two facts into account:
    - _cygtls::call_signal_handler() potentially needs the return address
      as well, and
    - the signal handler may be interrupted by another signal.
    
    Revert the change in sigdelayed() and handle the signal stack manipulation
    in _cygtls::call_signal_handler() instead.
    
    Given we're poping the latest addresses from the signal stack early,
    there's no need for a big signal stack anymore.  Reduce the size of the
    stack to 4 entries, plus one dummy entry.  Move _cygtls::pop() from
    assembler to C++ code and make sure that stackptr neither underflows nor
    overflows the signal stack.
    
    Fixes: a942476236b5 ("Cygwin: sigdelayed: pop return address from signal 
stack earlier")
    Co-authored-by: Corinna Vinschen <cori...@vinschen.de>
    Signed-off-by: Takashi Yano <takashi.y...@nifty.ne.jp>
    Signed-off-by: Corinna Vinschen <cori...@vinschen.de>

Diff:
---
 winsup/cygwin/exceptions.cc           | 27 +++++++++++++++++++++++++++
 winsup/cygwin/local_includes/cygtls.h | 19 ++++++++++++++++---
 winsup/cygwin/scripts/gendef          | 35 ++++++-----------------------------
 3 files changed, 49 insertions(+), 32 deletions(-)

diff --git a/winsup/cygwin/exceptions.cc b/winsup/cygwin/exceptions.cc
index a05883e3fc4f..d71345eb3d60 100644
--- a/winsup/cygwin/exceptions.cc
+++ b/winsup/cygwin/exceptions.cc
@@ -1768,6 +1768,12 @@ _cygtls::call_signal_handler ()
       reset_signal_arrived ();
       incyg = false;
       current_sig = 0; /* Flag that we can accept another signal */
+
+      /* We have to fetch the original return address from the signal stack
+        prior to calling the signal handler.  This avoids filling up the
+        signal stack if the signal handler longjumps (longjmp/setcontext). */
+      __tlsstack_t orig_retaddr = pop ();
+      __tlsstack_t *orig_stackptr = stackptr;
       unlock ();       /* unlock signal stack */
 
       /* Alternate signal stack requested for this signal and alternate signal
@@ -1844,6 +1850,27 @@ _cygtls::call_signal_handler ()
           signal handler. */
        thisfunc (thissig, &thissi, thiscontext);
 
+      lock ();
+      switch (stackptr - orig_stackptr)
+       {
+       case 2: /* sigdelayed + added retaddr, pop sigdelayed */
+         pop ();
+         fallthrough;
+       case 1: /* added retaddr */
+         {
+           __tlsstack_t added_retaddr = pop();
+           push (orig_retaddr);
+           push (added_retaddr);
+         }
+         break;
+       case 0:
+         push (orig_retaddr);
+         break;
+       default:
+         api_fatal ("Signal stack corrupted (%D)?", stackptr - orig_stackptr);
+       }
+      unlock ();
+
       incyg = true;
 
       set_signal_mask (_my_tls.sigmask, (this_sa_flags & SA_SIGINFO)
diff --git a/winsup/cygwin/local_includes/cygtls.h 
b/winsup/cygwin/local_includes/cygtls.h
index dfd3198435a4..079ada99a762 100644
--- a/winsup/cygwin/local_includes/cygtls.h
+++ b/winsup/cygwin/local_includes/cygtls.h
@@ -26,7 +26,9 @@ details. */
 # define UNLEN 256
 #endif
 
-#define TLS_STACK_SIZE 256
+/* Room for two full frames including an extra sigdelayed, plus an
+   empty slot so stackptr never grows beyond the stack. */
+#define TLS_STACK_SIZE 5
 
 #include "cygthread.h"
 
@@ -206,8 +208,19 @@ public: /* Do NOT remove this public: line, it's a marker 
for gentls_offsets. */
   void init_thread (void *, DWORD (*) (void *, void *));
   static void call (DWORD (*) (void *, void *), void *);
   void remove (DWORD);
-  void push (__tlsstack_t addr) {*stackptr++ = (__tlsstack_t) addr;}
-  __tlsstack_t pop ();
+  void push (__tlsstack_t addr)
+  {
+    /* Make sure stackptr never points beyond stack (to initialized). */
+    if (stackptr < (__tlsstack_t *) stack + TLS_STACK_SIZE - 1)
+      *stackptr++ = (__tlsstack_t) addr;
+  }
+  __tlsstack_t pop ()
+  {
+    /* Make sure stackptr never points below stack (to itself). */
+    if (stackptr > stack)
+      --stackptr;
+    return *stackptr;
+  }
   __tlsstack_t retaddr () {return stackptr[-1];}
   bool isinitialized () const
   {
diff --git a/winsup/cygwin/scripts/gendef b/winsup/cygwin/scripts/gendef
index e3bcae5b7351..a2f0392bc860 100755
--- a/winsup/cygwin/scripts/gendef
+++ b/winsup/cygwin/scripts/gendef
@@ -161,7 +161,7 @@ _sigbe:                                             # 
return here after cygwin syscall
        jz      2f                              #  if so
        pause
        jmp     1b                              #  and loop
-2:     movq    \$-8,%r11                       # decrement signal stack
+2:     movq    \$-8,%r11                       # now decrement aux stack
        xaddq   %r11,_cygtls.stackptr(%r10)     #  and get pointer
        movq    -8(%r11),%r11                   # get return address from 
signal stack
        decl    _cygtls.incyg(%r10)
@@ -250,16 +250,6 @@ sigdelayed:
 
        movq    %gs:8,%r12                      # get tls
        movl    _cygtls.saved_errno(%r12),%r15d # temporarily save saved_errno
-
-       # We have to fetch the original return address from the signal stack
-       # prior to calling the signal handler.  This avoids filling up the
-       # signal stack if the signal handler longjumps (longjmp/setcontext).
-       # Store the return address in a callee-saved register (r13).
-       movq    \$-8,%r11                       # decrement signal stack
-       xaddq   %r11,_cygtls.stackptr(%r12)     #  and get pointer
-       xorq    %r13,%r13
-       xchgq   %r13,-8(%r11)                   # get return address from 
signal stack
-
        movq    \$_cygtls.start_offset,%rcx     # point to beginning of tls 
block
        addq    %r12,%rcx                       #  and store as first arg to 
method
        call    _ZN7_cygtls19call_signal_handlerEv      # call handler
@@ -270,13 +260,15 @@ sigdelayed:
        jz      2f                              #  if so
        pause
        jmp     1b                              #  and loop
-
 2:     testl   %r15d,%r15d                     # was saved_errno < 0
        jl      3f                              # yup.  ignore it
        movq    _cygtls.errno_addr(%r12),%r11
        movl    %r15d,(%r11)
-
-3:     xorl    %r11d,%r11d
+3:     movq    \$-8,%r11                       # now decrement aux stack
+       xaddq   %r11,_cygtls.stackptr(%r12)     #  and get pointer
+       xorq    %r10,%r10
+       xchgq   %r10,-8(%r11)                   # get return address from 
signal stack
+       xorl    %r11d,%r11d
        movl    %r11d,_cygtls.incyg(%r12)
        movl    %r11d,_cygtls.stacklock(%r12)   # release lock
 
@@ -293,10 +285,6 @@ sigdelayed:
        movl    0x24(%rsp),%ebx
        addq    %rbx,%rsp
 
-       # Before restoring callee-saved registers, move return address from
-       # callee-saved r13 to caller-saved r10.
-       movq    %r13, %r10
-
        popq    %rax
        popq    %rbx
        popq    %rcx
@@ -320,17 +308,6 @@ sigdelayed:
 _sigdelayed_end:
        .global _sigdelayed_end
 
-# _cygtls::pop
-       .global _ZN7_cygtls3popEv
-       .seh_proc _ZN7_cygtls3popEv
-_ZN7_cygtls3popEv:
-       .seh_endprologue
-       movq    \$-8,%r11
-       xaddq   %r11,_cygtls.stackptr_p(%rcx)
-       movq    -8(%r11),%rax
-       ret
-       .seh_endproc
-
        .seh_proc stabilize_sig_stack
 stabilize_sig_stack:
        pushq   %r12

[newlib-cygwin/main] Cygwin: signals: pop return address from signal stack earlier

Reply via email to