X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; q=dns; s=
	default; b=u/pAZGvTRbomBpvXh/eOoxN6A1ifnDefMVx+aq7/UMOphIvCUM/Fg
	EmwOKxmIhcBZTg+0KqXQRxrIHSsz0xL6i1jMjmWYLAgJqWQG7KZ9SieVgjGECsf1
	jj+HxM24+k3ppvIJ2yldcYfDlU2kDknRao5Q9Cryi1K10NDJHIpenQ=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; s=default;
	 bh=1ekeC3J7yeO/cOnKRqHeZTWOz3I=; b=WOAmiWzL+iAMI6fuVetI6h/IgkY4
	SZYgv2yDgkIG81yPu5RwhExs5PLsyfQodsOMmPmvAj+qggMRBYaHQm3tJqirKXnv
	xGuMtjWvwcfk9u3/x2htBW5hgT6csWxOCaVXI19BE9PtE24/EFkmjx0/8S18TOao
	8SS/+mlon+Y3P1k=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-5.4 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY autolearn=no version=3.3.2
X-HELO: calimero.vinschen.de
Date: Fri, 26 Jun 2015 21:57:57 +0200
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 2.1.0-0.1
Message-ID: <20150626195757.GY31223@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <announce DOT 20150620205512 DOT GA28301 AT calimero DOT vinschen DOT de> <558706D5 DOT 1020508 AT cornell DOT edu> <20150622110835 DOT GE28301 AT calimero DOT vinschen DOT de> <20150626111249 DOT GS31223 AT calimero DOT vinschen DOT de> <558D3F4C DOT 6090207 AT cornell DOT edu> <20150626141437 DOT GV31223 AT calimero DOT vinschen DOT de> <558D62D7 DOT 8010709 AT cornell DOT edu> <20150626153647 DOT GX31223 AT calimero DOT vinschen DOT de> <558D8409 DOT 2000400 AT cornell DOT edu>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;	protocol="application/pgp-signature"; boundary="kLdbqvpuLRxNeSq5"
Content-Disposition: inline
In-Reply-To: <558D8409.2000400@cornell.edu>
User-Agent: Mutt/1.5.23 (2014-03-12)

--kLdbqvpuLRxNeSq5
Content-Type: multipart/mixed; boundary="qxpYSgLynlcP4boX"
Content-Disposition: inline


--qxpYSgLynlcP4boX
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hi Ken,

On Jun 26 12:55, Ken Brown wrote:
> Hi Corinna,
>=20
> On 6/26/2015 11:36 AM, Corinna Vinschen wrote:
> >Thanks.  Another question:  How does emacs compute stack_bottom?
>=20
> Very near the beginning of main() it does the following:
>=20
>   char stack_bottom_variable;
> [...]
>   /* Record (approximately) where the stack begins.  */
>   stack_bottom =3D &stack_bottom_variable;

Thank you.

I created an STC with your code snippets and it now works for me
(attached for reference).

First problem was the return value of getrlimit(RLIMIT_STACK).

Second problem is emacs.  The check for an offset of the offending
address in si_addr being less than 16K (STACK_DANGER_ZONE) is
non-portable, putting it mildly.  This might work on 32 bit Cygwin (I
didn't test that), but the value is too low for 64 bit Cygwin.  With
STACK_DANGER_ZONE =3D=3D 32K the handler works as desired on 64 bit Cygwin.
Part of the reason is probably the _cygtls area of 12K reserved on each
thread's stack, which moves the address of &stack_bottom_variable to a
pretty low value right from the start.  Another the size of the guard
page area on the main thread (16K).

I had a brief email exchange with a collegue of mine.  Ben allowed me to
quote him, so here are the important snippets of his replies:

- Rlimits are an old way of doing a job and they were to a certain
  extent tied up in the pre-thread world of unix processes.  rlimits
  have never been fully implemented on linux with a way that reproduces
  the unix way in the pre-thread era. rlimits have become a bit of a
  historical legacy and are there for posix compliance and code
  compatibility. The posix language was designed to be vague enough that
  all implementations could be made to conform.

- Rather than making the system implementation conform to some
  unspecified behavior, I think it might be a wise idea to fix emacs
  instead. Looking at the code fragment you posted below(*), I=E2=80=99m not
  entirely convinced that the code would operate as intended on modern
  Linux or Unix. Given that, it may be better to make an implementation
  which does something like the current behavior was intended to do or
  better yet just remove it as a likely latent bug.

(*) Emacs' handle_sigsegv function.

Of course, for testing purposes this is still nice to have, so thank you
for this test, I really appreciate it.

As for getrlimit(RLIMIT_STACK), I changed that as outlined in my former
mail in git.  On second thought, I also changed the values of
MINSIGSTKSZ and SIGSTKSZ.  Instead of 2K and 8K, they are now defined
as 32K and 64K.  The reason is that we then have enough space on the
alternate stack to install a _cygtls area, should the need arise.

I created new developer snapshots on https://cygwin.com/snapshots/
Please give them a try.

Remember to tweak STACK_DANGER_ZONE.  You'll have to rebuild emacs
anyway due to the change to [MIN]SIGSTKSZ.


Thanks,
Corinna

--=20
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--qxpYSgLynlcP4boX
Content-Type: text/plain; charset=utf-8
Content-Disposition: attachment; filename="sigalt.c"

#include <alloca.h>
#include <stdio.h>
#include <stdlib.h>
#include <signal.h>
#include <setjmp.h>
#include <sys/time.h>
#include <sys/resource.h>

int stack_direction;
char *stack_bottom;

sigjmp_buf return_to_command_loop;

/* Attempt to recover from SIGSEGV caused by C stack overflow.  */
static void
handle_sigsegv (int sig, siginfo_t *siginfo, void *arg)
{
  struct rlimit rlim;

  if (!getrlimit (RLIMIT_STACK, &rlim))
    {
      enum { STACK_DANGER_ZONE = 32 * 1024 };
      char *beg, *end, *addr;

      beg = stack_bottom;
      end = stack_bottom + stack_direction * rlim.rlim_cur;
      if (beg > end)
	addr = beg, beg = end, end = addr;
      addr = (char *) siginfo->si_addr;
      /* If we're somewhere on stack and too close to
	 one of its boundaries, most likely this is it.  */
      if (beg < addr && addr < end
	  && (addr - beg < STACK_DANGER_ZONE
	      || end - addr < STACK_DANGER_ZONE))
	siglongjmp (return_to_command_loop, 1);
    }
  /* Otherwise we can't do anything with this.  */
  abort ();
}

static int
init_sigsegv (void)
{
  struct sigaction sa;
  stack_t ss;

  stack_direction = ((char *) &ss < stack_bottom) ? -1 : 1;

  ss.ss_sp = malloc (SIGSTKSZ);
  ss.ss_size = SIGSTKSZ;
  ss.ss_flags = 0;
  if (sigaltstack (&ss, NULL) < 0)
    return 0;

  sigfillset (&sa.sa_mask);
  sa.sa_sigaction = handle_sigsegv;
  sa.sa_flags = SA_SIGINFO | SA_ONSTACK;
  return sigaction (SIGSEGV, &sa, NULL) < 0 ? 0 : 1;
}

void foo ()
{
  int buf[512];
  foo ();
}

int
main ()
{
  char stack_bottom_variable;
  /* Record (approximately) where the stack begins.  */
  stack_bottom = &stack_bottom_variable;

  init_sigsegv ();
  if (!sigsetjmp (return_to_command_loop, 1))
    {
      printf ("command loop before crash\n");
      foo ();
    }
  else
    printf ("command loop after crash\n");
  return 0;
}

--qxpYSgLynlcP4boX--

--kLdbqvpuLRxNeSq5
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJVja7FAAoJEPU2Bp2uRE+gN3QP/2F31yL1mhvel/VhhSLUXrs9
RilJPCKzQpq4Zd6lIZSL1pHj0Isyo1beaGD/MFK1p2izgQxC9hAHIrQX6CqngEMT
gI/zrLEphuu60Cq19T6wf12B4oXO9BxRwCfjz1xhGkm9+993sWsfQ/DSqsJYqmqA
GE1gaqN1SDZkPDiAy8CLMo8VVzl1FJbI9j8ekqIjhAUBrb3e9HdyjisRLSUYyQVL
VtLrRPD8qKD7kwspahk4xWHcUly7B1gO8ExA3eUWVjiMfDZwHBRTP/E9bCF0xFEQ
Ali4u8MT02wpPlSkIHEBXlmtYwplsq9uRg6XEBhFNvybB8porhsDBP9b6sEoH+WU
kpoZvnanepzNN3Gtri7GQilKZLAY8gq4e307UaAhTE1nOfvsS1WCAi4KU1hQ4yDy
5KJNMain/m4d0sG24uJICaKbvf0faIyeNbnpC3yiNv1Zr4PuTl//Eqq4bencdCGn
dM8hoOc12b8lt4Rf3fJf1jxzGjv2OCV1mPV0NcMeFnzAUcasqq4/2odUYw8Uy3ks
9ZWunmIXhsvg5Q7PIPPo93E8vHqEbIpeZKgxpedjt+eM57opiNEj2wbSRjTXGTUo
vy/UkvNEIqNOVyjDDLVhUcKidKgk73gV0uCiV6+CJmU/uXj+OFZrKnZbrSDJ9HYe
l5I9iYdsUqyTmutacSuJ
=tfYg
-----END PGP SIGNATURE-----

--kLdbqvpuLRxNeSq5--