svn commit: r251047 - in head: lib/libc/amd64/gen lib/libc/arm/gen lib/libc/gen lib/libc/i386/gen lib/libc/ia64/gen lib/libc/mips/gen lib/libc/powerpc/gen lib/libc/powerpc64/gen lib/libc/sparc64/ge...

Konstantin Belousov kib at FreeBSD.org
Tue May 28 04:54:19 UTC 2013 

Author: kib
Date: Tue May 28 04:54:16 2013
New Revision: 251047
URL: http://svnweb.freebsd.org/changeset/base/251047

Log:
  The getcontext() from the __fillcontextx() call in the
  check_deferred_signal() returns twice, since handle_signal() emulates
  the return from the normal signal handler by sigreturn(2)ing the
  passed context.  Second return is performed on the destroyed stack
  frame, because __fillcontextx() has already returned.  This causes
  undefined and bad behaviour, usually the victim thread gets SIGSEGV.
  
  Avoid nested frame and the need to return from it by doing direct call
  to getcontext() in the check_deferred_signal() and using a new private
  libc helper __fillcontextx2() to complement the context with the
  extended CPU state if the deferred signal is still present.
  
  The __fillcontextx() is now unused, but is kept to allow older
  libthr.so to be used with the new libc.
  
  Mark __fillcontextx() as returning twice [1].
  
  Reported by:	pgj
  Pointy hat to:	kib
  Discussed with:	dim
  Tested by:	pgj, dim
  Suggested by:	jilles [1]
  MFC after:	1 week

Modified:
  head/lib/libc/amd64/gen/getcontextx.c
  head/lib/libc/arm/gen/getcontextx.c
  head/lib/libc/gen/Symbol.map
  head/lib/libc/i386/gen/getcontextx.c
  head/lib/libc/ia64/gen/getcontextx.c
  head/lib/libc/mips/gen/getcontextx.c
  head/lib/libc/powerpc/gen/getcontextx.c
  head/lib/libc/powerpc64/gen/getcontextx.c
  head/lib/libc/sparc64/gen/getcontextx.c
  head/lib/libthr/thread/thr_sig.c
  head/sys/sys/ucontext.h

Modified: head/lib/libc/amd64/gen/getcontextx.c
==============================================================================
--- head/lib/libc/amd64/gen/getcontextx.c	Mon May 27 22:45:05 2013	(r251046)
+++ head/lib/libc/amd64/gen/getcontextx.c	Tue May 28 04:54:16 2013	(r251047)
@@ -57,14 +57,12 @@ __getcontextx_size(void)
 }
 
 int
-__fillcontextx(char *ctx)
+__fillcontextx2(char *ctx)
 {
 	struct amd64_get_xfpustate xfpu;
 	ucontext_t *ucp;
 
 	ucp = (ucontext_t *)ctx;
-	if (getcontext(ucp) == -1)
-		return (-1);
 	if (xstate_sz != 0) {
 		xfpu.addr = (char *)(ucp + 1);
 		xfpu.len = xstate_sz;
@@ -80,6 +78,18 @@ __fillcontextx(char *ctx)
 	return (0);
 }
 
+int
+__fillcontextx(char *ctx)
+{
+	ucontext_t *ucp;
+
+	ucp = (ucontext_t *)ctx;
+	if (getcontext(ucp) == -1)
+		return (-1);
+	__fillcontextx2(ctx);
+	return (0);
+}
+
 __weak_reference(__getcontextx, getcontextx);
 
 ucontext_t *

Modified: head/lib/libc/arm/gen/getcontextx.c
==============================================================================
--- head/lib/libc/arm/gen/getcontextx.c	Mon May 27 22:45:05 2013	(r251046)
+++ head/lib/libc/arm/gen/getcontextx.c	Tue May 28 04:54:16 2013	(r251047)
@@ -40,6 +40,13 @@ __getcontextx_size(void)
 }
 
 int
+__fillcontextx2(char *ctx)
+{
+
+	return (0);
+}
+
+int
 __fillcontextx(char *ctx)
 {
 	ucontext_t *ucp;

Modified: head/lib/libc/gen/Symbol.map
==============================================================================
--- head/lib/libc/gen/Symbol.map	Mon May 27 22:45:05 2013	(r251046)
+++ head/lib/libc/gen/Symbol.map	Tue May 28 04:54:16 2013	(r251047)
@@ -529,5 +529,6 @@ FBSDprivate_1.0 {
 	__elf_aux_vector;
 	__pthread_map_stacks_exec;
 	__fillcontextx;
+	__fillcontextx2;
 	__getcontextx_size;
 };

Modified: head/lib/libc/i386/gen/getcontextx.c
==============================================================================
--- head/lib/libc/i386/gen/getcontextx.c	Mon May 27 22:45:05 2013	(r251046)
+++ head/lib/libc/i386/gen/getcontextx.c	Tue May 28 04:54:16 2013	(r251047)
@@ -89,14 +89,12 @@ __getcontextx_size(void)
 }
 
 int
-__fillcontextx(char *ctx)
+__fillcontextx2(char *ctx)
 {
 	struct i386_get_xfpustate xfpu;
 	ucontext_t *ucp;
 
 	ucp = (ucontext_t *)ctx;
-	if (getcontext(ucp) == -1)
-		return (-1);
 	if (xstate_sz != 0) {
 		xfpu.addr = (char *)(ucp + 1);
 		xfpu.len = xstate_sz;
@@ -112,6 +110,18 @@ __fillcontextx(char *ctx)
 	return (0);
 }
 
+int
+__fillcontextx(char *ctx)
+{
+	ucontext_t *ucp;
+
+	ucp = (ucontext_t *)ctx;
+	if (getcontext(ucp) == -1)
+		return (-1);
+	__fillcontextx2(ctx);
+	return (0);
+}
+
 __weak_reference(__getcontextx, getcontextx);
 
 ucontext_t *

Modified: head/lib/libc/ia64/gen/getcontextx.c
==============================================================================
--- head/lib/libc/ia64/gen/getcontextx.c	Mon May 27 22:45:05 2013	(r251046)
+++ head/lib/libc/ia64/gen/getcontextx.c	Tue May 28 04:54:16 2013	(r251047)
@@ -40,6 +40,13 @@ __getcontextx_size(void)
 }
 
 int
+__fillcontextx2(char *ctx)
+{
+
+	return (0);
+}
+
+int
 __fillcontextx(char *ctx)
 {
 	ucontext_t *ucp;

Modified: head/lib/libc/mips/gen/getcontextx.c
==============================================================================
--- head/lib/libc/mips/gen/getcontextx.c	Mon May 27 22:45:05 2013	(r251046)
+++ head/lib/libc/mips/gen/getcontextx.c	Tue May 28 04:54:16 2013	(r251047)
@@ -40,6 +40,13 @@ __getcontextx_size(void)
 }
 
 int
+__fillcontextx2(char *ctx)
+{
+
+	return (0);
+}
+
+int
 __fillcontextx(char *ctx)
 {
 	ucontext_t *ucp;

Modified: head/lib/libc/powerpc/gen/getcontextx.c
==============================================================================
--- head/lib/libc/powerpc/gen/getcontextx.c	Mon May 27 22:45:05 2013	(r251046)
+++ head/lib/libc/powerpc/gen/getcontextx.c	Tue May 28 04:54:16 2013	(r251047)
@@ -40,6 +40,13 @@ __getcontextx_size(void)
 }
 
 int
+__fillcontextx2(char *ctx)
+{
+
+	return (0);
+}
+
+int
 __fillcontextx(char *ctx)
 {
 	ucontext_t *ucp;

Modified: head/lib/libc/powerpc64/gen/getcontextx.c
==============================================================================
--- head/lib/libc/powerpc64/gen/getcontextx.c	Mon May 27 22:45:05 2013	(r251046)
+++ head/lib/libc/powerpc64/gen/getcontextx.c	Tue May 28 04:54:16 2013	(r251047)
@@ -40,6 +40,13 @@ __getcontextx_size(void)
 }
 
 int
+__fillcontextx2(char *ctx)
+{
+
+	return (0);
+}
+
+int
 __fillcontextx(char *ctx)
 {
 	ucontext_t *ucp;

Modified: head/lib/libc/sparc64/gen/getcontextx.c
==============================================================================
--- head/lib/libc/sparc64/gen/getcontextx.c	Mon May 27 22:45:05 2013	(r251046)
+++ head/lib/libc/sparc64/gen/getcontextx.c	Tue May 28 04:54:16 2013	(r251047)
@@ -40,6 +40,13 @@ __getcontextx_size(void)
 }
 
 int
+__fillcontextx2(char *ctx)
+{
+
+	return (0);
+}
+
+int
 __fillcontextx(char *ctx)
 {
 	ucontext_t *ucp;

Modified: head/lib/libthr/thread/thr_sig.c
==============================================================================
--- head/lib/libthr/thread/thr_sig.c	Mon May 27 22:45:05 2013	(r251046)
+++ head/lib/libthr/thread/thr_sig.c	Tue May 28 04:54:16 2013	(r251047)
@@ -323,8 +323,13 @@ check_deferred_signal(struct pthread *cu
 		return;
 
 #if defined(__amd64__) || defined(__i386__)
-	uc = alloca(__getcontextx_size());
-	__fillcontextx((char *)uc);
+	int uc_len;
+	uc_len = __getcontextx_size();
+	uc = alloca(uc_len);
+	getcontext(uc);
+	if (curthread->deferred_siginfo.si_signo == 0)
+		return;
+	__fillcontextx2((char *)uc);
 #else
 	ucontext_t ucv;
 	uc = &ucv;

Modified: head/sys/sys/ucontext.h
==============================================================================
--- head/sys/sys/ucontext.h	Mon May 27 22:45:05 2013	(r251046)
+++ head/sys/sys/ucontext.h	Tue May 28 04:54:16 2013	(r251047)
@@ -80,7 +80,8 @@ int	swapcontext(ucontext_t *, const ucon
 
 #if __BSD_VISIBLE
 int __getcontextx_size(void);
-int __fillcontextx(char *ctx);
+int __fillcontextx(char *ctx) __returns_twice;
+int __fillcontextx2(char *ctx);
 #endif
 
 __END_DECLS

More information about the svn-src-head mailing list