NetBSD Problem Report #57946

From www@netbsd.org  Mon Feb 19 04:24:45 2024
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 97E361A9239
	for <gnats-bugs@gnats.NetBSD.org>; Mon, 19 Feb 2024 04:24:45 +0000 (UTC)
Message-Id: <20240219042444.458CA1A923A@mollari.NetBSD.org>
Date: Mon, 19 Feb 2024 04:24:44 +0000 (UTC)
From: campbell+netbsd@mumble.net
Reply-To: campbell+netbsd@mumble.net
To: gnats-bugs@NetBSD.org
Subject: longjmp fails to restore stack first before restoring signal mask on most architectures
X-Send-Pr-Version: www-1.0

>Number:         57946
>Notify-List:    uwe@NetBSD.org
>Category:       lib
>Synopsis:       longjmp fails to restore stack first before restoring signal mask on most architectures
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          analyzed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Feb 19 04:25:01 +0000 2024
>Closed-Date:    
>Last-Modified:  Fri Aug 23 21:05:28 +0000 2024
>Originator:     Taylor R Campbell
>Release:        current, 10, 9, 8, ...
>Organization:
The NetBSD FoundaSQUIRREL
>Environment:
arm, hppa, i386, ia64, mips, sh3, sparc, sparc64, amd64
>Description:
longjmp(3) is supposed to restore various saved state, including
registers, stack pointer, and signal mask, and then come flying out of
the corresponding call to setjmp(3).

However, if a signal is already pending, and longjmp(3) restores the
signal mask first, the signal handler will be triggered before the
stack pointer has been restored -- which means if the signal handler
itself called longjmp, it may recursively enter on the signal stack
rather than the original stack.
>How-To-Repeat:
// https://www.openwall.com/lists/musl/2024/02/18/16
#include <stdio.h>
#include <signal.h>
#include <setjmp.h>

static volatile long cnt = 1000000;
jmp_buf jb;

void handle(int s)
{
      volatile int x;
      if (cnt % 1000 == 0) printf("%p\n", &x);
      if (!cnt--) return;
      raise(s);
      longjmp(jb, 1);
}

int main()
{
      if (setjmp(jb)) return 0;
      signal(SIGALRM, handle);
      raise(SIGALRM);
}

>Fix:
Restore signal mask last in longjmp (and in siglongjmp for the savemask case).

>Release-Note:

>Audit-Trail:
From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/57946 CVS commit: src
Date: Mon, 19 Feb 2024 04:30:39 +0000

 Module Name:	src
 Committed By:	riastradh
 Date:		Mon Feb 19 04:30:39 UTC 2024

 Modified Files:
 	src/distrib/sets/lists/debug: mi
 	src/distrib/sets/lists/tests: mi
 	src/tests/lib/libc/setjmp: Makefile
 Added Files:
 	src/tests/lib/libc/setjmp: t_sigstack.c

 Log Message:
 longjmp(3): Add test for PR lib/57946.


 To generate a diff of this commit:
 cvs rdiff -u -r1.424 -r1.425 src/distrib/sets/lists/debug/mi
 cvs rdiff -u -r1.1305 -r1.1306 src/distrib/sets/lists/tests/mi
 cvs rdiff -u -r1.2 -r1.3 src/tests/lib/libc/setjmp/Makefile
 cvs rdiff -u -r0 -r1.1 src/tests/lib/libc/setjmp/t_sigstack.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/57946 CVS commit: src/tests/lib/libc/setjmp
Date: Mon, 19 Feb 2024 04:33:21 +0000

 Module Name:	src
 Committed By:	riastradh
 Date:		Mon Feb 19 04:33:21 UTC 2024

 Modified Files:
 	src/tests/lib/libc/setjmp: t_sigstack.c

 Log Message:
 longjmp(3): Paranoia: more error checking in PR lib/57946 test.


 To generate a diff of this commit:
 cvs rdiff -u -r1.1 -r1.2 src/tests/lib/libc/setjmp/t_sigstack.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->analyzed
State-Changed-By: riastradh@NetBSD.org
State-Changed-When: Mon, 19 Feb 2024 04:40:30 +0000
State-Changed-Why:
problem analyzed


From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/57946 CVS commit: src/tests/lib/libc/setjmp
Date: Mon, 19 Feb 2024 12:29:48 +0000

 Module Name:	src
 Committed By:	riastradh
 Date:		Mon Feb 19 12:29:48 UTC 2024

 Modified Files:
 	src/tests/lib/libc/setjmp: t_sigstack.c

 Log Message:
 longjmp(3): Test signal mask vs stack restore with siglongjmp too.

 PR lib/57946


 To generate a diff of this commit:
 cvs rdiff -u -r1.2 -r1.3 src/tests/lib/libc/setjmp/t_sigstack.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/57946 CVS commit: src/tests/lib/libc/setjmp
Date: Mon, 19 Feb 2024 12:41:19 +0000

 Module Name:	src
 Committed By:	riastradh
 Date:		Mon Feb 19 12:41:19 UTC 2024

 Modified Files:
 	src/tests/lib/libc/setjmp: t_sigstack.c

 Log Message:
 longjmp(3) t_sigstack: Print which entry failed.

 PR lib/57946


 To generate a diff of this commit:
 cvs rdiff -u -r1.3 -r1.4 src/tests/lib/libc/setjmp/t_sigstack.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/57946 CVS commit: src/tests/lib/libc/setjmp
Date: Mon, 19 Feb 2024 12:41:27 +0000

 Module Name:	src
 Committed By:	riastradh
 Date:		Mon Feb 19 12:41:27 UTC 2024

 Modified Files:
 	src/tests/lib/libc/setjmp: t_sigstack.c

 Log Message:
 longjmp(3) t_sigstack: Note aarch64 seems to DTRT.

 But only by code inspection; it appears to have another problem: on
 re-entry, the signal handler is called on the normal stack, not on
 the alternate signal stack.

 PR lib/57946


 To generate a diff of this commit:
 cvs rdiff -u -r1.4 -r1.5 src/tests/lib/libc/setjmp/t_sigstack.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/57946 CVS commit: src/tests/lib/libc/setjmp
Date: Mon, 19 Feb 2024 13:34:48 +0000

 Module Name:	src
 Committed By:	riastradh
 Date:		Mon Feb 19 13:34:48 UTC 2024

 Modified Files:
 	src/tests/lib/libc/setjmp: t_sigstack.c

 Log Message:
 longjmp(3) t_sigstack: Use a sigaltstack per handler entry.

 longjmp evidently doesn't reset the state of whether the process is
 executing on the alternate signal stack.  So when we re-enter the
 signal handler, the alternate stack appears to be still in use, and
 the system chooses the original stack for the second call to the
 signal handler -- which trips our assertion asking to verify that the
 signal handler is always using an alternate stack.

 Not strictly necessary for the signal handler to use an alternate
 stack on re-entry, but this makes it clearer that the signal handler
 itself is always using the alternate stack so we can verify that the
 interrupted code is _not_ in the signal handler.

 With this change, the test now passes on aarch64.

 PR lib/57946


 To generate a diff of this commit:
 cvs rdiff -u -r1.5 -r1.6 src/tests/lib/libc/setjmp/t_sigstack.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/57946 CVS commit: src/tests/lib/libc/setjmp
Date: Mon, 19 Feb 2024 19:43:27 +0000

 Module Name:	src
 Committed By:	riastradh
 Date:		Mon Feb 19 19:43:27 UTC 2024

 Modified Files:
 	src/tests/lib/libc/setjmp: t_sigstack.c

 Log Message:
 longjmp(3) t_sigstack: Fix fencepost error.

 Extremely unlikely to cause trouble, but let's just turn that into
 `never' to keep it easier for readers.

 PR lib/57946


 To generate a diff of this commit:
 cvs rdiff -u -r1.6 -r1.7 src/tests/lib/libc/setjmp/t_sigstack.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/57946 CVS commit: src
Date: Thu, 4 Apr 2024 00:46:30 +0000

 Module Name:	src
 Committed By:	riastradh
 Date:		Thu Apr  4 00:46:30 UTC 2024

 Modified Files:
 	src/lib/libc/arch/x86_64/gen: __setjmp14.S __sigsetjmp14.S
 	src/tests/lib/libc/setjmp: t_sigstack.c

 Log Message:
 amd64 longjmp: Restore stack first, then signal mask.

 Otherwise, a pending signal may be delivered on the wrong stack when
 we restore the signal mask.

 While here:

 - Tidy the code a little bit.
 - Sprinkle comments to explain what's going on.
 - Use `xorl %eXX,%eXX' instead of `xorq %rXX,%rXX'.
   => Same effect, one byte shorter, breaks dep chain on more uarches.
 - Use forward branches for statically predicted not-taken.
   => val==0 is unlikely in longjmp

 PR lib/57946


 To generate a diff of this commit:
 cvs rdiff -u -r1.3 -r1.4 src/lib/libc/arch/x86_64/gen/__setjmp14.S \
     src/lib/libc/arch/x86_64/gen/__sigsetjmp14.S
 cvs rdiff -u -r1.7 -r1.8 src/tests/lib/libc/setjmp/t_sigstack.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/57946 CVS commit: src
Date: Thu, 4 Apr 2024 00:46:42 +0000

 Module Name:	src
 Committed By:	riastradh
 Date:		Thu Apr  4 00:46:42 UTC 2024

 Modified Files:
 	src/lib/libc/arch/i386/gen: setjmp.S sigsetjmp.S
 	src/tests/lib/libc/setjmp: t_sigstack.c

 Log Message:
 i386 longjmp: Restore stack first, then signal mask.

 Otherwise, a pending signal may be delivered on the wrong stack when
 we restore the signal mask.

 While here:

 - Tidy the code a little bit.
 - Sprinkle comments to explain what's going on.
 - Use forward branches for statically predicted not-taken.
   => val==0 is unlikely in longjmp

 PR lib/57946


 To generate a diff of this commit:
 cvs rdiff -u -r1.17 -r1.18 src/lib/libc/arch/i386/gen/setjmp.S
 cvs rdiff -u -r1.18 -r1.19 src/lib/libc/arch/i386/gen/sigsetjmp.S
 cvs rdiff -u -r1.8 -r1.9 src/tests/lib/libc/setjmp/t_sigstack.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Nick Hudson" <skrll@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/57946 CVS commit: src/lib/libc/arch/arm/gen
Date: Mon, 6 May 2024 06:57:32 +0000

 Module Name:	src
 Committed By:	skrll
 Date:		Mon May  6 06:57:32 UTC 2024

 Modified Files:
 	src/lib/libc/arch/arm/gen: setjmp.S

 Log Message:
 arm longjmp: Restore stack first, then signal mask.

 Otherwise, a pending signal may be delivered on the wrong stack when
 we restore the signal mask.

 While here:

 - Move the botched sp and lr tests earlier.

 PR lib/57946


 To generate a diff of this commit:
 cvs rdiff -u -r1.18 -r1.19 src/lib/libc/arch/arm/gen/setjmp.S

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: Taylor R Campbell <riastradh@NetBSD.org>
To: gnats-bugs@NetBSD.org
Cc: netbsd-bugs@NetBSD.org
Subject: Re: lib/57946: longjmp fails to restore stack first before restoring signal mask on most architectures
Date: Mon, 6 May 2024 12:07:49 +0000

 The following change updates the test for this bug on 32-bit Arm:

 https://mail-index.netbsd.org/source-changes/2024/05/06/msg151164.html

From: "Taylor R Campbell" <riastradh@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/57946 CVS commit: src/tests/lib/libc/setjmp
Date: Mon, 6 May 2024 12:11:03 +0000

 Module Name:	src
 Committed By:	riastradh
 Date:		Mon May  6 12:11:03 UTC 2024

 Modified Files:
 	src/tests/lib/libc/setjmp: t_sigstack.c

 Log Message:
 tests/lib/libc/setjmp/t_sigstack: Add missing comment for 1.10.

 PR lib/57946


 To generate a diff of this commit:
 cvs rdiff -u -r1.10 -r1.11 src/tests/lib/libc/setjmp/t_sigstack.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: Rin Okuyama <rokuyama.rk@gmail.com>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: lib/57946 longjmp fails to restore stack first before restoring
 signal mask on most architectures
Date: Fri, 5 Jul 2024 19:46:55 +0900

 Any chance to pull up these fixes into netbsd-10?

 Thanks,
 rin

From: Taylor R Campbell <riastradh@NetBSD.org>
To: Rin Okuyama <rokuyama.rk@gmail.com>
Cc: lib-bug-people@NetBSD.org, gnats-admin@NetBSD.org,
	netbsd-bugs@NetBSD.org, uwe@NetBSD.org
Subject: Re: lib/57946 longjmp fails to restore stack first before restoring
	signal mask on most architectures
Date: Fri, 5 Jul 2024 11:21:37 +0000

 > Date: Fri, 5 Jul 2024 19:46:55 +0900
 > From: Rin Okuyama <rokuyama.rk@gmail.com>
 > 
 > Any chance to pull up these fixes into netbsd-10?

 Yes, I think all these changes should be good to pull up to 10 (and
 even 9).

 Looks like the following architectures still need the fix:

 - hppa
 - ia64
 - mips
 - sh3
 - sparc and sparc64

 ...but getting the changes for x86 and arm pulled up doesn't need to
 wait for them.

From: Rin Okuyama <rokuyama.rk@gmail.com>
To: gnats-bugs@netbsd.org, lib-bug-people@netbsd.org, gnats-admin@netbsd.org,
 netbsd-bugs@netbsd.org, campbell+netbsd@mumble.net
Cc: uwe@NetBSD.org
Subject: Re: lib/57946 longjmp fails to restore stack first before restoring
 signal mask on most architectures
Date: Tue, 9 Jul 2024 12:01:25 +0900

 On 2024/07/05 20:25, Taylor R Campbell wrote:
 >   Yes, I think all these changes should be good to pull up to 10 (and
 >   even 9).
 >   
 >   Looks like the following architectures still need the fix:
 >   
 >   - hppa
 >   - ia64
 >   - mips
 >   - sh3
 >   - sparc and sparc64
 >   
 >   ...but getting the changes for x86 and arm pulled up doesn't need to
 >   wait for them.

 Thanks for your comment!

 IMO, it is better to pull up x86 and arm fixes (as well as
 ATF) to netbsd-10 at the moment (for possible 10.1 release
 near future). I will send a request after some tests.

 Thanks,
 rin

From: "Valery Ushakov" <uwe@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/57946 CVS commit: src
Date: Wed, 17 Jul 2024 07:11:57 +0000

 Module Name:	src
 Committed By:	uwe
 Date:		Wed Jul 17 07:11:57 UTC 2024

 Modified Files:
 	src/lib/libc/arch/sh3/gen: setjmp.S sigsetjmp.S
 	src/tests/lib/libc/setjmp: t_sigstack.c

 Log Message:
 sh3: siglongjmp - restore register context first (PR lib/57946)


 To generate a diff of this commit:
 cvs rdiff -u -r1.11 -r1.12 src/lib/libc/arch/sh3/gen/setjmp.S
 cvs rdiff -u -r1.10 -r1.11 src/lib/libc/arch/sh3/gen/sigsetjmp.S
 cvs rdiff -u -r1.11 -r1.12 src/tests/lib/libc/setjmp/t_sigstack.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: analyzed->needs-pullups
State-Changed-By: riastradh@NetBSD.org
State-Changed-When: Wed, 17 Jul 2024 12:10:32 +0000
State-Changed-Why:
Not all architectures are fixed yet, but the ones that are fixed are
ready for pullup.


State-Changed-From-To: needs-pullups->pending-pullups
State-Changed-By: riastradh@NetBSD.org
State-Changed-When: Sun, 18 Aug 2024 01:58:52 +0000
State-Changed-Why:
pullup-9 #1872 https://releng.netbsd.org/cgi-bin/req-9.cgi?show=1872
pullup-10 #795 https://releng.netbsd.org/cgi-bin/req-10.cgi?show=795

NOTE: Return to open state after these pullups, because the bug remains
on some architectures (hppa, ia64, mips, sparc, sparc64).


From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/57946 CVS commit: [netbsd-10] src
Date: Fri, 23 Aug 2024 16:56:31 +0000

 Module Name:	src
 Committed By:	martin
 Date:		Fri Aug 23 16:56:30 UTC 2024

 Modified Files:
 	src/distrib/sets/lists/debug [netbsd-10]: mi
 	src/distrib/sets/lists/tests [netbsd-10]: mi
 	src/lib/libc/arch/arm/gen [netbsd-10]: setjmp.S
 	src/lib/libc/arch/i386/gen [netbsd-10]: setjmp.S sigsetjmp.S
 	src/lib/libc/arch/sh3/gen [netbsd-10]: setjmp.S sigsetjmp.S
 	src/lib/libc/arch/x86_64/gen [netbsd-10]: __setjmp14.S __sigsetjmp14.S
 	src/tests/lib/libc/setjmp [netbsd-10]: Makefile
 Added Files:
 	src/tests/lib/libc/setjmp [netbsd-10]: t_sigstack.c

 Log Message:
 Pull up following revision(s) (requested by riastradh in ticket #795):

 	tests/lib/libc/setjmp/Makefile: revision 1.3
 	distrib/sets/lists/debug/mi: revision 1.425
 	lib/libc/arch/sh3/gen/setjmp.S: revision 1.12
 	lib/libc/arch/i386/gen/sigsetjmp.S: revision 1.19
 	lib/libc/arch/x86_64/gen/__setjmp14.S: revision 1.4
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.10
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.11
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.12
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.1
 	lib/libc/arch/sh3/gen/sigsetjmp.S: revision 1.11
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.2
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.3
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.4
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.5
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.6
 	lib/libc/arch/arm/gen/setjmp.S: revision 1.19
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.7
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.8
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.9
 	lib/libc/arch/i386/gen/setjmp.S: revision 1.18
 	lib/libc/arch/x86_64/gen/__sigsetjmp14.S: revision 1.4
 	distrib/sets/lists/tests/mi: revision 1.1306

 longjmp(3): Add test for PR lib/57946.

 longjmp(3): Paranoia: more error checking in PR lib/57946 test.

 longjmp(3): Test signal mask vs stack restore with siglongjmp too.
 PR lib/57946

 longjmp(3) t_sigstack: Print which entry failed.
 PR lib/57946

 longjmp(3) t_sigstack: Note aarch64 seems to DTRT.
 But only by code inspection; it appears to have another problem: on
 re-entry, the signal handler is called on the normal stack, not on
 the alternate signal stack.
 PR lib/57946

 longjmp(3) t_sigstack: Use a sigaltstack per handler entry.
 longjmp evidently doesn't reset the state of whether the process is
 executing on the alternate signal stack.  So when we re-enter the
 signal handler, the alternate stack appears to be still in use, and
 the system chooses the original stack for the second call to the
 signal handler -- which trips our assertion asking to verify that the
 signal handler is always using an alternate stack.

 Not strictly necessary for the signal handler to use an alternate
 stack on re-entry, but this makes it clearer that the signal handler
 itself is always using the alternate stack so we can verify that the
 interrupted code is _not_ in the signal handler.
 With this change, the test now passes on aarch64.
 PR lib/57946

 longjmp(3) t_sigstack: Fix fencepost error.
 Extremely unlikely to cause trouble, but let's just turn that into
 `never' to keep it easier for readers.
 PR lib/57946

 amd64 longjmp: Restore stack first, then signal mask.
 Otherwise, a pending signal may be delivered on the wrong stack when
 we restore the signal mask.

 While here:
 - Tidy the code a little bit.
 - Sprinkle comments to explain what's going on.
 - Use `xorl %eXX,%eXX' instead of `xorq %rXX,%rXX'.
   => Same effect, one byte shorter, breaks dep chain on more uarches.
 - Use forward branches for statically predicted not-taken.
   => val==0 is unlikely in longjmp
 PR lib/57946

 i386 longjmp: Restore stack first, then signal mask.
 Otherwise, a pending signal may be delivered on the wrong stack when
 we restore the signal mask.

 While here:
 - Tidy the code a little bit.
 - Sprinkle comments to explain what's going on.
 - Use forward branches for statically predicted not-taken.
   => val==0 is unlikely in longjmp
 PR lib/57946

 arm longjmp: Restore stack first, then signal mask.
 Otherwise, a pending signal may be delivered on the wrong stack when
 we restore the signal mask.

 While here:
 - Move the botched sp and lr tests earlier.
 PR lib/57946
 arm has been fixed

 tests/lib/libc/setjmp/t_sigstack: Add missing comment for 1.10.
 PR lib/57946

 sh3: siglongjmp - restore register context first (PR lib/57946)


 To generate a diff of this commit:
 cvs rdiff -u -r1.394.2.6 -r1.394.2.7 src/distrib/sets/lists/debug/mi
 cvs rdiff -u -r1.1238.2.6 -r1.1238.2.7 src/distrib/sets/lists/tests/mi
 cvs rdiff -u -r1.18 -r1.18.2.1 src/lib/libc/arch/arm/gen/setjmp.S
 cvs rdiff -u -r1.17 -r1.17.34.1 src/lib/libc/arch/i386/gen/setjmp.S
 cvs rdiff -u -r1.18 -r1.18.34.1 src/lib/libc/arch/i386/gen/sigsetjmp.S
 cvs rdiff -u -r1.10 -r1.10.96.1 src/lib/libc/arch/sh3/gen/setjmp.S
 cvs rdiff -u -r1.9 -r1.9.96.1 src/lib/libc/arch/sh3/gen/sigsetjmp.S
 cvs rdiff -u -r1.3 -r1.3.34.1 src/lib/libc/arch/x86_64/gen/__setjmp14.S \
     src/lib/libc/arch/x86_64/gen/__sigsetjmp14.S
 cvs rdiff -u -r1.2 -r1.2.54.1 src/tests/lib/libc/setjmp/Makefile
 cvs rdiff -u -r0 -r1.12.2.2 src/tests/lib/libc/setjmp/t_sigstack.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/57946 CVS commit: [netbsd-9] src
Date: Fri, 23 Aug 2024 16:59:53 +0000

 Module Name:	src
 Committed By:	martin
 Date:		Fri Aug 23 16:59:53 UTC 2024

 Modified Files:
 	src/distrib/sets/lists/debug [netbsd-9]: mi
 	src/distrib/sets/lists/tests [netbsd-9]: mi
 	src/lib/libc/arch/arm/gen [netbsd-9]: setjmp.S
 	src/lib/libc/arch/i386/gen [netbsd-9]: setjmp.S sigsetjmp.S
 	src/lib/libc/arch/sh3/gen [netbsd-9]: setjmp.S sigsetjmp.S
 	src/lib/libc/arch/x86_64/gen [netbsd-9]: __setjmp14.S __sigsetjmp14.S
 	src/tests/lib/libc/setjmp [netbsd-9]: Makefile
 Added Files:
 	src/tests/lib/libc/setjmp [netbsd-9]: t_sigstack.c

 Log Message:
 Pull up following revision(s) (requested by riastradh in ticket #795):

 	tests/lib/libc/setjmp/Makefile: revision 1.3
 	distrib/sets/lists/debug/mi: revision 1.425
 	lib/libc/arch/sh3/gen/setjmp.S: revision 1.12
 	lib/libc/arch/i386/gen/sigsetjmp.S: revision 1.19
 	lib/libc/arch/x86_64/gen/__setjmp14.S: revision 1.4
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.10
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.11
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.12
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.1
 	lib/libc/arch/sh3/gen/sigsetjmp.S: revision 1.11
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.2
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.3
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.4
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.5
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.6
 	lib/libc/arch/arm/gen/setjmp.S: revision 1.19
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.7
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.8
 	tests/lib/libc/setjmp/t_sigstack.c: revision 1.9
 	lib/libc/arch/i386/gen/setjmp.S: revision 1.18
 	lib/libc/arch/x86_64/gen/__sigsetjmp14.S: revision 1.4
 	distrib/sets/lists/tests/mi: revision 1.1306 (patch)

 longjmp(3): Add test for PR lib/57946.

 longjmp(3): Paranoia: more error checking in PR lib/57946 test.

 longjmp(3): Test signal mask vs stack restore with siglongjmp too.
 PR lib/57946

 longjmp(3) t_sigstack: Print which entry failed.
 PR lib/57946

 longjmp(3) t_sigstack: Note aarch64 seems to DTRT.
 But only by code inspection; it appears to have another problem: on
 re-entry, the signal handler is called on the normal stack, not on
 the alternate signal stack.
 PR lib/57946

 longjmp(3) t_sigstack: Use a sigaltstack per handler entry.
 longjmp evidently doesn't reset the state of whether the process is
 executing on the alternate signal stack.  So when we re-enter the
 signal handler, the alternate stack appears to be still in use, and
 the system chooses the original stack for the second call to the
 signal handler -- which trips our assertion asking to verify that the
 signal handler is always using an alternate stack.

 Not strictly necessary for the signal handler to use an alternate
 stack on re-entry, but this makes it clearer that the signal handler
 itself is always using the alternate stack so we can verify that the
 interrupted code is _not_ in the signal handler.
 With this change, the test now passes on aarch64.
 PR lib/57946

 longjmp(3) t_sigstack: Fix fencepost error.
 Extremely unlikely to cause trouble, but let's just turn that into
 `never' to keep it easier for readers.
 PR lib/57946

 amd64 longjmp: Restore stack first, then signal mask.
 Otherwise, a pending signal may be delivered on the wrong stack when
 we restore the signal mask.

 While here:
 - Tidy the code a little bit.
 - Sprinkle comments to explain what's going on.
 - Use `xorl %eXX,%eXX' instead of `xorq %rXX,%rXX'.
   => Same effect, one byte shorter, breaks dep chain on more uarches.
 - Use forward branches for statically predicted not-taken.
   => val==0 is unlikely in longjmp
 PR lib/57946

 i386 longjmp: Restore stack first, then signal mask.
 Otherwise, a pending signal may be delivered on the wrong stack when
 we restore the signal mask.

 While here:
 - Tidy the code a little bit.
 - Sprinkle comments to explain what's going on.
 - Use forward branches for statically predicted not-taken.
   => val==0 is unlikely in longjmp
 PR lib/57946

 arm longjmp: Restore stack first, then signal mask.
 Otherwise, a pending signal may be delivered on the wrong stack when
 we restore the signal mask.

 While here:
 - Move the botched sp and lr tests earlier.
 PR lib/57946
 arm has been fixed

 tests/lib/libc/setjmp/t_sigstack: Add missing comment for 1.10.
 PR lib/57946

 sh3: siglongjmp - restore register context first (PR lib/57946)


 To generate a diff of this commit:
 cvs rdiff -u -r1.285.2.7 -r1.285.2.8 src/distrib/sets/lists/debug/mi
 cvs rdiff -u -r1.818.2.5 -r1.818.2.6 src/distrib/sets/lists/tests/mi
 cvs rdiff -u -r1.17 -r1.17.28.1 src/lib/libc/arch/arm/gen/setjmp.S
 cvs rdiff -u -r1.17 -r1.17.26.1 src/lib/libc/arch/i386/gen/setjmp.S
 cvs rdiff -u -r1.18 -r1.18.26.1 src/lib/libc/arch/i386/gen/sigsetjmp.S
 cvs rdiff -u -r1.10 -r1.10.88.1 src/lib/libc/arch/sh3/gen/setjmp.S
 cvs rdiff -u -r1.9 -r1.9.88.1 src/lib/libc/arch/sh3/gen/sigsetjmp.S
 cvs rdiff -u -r1.3 -r1.3.26.1 src/lib/libc/arch/x86_64/gen/__setjmp14.S \
     src/lib/libc/arch/x86_64/gen/__sigsetjmp14.S
 cvs rdiff -u -r1.2 -r1.2.46.1 src/tests/lib/libc/setjmp/Makefile
 cvs rdiff -u -r0 -r1.12.4.2 src/tests/lib/libc/setjmp/t_sigstack.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: pending-pullups->analyzed
State-Changed-By: riastradh@NetBSD.org
State-Changed-When: Fri, 23 Aug 2024 21:05:28 +0000
State-Changed-Why:
fixed and pulled up on some architectures
still broken on some other architectures


>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.47 2022/09/11 19:34:41 kim Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2024 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.