| blob | 78ea59d97da6520fbe9078fbc3c2ea0e4aed93c0 |
1 /* Copyright (C) 1991-2023 Free Software Foundation, Inc.
2 This file is part of the GNU C Library.
4 The GNU C Library is free software; you can redistribute it and/or
5 modify it under the terms of the GNU Lesser General Public
6 License as published by the Free Software Foundation; either
7 version 2.1 of the License, or (at your option) any later version.
9 The GNU C Library is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 Lesser General Public License for more details.
14 You should have received a copy of the GNU Lesser General Public
15 License along with the GNU C Library; if not, see
16 <https://www.gnu.org/licenses/>. */
18 #include <stdio.h>
19 #include <stdlib.h>
20 #include <string.h>
23 #include <pthreadP.h>
24 #include <mach.h>
25 #include <mach/thread_switch.h>
26 #include <mach/mig_support.h>
27 #include <mach/vm_param.h>
29 #include <hurd.h>
30 #include <hurd/id.h>
31 #include <hurd/signal.h>
37 #include <libc-diag.h>
44 /* Port that receives signals and other miscellaneous messages. */
45 mach_port_t _hurd_msgport;
47 /* Thread listening on it. */
48 thread_t _hurd_msgport_thread;
50 /* These are set up by _hurdsig_init. */
54 /* Linked-list of per-thread signal state. */
57 /* Sigstate for the task-global signals. */
60 /* Timeout for RPC's after interrupt_operation. */
62 \f
63 static void
65 {
74 }
78 {
85 {
93 /* Initialize default state. */
107 {
108 /* Process-wide sigstate, use the system defaults. */
111 /* The global sigstate is not added to the _hurd_sigstates list.
112 It is created with _hurd_thread_sigstate (MACH_PORT_NULL)
113 but should be accessed through _hurd_global_sigstate. */
114 }
115 else
116 {
117 error_t err;
119 /* Use the global actions as a default for new threads. */
122 {
126 }
127 else
137 }
138 }
141 }
144 /* Destroy a sigstate structure. Called by libpthread just before the
145 * corresponding thread is terminated. */
146 void
148 {
162 {
167 }
168 }
170 /* Make SS a global receiver, with pthread signal semantics. */
171 void
173 {
176 }
179 /* Check whether SS is a global receiver. */
180 static int
182 {
185 }
188 /* Lock/unlock a hurd_sigstate structure. If the accessors below require
189 it, the global sigstate will be locked as well. */
190 void
192 {
196 }
199 void
201 {
205 }
208 /* Retrieve a thread's full set of pending signals, including the global
209 ones if appropriate. SS must be locked. */
210 sigset_t
212 {
217 }
220 /* Clear a pending signal and return the associated detailed
221 signal information. SS must be locked, and must have signal SIGNO
222 pending, either directly or through the global sigstate. */
223 static struct hurd_signal_detail
225 {
228 {
231 }
236 }
238 /* Retrieve a thread's action vector. SS must be locked. */
241 {
244 else
246 }
248 \f
249 /* Signal delivery itself is on this page. */
251 #include <hurd/fd.h>
252 #include <hurd/crash.h>
253 #include <hurd/resource.h>
254 #include <hurd/paths.h>
255 #include <setjmp.h>
256 #include <fcntl.h>
257 #include <sys/wait.h>
258 #include <thread_state.h>
259 #include <hurd/msg_server.h>
261 #include <hurd/interrupt.h>
262 #include <assert.h>
263 #include <unistd.h>
266 /* Call the crash dump server to mummify us before we die.
267 Returns nonzero if a core file was written. */
268 static int
270 {
271 error_t err;
272 mach_port_t coreserver;
276 /* Don't bother locking since we just read the one word. */
280 /* No core dumping, thank you very much. Note that this makes
281 `ulimit -c 0' prevent crash-suspension too, which is probably
282 what the user wanted. */
285 /* XXX RLIMIT_CORE:
286 When we have a protocol to make the server return an error
287 for RLIMIT_FSIZE, then tell the corefile fs server the RLIMIT_CORE
288 value in place of the RLIMIT_FSIZE value. */
290 /* First get a port to the core dumping server. */
300 /* Get a port to the directory where the new core file will reside. */
307 /* Create the new file, but don't link it into the directory yet. */
312 /* Call the core dumping server to write the core file. */
315 file,
319 MACH_MSG_TYPE_COPY_SEND);
323 /* The core dump into FILE succeeded, so now link it into the
324 directory. */
329 }
332 /* The lowest-numbered thread state flavor value is 1,
333 so we use bit 0 in machine_thread_all_state.set to
334 record whether we have done thread_abort. */
335 #define THREAD_ABORTED 1
337 /* SS->thread is suspended. Abort the thread and get its basic state. */
338 static void
341 {
345 {
348 /* Clear all thread state flavor set bits, because thread_abort may
349 have changed the state. */
351 }
357 }
359 /* Find the location of the MiG reply port cell in use by the thread whose
360 state is described by THREAD_STATE. If SIGTHREAD is nonzero, make sure
361 that this location can be set without faulting, or else return NULL. */
367 {
371 /* Faulted trying to read the TCB. */
374 DIAG_PUSH_NEEDS_COMMENT;
375 /* GCC 6 and before seem to be confused by the setjmp call inside
376 _hurdsig_catch_memory_fault and think that we may be returning a second
377 time to here with portloc uninitialized (but we never do). */
379 /* Fault now if this pointer is bogus. */
381 DIAG_POP_NEEDS_COMMENT;
387 }
388 \f
389 #include <hurd/sigpreempt.h>
390 #include <intr-msg.h>
392 /* Timeout on interrupt_operation calls. */
395 /* SS->thread is suspended.
397 Abort any interruptible RPC operation the thread is doing.
399 This uses only the constant member SS->thread and the unlocked, atomically
400 set member SS->intr_port, so no locking is needed.
402 If successfully sent an interrupt_operation and therefore the thread should
403 wait for its pending RPC to return (possibly EINTR) before taking the
404 incoming signal, returns the reply port to be received on. Otherwise
405 returns MACH_PORT_NULL.
407 SIGNO is used to find the applicable SA_RESTART bit. If SIGNO is zero,
408 the RPC fails with EINTR instead of restarting (thread_cancel).
410 *STATE_CHANGE is set nonzero if STATE->basic was modified and should
411 be applied back to the thread if it might ever run again, else zero. */
413 mach_port_t
417 {
422 mach_port_t intr_port;
428 /* No interruption needs done. */
431 /* Abort the thread's kernel context, so any pending message send or
432 receive completes immediately or aborts. */
437 {
438 /* The thread is about to do the RPC, but hasn't yet entered
439 mach_msg. Importantly, it may have already checked ss->cancel for
440 the last time before doing the RPC, so setting that is not enough
441 to make it not enter mach_msg. Instead, mutate the thread's state
442 so it knows not to try the RPC.
444 If the thread is past _hurd_intr_rpc_msg_setup_done, just make it
445 jump to after the trap, since we know it's safe to do so. Otherwise,
446 we know that the thread is yet to check for the MACH_SEND_INTERRUPTED
447 value we set below, and will skip the trap by itself. */
453 }
455 /* The thread was blocked in the system call. After thread_abort,
456 the return value register indicates what state the RPC was in
457 when interrupted. */
459 {
460 /* The RPC request message was sent and the thread was waiting for the
461 reply message; now the message receive has been aborted, so the
462 mach_msg call will return MACH_RCV_INTERRUPTED. We must tell the
463 server to interrupt the pending operation. The thread must wait for
464 the reply message before running the signal handler (to guarantee that
465 the operation has finished being interrupted), so our nonzero return
466 tells the trampoline code to finish the message receive operation
467 before running the handler. */
470 state,
471 sigthread);
473 _hurdsig_interrupt_timeout);
476 {
478 {
479 /* The interrupt didn't work.
480 Destroy the receive right the thread is blocked on, and
481 replace it with a dead name to keep the name from reuse until
482 the therad is done with it. To do this atomically, first
483 insert a send right, and then destroy the receive right,
484 turning the send right into a dead name. */
487 MACH_MSG_TYPE_MAKE_SEND);
492 }
494 /* The system call return value register now contains
495 MACH_RCV_INTERRUPTED; when mach_msg resumes, it will retry the
496 call. Since we have just destroyed the receive right, the retry
497 will fail with MACH_RCV_INVALID_NAME. Instead, just change the
498 return value here to EINTR so mach_msg will not retry and the
499 EINTR error code will propagate up. */
502 }
506 /* All threads whose RPCs were interrupted by the interrupt_operation
507 call above will retry their RPCs unless we clear SS->intr_port. So we
508 clear it for the thread taking a signal when SA_RESTART is clear, so
509 that its call returns EINTR. */
512 }
515 }
518 /* Abort the RPCs being run by all threads but this one;
519 all other threads should be suspended. If LIVE is nonzero, those
520 threads may run again, so they should be adjusted as necessary to be
521 happy when resumed. STATE is clobbered as a scratch area; its initial
522 contents are ignored, and its contents on return are not useful. */
524 static void
526 {
527 /* We can just loop over the sigstates. Any thread doing something
528 interruptible must have one. We needn't bother locking because all
529 other threads are stopped. */
535 /* First loop over the sigstates to count them.
536 We need to know how big a vector we will need for REPLY_PORTS. */
547 else
548 {
552 /* Abort any operation in progress with interrupt_operation.
553 Record the reply port the thread is waiting on.
554 We will wait for all the replies below. */
557 NULL);
559 {
561 {
562 /* We will wait for the reply to this RPC below, so the
563 thread must issue a new RPC rather than waiting for the
564 reply to the one it sent. */
567 }
569 /* Aborting the RPC needed to change this thread's state,
570 and it might ever run again. So write back its state. */
573 MACHINE_THREAD_STATE_COUNT);
574 }
575 }
577 /* Wait for replies from all the successfully interrupted RPCs. */
580 {
581 error_t err;
582 mach_msg_header_t head;
587 {
594 }
595 }
596 }
598 /* Wake up any sigsuspend or pselect call that is blocking SS->thread. SS must
599 be locked. */
600 static void
602 {
603 error_t err;
604 mach_msg_header_t msg;
609 /* There is a sigsuspend waiting. Tell it to wake up. */
613 /* These values do not matter. */
618 MACH_PORT_NULL);
620 }
623 sigset_t _hurdsig_preempted_set;
625 /* XXX temporary to deal with spelling fix */
628 /* Mask of stop signals. */
629 #define STOPSIGS (__sigmask (SIGTTIN) | __sigmask (SIGTTOU) \
630 | __sigmask (SIGSTOP) | __sigmask (SIGTSTP))
632 /* Actual delivery of a single signal. Called with SS unlocked. When
633 the signal is delivered, return SS, locked (or, if SS was originally
634 _hurd_global_sigstate, the sigstate of the actual thread the signal
635 was delivered to). If the signal is being traced, return NULL with
636 SS unlocked. */
641 {
646 /* sigaction for preemptors */
649 };
653 /* Mark the signal as pending. */
655 {
657 /* Save the details to be given to the handler when SIGNO is
658 unblocked. */
660 }
662 /* Suspend the process with SIGNO. */
664 {
665 /* Stop all other threads and mark ourselves stopped. */
667 ({
668 /* Hold the siglock while stopping other threads to be
669 sure it is not held by another thread afterwards. */
676 }));
678 }
679 /* Resume the process after a suspension. */
681 {
682 /* Resume the process from being stopped. */
685 error_t err;
690 /* Tell the proc server we are continuing. */
692 /* Fetch ports to all our threads and resume them. */
696 {
698 {
699 /* The thread that will run the handler is kept suspended. */
701 }
703 {
706 }
710 }
715 }
717 error_t err;
718 sighandler_t handler;
721 {
723 {
724 /* This is PTRACE_CONTINUE. */
727 }
729 /* This call is just to check for pending signals. */
732 }
738 /* If this is a global signal, try to find a thread ready to accept
739 it right away. This is especially important for untraced signals,
740 since going through the global pending mask would de-untrace them. */
742 {
747 {
751 /* The global sigstate is already locked. */
754 {
757 }
759 }
761 }
763 /* We want the preemptors to be able to update the blocking mask
764 without affecting the delivery of this signal, so we save the
765 current value to test against later. */
768 /* Check for a preempted signal. Preempted signals can arrive during
769 critical sections. */
770 {
773 do
774 {
776 {
778 {
783 }
784 else
786 }
790 }
794 /* If no thread-specific preemptor, check for a global one. */
796 {
800 }
801 }
806 /* Ignore the signal altogether. */
809 {
810 /* Run the preemption-provided handler. */
813 }
814 else
815 {
816 /* No preemption. Do normal handling. */
821 {
822 /* We are being traced. Stop to tell the debugger of the signal. */
824 /* Already stopped. Mark the signal as pending;
825 when resumed, we will notice it and stop again. */
827 else
832 }
837 /* Figure out the default action for this signal. */
839 {
841 /* A sig_post msg with SIGNO==0 is sent to
842 tell us to check for pending signals. */
875 {
876 /* We are the process group leader. Since there is no
877 user-specified handler for SIGINFO, we use a default one
878 which prints something interesting. We use the normal
879 handler mechanism instead of just doing it here to avoid
880 the signal thread faulting or blocking in this
881 potentially hairy operation. */
884 }
885 else
892 }
895 else
899 /* Stop signals clear a pending SIGCONT even if they
900 are handled or ignored (but not if preempted). */
902 else
903 {
905 /* Even if handled or ignored (but not preempted), SIGCONT clears
906 stop signals and resumes the process. */
911 }
912 }
917 {
918 /* If we would ordinarily stop for a job control signal, but we are
919 orphaned so noone would ever notice and continue us again, we just
920 quietly die, alone and in the dark. */
924 }
926 /* Handle receipt of a blocked signal, or any signal while stopped. */
928 {
931 }
933 /* Perform the chosen action for the signal. */
935 {
938 {
939 /* We are already stopped, but receiving an untraced stop
940 signal. Instead of resuming and suspending again, just
941 notify the proc server of the new stop signal. */
945 }
946 else
947 /* Suspend the process. */
953 /* Blocking or ignoring a machine exception is fatal.
954 Otherwise we could just spin on the faulting instruction. */
957 /* Nobody cares about this signal. If there was a call to resume
958 above in SIGCONT processing and we've left a thread suspended,
959 now's the time to set it going. */
961 {
966 }
969 sigbomb:
970 /* We got a fault setting up the stack frame for the handler.
971 Nothing to do but die; BSD gets SIGILL in this case. */
975 fatal:
977 /* FALLTHROUGH */
981 /* Have the proc server stop all other threads in our task. */
984 /* No more user instructions will be executed.
985 The signal can now be considered delivered. */
987 /* Abort all server operations now in progress. */
990 {
992 /* Do a core dump if desired. Only set the wait status bit saying we
993 in fact dumped core if the operation was actually successful. */
996 /* Tell proc how we died and then stick the saber in the gut. */
998 /* NOTREACHED */
999 }
1002 /* Call a handler for this signal. */
1003 {
1009 /* Stop the thread and abort its pending RPC operations. */
1011 {
1014 }
1016 /* Abort the thread's kernel context, so any pending message send
1017 or receive completes immediately or aborts. If an interruptible
1018 RPC is in progress, abort_rpcs will do this. But we must always
1019 do it before fetching the thread's state, because
1020 thread_get_state is never kosher before thread_abort. */
1024 {
1025 /* We have a previous sigcontext that sigreturn was about
1026 to restore when another signal arrived. */
1031 {
1032 /* We faulted reading the thread's stack. Forget that
1033 context and pretend it wasn't there. It almost
1034 certainly crash if this handler returns, but that's it's
1035 problem. */
1037 }
1038 else
1039 {
1040 /* Copy the context from the thread's stack before
1041 we start diddling the stack to set up the handler. */
1044 }
1052 /* This is the reply port for the context which called
1053 sigreturn. Since we are abandoning that context entirely
1054 and restoring SS->context instead, destroy this port. */
1057 /* The thread was in sigreturn, not in any interruptible RPC. */
1061 }
1062 else
1063 {
1066 wait_for_reply
1068 /* In a critical section, any RPC
1069 should be cancelled instead of
1070 restarted, regardless of
1071 SA_RESTART, so the entire
1072 "atomic" operation can be aborted
1073 as a unit. */
1076 reply)
1080 {
1081 /* The thread is in a critical section. Mark the signal as
1082 pending. When it finishes the critical section, it will
1083 check for pending signals. */
1086 /* Some cases of interrupting an RPC must change the
1087 thread state to back out the call. Normally this
1088 change is rolled into the warping to the handler and
1089 sigreturn, but we are not running the handler now
1090 because the thread is in a critical section. Instead,
1091 mutate the thread right away for the RPC interruption
1092 and resume it; the RPC will return early so the
1093 critical section can end soon. */
1096 MACHINE_THREAD_STATE_COUNT);
1097 /* */
1101 }
1102 }
1104 /* Call the machine-dependent function to set the thread up
1105 to run the signal handler, and preserve its old context. */
1111 /* Set the machine-independent parts of the signal context. */
1113 {
1114 /* Fetch the thread variable for the MiG reply port,
1115 and set it to MACH_PORT_NULL. */
1120 {
1123 }
1124 else
1127 /* Save the intr_port in use by the interrupted code,
1128 and clear the cell before running the trampoline. */
1133 {
1134 /* After the handler runs we will restore to the state in
1135 SS->context, not the state of the thread now. So restore
1136 that context's reply port and intr port. */
1142 }
1143 }
1145 /* Backdoor extra argument to signal handler. */
1148 /* Block requested signals while running the handler. */
1152 /* Also block SIGNO unless we're asked not to. */
1156 /* Reset to SIG_DFL if requested. SIGILL and SIGTRAP cannot
1157 be automatically reset when delivered; the system silently
1158 enforces this restriction. */
1163 /* Any sigsuspend call must return after the handler does. */
1166 /* Start the thread running the handler (or possibly waiting for an
1167 RPC reply before running the handler). */
1170 MACHINE_THREAD_STATE_COUNT);
1176 }
1177 }
1180 }
1182 /* Return the set of pending signals in SS which should be delivered. */
1183 static sigset_t
1185 {
1186 /* We don't worry about any pending signals if we are stopped, nor if
1187 SS is in a critical section. We are guaranteed to get a sig_post
1188 message before any of them become deliverable: either the SIGCONT
1189 signal, or a sig_post with SIGNO==0 as an explicit poll when the
1190 thread finishes its critical section. */
1195 }
1197 /* Post the specified pending signals in SS and return 1. If one of
1198 them is traced, abort immediately and return 0. SS must be locked on
1199 entry and will be unlocked in all cases. */
1200 static int
1202 {
1206 /* Make sure SS corresponds to an actual thread, since we assume it won't
1207 change in post_signal. */
1212 {
1216 /* Will reacquire the lock, except if the signal is traced. */
1219 }
1221 /* No more signals pending; SS->lock is still locked. */
1225 }
1227 /* Post all the pending signals of all threads and return 1. If a traced
1228 signal is encountered, abort immediately and return 0. */
1229 static int
1231 {
1236 {
1239 {
1244 /* post_pending() below will unlock SS. */
1248 }
1255 }
1256 }
1258 /* Deliver a signal. SS is not locked. */
1259 void
1262 mach_port_t reply_port,
1263 mach_msg_type_name_t reply_port_type,
1265 {
1266 /* Reply to this sig_post message. */
1270 {
1271 error_t err;
1278 }
1284 /* The signal was neither fatal nor traced. We still hold SS->lock. */
1286 {
1287 /* The signal has either been ignored or is now being handled. We can
1288 consider it delivered and reply to the killer. */
1291 /* Post any pending signals for this thread. */
1294 }
1295 else
1296 {
1297 /* If this was a process-wide signal or a poll request, we need
1298 to check for pending signals for all threads. */
1303 /* All pending signals delivered to all threads.
1304 Now we can send the reply message even for signal 0. */
1306 }
1307 }
1308 \f
1309 /* Decide whether REFPORT enables the sender to send us a SIGNO signal.
1310 Returns zero if so, otherwise the error code to return to the sender. */
1312 static error_t
1314 {
1319 /* Can send any signal. */
1322 /* Avoid needing to check for this below. */
1327 {
1336 /* Job control signals can be sent by the controlling terminal. */
1342 {
1343 /* A continue signal can be sent by anyone in the session. */
1344 mach_port_t sessport;
1346 {
1350 }
1351 }
1356 {
1357 /* Any io object a file descriptor refers to might send us
1358 one of these signals using its async ID port for REFPORT.
1360 This is pretty wide open; it is not unlikely that some random
1361 process can at least open for reading something we have open,
1362 get its async ID port, and send us a spurious SIGIO or SIGURG
1363 signal. But BSD is actually wider open than that!--you can set
1364 the owner of an io object to any process or process group
1365 whatsoever and send them gratuitous signals.
1367 Someday we could implement some reasonable scheme for
1368 authorizing SIGIO and SIGURG signals properly. */
1374 {
1376 io_t port;
1377 mach_port_t asyncid;
1382 {
1384 /* Break out of the loop on the next iteration. */
1387 }
1389 }
1391 /* If we found a lucky winner, we've set D to -1 in the loop. */
1394 }
1395 }
1397 /* If this signal is legit, we have done `goto win' by now.
1398 When we return the error, mig deallocates REFPORT. */
1401 win:
1402 /* Deallocate the REFPORT send right; we are done with it. */
1406 }
1408 /* Implement the sig_post RPC from <hurd/msg.defs>;
1409 sent when someone wants us to get a signal. */
1410 kern_return_t
1414 mach_port_t refport)
1415 {
1416 error_t err;
1425 /* Post the signal to a global receiver thread (or mark it pending in
1426 the global sigstate). This will reply when the signal can be
1427 considered delivered. */
1433 }
1435 /* Implement the sig_post_untraced RPC from <hurd/msg.defs>;
1436 sent when the debugger wants us to really get a signal
1437 even if we are traced. */
1438 kern_return_t
1440 mach_port_t reply_port,
1441 mach_msg_type_name_t reply_port_type,
1443 mach_port_t refport)
1444 {
1445 error_t err;
1454 /* Post the signal to the designated signal-receiving thread. This will
1455 reply when the signal can be considered delivered. */
1461 }
1462 \f
1465 #include <mach/task_special_ports.h>
1467 /* Initialize the message port, _hurd_global_sigstate, and start the
1468 signal thread. */
1470 void
1472 {
1473 error_t err;
1474 vm_size_t stacksize;
1480 MACH_PORT_RIGHT_RECEIVE,
1484 /* Make a send right to the signal port. */
1486 _hurd_msgport,
1487 _hurd_msgport,
1488 MACH_MSG_TYPE_MAKE_SEND);
1491 /* Initialize the global signal state. */
1494 /* We block all signals, and let actual threads pull them from the
1495 pending mask. */
1498 /* Initialize the main thread's signal state. */
1501 /* Mark it as a process-wide signal receiver. Threads in this set use
1502 the common action vector in _hurd_global_sigstate. */
1505 /* Copy inherited signal settings from our parent (or pre-exec process
1506 state) */
1512 {
1517 }
1519 /* Start the signal thread listening on the message port. */
1521 #pragma weak __pthread_create
1523 {
1529 _hurd_msgport_receive,
1538 /* Reinitialize the MiG support routines so they will use a per-thread
1539 variable for the cached reply port. */
1544 }
1545 else
1546 {
1547 pthread_t thread;
1548 pthread_attr_t attr;
1552 /* When pthread is being used, we need to make the signal thread a
1553 proper pthread. Otherwise it cannot use mutex_lock et al, which
1554 will be the pthread versions. Various of the message port RPC
1555 handlers need to take locks, so we need to be able to call into
1556 pthread code and meet its assumptions about how our thread and
1557 its stack are arranged. Since pthread puts it there anyway,
1558 we'll let the signal thread's per-thread variables be found as for
1559 any normal pthread, and just leave the magic __hurd_sigthread_*
1560 values all zero so they'll be ignored. */
1562 #pragma weak __pthread_detach
1563 #pragma weak __pthread_getattr_np
1564 #pragma weak __pthread_attr_getstack
1567 /* Record signal thread stack layout for fork() */
1575 /* XXX We need the thread port for the signal thread further on
1576 in this thread (see hurdfault.c:_hurdsigfault_init).
1577 Therefore we block until _hurd_msgport_thread is initialized
1578 by the newly created thread. This really shouldn't be
1579 necessary; we should be able to fetch the thread port for a
1580 pthread from here. */
1583 }
1585 /* Receive exceptions on the signal port. */
1586 #ifdef TASK_EXCEPTION_PORT
1589 #elif defined (EXC_MASK_ALL)
1591 EXC_MASK_ALL & ~(EXC_MASK_SYSCALL
1592 | EXC_MASK_MACH_SYSCALL
1594 _hurd_msgport,
1596 #else
1597 # error task_set_exception_port?
1598 #endif
1600 /* Sanity check. Any pending, unblocked signals should have been
1601 taken by our predecessor incarnation (i.e. parent or pre-exec state)
1602 before packing up our init ints. This assert is last (not above)
1603 so that signal handling is all set up to handle the abort. */
1605 }
1607 /* Reauthenticate with the proc server. */
1609 static void
1611 {
1617 MACH_MSG_TYPE_MAKE_SEND)
1619 MACH_MSG_TYPE_MAKE_SEND,
1625 /* Set the owner of the process here too. */
1636 }
1638 \f
1639 /* Like `getenv', but safe for the signal thread to run.
1640 If the environment is trashed, this will just return NULL. */
1644 {
1649 /* We bombed in getenv. */
1651 else
1652 {
1657 {
1662 {
1671 }
1674 }
1677 }
1678 }