2 * Emulation of Linux signals
4 * Copyright (c) 2003 Fabrice Bellard
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 #include "qemu/osdep.h"
20 #include "qemu/bitops.h"
21 #include "gdbstub/user.h"
22 #include "hw/core/tcg-cpu-ops.h"
24 #include <sys/ucontext.h>
25 #include <sys/resource.h>
28 #include "user-internals.h"
32 #include "signal-common.h"
33 #include "host-signal.h"
34 #include "user/safe-syscall.h"
37 /* target_siginfo_t must fit in gdbstub's siginfo save area. */
38 QEMU_BUILD_BUG_ON(sizeof(target_siginfo_t
) > MAX_SIGINFO_LENGTH
);
40 static struct target_sigaction sigact_table
[TARGET_NSIG
];
42 static void host_signal_handler(int host_signum
, siginfo_t
*info
,
45 /* Fallback addresses into sigtramp page. */
46 abi_ulong default_sigreturn
;
47 abi_ulong default_rt_sigreturn
;
50 * System includes define _NSIG as SIGRTMAX + 1, but qemu (like the kernel)
51 * defines TARGET_NSIG as TARGET_SIGRTMAX and the first signal is 1.
52 * Signal number 0 is reserved for use as kill(pid, 0), to test whether
53 * a process exists without sending it a signal.
56 QEMU_BUILD_BUG_ON(__SIGRTMAX
+ 1 != _NSIG
);
58 static uint8_t host_to_target_signal_table
[_NSIG
] = {
59 #define MAKE_SIG_ENTRY(sig) [sig] = TARGET_##sig,
64 static uint8_t target_to_host_signal_table
[TARGET_NSIG
+ 1];
66 /* valid sig is between 1 and _NSIG - 1 */
67 int host_to_target_signal(int sig
)
73 return TARGET_NSIG
+ 1;
75 return host_to_target_signal_table
[sig
];
78 /* valid sig is between 1 and TARGET_NSIG */
79 int target_to_host_signal(int sig
)
84 if (sig
> TARGET_NSIG
) {
87 return target_to_host_signal_table
[sig
];
90 static inline void target_sigaddset(target_sigset_t
*set
, int signum
)
93 abi_ulong mask
= (abi_ulong
)1 << (signum
% TARGET_NSIG_BPW
);
94 set
->sig
[signum
/ TARGET_NSIG_BPW
] |= mask
;
97 static inline int target_sigismember(const target_sigset_t
*set
, int signum
)
100 abi_ulong mask
= (abi_ulong
)1 << (signum
% TARGET_NSIG_BPW
);
101 return ((set
->sig
[signum
/ TARGET_NSIG_BPW
] & mask
) != 0);
104 void host_to_target_sigset_internal(target_sigset_t
*d
,
107 int host_sig
, target_sig
;
108 target_sigemptyset(d
);
109 for (host_sig
= 1; host_sig
< _NSIG
; host_sig
++) {
110 target_sig
= host_to_target_signal(host_sig
);
111 if (target_sig
< 1 || target_sig
> TARGET_NSIG
) {
114 if (sigismember(s
, host_sig
)) {
115 target_sigaddset(d
, target_sig
);
120 void host_to_target_sigset(target_sigset_t
*d
, const sigset_t
*s
)
125 host_to_target_sigset_internal(&d1
, s
);
126 for(i
= 0;i
< TARGET_NSIG_WORDS
; i
++)
127 d
->sig
[i
] = tswapal(d1
.sig
[i
]);
130 void target_to_host_sigset_internal(sigset_t
*d
,
131 const target_sigset_t
*s
)
133 int host_sig
, target_sig
;
135 for (target_sig
= 1; target_sig
<= TARGET_NSIG
; target_sig
++) {
136 host_sig
= target_to_host_signal(target_sig
);
137 if (host_sig
< 1 || host_sig
>= _NSIG
) {
140 if (target_sigismember(s
, target_sig
)) {
141 sigaddset(d
, host_sig
);
146 void target_to_host_sigset(sigset_t
*d
, const target_sigset_t
*s
)
151 for(i
= 0;i
< TARGET_NSIG_WORDS
; i
++)
152 s1
.sig
[i
] = tswapal(s
->sig
[i
]);
153 target_to_host_sigset_internal(d
, &s1
);
156 void host_to_target_old_sigset(abi_ulong
*old_sigset
,
157 const sigset_t
*sigset
)
160 host_to_target_sigset(&d
, sigset
);
161 *old_sigset
= d
.sig
[0];
164 void target_to_host_old_sigset(sigset_t
*sigset
,
165 const abi_ulong
*old_sigset
)
170 d
.sig
[0] = *old_sigset
;
171 for(i
= 1;i
< TARGET_NSIG_WORDS
; i
++)
173 target_to_host_sigset(sigset
, &d
);
176 int block_signals(void)
178 TaskState
*ts
= get_task_state(thread_cpu
);
181 /* It's OK to block everything including SIGSEGV, because we won't
182 * run any further guest code before unblocking signals in
183 * process_pending_signals().
186 sigprocmask(SIG_SETMASK
, &set
, 0);
188 return qatomic_xchg(&ts
->signal_pending
, 1);
191 /* Wrapper for sigprocmask function
192 * Emulates a sigprocmask in a safe way for the guest. Note that set and oldset
193 * are host signal set, not guest ones. Returns -QEMU_ERESTARTSYS if
194 * a signal was already pending and the syscall must be restarted, or
196 * If set is NULL, this is guaranteed not to fail.
198 int do_sigprocmask(int how
, const sigset_t
*set
, sigset_t
*oldset
)
200 TaskState
*ts
= get_task_state(thread_cpu
);
203 *oldset
= ts
->signal_mask
;
209 if (block_signals()) {
210 return -QEMU_ERESTARTSYS
;
215 sigorset(&ts
->signal_mask
, &ts
->signal_mask
, set
);
218 for (i
= 1; i
<= NSIG
; ++i
) {
219 if (sigismember(set
, i
)) {
220 sigdelset(&ts
->signal_mask
, i
);
225 ts
->signal_mask
= *set
;
228 g_assert_not_reached();
231 /* Silently ignore attempts to change blocking status of KILL or STOP */
232 sigdelset(&ts
->signal_mask
, SIGKILL
);
233 sigdelset(&ts
->signal_mask
, SIGSTOP
);
238 /* Just set the guest's signal mask to the specified value; the
239 * caller is assumed to have called block_signals() already.
241 void set_sigmask(const sigset_t
*set
)
243 TaskState
*ts
= get_task_state(thread_cpu
);
245 ts
->signal_mask
= *set
;
248 /* sigaltstack management */
250 int on_sig_stack(unsigned long sp
)
252 TaskState
*ts
= get_task_state(thread_cpu
);
254 return (sp
- ts
->sigaltstack_used
.ss_sp
255 < ts
->sigaltstack_used
.ss_size
);
258 int sas_ss_flags(unsigned long sp
)
260 TaskState
*ts
= get_task_state(thread_cpu
);
262 return (ts
->sigaltstack_used
.ss_size
== 0 ? SS_DISABLE
263 : on_sig_stack(sp
) ? SS_ONSTACK
: 0);
266 abi_ulong
target_sigsp(abi_ulong sp
, struct target_sigaction
*ka
)
269 * This is the X/Open sanctioned signal stack switching.
271 TaskState
*ts
= get_task_state(thread_cpu
);
273 if ((ka
->sa_flags
& TARGET_SA_ONSTACK
) && !sas_ss_flags(sp
)) {
274 return ts
->sigaltstack_used
.ss_sp
+ ts
->sigaltstack_used
.ss_size
;
279 void target_save_altstack(target_stack_t
*uss
, CPUArchState
*env
)
281 TaskState
*ts
= get_task_state(thread_cpu
);
283 __put_user(ts
->sigaltstack_used
.ss_sp
, &uss
->ss_sp
);
284 __put_user(sas_ss_flags(get_sp_from_cpustate(env
)), &uss
->ss_flags
);
285 __put_user(ts
->sigaltstack_used
.ss_size
, &uss
->ss_size
);
288 abi_long
target_restore_altstack(target_stack_t
*uss
, CPUArchState
*env
)
290 TaskState
*ts
= get_task_state(thread_cpu
);
291 size_t minstacksize
= TARGET_MINSIGSTKSZ
;
294 #if defined(TARGET_PPC64)
295 /* ELF V2 for PPC64 has a 4K minimum stack size for signal handlers */
296 struct image_info
*image
= ts
->info
;
297 if (get_ppc64_abi(image
) > 1) {
302 __get_user(ss
.ss_sp
, &uss
->ss_sp
);
303 __get_user(ss
.ss_size
, &uss
->ss_size
);
304 __get_user(ss
.ss_flags
, &uss
->ss_flags
);
306 if (on_sig_stack(get_sp_from_cpustate(env
))) {
307 return -TARGET_EPERM
;
310 switch (ss
.ss_flags
) {
312 return -TARGET_EINVAL
;
314 case TARGET_SS_DISABLE
:
319 case TARGET_SS_ONSTACK
:
321 if (ss
.ss_size
< minstacksize
) {
322 return -TARGET_ENOMEM
;
327 ts
->sigaltstack_used
.ss_sp
= ss
.ss_sp
;
328 ts
->sigaltstack_used
.ss_size
= ss
.ss_size
;
332 /* siginfo conversion */
334 static inline void host_to_target_siginfo_noswap(target_siginfo_t
*tinfo
,
335 const siginfo_t
*info
)
337 int sig
= host_to_target_signal(info
->si_signo
);
338 int si_code
= info
->si_code
;
340 tinfo
->si_signo
= sig
;
342 tinfo
->si_code
= info
->si_code
;
344 /* This memset serves two purposes:
345 * (1) ensure we don't leak random junk to the guest later
346 * (2) placate false positives from gcc about fields
347 * being used uninitialized if it chooses to inline both this
348 * function and tswap_siginfo() into host_to_target_siginfo().
350 memset(tinfo
->_sifields
._pad
, 0, sizeof(tinfo
->_sifields
._pad
));
352 /* This is awkward, because we have to use a combination of
353 * the si_code and si_signo to figure out which of the union's
354 * members are valid. (Within the host kernel it is always possible
355 * to tell, but the kernel carefully avoids giving userspace the
356 * high 16 bits of si_code, so we don't have the information to
357 * do this the easy way...) We therefore make our best guess,
358 * bearing in mind that a guest can spoof most of the si_codes
359 * via rt_sigqueueinfo() if it likes.
361 * Once we have made our guess, we record it in the top 16 bits of
362 * the si_code, so that tswap_siginfo() later can use it.
363 * tswap_siginfo() will strip these top bits out before writing
364 * si_code to the guest (sign-extending the lower bits).
371 /* Sent via kill(), tkill() or tgkill(), or direct from the kernel.
372 * These are the only unspoofable si_code values.
374 tinfo
->_sifields
._kill
._pid
= info
->si_pid
;
375 tinfo
->_sifields
._kill
._uid
= info
->si_uid
;
376 si_type
= QEMU_SI_KILL
;
379 /* Everything else is spoofable. Make best guess based on signal */
382 tinfo
->_sifields
._sigchld
._pid
= info
->si_pid
;
383 tinfo
->_sifields
._sigchld
._uid
= info
->si_uid
;
384 if (si_code
== CLD_EXITED
)
385 tinfo
->_sifields
._sigchld
._status
= info
->si_status
;
387 tinfo
->_sifields
._sigchld
._status
388 = host_to_target_signal(info
->si_status
& 0x7f)
389 | (info
->si_status
& ~0x7f);
390 tinfo
->_sifields
._sigchld
._utime
= info
->si_utime
;
391 tinfo
->_sifields
._sigchld
._stime
= info
->si_stime
;
392 si_type
= QEMU_SI_CHLD
;
395 tinfo
->_sifields
._sigpoll
._band
= info
->si_band
;
396 tinfo
->_sifields
._sigpoll
._fd
= info
->si_fd
;
397 si_type
= QEMU_SI_POLL
;
400 /* Assume a sigqueue()/mq_notify()/rt_sigqueueinfo() source. */
401 tinfo
->_sifields
._rt
._pid
= info
->si_pid
;
402 tinfo
->_sifields
._rt
._uid
= info
->si_uid
;
403 /* XXX: potential problem if 64 bit */
404 tinfo
->_sifields
._rt
._sigval
.sival_ptr
405 = (abi_ulong
)(unsigned long)info
->si_value
.sival_ptr
;
406 si_type
= QEMU_SI_RT
;
412 tinfo
->si_code
= deposit32(si_code
, 16, 16, si_type
);
415 static void tswap_siginfo(target_siginfo_t
*tinfo
,
416 const target_siginfo_t
*info
)
418 int si_type
= extract32(info
->si_code
, 16, 16);
419 int si_code
= sextract32(info
->si_code
, 0, 16);
421 __put_user(info
->si_signo
, &tinfo
->si_signo
);
422 __put_user(info
->si_errno
, &tinfo
->si_errno
);
423 __put_user(si_code
, &tinfo
->si_code
);
425 /* We can use our internal marker of which fields in the structure
426 * are valid, rather than duplicating the guesswork of
427 * host_to_target_siginfo_noswap() here.
431 __put_user(info
->_sifields
._kill
._pid
, &tinfo
->_sifields
._kill
._pid
);
432 __put_user(info
->_sifields
._kill
._uid
, &tinfo
->_sifields
._kill
._uid
);
435 __put_user(info
->_sifields
._timer
._timer1
,
436 &tinfo
->_sifields
._timer
._timer1
);
437 __put_user(info
->_sifields
._timer
._timer2
,
438 &tinfo
->_sifields
._timer
._timer2
);
441 __put_user(info
->_sifields
._sigpoll
._band
,
442 &tinfo
->_sifields
._sigpoll
._band
);
443 __put_user(info
->_sifields
._sigpoll
._fd
,
444 &tinfo
->_sifields
._sigpoll
._fd
);
447 __put_user(info
->_sifields
._sigfault
._addr
,
448 &tinfo
->_sifields
._sigfault
._addr
);
451 __put_user(info
->_sifields
._sigchld
._pid
,
452 &tinfo
->_sifields
._sigchld
._pid
);
453 __put_user(info
->_sifields
._sigchld
._uid
,
454 &tinfo
->_sifields
._sigchld
._uid
);
455 __put_user(info
->_sifields
._sigchld
._status
,
456 &tinfo
->_sifields
._sigchld
._status
);
457 __put_user(info
->_sifields
._sigchld
._utime
,
458 &tinfo
->_sifields
._sigchld
._utime
);
459 __put_user(info
->_sifields
._sigchld
._stime
,
460 &tinfo
->_sifields
._sigchld
._stime
);
463 __put_user(info
->_sifields
._rt
._pid
, &tinfo
->_sifields
._rt
._pid
);
464 __put_user(info
->_sifields
._rt
._uid
, &tinfo
->_sifields
._rt
._uid
);
465 __put_user(info
->_sifields
._rt
._sigval
.sival_ptr
,
466 &tinfo
->_sifields
._rt
._sigval
.sival_ptr
);
469 g_assert_not_reached();
473 void host_to_target_siginfo(target_siginfo_t
*tinfo
, const siginfo_t
*info
)
475 target_siginfo_t tgt_tmp
;
476 host_to_target_siginfo_noswap(&tgt_tmp
, info
);
477 tswap_siginfo(tinfo
, &tgt_tmp
);
480 /* XXX: we support only POSIX RT signals are used. */
481 /* XXX: find a solution for 64 bit (additional malloced data is needed) */
482 void target_to_host_siginfo(siginfo_t
*info
, const target_siginfo_t
*tinfo
)
484 /* This conversion is used only for the rt_sigqueueinfo syscall,
485 * and so we know that the _rt fields are the valid ones.
489 __get_user(info
->si_signo
, &tinfo
->si_signo
);
490 __get_user(info
->si_errno
, &tinfo
->si_errno
);
491 __get_user(info
->si_code
, &tinfo
->si_code
);
492 __get_user(info
->si_pid
, &tinfo
->_sifields
._rt
._pid
);
493 __get_user(info
->si_uid
, &tinfo
->_sifields
._rt
._uid
);
494 __get_user(sival_ptr
, &tinfo
->_sifields
._rt
._sigval
.sival_ptr
);
495 info
->si_value
.sival_ptr
= (void *)(long)sival_ptr
;
498 /* returns 1 if given signal should dump core if not handled */
499 static int core_dump_signal(int sig
)
515 static void signal_table_init(void)
517 int hsig
, tsig
, count
;
520 * Signals are supported starting from TARGET_SIGRTMIN and going up
521 * until we run out of host realtime signals. Glibc uses the lower 2
522 * RT signals and (hopefully) nobody uses the upper ones.
523 * This is why SIGRTMIN (34) is generally greater than __SIGRTMIN (32).
524 * To fix this properly we would need to do manual signal delivery
525 * multiplexed over a single host signal.
526 * Attempts for configure "missing" signals via sigaction will be
529 * Remap the target SIGABRT, so that we can distinguish host abort
530 * from guest abort. When the guest registers a signal handler or
531 * calls raise(SIGABRT), the host will raise SIG_RTn. If the guest
532 * arrives at dump_core_and_abort(), we will map back to host SIGABRT
533 * so that the parent (native or emulated) sees the correct signal.
534 * Finally, also map host to guest SIGABRT so that the emulated
535 * parent sees the correct mapping from wait status.
539 host_to_target_signal_table
[SIGABRT
] = 0;
540 host_to_target_signal_table
[hsig
++] = TARGET_SIGABRT
;
542 for (tsig
= TARGET_SIGRTMIN
;
543 hsig
<= SIGRTMAX
&& tsig
<= TARGET_NSIG
;
545 host_to_target_signal_table
[hsig
] = tsig
;
548 /* Invert the mapping that has already been assigned. */
549 for (hsig
= 1; hsig
< _NSIG
; hsig
++) {
550 tsig
= host_to_target_signal_table
[hsig
];
552 assert(target_to_host_signal_table
[tsig
] == 0);
553 target_to_host_signal_table
[tsig
] = hsig
;
557 host_to_target_signal_table
[SIGABRT
] = TARGET_SIGABRT
;
559 /* Map everything else out-of-bounds. */
560 for (hsig
= 1; hsig
< _NSIG
; hsig
++) {
561 if (host_to_target_signal_table
[hsig
] == 0) {
562 host_to_target_signal_table
[hsig
] = TARGET_NSIG
+ 1;
565 for (count
= 0, tsig
= 1; tsig
<= TARGET_NSIG
; tsig
++) {
566 if (target_to_host_signal_table
[tsig
] == 0) {
567 target_to_host_signal_table
[tsig
] = _NSIG
;
572 trace_signal_table_init(count
);
575 void signal_init(void)
577 TaskState
*ts
= get_task_state(thread_cpu
);
578 struct sigaction act
, oact
;
580 /* initialize signal conversion tables */
583 /* Set the signal mask from the host mask. */
584 sigprocmask(0, 0, &ts
->signal_mask
);
586 sigfillset(&act
.sa_mask
);
587 act
.sa_flags
= SA_SIGINFO
;
588 act
.sa_sigaction
= host_signal_handler
;
591 * A parent process may configure ignored signals, but all other
592 * signals are default. For any target signals that have no host
593 * mapping, set to ignore. For all core_dump_signal, install our
594 * host signal handler so that we may invoke dump_core_and_abort.
595 * This includes SIGSEGV and SIGBUS, which are also need our signal
596 * handler for paging and exceptions.
598 for (int tsig
= 1; tsig
<= TARGET_NSIG
; tsig
++) {
599 int hsig
= target_to_host_signal(tsig
);
600 abi_ptr thand
= TARGET_SIG_IGN
;
606 /* As we force remap SIGABRT, cannot probe and install in one step. */
607 if (tsig
== TARGET_SIGABRT
) {
608 sigaction(SIGABRT
, NULL
, &oact
);
609 sigaction(hsig
, &act
, NULL
);
611 struct sigaction
*iact
= core_dump_signal(tsig
) ? &act
: NULL
;
612 sigaction(hsig
, iact
, &oact
);
615 if (oact
.sa_sigaction
!= (void *)SIG_IGN
) {
616 thand
= TARGET_SIG_DFL
;
618 sigact_table
[tsig
- 1]._sa_handler
= thand
;
622 /* Force a synchronously taken signal. The kernel force_sig() function
623 * also forces the signal to "not blocked, not ignored", but for QEMU
624 * that work is done in process_pending_signals().
626 void force_sig(int sig
)
628 CPUState
*cpu
= thread_cpu
;
629 target_siginfo_t info
= {};
633 info
.si_code
= TARGET_SI_KERNEL
;
634 info
._sifields
._kill
._pid
= 0;
635 info
._sifields
._kill
._uid
= 0;
636 queue_signal(cpu_env(cpu
), info
.si_signo
, QEMU_SI_KILL
, &info
);
640 * Force a synchronously taken QEMU_SI_FAULT signal. For QEMU the
641 * 'force' part is handled in process_pending_signals().
643 void force_sig_fault(int sig
, int code
, abi_ulong addr
)
645 CPUState
*cpu
= thread_cpu
;
646 target_siginfo_t info
= {};
651 info
._sifields
._sigfault
._addr
= addr
;
652 queue_signal(cpu_env(cpu
), sig
, QEMU_SI_FAULT
, &info
);
655 /* Force a SIGSEGV if we couldn't write to memory trying to set
656 * up the signal frame. oldsig is the signal we were trying to handle
657 * at the point of failure.
659 #if !defined(TARGET_RISCV)
660 void force_sigsegv(int oldsig
)
662 if (oldsig
== SIGSEGV
) {
663 /* Make sure we don't try to deliver the signal again; this will
664 * end up with handle_pending_signal() calling dump_core_and_abort().
666 sigact_table
[oldsig
- 1]._sa_handler
= TARGET_SIG_DFL
;
668 force_sig(TARGET_SIGSEGV
);
672 void cpu_loop_exit_sigsegv(CPUState
*cpu
, target_ulong addr
,
673 MMUAccessType access_type
, bool maperr
, uintptr_t ra
)
675 const TCGCPUOps
*tcg_ops
= CPU_GET_CLASS(cpu
)->tcg_ops
;
677 if (tcg_ops
->record_sigsegv
) {
678 tcg_ops
->record_sigsegv(cpu
, addr
, access_type
, maperr
, ra
);
681 force_sig_fault(TARGET_SIGSEGV
,
682 maperr
? TARGET_SEGV_MAPERR
: TARGET_SEGV_ACCERR
,
684 cpu
->exception_index
= EXCP_INTERRUPT
;
685 cpu_loop_exit_restore(cpu
, ra
);
688 void cpu_loop_exit_sigbus(CPUState
*cpu
, target_ulong addr
,
689 MMUAccessType access_type
, uintptr_t ra
)
691 const TCGCPUOps
*tcg_ops
= CPU_GET_CLASS(cpu
)->tcg_ops
;
693 if (tcg_ops
->record_sigbus
) {
694 tcg_ops
->record_sigbus(cpu
, addr
, access_type
, ra
);
697 force_sig_fault(TARGET_SIGBUS
, TARGET_BUS_ADRALN
, addr
);
698 cpu
->exception_index
= EXCP_INTERRUPT
;
699 cpu_loop_exit_restore(cpu
, ra
);
702 /* abort execution with signal */
704 void die_with_signal(int host_sig
)
706 struct sigaction act
= {
707 .sa_handler
= SIG_DFL
,
711 * The proper exit code for dying from an uncaught signal is -<signal>.
712 * The kernel doesn't allow exit() or _exit() to pass a negative value.
713 * To get the proper exit code we need to actually die from an uncaught
714 * signal. Here the default signal handler is installed, we send
715 * the signal and we wait for it to arrive.
717 sigfillset(&act
.sa_mask
);
718 sigaction(host_sig
, &act
, NULL
);
720 kill(getpid(), host_sig
);
722 /* Make sure the signal isn't masked (reusing the mask inside of act). */
723 sigdelset(&act
.sa_mask
, host_sig
);
724 sigsuspend(&act
.sa_mask
);
731 void dump_core_and_abort(CPUArchState
*env
, int target_sig
)
733 CPUState
*cpu
= env_cpu(env
);
734 TaskState
*ts
= get_task_state(cpu
);
735 int host_sig
, core_dumped
= 0;
737 /* On exit, undo the remapping of SIGABRT. */
738 if (target_sig
== TARGET_SIGABRT
) {
741 host_sig
= target_to_host_signal(target_sig
);
743 trace_user_dump_core_and_abort(env
, target_sig
, host_sig
);
744 gdb_signalled(env
, target_sig
);
746 /* dump core if supported by target binary format */
747 if (core_dump_signal(target_sig
) && (ts
->bprm
->core_dump
!= NULL
)) {
750 ((*ts
->bprm
->core_dump
)(target_sig
, env
) == 0);
753 /* we already dumped the core of target process, we don't want
754 * a coredump of qemu itself */
755 struct rlimit nodump
;
756 getrlimit(RLIMIT_CORE
, &nodump
);
758 setrlimit(RLIMIT_CORE
, &nodump
);
759 (void) fprintf(stderr
, "qemu: uncaught target signal %d (%s) - %s\n",
760 target_sig
, strsignal(host_sig
), "core dumped" );
763 preexit_cleanup(env
, 128 + target_sig
);
764 die_with_signal(host_sig
);
767 /* queue a signal so that it will be send to the virtual CPU as soon
769 void queue_signal(CPUArchState
*env
, int sig
, int si_type
,
770 target_siginfo_t
*info
)
772 CPUState
*cpu
= env_cpu(env
);
773 TaskState
*ts
= get_task_state(cpu
);
775 trace_user_queue_signal(env
, sig
);
777 info
->si_code
= deposit32(info
->si_code
, 16, 16, si_type
);
779 ts
->sync_signal
.info
= *info
;
780 ts
->sync_signal
.pending
= sig
;
781 /* signal that a new signal is pending */
782 qatomic_set(&ts
->signal_pending
, 1);
786 /* Adjust the signal context to rewind out of safe-syscall if we're in it */
787 static inline void rewind_if_in_safe_syscall(void *puc
)
789 host_sigcontext
*uc
= (host_sigcontext
*)puc
;
790 uintptr_t pcreg
= host_signal_pc(uc
);
792 if (pcreg
> (uintptr_t)safe_syscall_start
793 && pcreg
< (uintptr_t)safe_syscall_end
) {
794 host_signal_set_pc(uc
, (uintptr_t)safe_syscall_start
);
799 void die_from_signal(siginfo_t
*info
)
801 char sigbuf
[4], codebuf
[12];
802 const char *sig
, *code
= NULL
;
804 switch (info
->si_signo
) {
807 switch (info
->si_code
) {
818 switch (info
->si_code
) {
829 switch (info
->si_code
) {
852 switch (info
->si_code
) {
865 snprintf(sigbuf
, sizeof(sigbuf
), "%d", info
->si_signo
);
870 snprintf(codebuf
, sizeof(sigbuf
), "%d", info
->si_code
);
874 error_report("QEMU internal SIG%s {code=%s, addr=%p}",
875 sig
, code
, info
->si_addr
);
876 die_with_signal(info
->si_signo
);
879 static void host_sigsegv_handler(CPUState
*cpu
, siginfo_t
*info
,
882 uintptr_t host_addr
= (uintptr_t)info
->si_addr
;
884 * Convert forcefully to guest address space: addresses outside
885 * reserved_va are still valid to report via SEGV_MAPERR.
887 bool is_valid
= h2g_valid(host_addr
);
888 abi_ptr guest_addr
= h2g_nocheck(host_addr
);
889 uintptr_t pc
= host_signal_pc(uc
);
890 bool is_write
= host_signal_write(info
, uc
);
891 MMUAccessType access_type
= adjust_signal_pc(&pc
, is_write
);
894 /* If this was a write to a TB protected page, restart. */
897 && info
->si_code
== SEGV_ACCERR
898 && handle_sigsegv_accerr_write(cpu
, host_signal_mask(uc
),
904 * If the access was not on behalf of the guest, within the executable
905 * mapping of the generated code buffer, then it is a host bug.
907 if (access_type
!= MMU_INST_FETCH
908 && !in_code_gen_buffer((void *)(pc
- tcg_splitwx_diff
))) {
909 die_from_signal(info
);
913 if (is_valid
&& info
->si_code
== SEGV_ACCERR
) {
915 * With reserved_va, the whole address space is PROT_NONE,
916 * which means that we may get ACCERR when we want MAPERR.
918 if (page_get_flags(guest_addr
) & PAGE_VALID
) {
921 info
->si_code
= SEGV_MAPERR
;
925 sigprocmask(SIG_SETMASK
, host_signal_mask(uc
), NULL
);
926 cpu_loop_exit_sigsegv(cpu
, guest_addr
, access_type
, maperr
, pc
);
929 static uintptr_t host_sigbus_handler(CPUState
*cpu
, siginfo_t
*info
,
932 uintptr_t pc
= host_signal_pc(uc
);
933 bool is_write
= host_signal_write(info
, uc
);
934 MMUAccessType access_type
= adjust_signal_pc(&pc
, is_write
);
937 * If the access was not on behalf of the guest, within the executable
938 * mapping of the generated code buffer, then it is a host bug.
940 if (!in_code_gen_buffer((void *)(pc
- tcg_splitwx_diff
))) {
941 die_from_signal(info
);
944 if (info
->si_code
== BUS_ADRALN
) {
945 uintptr_t host_addr
= (uintptr_t)info
->si_addr
;
946 abi_ptr guest_addr
= h2g_nocheck(host_addr
);
948 sigprocmask(SIG_SETMASK
, host_signal_mask(uc
), NULL
);
949 cpu_loop_exit_sigbus(cpu
, guest_addr
, access_type
, pc
);
954 static void host_signal_handler(int host_sig
, siginfo_t
*info
, void *puc
)
956 CPUState
*cpu
= thread_cpu
;
957 CPUArchState
*env
= cpu_env(cpu
);
958 TaskState
*ts
= get_task_state(cpu
);
959 target_siginfo_t tinfo
;
960 host_sigcontext
*uc
= puc
;
961 struct emulated_sigtable
*k
;
964 bool sync_sig
= false;
968 * Non-spoofed SIGSEGV and SIGBUS are synchronous, and need special
969 * handling wrt signal blocking and unwinding. Non-spoofed SIGILL,
970 * SIGFPE, SIGTRAP are always host bugs.
972 if (info
->si_code
> 0) {
975 /* Only returns on handle_sigsegv_accerr_write success. */
976 host_sigsegv_handler(cpu
, info
, uc
);
979 pc
= host_sigbus_handler(cpu
, info
, uc
);
985 die_from_signal(info
);
989 /* get target signal number */
990 guest_sig
= host_to_target_signal(host_sig
);
991 if (guest_sig
< 1 || guest_sig
> TARGET_NSIG
) {
994 trace_user_host_signal(env
, host_sig
, guest_sig
);
996 host_to_target_siginfo_noswap(&tinfo
, info
);
997 k
= &ts
->sigtab
[guest_sig
- 1];
999 k
->pending
= guest_sig
;
1000 ts
->signal_pending
= 1;
1003 * For synchronous signals, unwind the cpu state to the faulting
1004 * insn and then exit back to the main loop so that the signal
1005 * is delivered immediately.
1008 cpu
->exception_index
= EXCP_INTERRUPT
;
1009 cpu_loop_exit_restore(cpu
, pc
);
1012 rewind_if_in_safe_syscall(puc
);
1015 * Block host signals until target signal handler entered. We
1016 * can't block SIGSEGV or SIGBUS while we're executing guest
1017 * code in case the guest code provokes one in the window between
1018 * now and it getting out to the main loop. Signals will be
1019 * unblocked again in process_pending_signals().
1021 * WARNING: we cannot use sigfillset() here because the sigmask
1022 * field is a kernel sigset_t, which is much smaller than the
1023 * libc sigset_t which sigfillset() operates on. Using sigfillset()
1024 * would write 0xff bytes off the end of the structure and trash
1025 * data on the struct.
1027 sigmask
= host_signal_mask(uc
);
1028 memset(sigmask
, 0xff, SIGSET_T_SIZE
);
1029 sigdelset(sigmask
, SIGSEGV
);
1030 sigdelset(sigmask
, SIGBUS
);
1032 /* interrupt the virtual CPU as soon as possible */
1033 cpu_exit(thread_cpu
);
1036 /* do_sigaltstack() returns target values and errnos. */
1037 /* compare linux/kernel/signal.c:do_sigaltstack() */
1038 abi_long
do_sigaltstack(abi_ulong uss_addr
, abi_ulong uoss_addr
,
1041 target_stack_t oss
, *uoss
= NULL
;
1042 abi_long ret
= -TARGET_EFAULT
;
1045 /* Verify writability now, but do not alter user memory yet. */
1046 if (!lock_user_struct(VERIFY_WRITE
, uoss
, uoss_addr
, 0)) {
1049 target_save_altstack(&oss
, env
);
1053 target_stack_t
*uss
;
1055 if (!lock_user_struct(VERIFY_READ
, uss
, uss_addr
, 1)) {
1058 ret
= target_restore_altstack(uss
, env
);
1065 memcpy(uoss
, &oss
, sizeof(oss
));
1066 unlock_user_struct(uoss
, uoss_addr
, 1);
1073 unlock_user_struct(uoss
, uoss_addr
, 0);
1078 /* do_sigaction() return target values and host errnos */
1079 int do_sigaction(int sig
, const struct target_sigaction
*act
,
1080 struct target_sigaction
*oact
, abi_ulong ka_restorer
)
1082 struct target_sigaction
*k
;
1086 trace_signal_do_sigaction_guest(sig
, TARGET_NSIG
);
1088 if (sig
< 1 || sig
> TARGET_NSIG
) {
1089 return -TARGET_EINVAL
;
1092 if (act
&& (sig
== TARGET_SIGKILL
|| sig
== TARGET_SIGSTOP
)) {
1093 return -TARGET_EINVAL
;
1096 if (block_signals()) {
1097 return -QEMU_ERESTARTSYS
;
1100 k
= &sigact_table
[sig
- 1];
1102 __put_user(k
->_sa_handler
, &oact
->_sa_handler
);
1103 __put_user(k
->sa_flags
, &oact
->sa_flags
);
1104 #ifdef TARGET_ARCH_HAS_SA_RESTORER
1105 __put_user(k
->sa_restorer
, &oact
->sa_restorer
);
1108 oact
->sa_mask
= k
->sa_mask
;
1111 __get_user(k
->_sa_handler
, &act
->_sa_handler
);
1112 __get_user(k
->sa_flags
, &act
->sa_flags
);
1113 #ifdef TARGET_ARCH_HAS_SA_RESTORER
1114 __get_user(k
->sa_restorer
, &act
->sa_restorer
);
1116 #ifdef TARGET_ARCH_HAS_KA_RESTORER
1117 k
->ka_restorer
= ka_restorer
;
1119 /* To be swapped in target_to_host_sigset. */
1120 k
->sa_mask
= act
->sa_mask
;
1122 /* we update the host linux signal state */
1123 host_sig
= target_to_host_signal(sig
);
1124 trace_signal_do_sigaction_host(host_sig
, TARGET_NSIG
);
1125 if (host_sig
> SIGRTMAX
) {
1126 /* we don't have enough host signals to map all target signals */
1127 qemu_log_mask(LOG_UNIMP
, "Unsupported target signal #%d, ignored\n",
1130 * we don't return an error here because some programs try to
1131 * register an handler for all possible rt signals even if they
1133 * An error here can abort them whereas there can be no problem
1134 * to not have the signal available later.
1135 * This is the case for golang,
1136 * See https://github.com/golang/go/issues/33746
1137 * So we silently ignore the error.
1141 if (host_sig
!= SIGSEGV
&& host_sig
!= SIGBUS
) {
1142 struct sigaction act1
;
1144 sigfillset(&act1
.sa_mask
);
1145 act1
.sa_flags
= SA_SIGINFO
;
1146 if (k
->_sa_handler
== TARGET_SIG_IGN
) {
1148 * It is important to update the host kernel signal ignore
1149 * state to avoid getting unexpected interrupted syscalls.
1151 act1
.sa_sigaction
= (void *)SIG_IGN
;
1152 } else if (k
->_sa_handler
== TARGET_SIG_DFL
) {
1153 if (core_dump_signal(sig
)) {
1154 act1
.sa_sigaction
= host_signal_handler
;
1156 act1
.sa_sigaction
= (void *)SIG_DFL
;
1159 act1
.sa_sigaction
= host_signal_handler
;
1160 if (k
->sa_flags
& TARGET_SA_RESTART
) {
1161 act1
.sa_flags
|= SA_RESTART
;
1164 ret
= sigaction(host_sig
, &act1
, NULL
);
1170 static void handle_pending_signal(CPUArchState
*cpu_env
, int sig
,
1171 struct emulated_sigtable
*k
)
1173 CPUState
*cpu
= env_cpu(cpu_env
);
1176 target_sigset_t target_old_set
;
1177 struct target_sigaction
*sa
;
1178 TaskState
*ts
= get_task_state(cpu
);
1180 trace_user_handle_signal(cpu_env
, sig
);
1181 /* dequeue signal */
1185 * Writes out siginfo values byteswapped, accordingly to the target. It also
1186 * cleans the si_type from si_code making it correct for the target.
1188 tswap_siginfo(&k
->info
, &k
->info
);
1190 sig
= gdb_handlesig(cpu
, sig
, NULL
, &k
->info
, sizeof(k
->info
));
1193 handler
= TARGET_SIG_IGN
;
1195 sa
= &sigact_table
[sig
- 1];
1196 handler
= sa
->_sa_handler
;
1199 if (unlikely(qemu_loglevel_mask(LOG_STRACE
))) {
1200 print_taken_signal(sig
, &k
->info
);
1203 if (handler
== TARGET_SIG_DFL
) {
1204 /* default handler : ignore some signal. The other are job control or fatal */
1205 if (sig
== TARGET_SIGTSTP
|| sig
== TARGET_SIGTTIN
|| sig
== TARGET_SIGTTOU
) {
1206 kill(getpid(),SIGSTOP
);
1207 } else if (sig
!= TARGET_SIGCHLD
&&
1208 sig
!= TARGET_SIGURG
&&
1209 sig
!= TARGET_SIGWINCH
&&
1210 sig
!= TARGET_SIGCONT
) {
1211 dump_core_and_abort(cpu_env
, sig
);
1213 } else if (handler
== TARGET_SIG_IGN
) {
1215 } else if (handler
== TARGET_SIG_ERR
) {
1216 dump_core_and_abort(cpu_env
, sig
);
1218 /* compute the blocked signals during the handler execution */
1219 sigset_t
*blocked_set
;
1221 target_to_host_sigset(&set
, &sa
->sa_mask
);
1222 /* SA_NODEFER indicates that the current signal should not be
1223 blocked during the handler */
1224 if (!(sa
->sa_flags
& TARGET_SA_NODEFER
))
1225 sigaddset(&set
, target_to_host_signal(sig
));
1227 /* save the previous blocked signal state to restore it at the
1228 end of the signal execution (see do_sigreturn) */
1229 host_to_target_sigset_internal(&target_old_set
, &ts
->signal_mask
);
1231 /* block signals in the handler */
1232 blocked_set
= ts
->in_sigsuspend
?
1233 &ts
->sigsuspend_mask
: &ts
->signal_mask
;
1234 sigorset(&ts
->signal_mask
, blocked_set
, &set
);
1235 ts
->in_sigsuspend
= 0;
1237 /* if the CPU is in VM86 mode, we restore the 32 bit values */
1238 #if defined(TARGET_I386) && !defined(TARGET_X86_64)
1240 CPUX86State
*env
= cpu_env
;
1241 if (env
->eflags
& VM_MASK
)
1242 save_v86_state(env
);
1245 /* prepare the stack frame of the virtual CPU */
1246 #if defined(TARGET_ARCH_HAS_SETUP_FRAME)
1247 if (sa
->sa_flags
& TARGET_SA_SIGINFO
) {
1248 setup_rt_frame(sig
, sa
, &k
->info
, &target_old_set
, cpu_env
);
1250 setup_frame(sig
, sa
, &target_old_set
, cpu_env
);
1253 /* These targets do not have traditional signals. */
1254 setup_rt_frame(sig
, sa
, &k
->info
, &target_old_set
, cpu_env
);
1256 if (sa
->sa_flags
& TARGET_SA_RESETHAND
) {
1257 sa
->_sa_handler
= TARGET_SIG_DFL
;
1262 void process_pending_signals(CPUArchState
*cpu_env
)
1264 CPUState
*cpu
= env_cpu(cpu_env
);
1266 TaskState
*ts
= get_task_state(cpu
);
1268 sigset_t
*blocked_set
;
1270 while (qatomic_read(&ts
->signal_pending
)) {
1272 sigprocmask(SIG_SETMASK
, &set
, 0);
1275 sig
= ts
->sync_signal
.pending
;
1277 /* Synchronous signals are forced,
1278 * see force_sig_info() and callers in Linux
1279 * Note that not all of our queue_signal() calls in QEMU correspond
1280 * to force_sig_info() calls in Linux (some are send_sig_info()).
1281 * However it seems like a kernel bug to me to allow the process
1282 * to block a synchronous signal since it could then just end up
1283 * looping round and round indefinitely.
1285 if (sigismember(&ts
->signal_mask
, target_to_host_signal_table
[sig
])
1286 || sigact_table
[sig
- 1]._sa_handler
== TARGET_SIG_IGN
) {
1287 sigdelset(&ts
->signal_mask
, target_to_host_signal_table
[sig
]);
1288 sigact_table
[sig
- 1]._sa_handler
= TARGET_SIG_DFL
;
1291 handle_pending_signal(cpu_env
, sig
, &ts
->sync_signal
);
1294 for (sig
= 1; sig
<= TARGET_NSIG
; sig
++) {
1295 blocked_set
= ts
->in_sigsuspend
?
1296 &ts
->sigsuspend_mask
: &ts
->signal_mask
;
1298 if (ts
->sigtab
[sig
- 1].pending
&&
1299 (!sigismember(blocked_set
,
1300 target_to_host_signal_table
[sig
]))) {
1301 handle_pending_signal(cpu_env
, sig
, &ts
->sigtab
[sig
- 1]);
1302 /* Restart scan from the beginning, as handle_pending_signal
1303 * might have resulted in a new synchronous signal (eg SIGSEGV).
1309 /* if no signal is pending, unblock signals and recheck (the act
1310 * of unblocking might cause us to take another host signal which
1311 * will set signal_pending again).
1313 qatomic_set(&ts
->signal_pending
, 0);
1314 ts
->in_sigsuspend
= 0;
1315 set
= ts
->signal_mask
;
1316 sigdelset(&set
, SIGSEGV
);
1317 sigdelset(&set
, SIGBUS
);
1318 sigprocmask(SIG_SETMASK
, &set
, 0);
1320 ts
->in_sigsuspend
= 0;
1323 int process_sigsuspend_mask(sigset_t
**pset
, target_ulong sigset
,
1324 target_ulong sigsize
)
1326 TaskState
*ts
= get_task_state(thread_cpu
);
1327 sigset_t
*host_set
= &ts
->sigsuspend_mask
;
1328 target_sigset_t
*target_sigset
;
1330 if (sigsize
!= sizeof(*target_sigset
)) {
1331 /* Like the kernel, we enforce correct size sigsets */
1332 return -TARGET_EINVAL
;
1335 target_sigset
= lock_user(VERIFY_READ
, sigset
, sigsize
, 1);
1336 if (!target_sigset
) {
1337 return -TARGET_EFAULT
;
1339 target_to_host_sigset(host_set
, target_sigset
);
1340 unlock_user(target_sigset
, sigset
, 0);