| blob | cad97525db3c4c587af1bfbe85e46a6d917bf45d |
1 /*
2 * interrupt-handling magic
3 */
5 /*
6 * This software is part of the SBCL system. See the README file for
7 * more information.
8 *
9 * This software is derived from the CMU CL system, which was
10 * written at Carnegie Mellon University and released into the
11 * public domain. The software is in the public domain and is
12 * provided with absolutely no warranty. See the COPYING and CREDITS
13 * files for more information.
14 */
17 /* As far as I can tell, what's going on here is:
18 *
19 * In the case of most signals, when Lisp asks us to handle the
20 * signal, the outermost handler (the one actually passed to UNIX) is
21 * either interrupt_handle_now(..) or maybe_now_maybe_later(..).
22 * In that case, the Lisp-level handler is stored in interrupt_handlers[..]
23 * and interrupt_low_level_handlers[..] is cleared.
24 *
25 * However, some signals need special handling, e.g.
26 *
27 * o the SIGSEGV (for e.g. Linux) or SIGBUS (for e.g. FreeBSD) used by the
28 * garbage collector to detect violations of write protection,
29 * because some cases of such signals (e.g. GC-related violations of
30 * write protection) are handled at C level and never passed on to
31 * Lisp. For such signals, we still store any Lisp-level handler
32 * in interrupt_handlers[..], but for the outermost handle we use
33 * the value from interrupt_low_level_handlers[..], instead of the
34 * ordinary interrupt_handle_now(..) or interrupt_handle_later(..).
35 *
36 * o the SIGTRAP (Linux/Alpha) which Lisp code uses to handle breakpoints,
37 * pseudo-atomic sections, and some classes of error (e.g. "function
38 * not defined"). This never goes anywhere near the Lisp handlers at all.
39 * See runtime/alpha-arch.c and code/signal.lisp
40 *
41 * - WHN 20000728, dan 20010128 */
45 #include <stdio.h>
46 #include <stdlib.h>
47 #include <string.h>
48 #include <signal.h>
49 #include <sys/types.h>
50 #ifndef LISP_FEATURE_WIN32
51 #include <sys/wait.h>
52 #endif
53 #include <errno.h>
71 /*
72 * This is a workaround for some slightly silly Linux/GNU Libc
73 * behaviour: glibc defines sigset_t to support 1024 signals, which is
74 * more than the kernel. This is usually not a problem, but becomes
75 * one when we want to save a signal mask from a ucontext, and restore
76 * it later into another ucontext: the ucontext is allocated on the
77 * stack by the kernel, so copying a libc-sized sigset_t into it will
78 * overflow and cause other data on the stack to be corrupted */
79 /* FIXME: do not rely on NSIG being a multiple of 8 */
81 #ifdef LISP_FEATURE_WIN32
82 # define REAL_SIGSET_SIZE_BYTES (4)
83 #else
84 # define REAL_SIGSET_SIZE_BYTES ((NSIG/8))
85 #endif
89 {
91 }
93 /* When we catch an internal error, should we pass it back to Lisp to
94 * be handled in a high-level way? (Early in cold init, the answer is
95 * 'no', because Lisp is still too brain-dead to handle anything.
96 * After sufficient initialization has been completed, the answer
97 * becomes 'yes'.) */
100 #ifndef LISP_FEATURE_WIN32
101 static
103 #endif
106 /* Under Linux on some architectures, we appear to have to restore the
107 * FPU control word from the context, as after the signal is delivered
108 * we appear to have a null FPU control word. */
109 #if defined(RESTORE_FP_CONTROL_FROM_CONTEXT)
110 #define RESTORE_FP_CONTROL_WORD(context,void_context) \
111 os_context_t *context = arch_os_get_context(&void_context); \
112 os_restore_fp_control(context);
113 #else
114 #define RESTORE_FP_CONTROL_WORD(context,void_context) \
115 os_context_t *context = arch_os_get_context(&void_context);
116 #endif
118 /* Foreign code may want to start some threads on its own.
119 * Non-targetted, truly asynchronous signals can be delivered to
120 * basically any thread, but invoking Lisp handlers in such foregign
121 * threads is really bad, so let's resignal it.
122 *
123 * This should at least bring attention to the problem, but it cannot
124 * work for SIGSEGV and similar. It is good enough for timers, and
125 * maybe all deferrables. */
127 #if defined(LISP_FEATURE_SB_THREAD) && !defined(LISP_FEATURE_WIN32)
128 static void
130 {
136 }
137 }
138 }
141 #endif
143 static boolean
145 {
146 #if defined(LISP_FEATURE_SB_THREAD) && !defined(LISP_FEATURE_WIN32)
149 corruption_warning_and_maybe_lose
151 signal,
153 }
154 {
155 sigset_t sigset;
161 }
164 #endif
166 }
168 /* These are to be used in signal handlers. Currently all handlers are
169 * called from one of:
170 *
171 * interrupt_handle_now_handler
172 * maybe_now_maybe_later
173 * unblock_me_trampoline
174 * low_level_handle_now_handler
175 * low_level_maybe_now_maybe_later
176 * low_level_unblock_me_trampoline
177 *
178 * This gives us a single point of control (or six) over errno, fp
179 * control word, and fixing up signal context on sparc.
180 *
181 * The SPARC/Linux platform doesn't quite do signals the way we want
182 * them done. The third argument in the handler isn't filled in by the
183 * kernel properly, so we fix it up ourselves in the
184 * arch_os_get_context(..) function. -- CSR, 2002-07-23
185 */
186 #define SAVE_ERRNO(signal,context,void_context) \
187 { \
188 int _saved_errno = errno; \
189 RESTORE_FP_CONTROL_WORD(context,void_context); \
190 if (!maybe_resignal_to_lisp_thread(signal, context)) \
191 {
193 #define RESTORE_ERRNO \
194 } \
195 errno = _saved_errno; \
196 }
200 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
205 \f
207 /* Generic signal related utilities. */
209 void
211 {
212 /* Get the current sigmask, by blocking the empty set. */
214 }
216 void
218 {
226 }
229 }
230 }
232 void
234 {
242 }
245 }
246 }
248 static void
250 {
255 }
256 }
258 /* Return 1 is all signals is sigset2 are masked in sigset, return 0
259 * if all re unmasked else die. Passing NULL for sigset is a shorthand
260 * for the current sigmask. */
261 boolean
264 {
265 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
268 sigset_t current;
272 }
277 else
279 }
280 }
284 }
287 else
289 #endif
290 }
291 \f
293 /* Deferrables, blockables, gc signals. */
295 void
297 {
308 #ifndef LISP_FEATURE_HPUX
311 #endif
315 }
317 void
319 {
322 }
324 void
326 {
327 #ifdef THREADS_USING_GCSIGNAL
329 #endif
330 }
332 /* initialized in interrupt_init */
333 sigset_t deferrable_sigset;
334 sigset_t blockable_sigset;
335 sigset_t gc_sigset;
337 #endif
339 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
340 boolean
342 {
344 }
345 #endif
347 void
349 {
350 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
353 #endif
354 }
356 void
358 {
359 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
362 #endif
363 }
365 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
366 boolean
368 {
370 }
371 #endif
373 void
375 {
376 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
379 #endif
380 }
382 void
384 {
385 #if !defined(LISP_FEATURE_WIN32)
386 /* On Windows, there are no actual signals, but since the win32 port
387 * tracks the sigmask and checks it explicitly, some functions are
388 * still required to keep the mask set up properly. (After all, the
389 * goal of the sigmask emulation is to not have to change all the
390 * call sites in the first place.)
391 *
392 * However, this does not hold for all signals equally: While
393 * deferrables matter ("is interrupt-thread okay?"), it is not worth
394 * having to set up blockables properly (which include the
395 * non-existing GC signals).
396 *
397 * Yet, as the original comment explains it:
398 * Adjusting FREE-INTERRUPT-CONTEXT-INDEX* and other aspecs of
399 * fake_foreign_function_call machinery are sometimes useful here[...].
400 *
401 * So we merely skip this assertion.
402 * -- DFL, trying to expand on a comment by AK.
403 */
406 #endif
407 }
409 #ifndef LISP_FEATURE_SB_SAFEPOINT
410 #if !defined(LISP_FEATURE_WIN32)
411 boolean
413 {
415 }
416 #endif
418 void
420 {
421 #if !defined(LISP_FEATURE_WIN32)
424 #endif
425 }
427 void
429 {
430 #if !defined(LISP_FEATURE_WIN32)
433 #endif
434 }
435 #endif
437 void
439 {
440 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
442 #endif
443 }
445 void
447 {
448 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
450 #endif
451 }
453 void
455 {
456 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
459 #ifndef LISP_FEATURE_SB_SAFEPOINT
461 #endif
463 #endif
464 }
466 #ifndef LISP_FEATURE_SB_SAFEPOINT
467 void
469 {
470 #ifndef LISP_FEATURE_WIN32
472 #endif
473 }
474 #endif
476 void
478 {
479 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
481 #ifndef LISP_FEATURE_SB_SAFEPOINT
488 }
489 #endif
492 }
493 #endif
494 }
495 \f
499 {
505 }
507 /* Save sigset (or the current sigmask if 0) if there is no pending
508 * handler, because that means that deferabbles are already blocked.
509 * The purpose is to avoid losing the pending gc signal if a
510 * deferrable interrupt async unwinds between clearing the pseudo
511 * atomic and trapping to GC.*/
512 #ifndef LISP_FEATURE_SB_SAFEPOINT
513 void
515 {
516 #ifndef LISP_FEATURE_WIN32
519 sigset_t oldset;
520 /* Obviously, this function is called when signals may not be
521 * blocked. Let's make sure we are not interrupted. */
523 #ifndef LISP_FEATURE_SB_THREAD
524 /* With threads a SIG_STOP_FOR_GC and a normal GC may also want to
525 * block. */
528 #endif
534 /* This is the sigmask of some context. */
540 /* Operating on the current sigmask. Save oldset and
541 * unblock gc signals. In the end, this is equivalent to
542 * blocking the deferrables. */
546 }
547 }
549 #endif
550 }
551 #endif
553 /* Are we leaving WITH-GCING and already running with interrupts
554 * enabled, without the protection of *GC-INHIBIT* T and there is gc
555 * (or stop for gc) pending, but we haven't trapped yet? */
556 int
558 {
563 #if defined(LISP_FEATURE_SB_THREAD)
565 #endif
566 ));
567 }
569 /* Check our baroque invariants. */
570 void
572 {
573 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
579 /* On PPC pseudo_atomic_interrupted is cleared when coming out of
580 * handle_allocation_trap. */
581 #if defined(LISP_FEATURE_GENCGC) && !defined(GENCGC_IS_PRECISE)
587 /* In the time window between leaving the *INTERRUPTS-ENABLED* NIL
588 * section and trapping, a SIG_STOP_FOR_GC would see the next
589 * check fail, for this reason sig_stop_for_gc handler does not
590 * call this function. */
594 }
598 #if defined(LISP_FEATURE_SB_THREAD)
599 {
608 }
609 #else
613 #endif
614 #endif
626 #ifndef LISP_FEATURE_SB_SAFEPOINT
627 /* If deferrables are unblocked then we are open to signals
628 * that run lisp code. */
630 #endif
631 }
632 #endif
633 }
634 \f
635 /*
636 * utility routines used by various signal handlers
637 */
639 static void
641 {
642 #ifndef LISP_FEATURE_C_STACK_IS_CONTROL_STACK
644 lispobj oldcont;
646 /* Build a fake stack frame or frames */
648 #if !defined(LISP_FEATURE_ARM) && !defined(LISP_FEATURE_ARM64)
655 /* There is a small window during call where the callee's
656 * frame isn't built yet. */
659 /* We have called, but not built the new frame, so
660 * build it for them. */
666 /* Build our frame on top of it. */
668 }
670 /* We haven't yet called, build our frame as if the
671 * partial frame wasn't there. */
673 }
675 #elif defined (LISP_FEATURE_ARM)
678 #elif defined (LISP_FEATURE_ARM64)
681 #endif
682 /* We can't tell whether we are still in the caller if it had to
683 * allocate a stack frame due to stack arguments. */
684 /* This observation provoked some past CMUCL maintainer to ask
685 * "Can anything strange happen during return?" */
686 {
687 /* normal case */
689 }
697 #endif
698 }
700 /* Stores the context for gc to scavange and builds fake stack
701 * frames. */
702 void
704 {
708 /* context_index incrementing must not be interrupted */
711 /* Get current Lisp state from context. */
712 #if defined(LISP_FEATURE_ARM) && !defined(LISP_FEATURE_GENCGC)
714 #endif
715 #ifdef reg_ALLOC
716 #ifdef LISP_FEATURE_SB_THREAD
718 #else
719 dynamic_space_free_pointer =
721 #endif
723 /* fprintf(stderr,"dynamic_space_free_pointer: %p\n", */
724 /* dynamic_space_free_pointer); */
725 #if defined(LISP_FEATURE_ALPHA) || defined(LISP_FEATURE_MIPS)
728 }
729 #endif
730 /* why doesnt PPC and SPARC do something like this: */
731 #if defined(LISP_FEATURE_HPPA)
733 lose("dead in fake_foreign_function_call, context = %x, d_s_f_p = %x\n", context, dynamic_space_free_pointer);
734 }
735 #endif
736 #endif
737 #ifdef reg_BSP
740 #endif
742 #if defined(LISP_FEATURE_ARM)
743 /* Stash our control stack pointer */
746 thread);
747 #endif
751 /* Do dynamic binding of the active interrupt context index
752 * and save the context in the context array. */
753 context_index =
758 }
765 #if !defined(LISP_FEATURE_X86) && !defined(LISP_FEATURE_X86_64)
766 /* x86oid targets don't maintain the foreign function call flag at
767 * all, so leave them to believe that they are never in foreign
768 * code. */
770 #endif
771 }
773 /* blocks all blockable signals. If you are calling from a signal handler,
774 * the usual signal mask will be restored from the context when the handler
775 * finishes. Otherwise, be careful */
776 void
778 {
780 /* Block all blockable signals. */
785 /* Undo dynamic binding of FREE_INTERRUPT_CONTEXT_INDEX */
788 #if defined(LISP_FEATURE_ARM)
789 /* Restore our saved control stack pointer */
792 thread),
793 thread);
795 #endif
797 #if defined(reg_ALLOC) && !defined(LISP_FEATURE_SB_THREAD)
798 /* Put the dynamic space free pointer back into the context. */
803 /*
804 ((uword_t)(*os_context_register_addr(context, reg_ALLOC))
805 & ~LOWTAG_MASK)
806 | ((uword_t) dynamic_space_free_pointer & LOWTAG_MASK);
807 */
808 #endif
809 #if defined(reg_ALLOC) && defined(LISP_FEATURE_SB_THREAD)
810 /* Put the pseudo-atomic bits and dynamic space free pointer back
811 * into the context (p-a-bits for p-a, and dynamic space free
812 * pointer for ROOM). */
816 /* And clear them so we don't get bit later by call-in/call-out
817 * not updating them. */
819 #endif
820 #if defined(LISP_FEATURE_ARM) && !defined(LISP_FEATURE_GENCGC)
822 #endif
823 }
825 /* a handler for the signal caused by execution of a trap opcode
826 * signalling an internal error */
827 void
829 {
836 /* There's no good way to recover from an internal error
837 * before the Lisp error handling mechanism is set up. */
839 }
841 #ifndef LISP_FEATURE_SB_SAFEPOINT
843 #endif
845 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
847 #endif
849 #if defined(LISP_FEATURE_LINUX) && defined(LISP_FEATURE_MIPS)
850 /* Workaround for blocked SIGTRAP. */
851 {
852 sigset_t newset;
856 }
857 #endif
860 #if QSHOW == 2
861 /* Display some rudimentary debugging information about the
862 * error, so that even if the Lisp error handler gets badly
863 * confused, we have a chance to determine what's going on. */
865 #endif
872 }
874 boolean
876 {
880 }
882 void
884 {
885 /* There are three ways we can get here. First, if an interrupt
886 * occurs within pseudo-atomic, it will be deferred, and we'll
887 * trap to here at the end of the pseudo-atomic block. Second, if
888 * the GC (in alloc()) decides that a GC is required, it will set
889 * *GC-PENDING* and pseudo-atomic-interrupted if not *GC-INHIBIT*,
890 * and alloc() is always called from within pseudo-atomic, and
891 * thus we end up here again. Third, when calling GC-ON or at the
892 * end of a WITHOUT-GCING, MAYBE-HANDLE-PENDING-GC will trap to
893 * here if there is a pending GC. Fourth, ahem, at the end of
894 * WITHOUT-INTERRUPTS (bar complications with nesting).
895 *
896 * A fourth way happens with safepoints: In addition to a stop for
897 * GC that is pending, there are thruptions. Both mechanisms are
898 * mostly signal-free, yet also of an asynchronous nature, so it makes
899 * sense to let interrupt_handle_pending take care of running them:
900 * It gets run precisely at those places where it is safe to process
901 * pending asynchronous tasks. */
908 }
913 #ifndef LISP_FEATURE_SB_SAFEPOINT
914 /*
915 * (On safepoint builds, there is no gc_blocked_deferrables nor
916 * SIG_STOP_FOR_GC.)
917 */
918 /* If GC/SIG_STOP_FOR_GC struck during PA and there was no pending
919 * handler, then the pending mask was saved and
920 * gc_blocked_deferrables set. Hence, there can be no pending
921 * handler and it's safe to restore the pending mask.
922 *
923 * Note, that if gc_blocked_deferrables is false we may still have
924 * to GC. In this case, we are coming out of a WITHOUT-GCING or a
925 * pseudo atomic was interrupt be a deferrable first. */
931 /* Restore the saved signal mask from the original signal (the
932 * one that interrupted us during the critical section) into
933 * the os_context for the signal we're currently in the
934 * handler for. This should ensure that when we return from
935 * the handler the blocked signals are unblocked. */
936 #ifndef LISP_FEATURE_WIN32
938 #endif
940 }
941 #endif
946 #ifdef LISP_FEATURE_SB_SAFEPOINT
947 /* handles the STOP_FOR_GC_PENDING case, plus THRUPTIONS */
949 # ifdef LISP_FEATURE_SB_THRUPTION
952 # endif
953 )
954 /* We ought to take this chance to do a pitstop now. */
956 #elif defined(LISP_FEATURE_SB_THREAD)
958 /* STOP_FOR_GC_PENDING and GC_PENDING are cleared by
959 * the signal handler if it actually stops us. */
963 #endif
964 /* Test for T and not for != NIL since the value :IN-PROGRESS
965 * is used in SUB-GC as part of the mechanism to supress
966 * recursive gcs.*/
969 /* Two reasons for doing this. First, if there is a
970 * pending handler we don't want to run. Second, we are
971 * going to clear pseudo atomic interrupted to avoid
972 * spurious trapping on every allocation in SUB_GC and
973 * having a pending handler with interrupts enabled and
974 * without pseudo atomic interrupted breaks an
975 * invariant. */
979 }
983 /* GC_PENDING is cleared in SUB-GC, or if another thread
984 * is doing a gc already we will get a SIG_STOP_FOR_GC and
985 * that will clear it.
986 *
987 * If there is a pending handler or gc was triggerred in a
988 * signal handler then maybe_gc won't run POST_GC and will
989 * return normally. */
996 }
998 /* It's not NIL or T so GC_PENDING is :IN-PROGRESS. If
999 * GC-PENDING is not NIL then we cannot trap on pseudo
1000 * atomic due to GC (see if(GC_PENDING) logic in
1001 * cheneygc.c an gengcgc.c), plus there is a outer
1002 * WITHOUT-INTERRUPTS SUB_GC, so how did we end up
1003 * here? */
1005 }
1009 /* No GC shall be lost. If SUB_GC triggers another GC then
1010 * that should be handled on the spot. */
1013 #ifdef THREADS_USING_GCSIGNAL
1016 #endif
1017 /* Check two things. First, that gc does not clobber a handler
1018 * that's already pending. Second, that there is no interrupt
1019 * lossage: if original_pending_handler was NULL then even if
1020 * an interrupt arrived during GC (POST-GC, really) it was
1021 * handled. */
1025 }
1027 #ifndef LISP_FEATURE_WIN32
1028 /* There may be no pending handler, because it was only a gc that
1029 * had to be executed or because Lisp is a bit too eager to call
1030 * DO-PENDING-INTERRUPT. */
1033 /* No matter how we ended up here, clear both
1034 * INTERRUPT_PENDING and pseudo atomic interrupted. It's safe
1035 * because we checked above that there is no GC pending. */
1038 /* Restore the sigmask in the context. */
1041 }
1042 #ifdef LISP_FEATURE_SB_THRUPTION
1044 /* Special case for the following situation: There is a
1045 * thruption pending, but a signal had been deferred. The
1046 * pitstop at the top of this function could only take care
1047 * of GC, and skipped the thruption, so we need to try again
1048 * now that INTERRUPT_PENDING and the sigmask have been
1049 * reset. */
1051 ;
1052 #endif
1053 #endif
1054 #ifdef LISP_FEATURE_GENCGC
1057 #endif
1058 /* It is possible that the end of this function was reached
1059 * without never actually doing anything, the tests in Lisp for
1060 * when to call receive-pending-interrupt are not exact. */
1062 }
1063 \f
1065 void
1067 {
1068 boolean were_in_lisp;
1073 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
1076 #endif
1082 }
1086 {
1088 }
1092 signal));
1096 /* This can happen if someone tries to ignore or default one
1097 * of the signals we need for runtime support, and the runtime
1098 * support decides to pass on it. */
1102 /* Once we've decided what to do about contexts in a
1103 * return-elsewhere world (the original context will no longer
1104 * be available; should we copy it or was nobody using it anyway?)
1105 * then we should convert this to return-elsewhere */
1107 /* CMUCL comment said "Allocate the SAPs while the interrupts
1108 * are still disabled.". I (dan, 2003.08.21) assume this is
1109 * because we're not in pseudoatomic and allocation shouldn't
1110 * be interrupted. In which case it's no longer an issue as
1111 * all our allocation from C now goes through a PA wrapper,
1112 * but still, doesn't hurt.
1113 *
1114 * Yeah, but non-gencgc platforms don't really wrap allocation
1115 * in PA. MG - 2005-08-29 */
1118 #ifndef LISP_FEATURE_SB_SAFEPOINT
1119 /* Leave deferrable signals blocked, the handler itself will
1120 * allow signals again when it sees fit. */
1122 #else
1124 #endif
1133 info_sap,
1134 context_sap);
1135 }
1137 /* This cannot happen in sane circumstances. */
1141 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
1142 /* Allow signals again. */
1145 #endif
1146 }
1149 {
1151 }
1155 signal));
1156 }
1158 /* This is called at the end of a critical section if the indications
1159 * are that some signal was deferred during the section. Note that as
1160 * far as C or the kernel is concerned we dealt with the signal
1161 * already; we're just doing the Lisp-level processing now that we
1162 * put off then */
1163 static void
1165 {
1166 /* The pending_handler may enable interrupts and then another
1167 * interrupt may hit, overwrite interrupt_data, so reset the
1168 * pending handler before calling it. Trust the handler to finish
1169 * with the siginfo before enabling interrupts. */
1176 }
1178 #ifndef LISP_FEATURE_WIN32
1179 boolean
1182 {
1194 /* If interrupts are disabled then INTERRUPT_PENDING is set and
1195 * not PSEDUO_ATOMIC_INTERRUPTED. This is important for a pseudo
1196 * atomic section inside a WITHOUT-INTERRUPTS.
1197 *
1198 * Also, if in_leaving_without_gcing_race_p then
1199 * interrupt_handle_pending is going to be called soon, so
1200 * stashing the signal away is safe.
1201 */
1212 }
1213 /* a slightly confusing test. arch_pseudo_atomic_atomic() doesn't
1214 * actually use its argument for anything on x86, so this branch
1215 * may succeed even when context is null (gencgc alloc()) */
1224 }
1229 }
1231 static void
1235 {
1247 signal));
1252 /* the signal mask in the context (from before we were
1253 * interrupted) is copied to be restored when run_deferred_handler
1254 * happens. Then the usually-blocked signals are added to the mask
1255 * in the context so that we are running with blocked signals when
1256 * the handler returns */
1259 }
1261 static void
1263 {
1269 RESTORE_ERRNO;
1270 }
1272 static void
1275 {
1276 /* No FP control fixage needed, caller has done that. */
1280 /* No Darwin context fixage needed, caller does that. */
1281 }
1283 static void
1285 {
1293 RESTORE_ERRNO;
1294 }
1295 #endif
1297 #ifdef THREADS_USING_GCSIGNAL
1299 /* This function must not cons, because that may trigger a GC. */
1300 void
1302 {
1304 boolean was_in_lisp;
1306 /* Test for GC_INHIBIT _first_, else we'd trap on every single
1307 * pseudo atomic until gc is finally allowed. */
1316 maybe_save_gc_mask_and_block_deferrables
1319 }
1323 /* Not PA and GC not inhibited -- we can stop now. */
1328 /* need the context stored so it can have registers scavenged */
1330 }
1332 /* Not pending anymore. */
1336 /* Consider this: in a PA section GC is requested: GC_PENDING,
1337 * pseudo_atomic_interrupted and gc_blocked_deferrables are set,
1338 * deferrables are blocked then pseudo_atomic_atomic is cleared,
1339 * but a SIG_STOP_FOR_GC arrives before trapping to
1340 * interrupt_handle_pending. Here, GC_PENDING is cleared but
1341 * pseudo_atomic_interrupted is not and we go on running with
1342 * pseudo_atomic_interrupted but without a pending interrupt or
1343 * GC. GC_BLOCKED_DEFERRABLES is also left at 1. So let's tidy it
1344 * up. */
1351 }
1356 }
1361 /* While waiting for gc to finish occupy ourselves with zeroing
1362 * the unused portion of the control stack to reduce conservatism.
1363 * On hypothetic platforms with threads and exact gc it is
1364 * actually a must. */
1373 }
1377 }
1378 }
1380 #endif
1382 void
1384 {
1386 #ifndef LISP_FEATURE_WIN32
1388 #if !(defined(LISP_FEATURE_LINUX) || defined(LISP_FEATURE_ANDROID))
1390 #endif
1391 )
1394 #endif
1396 RESTORE_ERRNO;
1397 }
1399 /* manipulate the signal context and stack such that when the handler
1400 * returns, it will call function instead of whatever it was doing
1401 * previously
1402 */
1404 #if (defined(LISP_FEATURE_X86) || defined(LISP_FEATURE_X86_64))
1406 #endif
1412 void
1414 call_into_lisp_lookalike funptr,
1415 lispobj function)
1416 {
1417 #if !(defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_SAFEPOINT))
1418 check_gc_signals_unblocked_or_lose
1420 #endif
1421 #if !(defined(LISP_FEATURE_X86) || defined(LISP_FEATURE_X86_64))
1424 #endif
1426 /* Build a stack frame showing `interrupted' so that the
1427 * user's backtrace makes (as much) sense (as usual) */
1429 /* fp state is saved and restored by call_into_lisp */
1430 /* FIXME: errno is not restored, but since current uses of this
1431 * function only call Lisp code that signals an error, it's not
1432 * much of a problem. In other words, running out of the control
1433 * stack between a syscall and (GET-ERRNO) may clobber errno if
1434 * something fails during signalling or in the handler. But I
1435 * can't see what can go wrong as long as there is no CONTINUE
1436 * like restart on them. */
1437 #ifdef LISP_FEATURE_X86
1438 /* Suppose the existence of some function that saved all
1439 * registers, called call_into_lisp, then restored GP registers and
1440 * returned. It would look something like this:
1442 push ebp
1443 mov ebp esp
1444 pushfl
1445 pushal
1446 push $0
1447 push $0
1448 pushl {address of function to call}
1449 call 0x8058db0 <call_into_lisp>
1450 addl $12,%esp
1451 popal
1452 popfl
1453 leave
1454 ret
1456 * What we do here is set up the stack that call_into_lisp would
1457 * expect to see if it had been called by this code, and frob the
1458 * signal context so that signal return goes directly to call_into_lisp,
1459 * and when that function (and the lisp function it invoked) returns,
1460 * it returns to the second half of this imaginary function which
1461 * restores all registers and returns to C
1463 * For this to work, the latter part of the imaginary function
1464 * must obviously exist in reality. That would be post_signal_tramp
1465 */
1467 #ifndef LISP_FEATURE_DARWIN
1469 #endif
1471 #if defined(LISP_FEATURE_DARWIN)
1474 FSHOW_SIGNAL((stderr, "/arrange_return_to_lisp_function: preparing to go to function %x, sp: %x\n", function,
1476 FSHOW_SIGNAL((stderr, "/arrange_return_to_lisp_function: context: %x, &context %x\n", context, &context));
1478 /* 1. os_validate (malloc/mmap) register_save_block
1479 * 2. copy register state into register_save_block
1480 * 3. put a pointer to register_save_block in a register in the context
1481 * 4. set the context's EIP to point to a trampoline which:
1482 * a. builds the fake stack frame from the block
1483 * b. frees the block
1484 * c. calls the function
1485 */
1501 #else
1503 /* return address for call_into_lisp: */
1508 /* this order matches that used in POPAD */
1513 /* POPAD ignores the value of ESP: */
1524 #endif
1526 #elif defined(LISP_FEATURE_X86_64)
1529 /* return address for call_into_lisp: */
1542 /* skip RBP and RSP */
1555 #else
1558 #endif
1560 #ifdef LISP_FEATURE_X86
1562 #if !defined(LISP_FEATURE_DARWIN)
1566 #ifdef __NetBSD__
1569 #else
1574 #elif defined(LISP_FEATURE_X86_64)
1579 #else
1580 /* this much of the calling convention is common to all
1581 non-x86 ports */
1584 #ifdef reg_LIP
1587 #endif
1590 #endif
1591 #ifdef ARCH_HAS_NPC_REGISTER
1594 #endif
1595 #if defined(LISP_FEATURE_SPARC) || defined(LISP_FEATURE_ARM) || defined(LISP_FEATURE_ARM64)
1598 #endif
1601 }
1603 void
1605 {
1606 #if defined(LISP_FEATURE_DARWIN) && defined(LISP_FEATURE_X86)
1609 function);
1610 #else
1612 #endif
1613 }
1615 // These have undefined_alien_function tramp in x-assem.S
1616 #if !(defined(LISP_FEATURE_X86_64) || defined(LISP_FEATURE_ARM) || defined(LISP_FEATURE_ARM64))
1617 /* KLUDGE: Theoretically the approach we use for undefined alien
1618 * variables should work for functions as well, but on PPC/Darwin
1619 * we get bus error at bogus addresses instead, hence this workaround,
1620 * that has the added benefit of automatically discriminating between
1621 * functions and variables.
1622 */
1623 void
1625 {
1627 }
1628 #endif
1631 {
1636 }
1639 {
1645 }
1647 /* Called from the REPL, too. */
1649 {
1653 }
1654 }
1657 {
1659 }
1661 boolean
1663 {
1670 }
1673 /* We hit the end of the control stack: disable guard page
1674 * protection so the error handler has some headroom, protect the
1675 * previous page so that we can catch returns from the guard page
1676 * and restore it. */
1680 #ifdef LISP_FEATURE_C_STACK_IS_CONTROL_STACK
1681 /* For the unfortunate case, when the control stack is
1682 * exhausted in a signal handler. */
1684 #endif
1685 arrange_return_to_lisp_function
1688 }
1691 /* We're returning from the guard page: reprotect it, and
1692 * unprotect this one. This works even if we somehow missed
1693 * the return-guard-page, and hit it on our way to new
1694 * exhaustion instead. */
1699 }
1703 }
1710 /* For the unfortunate case, when the binding stack is
1711 * exhausted in a signal handler. */
1713 arrange_return_to_lisp_function
1716 }
1723 }
1727 }
1734 /* For the unfortunate case, when the alien stack is
1735 * exhausted in a signal handler. */
1737 arrange_return_to_lisp_function
1740 }
1747 }
1750 arrange_return_to_lisp_function
1753 }
1755 }
1756 \f
1757 /*
1758 * noise to install handlers
1759 */
1761 #ifndef LISP_FEATURE_WIN32
1762 /* In Linux 2.4 synchronous signals (sigtrap & co) can be delivered if
1763 * they are blocked, in Linux 2.6 the default handler is invoked
1764 * instead that usually coredumps. One might hastily think that adding
1765 * SA_NODEFER helps, but until ~2.6.13 if SA_NODEFER is specified then
1766 * the whole sa_mask is ignored and instead of not adding the signal
1767 * in question to the mask. That means if it's not blockable the
1768 * signal must be unblocked at the beginning of signal handlers.
1769 *
1770 * It turns out that NetBSD's SA_NODEFER doesn't DTRT in a different
1771 * way: if SA_NODEFER is set and the signal is in sa_mask, the signal
1772 * will be unblocked in the sigmask during the signal handler. -- RMK
1773 * X-mas day, 2005
1774 */
1777 #define SA_NODEFER_TEST_BLOCK_SIGNAL SIGABRT
1778 #define SA_NODEFER_TEST_KILL_SIGNAL SIGUSR1
1780 static void
1782 {
1783 sigset_t current;
1786 /* There should be exactly two blocked signals: the two we added
1787 * to sa_mask when setting up the handler. NetBSD doesn't block
1788 * the signal we're handling when SA_NODEFER is set; Linux before
1789 * 2.6.13 or so also doesn't block the other signal when
1790 * SA_NODEFER is set. */
1796 }
1799 }
1801 static void
1803 {
1812 /* Make sure no signals are blocked. */
1813 {
1814 sigset_t empty;
1817 }
1821 }
1823 #undef SA_NODEFER_TEST_BLOCK_SIGNAL
1824 #undef SA_NODEFER_TEST_KILL_SIGNAL
1826 #if defined(LISP_FEATURE_SB_SAFEPOINT_STRICTLY) && !defined(LISP_FEATURE_WIN32)
1830 {
1832 os_context_t fake_context;
1833 siginfo_t fake_info;
1834 #ifdef LISP_FEATURE_PPC
1835 mcontext_t uc_regs;
1836 #endif
1840 #ifdef LISP_FEATURE_PPC
1843 #endif
1848 #endif
1853 }
1855 static void
1857 {
1861 /* alloc() is not re-entrant and still uses pseudo atomic (even though
1862 * inline allocation does not). In this case, give up. */
1872 /* And we're back. We know that the SIGPROF handler never unwinds
1873 * non-locally, and can simply swap things back: */
1879 cleanup:
1881 RESTORE_ERRNO;
1882 }
1884 static void
1886 {
1889 pthread_attr_t attr;
1890 pthread_t th;
1901 RESTORE_ERRNO;
1904 lost:
1906 }
1907 #endif
1909 static void
1911 {
1913 sigset_t unblock;
1919 RESTORE_ERRNO;
1920 }
1922 static void
1924 {
1926 sigset_t unblock;
1932 RESTORE_ERRNO;
1933 }
1935 static void
1937 {
1940 RESTORE_ERRNO;
1941 }
1943 void
1945 interrupt_handler_t handler)
1946 {
1951 }
1960 else
1963 #ifdef LISP_FEATURE_SB_THRUPTION
1964 /* It's in `deferrable_sigset' so that we block&unblock it properly,
1965 * but we don't actually want to defer it. And if we put it only
1966 * into blockable_sigset, we'd have to special-case it around thread
1967 * creation at least. */
1970 #endif
1975 #if defined(LISP_FEATURE_C_STACK_IS_CONTROL_STACK)
1978 # ifdef LISP_FEATURE_SB_SAFEPOINT
1981 # endif
1982 }
1983 #endif
1988 }
1989 #endif
1991 /* This is called from Lisp. */
1992 uword_t
1995 {
1996 #ifndef LISP_FEATURE_WIN32
1998 sigset_t old;
2011 #ifdef LISP_FEATURE_SB_SAFEPOINT_STRICTLY
2016 #endif
2022 else
2029 }
2039 #else
2040 /* Probably-wrong Win32 hack */
2042 #endif
2043 }
2045 /* This must not go through lisp as it's allowed anytime, even when on
2046 * the altstack. */
2047 void
2049 {
2050 /* Save the interrupt context. No need to undo it, since lose()
2051 * shouldn't return. */
2054 }
2056 void
2058 {
2059 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
2062 #ifndef LISP_FEATURE_WIN32
2064 #endif
2071 #endif
2073 #ifndef LISP_FEATURE_WIN32
2074 /* Set up high level handler information. */
2077 /* (The cast here blasts away the distinction between
2078 * SA_SIGACTION-style three-argument handlers and
2079 * signal(..)-style one-argument handlers, which is OK
2080 * because it works to call the 1-argument form where the
2081 * 3-argument form is expected.) */
2083 }
2085 #endif
2087 }
2089 #ifndef LISP_FEATURE_WIN32
2090 int
2092 {
2094 }
2095 os_vm_address_t current_memory_fault_address;
2097 void
2099 {
2100 /* FIXME: This is lossy: if we get another memory fault (eg. from
2101 * another thread) before lisp has read this, we lose the information.
2102 * However, since this is mostly informative, we'll live with that for
2103 * now -- some address is better then no address in this case.
2104 */
2107 /* If we lose on corruption, provide LDB with debugging information. */
2110 /* To allow debugging memory faults in signal handlers and such. */
2112 addr,
2114 #ifdef ARCH_HAS_STACK_POINTER
2116 #else
2117 0
2118 #endif
2119 );
2120 #ifdef LISP_FEATURE_C_STACK_IS_CONTROL_STACK
2125 #else
2129 #endif
2130 }
2131 #endif
2133 static void
2135 {
2138 #ifndef LISP_FEATURE_SB_SAFEPOINT
2140 #endif
2142 #if !defined(LISP_FEATURE_WIN32) || defined(LISP_FEATURE_SB_THREAD)
2144 #endif
2147 }
2149 /* Common logic for trapping instructions. How we actually handle each
2150 * case is highly architecture dependent, but the overall shape is
2151 * this. */
2152 void
2154 {
2156 #if !(defined(LISP_FEATURE_WIN32) && defined(LISP_FEATURE_SB_THREAD))
2162 #endif
2165 #ifdef trap_InvalidArgCount
2167 #endif
2177 #ifdef trap_AfterBreakpoint
2181 #endif
2182 #ifdef trap_SingleStepAround
2187 #endif
2188 #ifdef trap_GlobalSafepoint
2201 #endif
2202 #if defined(LISP_FEATURE_SPARC) && defined(LISP_FEATURE_GENCGC)
2207 #endif
2213 }
2214 }