fix ia64 longjmp() to work from alternate signal-stack

fix ia64 longjmp() to work from alternate signal-stack

[David Mosberger]

Recently, HJ Lu noticed that tst-cancel20 is failing on ia64 when
using libunwind.  This failure was due to the fact that this test
triggers a longjmp() from an alternate signal stack back to the main
stack.  The existing longjmp() cannot handle stack-crossing jumps
correctly, which is the root-cause of the failure.  The failure didn't
show with the GCC builtin unwinder since it implicitly copies portions
of the register backing-store from the alternate signal stack back to
the main stack.  This copying masked enough of the longjmp() bug that
tst-cancel20 passed.  However, despite this masking, the bug is
clearly in longjmp().  In fact, tst-setjmp2 included below will crash
reliably with the existing longjmp().

Unfortunately, fixing the problem is not trivial.  The solution the
patch below implements is as follows:

 longjmp() now invokes sigaltstack() to determine if we're doing a
 long jump from the alternate signal stack to the normal stack.  If
 not, it will do a long jump as before.  If the stacks are crossed,
 longjmp() now assumes the top of the alternate stack contains a
 sigcontext structure.  It then uses the info in the sigcontext
 structure and in the jump-buffer to determine what portion of the
 backing store needs to be copied from the alternate signal stack to
 the main stack.  After copying the minimal amount of data, it then
 finishes doing the long jump as before.

I'm not 100% happy with the solution:

 o It adds a sigaltstack() system-call to the longjmp() patch.

 o longjmp() has to make assumptions about where the kernel puts the
   sigcontext on the alternate signal-stack.  It's very unlikely that
   the kernel will change in this area, but it's still a dependency
   that I'd have rather avoided.

Having said that, I didn't see any reasonable alternative.  I
considered doing a "flushrs" in setjmp() instead but as pointed out in
the Software Conventions & Runtime Architecture manual, this cannot
work because it's not (reasonably) possible to keep the stacked
registers and their NaT-bits in sync that way.

Performance-wise, the impact is as follows (each line shows the
execution-time in number of cycles; the first iteration was executed
with the jump-buffer flushed from the cache):

Existing CVS libc (with lightweight syscalls enabled):

Alternate signal disabled:
 sigsetjmp(save_sig=0) cyc: 1692  111  114  111  105  111  111  105  105  105
 siglongjmp            cyc: 2296  234  218  212  221  215  217  212  205  217
 sigsetjmp(save_sig=1) cyc:  583  178  178  178  178  178  178  178  178  178
 siglongjmp            cyc: 1108  353  351  351  347  360  351  347  356  351
Alternate signal enabled:
 sigsetjmp(save_sig=0) cyc:  450  111  111  105  105  105  105  105  105  105
 siglongjmp            cyc: 1266  241  207  208  208  208  208  208  208  208
 sigsetjmp(save_sig=1) cyc:  568  178  178  178  178  178  178  178  178  178
 siglongjmp            cyc: 1085  343  347  343  343  343  343  343  343  343

With patch below applied:

Alternate signal disabled:
 sigsetjmp(save_sig=0) cyc: 1403  128  125  127  110  110  110  110  110  110
 siglongjmp            cyc: 3201  654  632  608  606  606  606  606  606  606
 sigsetjmp(save_sig=1) cyc:  578  212  193  193  193  185  185  185  185  185
 siglongjmp            cyc: 1035  760  744  744  744  744  744  744  744  744
Alternate signal enabled:
 sigsetjmp(save_sig=0) cyc:  440  125  115  110  110  110  125  110  110  110
 siglongjmp            cyc: 1568  798  715  703  717  815  717  703  703  703
 sigsetjmp(save_sig=1) cyc:  563  195  195  195  195  195  195  195  195  195
 siglongjmp            cyc: 1143  857  848  834  834  834  834  834  834  834

As you can see, the setjmp() performance is unchanged (apart from
noise), as you'd expect.  The impact on longjmp() is quite
significant, however: about 390 cycles when not crossing stacks and
about 495 cycles when crossing stacks (of course, the latter case was
broken before, so it didn't help that it was faster...).  The largest
part of this overhead is due to the sigaltstack() system call that is
now necessary.  I don't see a way to avoid it, though we could at
least implement the simple case of just reading the current stack info
as a light-weight system-call handler, if somebody really cared a lot
about longjmp() performance.

I ran the test-suite before and applying the patch below and there are
no changes except that tst-cancel20 and tst-setjmp2 now succeed.

If there are no objections, please apply this patch.

Thanks,

	--david

File sysdeps/unix/sysv/linux/ia64/__longjmp.S should be removed!

ChangeLog

2004-08-25  David Mosberger  <davidm@hpl.hp.com>

	* sysdeps/unix/sysv/linux/ia64/Makefile (sysdep_routines): Mention
	__ia64_longjmp for setjmp directory.
	* setjmp/Makefile (tests): Mention tst-setjmp2.
	* sysdeps/unix/sysv/linux/ia64/__longjmp.c: New file.
	* sysdeps/unix/sysv/linux/ia64/__ia64_longjmp.S: Rename from
	__longjmp.S.
	(__ia64_flush_rbs): New function.
	(__ia64_longjmp): Rename from __longjmp.  Simplify since
	some of the work is now done in the C __longjmp().

Index: setjmp/Makefile
--- setjmp/Makefile
+++ setjmp/Makefile
@@ -26,7 +26,7 @@
 routines	:= setjmp sigjmp bsd-setjmp bsd-_setjmp \
 		   longjmp __longjmp jmp-unwind
 
-tests		:= tst-setjmp jmpbug bug269-setjmp
+tests		:= tst-setjmp tst-setjmp2 jmpbug bug269-setjmp
 
 
 include ../Rules
Index: sysdeps/unix/sysv/linux/ia64/Makefile
--- sysdeps/unix/sysv/linux/ia64/Makefile
+++ sysdeps/unix/sysv/linux/ia64/Makefile
@@ -7,6 +7,10 @@
 gen-as-const-headers += sigcontext-offsets.sym
 endif
 
+ifeq ($(subdir),setjmp)
+sysdep_routines += __ia64_longjmp
+endif
+
 ifeq ($(subdir),misc)
 sysdep_headers += sys/io.h
 sysdep_routines += ioperm clone2
Index: sysdeps/unix/sysv/linux/ia64/__ia64_longjmp.S
--- /dev/null
+++ sysdeps/unix/sysv/linux/ia64/__ia64_longjmp.S
@@ -0,0 +1,156 @@
+/* Copyright (C) 1999, 2000, 2001, 2004 Free Software Foundation, Inc.
+   Contributed by David Mosberger-Tang <davidm@hpl.hp.com>.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+#include <sysdep.h>
+#include <features.h>
+
+LEAF(__ia64_flush_rbs)
+	flushrs
+	mov r9 = ar.rsc		// 12 cyc latency
+	;;
+	mov r8 = ar.bsp		// 12 cyc latency
+	;;
+	and r16 = ~0x3, r9	// clear ar.rsc.mode
+	;;
+	mov ar.rsc = r16	// put RSE into enforced-lazy mode
+	;;
+	mov r10 = ar.rnat	// 5 cyc latency
+	ret
+END(__ia64_flush_rbs)
+
+
+#	define	pPos	p6	/* is rotate count positive? */
+#	define	pNeg	p7	/* is rotate count negative? */
+
+/* __ia64_longjmp(__jmp_buf buf, int val, long rnat, long rsc)  */
+
+
+LEAF(__ia64_longjmp)
+	alloc r8=ar.pfs,4,0,0,0
+	add r2=0x98,in0		// r2 <- &jmpbuf.orig_jmp_buf_addr
+	add r3=0x88,in0		// r3 <- &jmpbuf.ar_bsp
+	;;
+	ld8 r8=[r2]		// r8 <- orig_jmp_buf_addr
+	ld8 r23=[r3],8		// r23 <- jmpbuf.ar_bsp
+	mov r2=in0
+	;;
+	//
+	// Note: we need to redo the "flushrs" here even though it's
+	// already been done by __ia64_flush_rbs.  It is needed to
+	// ensure that ar.bspstore == ar.bsp.
+	//
+	flushrs			// flush dirty regs to backing store
+	ld8 r25=[r3]		// r25 <- jmpbuf.ar_unat
+	sub r8=r8,in0		// r8 <- &orig_jmpbuf - &jmpbuf
+	;;
+	add r3=8,in0		// r3 <- &jmpbuf.r1
+	extr.u r8=r8,3,6	// r8 <- (&orig_jmpbuf - &jmpbuf)/8 & 0x3f
+	;;
+	cmp.lt pNeg,pPos=r8,r0
+	;;
+(pPos)	mov r16=r8
+(pNeg)	add r16=64,r8
+(pPos)	sub r17=64,r8
+(pNeg)	sub r17=r0,r8
+	;;
+	shr.u r8=r25,r16
+	shl r9=r25,r17
+	;;
+	or r25=r8,r9
+	;;
+	mov ar.unat=r25 // setup ar.unat (NaT bits for r1, r4-r7, and r12)
+	;;
+	ld8.fill.nta sp=[r2],16	// r12 (sp)
+	ld8.fill.nta gp=[r3],16 // r1 (gp)
+	dep r11=-1,r23,3,6	// r11 <- ia64_rse_rnat_addr(jmpbuf.ar_bsp)
+	;;
+	ld8.nta r16=[r2],16		// caller's unat
+	ld8.nta r17=[r3],16		// fpsr
+	;;
+	ld8.fill.nta r4=[r2],16		// r4
+	ld8.fill.nta r5=[r3],16		// r5 (gp)
+	;;
+	ld8.fill.nta r6=[r2],16		// r6
+	ld8.fill.nta r7=[r3],16		// r7
+	;;
+	mov ar.unat=r16			// restore caller's unat
+	mov ar.fpsr=r17			// restore fpsr
+	;;
+	ld8.nta r16=[r2],16		// b0
+	ld8.nta r17=[r3],16		// b1
+	;;
+	mov ar.bspstore=r23	// restore ar.bspstore
+	ld8.nta r18=[r2],16		// b2
+	;;
+	mov ar.rnat=in2		// restore ar.rnat
+	ld8.nta r19=[r3],16		// b3
+	;;
+	ld8.nta r20=[r2],16		// b4
+	ld8.nta r21=[r3],16		// b5
+	;;
+	ld8.nta r11=[r2],16		// ar.pfs
+	ld8.nta r22=[r3],56		// ar.lc
+	;;
+	ld8.nta r24=[r2],32		// pr
+	mov ar.rsc=in3		// restore ar.rsc
+	mov b0=r16
+	;;
+	ldf.fill.nta f2=[r2],32
+	ldf.fill.nta f3=[r3],32
+	mov b1=r17
+	;;
+	ldf.fill.nta f4=[r2],32
+	ldf.fill.nta f5=[r3],32
+	mov b2=r18
+	;;
+	ldf.fill.nta f16=[r2],32
+	ldf.fill.nta f17=[r3],32
+	mov b3=r19
+	;;
+	ldf.fill.nta f18=[r2],32
+	ldf.fill.nta f19=[r3],32
+	mov b4=r20
+	;;
+	ldf.fill.nta f20=[r2],32
+	ldf.fill.nta f21=[r3],32
+	mov b5=r21
+	;;
+	ldf.fill.nta f22=[r2],32
+	ldf.fill.nta f23=[r3],32
+	mov ar.lc=r22
+	;;
+	ldf.fill.nta f24=[r2],32
+	ldf.fill.nta f25=[r3],32
+	cmp.eq p8,p9=0,in1
+	;;
+	ldf.fill.nta f26=[r2],32
+	ldf.fill.nta f27=[r3],32
+	mov ar.pfs=r11
+	;;
+	ldf.fill.nta f28=[r2],32
+	ldf.fill.nta f29=[r3],32
+(p8)	mov r8=1
+	;;
+	ldf.fill.nta f30=[r2]
+	ldf.fill.nta f31=[r3]
+(p9)	mov r8=in1
+
+	invala			// virt. -> phys. regnum mapping may change
+	mov pr=r24,-1
+	ret
+END(__ia64_longjmp)
Index: sysdeps/unix/sysv/linux/ia64/__longjmp.c
--- /dev/null
+++ sysdeps/unix/sysv/linux/ia64/__longjmp.c
@@ -0,0 +1,174 @@
+/* Copyright (C) 2004 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+   Contributed by David Mosberger-Tang <davidm@hpl.hp.com>.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+/* This __longjmp() implementation is limited to jumping within the
+   same stack.  That is, in general it is not possible to use this
+   __longjmp() implementation to cross from one stack to another.
+   However, as a special exception, we have to support the case where
+   __longjmp() is used to cross from the alternate signal-stack to the
+   normal stack.  This is required by the Single Unix Spec, which says
+   this about longjmp():
+
+	"As it bypasses the usual function call and return mechanisms,
+	 longjmp() shall execute correctly in contexts of interrupts,
+	 signals, and any of their associated functions."
+
+   Since the spec also defines sigaltstack(), this implies that
+   longjmp() from an alternate signal stack must work.  */
+
+#include <assert.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <stdint.h>
+#include <stdlib.h>
+
+#include <sys/rse.h>
+
+#define JB_SP	0
+#define JB_BSP	17
+
+struct rbs_flush_values
+  {
+    unsigned long bsp;
+    unsigned long rsc;
+    unsigned long rnat;
+  };
+
+extern struct rbs_flush_values __ia64_flush_rbs (void);
+extern void __ia64_longjmp (__jmp_buf buf, int val, long rnat, long rsc)
+     __attribute__ ((__noreturn__));
+
+static void
+copy_rbs (unsigned long *dst, unsigned long *dst_end, unsigned long dst_rnat,
+	  unsigned long *src, unsigned long *src_end,
+	  unsigned long current_rnat)
+{
+  unsigned long dst_slot, src_rnat = 0, src_slot, *src_rnat_addr, nat_bit;
+  int first_time = 1;
+
+  while (dst < dst_end)
+    {
+      dst_slot = ia64_rse_slot_num (dst);
+      if (dst_slot == 63)
+	{
+	  *dst++ = dst_rnat;
+	  dst_rnat = 0;
+	}
+      else
+	{
+	  /* read source value, including NaT bit: */
+	  src_slot = ia64_rse_slot_num (src);
+	  if (src_slot == 63)
+	    {
+	      /* skip src RNaT slot */
+	      ++src;
+	      src_slot = 0;
+	    }
+	  if (first_time || src_slot == 0)
+	    {
+	      first_time = 0;
+	      src_rnat_addr = ia64_rse_rnat_addr (src);
+	      if (src_rnat_addr < src_end)
+		src_rnat = *src_rnat_addr;
+	      else
+		src_rnat = current_rnat;
+	    }
+	  nat_bit = (src_rnat >> src_slot) & 1;
+
+	  assert (src < src_end);
+
+	  *dst++ = *src++;
+	  if (nat_bit)
+	    dst_rnat |=  (1UL << dst_slot);
+	  else
+	    dst_rnat &= ~(1UL << dst_slot);
+	}
+    }
+  dst_slot = ia64_rse_slot_num (dst);
+  if (dst_slot > 0)
+    *ia64_rse_rnat_addr (dst) = dst_rnat;
+}
+
+void
+__longjmp (__jmp_buf buf, int val)
+{
+  unsigned long *rbs_base, *bsp, *bspstore, *jb_bsp, jb_sp, ss_sp;
+  unsigned long ndirty, rnat, load_rnat, *jb_rnat_addr;
+  struct sigcontext *sc;
+  stack_t stk;
+  struct rbs_flush_values c;
+
+  /* put RSE into enforced-lazy mode and return current bsp/rsc/rnat: */
+  c = __ia64_flush_rbs ();
+
+  jb_sp  = ((unsigned long *)  buf)[JB_SP];
+  jb_bsp = ((unsigned long **) buf)[JB_BSP];
+
+  __sigaltstack (NULL, &stk);
+
+  ss_sp = (unsigned long) stk.ss_sp;
+  jb_rnat_addr = ia64_rse_rnat_addr (jb_bsp);
+
+  if ((stk.ss_flags & SS_ONSTACK) == 0 || jb_sp - ss_sp < stk.ss_size)
+    /* Normal non-stack-crossing longjmp; if the RNaT slot for the bsp
+       saved in the jump-buffer is the same as the one for the current
+       BSP, use the current AR.RNAT value, otherwise, load it from the
+       jump-buffer's RNaT-slot.  */
+    load_rnat = (ia64_rse_rnat_addr ((unsigned long *) c.bsp) != jb_rnat_addr);
+  else
+    {
+      /* If we are on the alternate signal-stack and the jump-buffer
+	 lies outside the signal-stack, we may need to copy back the
+	 dirty partition which was torn off and saved on the
+	 signal-stack when the signal was delivered.
+
+	 Caveat: we assume that the top of the alternate signal-stack
+		 stores the sigcontext structure of the signal that
+		 caused the switch to the signal-stack.	 This should
+		 be a fairly safe assumption but the kernel _could_
+		 do things differently.. */
+      sc = ((struct sigcontext *) ((ss_sp + stk.ss_size) & -16) - 1);
+
+      /* As a sanity-check, verify that the register-backing-store base
+	 of the alternate signal-stack is where we expect it.  */
+      rbs_base = (unsigned long *)
+	((ss_sp + sizeof (long) - 1) & -sizeof (long));
+
+      assert ((unsigned long) rbs_base == sc->sc_rbs_base);
+
+      ndirty = ia64_rse_num_regs (rbs_base, rbs_base + (sc->sc_loadrs >> 19));
+      bsp = (unsigned long *) sc->sc_ar_bsp;
+      bspstore = ia64_rse_skip_regs (bsp, -ndirty);
+
+      if (bspstore < jb_bsp)
+	/* AR.BSPSTORE at the time of the signal was below the value
+	   of AR.BSP saved in the jump-buffer => copy the missing
+	   portion from the torn off dirty partition which got saved
+	   on the alternate signal-stack.  */
+	copy_rbs (bspstore, jb_bsp, sc->sc_ar_rnat,
+		  rbs_base, (unsigned long *) c.bsp, c.rnat);
+
+      load_rnat = 1;
+    }
+  if (load_rnat)
+    rnat = *jb_rnat_addr;
+  else
+    rnat = c.rnat;
+  __ia64_longjmp (buf, val, rnat, c.rsc);
+}

Re: fix ia64 longjmp() to work from alternate signal-stack

[Ulrich Drepper]

David Mosberger wrote:

> If there are no objections, please apply this patch.

I don't like this.  The behavior of longjmp if the starting point is
using the alternate stack while the destination uses the normal stack,
is currently unspecified in POSIX.  I've asked for clarification in the
POSIX working group.  The result I expect is "don't do it", aka,
unspecified.

So, this is no case the normal setjmp/longjmp needs to handle.

For the unwind/cancellation handling this might not apply.  But it is an
implementation decision to use setjmp/longjmp.  So, the solution should
be to use special versions of those interfaces in the nptl
implementation.  For all platforms but ia64 the new names are just
aliases of the normal code.  For ia64 this heavier code is used.  This
will also take care of most of the performance penalties since they
don't apply in general, only in the thread code.

-- 
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖

Re: fix ia64 longjmp() to work from alternate signal-stack

[David Mosberger]

>>>>> On Thu, 26 Aug 2004 02:24:01 -0700, Ulrich Drepper <drepper@redhat.com> said:

  Uli> David Mosberger wrote:
  >> If there are no objections, please apply this patch.

  Uli> I don't like this.  The behavior of longjmp if the starting point is
  Uli> using the alternate stack while the destination uses the normal stack,
  Uli> is currently unspecified in POSIX.  I've asked for clarification in the
  Uli> POSIX working group.  The result I expect is "don't do it", aka,
  Uli> unspecified.

I wouldn't mind at all if that were the conclusion.  I even thought
SuS left this unspecified, but upon rereading the spec, it seems SuS
explicitly allows this case.  Can you let me know when you hear back?

  Uli> For the unwind/cancellation handling this might not apply.  But
  Uli> it is an implementation decision to use setjmp/longjmp.  So,
  Uli> the solution should be to use special versions of those
  Uli> interfaces in the nptl implementation.  For all platforms but
  Uli> ia64 the new names are just aliases of the normal code.  For
  Uli> ia64 this heavier code is used.  This will also take care of
  Uli> most of the performance penalties since they don't apply in
  Uli> general, only in the thread code.

Couldn't we avoid the setjmp/longjmp altogether?  On ia64, code
without unwind info is considered broken and since we unwind anyhow we
could have a C cleanup handler for start_thread() at almost zero cost.
That would obviate the need for setjmp() in start_thread() and might
even speed up thread-creation a little.

	--david

Re: fix ia64 longjmp() to work from alternate signal-stack

[David Mosberger]

>>>>> On Thu, 26 Aug 2004 02:24:01 -0700, Ulrich Drepper <drepper@redhat.com> said:

  Uli> I don't like this.  The behavior of longjmp if the starting point is
  Uli> using the alternate stack while the destination uses the normal stack,
  Uli> is currently unspecified in POSIX.  I've asked for clarification in the
  Uli> POSIX working group.  The result I expect is "don't do it", aka,
  Uli> unspecified.

Were you able to get clarification on this issue already?

Thanks,

	--david

Re: fix ia64 longjmp() to work from alternate signal-stack

[Ulrich Drepper]

David Mosberger wrote:

> Were you able to get clarification on this issue already?

Getting a formal answer will take a while.  One reply I got indicated
that indeed the altstack is not switched.  So, the public siglongjmp
interface need not handle this, just the exception handling stuff.  If
it turns out that we want the siglongjmp code to handle this as well
some day, we still can enable it.  For now, changing your patch to just
implement the cancellation appropriately should go in.

-- 
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖

Re: fix ia64 longjmp() to work from alternate signal-stack

[David Mosberger]

>>>>> On Tue, 31 Aug 2004 08:30:58 -0700, Ulrich Drepper <drepper@redhat.com> said:

  Uli> David Mosberger wrote:
  >> Were you able to get clarification on this issue already?

  Uli> Getting a formal answer will take a while.  One reply I got indicated
  Uli> that indeed the altstack is not switched.  So, the public siglongjmp
  Uli> interface need not handle this, just the exception handling stuff.  If
  Uli> it turns out that we want the siglongjmp code to handle this as well
  Uli> some day, we still can enable it.  For now, changing your patch to just
  Uli> implement the cancellation appropriately should go in.

So you want me to create an ia64-specific version of __libc_longjmp()
which will be sigaltstack-safe while everything else goes to
the old longjmp implementation, right?

The only callers of __libc_longjmp() I found are:

./linuxthreads/sysdeps/pthread/ptlongjmp.c:  __libc_longjmp (env, val);
./nptl/sysdeps/pthread/pt-longjmp.c:  __libc_longjmp (env, val);
./nptl/unwind.c:    __libc_longjmp ((struct __jmp_buf_tag *) buf->cancel_jmp_buf, 1);
./nptl/unwind.c:  __libc_longjmp ((struct __jmp_buf_tag *) ibuf->cancel_jmp_buf, 1);

so I think this would have the desired effect.

	--david

Re: fix ia64 longjmp() to work from alternate signal-stack

[Jakub Jelinek]

On Tue, Aug 31, 2004 at 09:14:20AM -0700, David Mosberger wrote:
> So you want me to create an ia64-specific version of __libc_longjmp()
> which will be sigaltstack-safe while everything else goes to
> the old longjmp implementation, right?
> 
> The only callers of __libc_longjmp() I found are:
> 
> ./linuxthreads/sysdeps/pthread/ptlongjmp.c:  __libc_longjmp (env, val);
> ./nptl/sysdeps/pthread/pt-longjmp.c:  __libc_longjmp (env, val);
> ./nptl/unwind.c:    __libc_longjmp ((struct __jmp_buf_tag *) buf->cancel_jmp_buf, 1);
> ./nptl/unwind.c:  __libc_longjmp ((struct __jmp_buf_tag *) ibuf->cancel_jmp_buf, 1);
> 
> so I think this would have the desired effect.

The first two should use the old longjmp implementation, the latter
two the sigaltstack-safe one.

	Jakub

Re: fix ia64 longjmp() to work from alternate signal-stack

[Ulrich Drepper]

David Mosberger wrote:

> So you want me to create an ia64-specific version of __libc_longjmp()
> which will be sigaltstack-safe while everything else goes to
> the old longjmp implementation, right?

Basically, yes.  Not sure we should keep the name, though.  And even for
other archs, we might have to reset the stack.  Even though the current
code might everywhere in the moment does not mean it is correct.

-- 
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖

Re: fix ia64 longjmp() to work from alternate signal-stack

[David Mosberger]

>>>>> On Tue, 31 Aug 2004 15:59:45 +0200, Jakub Jelinek <jakub@redhat.com> said:

  Jakub> On Tue, Aug 31, 2004 at 09:14:20AM -0700, David Mosberger wrote:

  >> The only callers of __libc_longjmp() I found are:

  >> ./linuxthreads/sysdeps/pthread/ptlongjmp.c:  __libc_longjmp (env, val);
  >> ./nptl/sysdeps/pthread/pt-longjmp.c:  __libc_longjmp (env, val);
  >> ./nptl/unwind.c:    __libc_longjmp ((struct __jmp_buf_tag *) buf->cancel_jmp_buf, 1);
  >> ./nptl/unwind.c:  __libc_longjmp ((struct __jmp_buf_tag *) ibuf->cancel_jmp_buf, 1);

  >> so I think this would have the desired effect.

  Jakub> The first two should use the old longjmp implementation, the latter
  Jakub> two the sigaltstack-safe one.

OK, so how about this patch?  It introduces __libc_sigstack_longjmp()
for use by nptl/unwind.c.  By default, it's aliased to
__libc_siglongjmp(), but for ia64, I override it to the
sigstack-crossing-safe version of longjmp.

The patch passed my "make check" testing.

Please appy if there are no objections.

Thanks,

	--david

This patch introduces a glibc-internal function called
__libc_sigstack_longjmp() and changes nptl/unwind.c to use this routine
instead of __libc_siglongjmp().

The new routine is equivalent to __libc_siglongjmp() except that it
must be able to jump from an alternate signal stack back to the normal
stack.  For many platforms, the normal longjmp() can handle this
already, but on ia64 (and possibly other platforms), we need to
provide a separate implementation to satisfy the cross-stack jumping
requirement.

ChangeLog

2004-09-01  David Mosberger  <davidm@hpl.hp.com>

	* include/setjmp.h (__libc_sigstacklongjmp): Declare.
	* nptl/unwind.c (unwind_stop): Call __libc_sigstack_longjmp() instead
	of __libc_longjmp() since it may cross from sigstack to normal stack.
	(__pthread_unwind): Likewise.
	* setjmp/Versions: Mention __libc_sigstack_longjmp.
	* sysdeps/generic/longjmp.c: Make __libc_sigstack_longjmp a
	strong alias of __libc_siglongjmp.
	* sysdeps/unix/sysv/linux/ia64/Makefile (sysdep_routines): Mention
	__ia64_longjmp, sigstack_longjmp, and __sigstack_longjmp for
	setjmp directory.
	* sysdeps/unix/sysv/linux/ia64/__ia64_longjmp.S: New file.
	* sysdeps/unix/sysv/linux/ia64/__sigstack_longjmp.c: Likewise.
	* sysdeps/unix/sysv/linux/ia64/longjmp.c: Likewise.
	* sysdeps/unix/sysv/linux/ia64/sigstack_longjmp.c: Likewise.

Index: include/setjmp.h
--- include/setjmp.h
+++ include/setjmp.h
@@ -19,7 +19,10 @@
           __attribute__ ((noreturn));
 extern void __libc_longjmp (sigjmp_buf env, int val)
      __attribute__ ((noreturn));
+extern void __libc_sigstack_longjmp (sigjmp_buf env, int val)
+          __attribute__ ((noreturn));
 libc_hidden_proto (__libc_longjmp)
+libc_hidden_proto (__libc_sigstack_longjmp)
 
 libc_hidden_proto (_setjmp)
 libc_hidden_proto (__sigsetjmp)
Index: nptl/unwind.c
--- nptl/unwind.c
+++ nptl/unwind.c
@@ -93,7 +93,7 @@
     }
 
   if (do_longjump)
-    __libc_longjmp ((struct __jmp_buf_tag *) buf->cancel_jmp_buf, 1);
+    __libc_sigstack_longjmp ((struct __jmp_buf_tag *) buf->cancel_jmp_buf, 1);
 
   return _URC_NO_REASON;
 }
@@ -155,7 +155,7 @@
     }
 
   /* We simply jump to the registered setjmp buffer.  */
-  __libc_longjmp ((struct __jmp_buf_tag *) ibuf->cancel_jmp_buf, 1);
+  __libc_sigstack_longjmp ((struct __jmp_buf_tag *) ibuf->cancel_jmp_buf, 1);
 #endif
   /* NOTREACHED */
 
Index: setjmp/Versions
--- setjmp/Versions
+++ setjmp/Versions
@@ -11,6 +11,6 @@
   }
   GLIBC_PRIVATE {
     # helper functions
-    __libc_longjmp; __libc_siglongjmp;
+    __libc_longjmp; __libc_siglongjmp; __libc_sigstack_longjmp;
   }
 }
Index: sysdeps/generic/longjmp.c
--- sysdeps/generic/longjmp.c
+++ sysdeps/generic/longjmp.c
@@ -44,3 +44,6 @@
 weak_alias (__libc_siglongjmp, _longjmp)
 weak_alias (__libc_siglongjmp, longjmp)
 weak_alias (__libc_siglongjmp, siglongjmp)
+
+strong_alias (__libc_siglongjmp, __libc_sigstack_longjmp)
+libc_hidden_def (__libc_sigstack_longjmp)
Index: sysdeps/unix/sysv/linux/ia64/Makefile
--- sysdeps/unix/sysv/linux/ia64/Makefile
+++ sysdeps/unix/sysv/linux/ia64/Makefile
@@ -7,6 +7,10 @@
 gen-as-const-headers += sigcontext-offsets.sym
 endif
 
+ifeq ($(subdir),setjmp)
+sysdep_routines += __ia64_longjmp sigstack_longjmp __sigstack_longjmp
+endif
+
 ifeq ($(subdir),misc)
 sysdep_headers += sys/io.h
 sysdep_routines += ioperm clone2
Index: sysdeps/unix/sysv/linux/ia64/__ia64_longjmp.S
--- /dev/null
+++ sysdeps/unix/sysv/linux/ia64/__ia64_longjmp.S
@@ -0,0 +1,156 @@
+/* Copyright (C) 1999, 2000, 2001, 2004 Free Software Foundation, Inc.
+   Contributed by David Mosberger-Tang <davidm@hpl.hp.com>.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+#include <sysdep.h>
+#include <features.h>
+
+LEAF(__ia64_flush_rbs)
+	flushrs
+	mov r9 = ar.rsc		// 12 cyc latency
+	;;
+	mov r8 = ar.bsp		// 12 cyc latency
+	;;
+	and r16 = ~0x3, r9	// clear ar.rsc.mode
+	;;
+	mov ar.rsc = r16	// put RSE into enforced-lazy mode
+	;;
+	mov r10 = ar.rnat	// 5 cyc latency
+	ret
+END(__ia64_flush_rbs)
+
+
+#	define	pPos	p6	/* is rotate count positive? */
+#	define	pNeg	p7	/* is rotate count negative? */
+
+/* __ia64_longjmp(__jmp_buf buf, int val, long rnat, long rsc)  */
+
+
+LEAF(__ia64_longjmp)
+	alloc r8=ar.pfs,4,0,0,0
+	add r2=0x98,in0		// r2 <- &jmpbuf.orig_jmp_buf_addr
+	add r3=0x88,in0		// r3 <- &jmpbuf.ar_bsp
+	;;
+	ld8 r8=[r2]		// r8 <- orig_jmp_buf_addr
+	ld8 r23=[r3],8		// r23 <- jmpbuf.ar_bsp
+	mov r2=in0
+	;;
+	//
+	// Note: we need to redo the "flushrs" here even though it's
+	// already been done by __ia64_flush_rbs.  It is needed to
+	// ensure that ar.bspstore == ar.bsp.
+	//
+	flushrs			// flush dirty regs to backing store
+	ld8 r25=[r3]		// r25 <- jmpbuf.ar_unat
+	sub r8=r8,in0		// r8 <- &orig_jmpbuf - &jmpbuf
+	;;
+	add r3=8,in0		// r3 <- &jmpbuf.r1
+	extr.u r8=r8,3,6	// r8 <- (&orig_jmpbuf - &jmpbuf)/8 & 0x3f
+	;;
+	cmp.lt pNeg,pPos=r8,r0
+	;;
+(pPos)	mov r16=r8
+(pNeg)	add r16=64,r8
+(pPos)	sub r17=64,r8
+(pNeg)	sub r17=r0,r8
+	;;
+	shr.u r8=r25,r16
+	shl r9=r25,r17
+	;;
+	or r25=r8,r9
+	;;
+	mov ar.unat=r25 // setup ar.unat (NaT bits for r1, r4-r7, and r12)
+	;;
+	ld8.fill.nta sp=[r2],16	// r12 (sp)
+	ld8.fill.nta gp=[r3],16 // r1 (gp)
+	dep r11=-1,r23,3,6	// r11 <- ia64_rse_rnat_addr(jmpbuf.ar_bsp)
+	;;
+	ld8.nta r16=[r2],16		// caller's unat
+	ld8.nta r17=[r3],16		// fpsr
+	;;
+	ld8.fill.nta r4=[r2],16		// r4
+	ld8.fill.nta r5=[r3],16		// r5 (gp)
+	;;
+	ld8.fill.nta r6=[r2],16		// r6
+	ld8.fill.nta r7=[r3],16		// r7
+	;;
+	mov ar.unat=r16			// restore caller's unat
+	mov ar.fpsr=r17			// restore fpsr
+	;;
+	ld8.nta r16=[r2],16		// b0
+	ld8.nta r17=[r3],16		// b1
+	;;
+	mov ar.bspstore=r23	// restore ar.bspstore
+	ld8.nta r18=[r2],16		// b2
+	;;
+	mov ar.rnat=in2		// restore ar.rnat
+	ld8.nta r19=[r3],16		// b3
+	;;
+	ld8.nta r20=[r2],16		// b4
+	ld8.nta r21=[r3],16		// b5
+	;;
+	ld8.nta r11=[r2],16		// ar.pfs
+	ld8.nta r22=[r3],56		// ar.lc
+	;;
+	ld8.nta r24=[r2],32		// pr
+	mov ar.rsc=in3		// restore ar.rsc
+	mov b0=r16
+	;;
+	ldf.fill.nta f2=[r2],32
+	ldf.fill.nta f3=[r3],32
+	mov b1=r17
+	;;
+	ldf.fill.nta f4=[r2],32
+	ldf.fill.nta f5=[r3],32
+	mov b2=r18
+	;;
+	ldf.fill.nta f16=[r2],32
+	ldf.fill.nta f17=[r3],32
+	mov b3=r19
+	;;
+	ldf.fill.nta f18=[r2],32
+	ldf.fill.nta f19=[r3],32
+	mov b4=r20
+	;;
+	ldf.fill.nta f20=[r2],32
+	ldf.fill.nta f21=[r3],32
+	mov b5=r21
+	;;
+	ldf.fill.nta f22=[r2],32
+	ldf.fill.nta f23=[r3],32
+	mov ar.lc=r22
+	;;
+	ldf.fill.nta f24=[r2],32
+	ldf.fill.nta f25=[r3],32
+	cmp.eq p8,p9=0,in1
+	;;
+	ldf.fill.nta f26=[r2],32
+	ldf.fill.nta f27=[r3],32
+	mov ar.pfs=r11
+	;;
+	ldf.fill.nta f28=[r2],32
+	ldf.fill.nta f29=[r3],32
+(p8)	mov r8=1
+	;;
+	ldf.fill.nta f30=[r2]
+	ldf.fill.nta f31=[r3]
+(p9)	mov r8=in1
+
+	invala			// virt. -> phys. regnum mapping may change
+	mov pr=r24,-1
+	ret
+END(__ia64_longjmp)
Index: sysdeps/unix/sysv/linux/ia64/__sigstack_longjmp.c
--- /dev/null
+++ sysdeps/unix/sysv/linux/ia64/__sigstack_longjmp.c
@@ -0,0 +1,166 @@
+/* Copyright (C) 2004 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+   Contributed by David Mosberger-Tang <davidm@hpl.hp.com>.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+/* The public __longjmp() implementation is limited to jumping within
+   the same stack.  That is, in general it is not possible to use this
+   __longjmp() implementation to cross from one stack to another.
+   In constrast, the __sigstack_longjmp() implemented here allows
+   crossing from the alternate signal stack to the normal stack
+   as a special case.  */
+
+#include <assert.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <stdint.h>
+#include <stdlib.h>
+
+#include <sys/rse.h>
+
+#define JB_SP	0
+#define JB_BSP	17
+
+struct rbs_flush_values
+  {
+    unsigned long bsp;
+    unsigned long rsc;
+    unsigned long rnat;
+  };
+
+extern struct rbs_flush_values __ia64_flush_rbs (void);
+extern void __ia64_longjmp (__jmp_buf buf, int val, long rnat, long rsc)
+     __attribute__ ((__noreturn__));
+
+static void
+copy_rbs (unsigned long *dst, unsigned long *dst_end, unsigned long dst_rnat,
+	  unsigned long *src, unsigned long *src_end,
+	  unsigned long current_rnat)
+{
+  unsigned long dst_slot, src_rnat = 0, src_slot, *src_rnat_addr, nat_bit;
+  int first_time = 1;
+
+  while (dst < dst_end)
+    {
+      dst_slot = ia64_rse_slot_num (dst);
+      if (dst_slot == 63)
+	{
+	  *dst++ = dst_rnat;
+	  dst_rnat = 0;
+	}
+      else
+	{
+	  /* read source value, including NaT bit: */
+	  src_slot = ia64_rse_slot_num (src);
+	  if (src_slot == 63)
+	    {
+	      /* skip src RNaT slot */
+	      ++src;
+	      src_slot = 0;
+	    }
+	  if (first_time || src_slot == 0)
+	    {
+	      first_time = 0;
+	      src_rnat_addr = ia64_rse_rnat_addr (src);
+	      if (src_rnat_addr < src_end)
+		src_rnat = *src_rnat_addr;
+	      else
+		src_rnat = current_rnat;
+	    }
+	  nat_bit = (src_rnat >> src_slot) & 1;
+
+	  assert (src < src_end);
+
+	  *dst++ = *src++;
+	  if (nat_bit)
+	    dst_rnat |=  (1UL << dst_slot);
+	  else
+	    dst_rnat &= ~(1UL << dst_slot);
+	}
+    }
+  dst_slot = ia64_rse_slot_num (dst);
+  if (dst_slot > 0)
+    *ia64_rse_rnat_addr (dst) = dst_rnat;
+}
+
+void
+__sigstack_longjmp (__jmp_buf buf, int val)
+{
+  unsigned long *rbs_base, *bsp, *bspstore, *jb_bsp, jb_sp, ss_sp;
+  unsigned long ndirty, rnat, load_rnat, *jb_rnat_addr;
+  struct sigcontext *sc;
+  stack_t stk;
+  struct rbs_flush_values c;
+
+  /* put RSE into enforced-lazy mode and return current bsp/rsc/rnat: */
+  c = __ia64_flush_rbs ();
+
+  jb_sp  = ((unsigned long *)  buf)[JB_SP];
+  jb_bsp = ((unsigned long **) buf)[JB_BSP];
+
+  __sigaltstack (NULL, &stk);
+
+  ss_sp = (unsigned long) stk.ss_sp;
+  jb_rnat_addr = ia64_rse_rnat_addr (jb_bsp);
+
+  if ((stk.ss_flags & SS_ONSTACK) == 0 || jb_sp - ss_sp < stk.ss_size)
+    /* Normal non-stack-crossing longjmp; if the RNaT slot for the bsp
+       saved in the jump-buffer is the same as the one for the current
+       BSP, use the current AR.RNAT value, otherwise, load it from the
+       jump-buffer's RNaT-slot.  */
+    load_rnat = (ia64_rse_rnat_addr ((unsigned long *) c.bsp) != jb_rnat_addr);
+  else
+    {
+      /* If we are on the alternate signal-stack and the jump-buffer
+	 lies outside the signal-stack, we may need to copy back the
+	 dirty partition which was torn off and saved on the
+	 signal-stack when the signal was delivered.
+
+	 Caveat: we assume that the top of the alternate signal-stack
+		 stores the sigcontext structure of the signal that
+		 caused the switch to the signal-stack.	 This should
+		 be a fairly safe assumption but the kernel _could_
+		 do things differently.. */
+      sc = ((struct sigcontext *) ((ss_sp + stk.ss_size) & -16) - 1);
+
+      /* As a sanity-check, verify that the register-backing-store base
+	 of the alternate signal-stack is where we expect it.  */
+      rbs_base = (unsigned long *)
+	((ss_sp + sizeof (long) - 1) & -sizeof (long));
+
+      assert ((unsigned long) rbs_base == sc->sc_rbs_base);
+
+      ndirty = ia64_rse_num_regs (rbs_base, rbs_base + (sc->sc_loadrs >> 19));
+      bsp = (unsigned long *) sc->sc_ar_bsp;
+      bspstore = ia64_rse_skip_regs (bsp, -ndirty);
+
+      if (bspstore < jb_bsp)
+	/* AR.BSPSTORE at the time of the signal was below the value
+	   of AR.BSP saved in the jump-buffer => copy the missing
+	   portion from the torn off dirty partition which got saved
+	   on the alternate signal-stack.  */
+	copy_rbs (bspstore, jb_bsp, sc->sc_ar_rnat,
+		  rbs_base, (unsigned long *) c.bsp, c.rnat);
+
+      load_rnat = 1;
+    }
+  if (load_rnat)
+    rnat = *jb_rnat_addr;
+  else
+    rnat = c.rnat;
+  __ia64_longjmp (buf, val, rnat, c.rsc);
+}
Index: sysdeps/unix/sysv/linux/ia64/longjmp.c
--- /dev/null
+++ sysdeps/unix/sysv/linux/ia64/longjmp.c
@@ -0,0 +1,46 @@
+/* Copyright (C) 1991,92,94,95,97,98,2000,02,04 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+#include <stddef.h>
+#include <setjmp.h>
+#include <signal.h>
+
+
+/* Set the signal mask to the one specified in ENV, and jump
+   to the position specified in ENV, causing the setjmp
+   call there to return VAL, or 1 if VAL is 0.  */
+void
+__libc_siglongjmp (sigjmp_buf env, int val)
+{
+  /* Perform any cleanups needed by the frames being unwound.  */
+  _longjmp_unwind (env, val);
+
+  if (env[0].__mask_was_saved)
+    /* Restore the saved signal mask.  */
+    (void) __sigprocmask (SIG_SETMASK, &env[0].__saved_mask,
+			  (sigset_t *) NULL);
+
+  /* Call the machine-dependent function to restore machine state.  */
+  __longjmp (env[0].__jmpbuf, val ?: 1);
+}
+
+strong_alias (__libc_siglongjmp, __libc_longjmp)
+libc_hidden_def (__libc_longjmp)
+weak_alias (__libc_siglongjmp, _longjmp)
+weak_alias (__libc_siglongjmp, longjmp)
+weak_alias (__libc_siglongjmp, siglongjmp)
Index: sysdeps/unix/sysv/linux/ia64/sigstack_longjmp.c
--- /dev/null
+++ sysdeps/unix/sysv/linux/ia64/sigstack_longjmp.c
@@ -0,0 +1,41 @@
+/* Copyright (C) 1991,92,94,95,97,98,2000,02,04 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+#include <stddef.h>
+#include <setjmp.h>
+#include <signal.h>
+
+/* Like __libc_siglongjmp(), but safe for crossing from alternate
+   signal stack to normal stack.  Needed by NPTL.  */
+void
+__libc_sigstack_longjmp (sigjmp_buf env, int val)
+{
+  extern void __sigstack_longjmp (__jmp_buf, int);
+
+  /* Perform any cleanups needed by the frames being unwound.  */
+  _longjmp_unwind (env, val);
+
+  if (env[0].__mask_was_saved)
+    /* Restore the saved signal mask.  */
+    (void) __sigprocmask (SIG_SETMASK, &env[0].__saved_mask,
+			  (sigset_t *) NULL);
+
+  /* Call the machine-dependent function to restore machine state.  */
+  __sigstack_longjmp (env[0].__jmpbuf, val ?: 1);
+}
+libc_hidden_def (__libc_sigstack_longjmp)

Re: fix ia64 longjmp() to work from alternate signal-stack

[Ulrich Drepper]

What I don't understand is why you have a separate longjmp
implementation.  It seems identical to the generic version.  And why is
the new setjmp split out in two C files.  They should be merged.
Finally, since the code is only used in nptl there is no need to move
the code to libc.so.

To facilitate using the code I've added some changes to define a symbol
__libc_unwind_longjmp.  For all archs it currently just points to
__libc_longjmp.  For ia64 you should remove the macro definition and
instead add a declaration.

-- 
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖

Re: fix ia64 longjmp() to work from alternate signal-stack

[David Mosberger]

>>>>> On Thu, 02 Sep 2004 15:49:21 -0700, Ulrich Drepper <drepper@redhat.com> said:

  Uli> What I don't understand is why you have a separate longjmp
  Uli> implementation.  It seems identical to the generic version.
  Uli> And why is the new setjmp split out in two C files.  They
  Uli> should be merged.  Finally, since the code is only used in nptl
  Uli> there is no need to move the code to libc.so.

I  thought  you  wanted  to  have  the option  to  (easily)  make  the
stack-crossing longjmp the default.  If so, it would make sense to put
it in libc.

  Uli> To facilitate using the code I've added some changes to define
  Uli> a symbol __libc_unwind_longjmp.  For all archs it currently
  Uli> just points to __libc_longjmp.  For ia64 you should remove the
  Uli> macro definition and instead add a declaration.

Hmmh, I'm not sure I understand what you have in mind.  Is something
along the following lines closer to what you want?  The patch doesn't
actually work (I'm geting an unresolved reference for foo) and there
is also the problem that __sigaltstack() isn't exported, so I had to
use sigstack(), which is almost certainly wrong.  It might be easier
if you just put the stuff in the right place, since you know best what
you want and the code per se is there.

	--david

Index: nptl/sysdeps/unix/sysv/linux/ia64/__ia64_longjmp.S
--- /dev/null
+++ nptl/sysdeps/unix/sysv/linux/ia64/__ia64_longjmp.S
@@ -0,0 +1,156 @@
+/* Copyright (C) 1999, 2000, 2001, 2004 Free Software Foundation, Inc.
+   Contributed by David Mosberger-Tang <davidm@hpl.hp.com>.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+#include <sysdep.h>
+#include <features.h>
+
+LEAF(__ia64_flush_rbs)
+	flushrs
+	mov r9 = ar.rsc		// 12 cyc latency
+	;;
+	mov r8 = ar.bsp		// 12 cyc latency
+	;;
+	and r16 = ~0x3, r9	// clear ar.rsc.mode
+	;;
+	mov ar.rsc = r16	// put RSE into enforced-lazy mode
+	;;
+	mov r10 = ar.rnat	// 5 cyc latency
+	ret
+END(__ia64_flush_rbs)
+
+
+#	define	pPos	p6	/* is rotate count positive? */
+#	define	pNeg	p7	/* is rotate count negative? */
+
+/* __ia64_longjmp(__jmp_buf buf, int val, long rnat, long rsc)  */
+
+
+LEAF(__ia64_longjmp)
+	alloc r8=ar.pfs,4,0,0,0
+	add r2=0x98,in0		// r2 <- &jmpbuf.orig_jmp_buf_addr
+	add r3=0x88,in0		// r3 <- &jmpbuf.ar_bsp
+	;;
+	ld8 r8=[r2]		// r8 <- orig_jmp_buf_addr
+	ld8 r23=[r3],8		// r23 <- jmpbuf.ar_bsp
+	mov r2=in0
+	;;
+	//
+	// Note: we need to redo the "flushrs" here even though it's
+	// already been done by __ia64_flush_rbs.  It is needed to
+	// ensure that ar.bspstore == ar.bsp.
+	//
+	flushrs			// flush dirty regs to backing store
+	ld8 r25=[r3]		// r25 <- jmpbuf.ar_unat
+	sub r8=r8,in0		// r8 <- &orig_jmpbuf - &jmpbuf
+	;;
+	add r3=8,in0		// r3 <- &jmpbuf.r1
+	extr.u r8=r8,3,6	// r8 <- (&orig_jmpbuf - &jmpbuf)/8 & 0x3f
+	;;
+	cmp.lt pNeg,pPos=r8,r0
+	;;
+(pPos)	mov r16=r8
+(pNeg)	add r16=64,r8
+(pPos)	sub r17=64,r8
+(pNeg)	sub r17=r0,r8
+	;;
+	shr.u r8=r25,r16
+	shl r9=r25,r17
+	;;
+	or r25=r8,r9
+	;;
+	mov ar.unat=r25 // setup ar.unat (NaT bits for r1, r4-r7, and r12)
+	;;
+	ld8.fill.nta sp=[r2],16	// r12 (sp)
+	ld8.fill.nta gp=[r3],16 // r1 (gp)
+	dep r11=-1,r23,3,6	// r11 <- ia64_rse_rnat_addr(jmpbuf.ar_bsp)
+	;;
+	ld8.nta r16=[r2],16		// caller's unat
+	ld8.nta r17=[r3],16		// fpsr
+	;;
+	ld8.fill.nta r4=[r2],16		// r4
+	ld8.fill.nta r5=[r3],16		// r5 (gp)
+	;;
+	ld8.fill.nta r6=[r2],16		// r6
+	ld8.fill.nta r7=[r3],16		// r7
+	;;
+	mov ar.unat=r16			// restore caller's unat
+	mov ar.fpsr=r17			// restore fpsr
+	;;
+	ld8.nta r16=[r2],16		// b0
+	ld8.nta r17=[r3],16		// b1
+	;;
+	mov ar.bspstore=r23	// restore ar.bspstore
+	ld8.nta r18=[r2],16		// b2
+	;;
+	mov ar.rnat=in2		// restore ar.rnat
+	ld8.nta r19=[r3],16		// b3
+	;;
+	ld8.nta r20=[r2],16		// b4
+	ld8.nta r21=[r3],16		// b5
+	;;
+	ld8.nta r11=[r2],16		// ar.pfs
+	ld8.nta r22=[r3],56		// ar.lc
+	;;
+	ld8.nta r24=[r2],32		// pr
+	mov ar.rsc=in3		// restore ar.rsc
+	mov b0=r16
+	;;
+	ldf.fill.nta f2=[r2],32
+	ldf.fill.nta f3=[r3],32
+	mov b1=r17
+	;;
+	ldf.fill.nta f4=[r2],32
+	ldf.fill.nta f5=[r3],32
+	mov b2=r18
+	;;
+	ldf.fill.nta f16=[r2],32
+	ldf.fill.nta f17=[r3],32
+	mov b3=r19
+	;;
+	ldf.fill.nta f18=[r2],32
+	ldf.fill.nta f19=[r3],32
+	mov b4=r20
+	;;
+	ldf.fill.nta f20=[r2],32
+	ldf.fill.nta f21=[r3],32
+	mov b5=r21
+	;;
+	ldf.fill.nta f22=[r2],32
+	ldf.fill.nta f23=[r3],32
+	mov ar.lc=r22
+	;;
+	ldf.fill.nta f24=[r2],32
+	ldf.fill.nta f25=[r3],32
+	cmp.eq p8,p9=0,in1
+	;;
+	ldf.fill.nta f26=[r2],32
+	ldf.fill.nta f27=[r3],32
+	mov ar.pfs=r11
+	;;
+	ldf.fill.nta f28=[r2],32
+	ldf.fill.nta f29=[r3],32
+(p8)	mov r8=1
+	;;
+	ldf.fill.nta f30=[r2]
+	ldf.fill.nta f31=[r3]
+(p9)	mov r8=in1
+
+	invala			// virt. -> phys. regnum mapping may change
+	mov pr=r24,-1
+	ret
+END(__ia64_longjmp)
Index: nptl/sysdeps/unix/sysv/linux/ia64/__sigstack_longjmp.c
--- /dev/null
+++ nptl/sysdeps/unix/sysv/linux/ia64/__sigstack_longjmp.c
@@ -0,0 +1,171 @@
+/* Copyright (C) 2004 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+   Contributed by David Mosberger-Tang <davidm@hpl.hp.com>.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+/* The public __longjmp() implementation is limited to jumping within
+   the same stack.  That is, in general it is not possible to use this
+   __longjmp() implementation to cross from one stack to another.
+   In constrast, the __sigstack_longjmp() implemented here allows
+   crossing from the alternate signal stack to the normal stack
+   as a special case.  */
+
+#include <assert.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <stdint.h>
+#include <stdlib.h>
+
+#include <sys/rse.h>
+
+#define JB_SP	0
+#define JB_BSP	17
+
+struct rbs_flush_values
+  {
+    unsigned long bsp;
+    unsigned long rsc;
+    unsigned long rnat;
+  };
+
+extern struct rbs_flush_values __ia64_flush_rbs (void);
+extern void __ia64_longjmp (__jmp_buf buf, int val, long rnat, long rsc)
+     __attribute__ ((__noreturn__));
+
+static void
+copy_rbs (unsigned long *dst, unsigned long *dst_end, unsigned long dst_rnat,
+	  unsigned long *src, unsigned long *src_end,
+	  unsigned long current_rnat)
+{
+  unsigned long dst_slot, src_rnat = 0, src_slot, *src_rnat_addr, nat_bit;
+  int first_time = 1;
+
+  while (dst < dst_end)
+    {
+      dst_slot = ia64_rse_slot_num (dst);
+      if (dst_slot == 63)
+	{
+	  *dst++ = dst_rnat;
+	  dst_rnat = 0;
+	}
+      else
+	{
+	  /* read source value, including NaT bit: */
+	  src_slot = ia64_rse_slot_num (src);
+	  if (src_slot == 63)
+	    {
+	      /* skip src RNaT slot */
+	      ++src;
+	      src_slot = 0;
+	    }
+	  if (first_time || src_slot == 0)
+	    {
+	      first_time = 0;
+	      src_rnat_addr = ia64_rse_rnat_addr (src);
+	      if (src_rnat_addr < src_end)
+		src_rnat = *src_rnat_addr;
+	      else
+		src_rnat = current_rnat;
+	    }
+	  nat_bit = (src_rnat >> src_slot) & 1;
+
+	  assert (src < src_end);
+
+	  *dst++ = *src++;
+	  if (nat_bit)
+	    dst_rnat |=  (1UL << dst_slot);
+	  else
+	    dst_rnat &= ~(1UL << dst_slot);
+	}
+    }
+  dst_slot = ia64_rse_slot_num (dst);
+  if (dst_slot > 0)
+    *ia64_rse_rnat_addr (dst) = dst_rnat;
+}
+
+void
+__sigstack_longjmp (__jmp_buf buf, int val)
+{
+  unsigned long *rbs_base, *bsp, *bspstore, *jb_bsp, jb_sp, ss_sp;
+  unsigned long ndirty, rnat, load_rnat, *jb_rnat_addr;
+  struct sigcontext *sc;
+  stack_t stk;
+  struct rbs_flush_values c;
+
+  /* put RSE into enforced-lazy mode and return current bsp/rsc/rnat: */
+  c = __ia64_flush_rbs ();
+
+  jb_sp  = ((unsigned long *)  buf)[JB_SP];
+  jb_bsp = ((unsigned long **) buf)[JB_BSP];
+
+#if 0
+  /* Urgh, libc doesn't export __sigaltstack... */
+  __sigaltstack (NULL, &stk);
+#else
+  sigaltstack (NULL, &stk);
+#endif
+
+  ss_sp = (unsigned long) stk.ss_sp;
+  jb_rnat_addr = ia64_rse_rnat_addr (jb_bsp);
+
+  if ((stk.ss_flags & SS_ONSTACK) == 0 || jb_sp - ss_sp < stk.ss_size)
+    /* Normal non-stack-crossing longjmp; if the RNaT slot for the bsp
+       saved in the jump-buffer is the same as the one for the current
+       BSP, use the current AR.RNAT value, otherwise, load it from the
+       jump-buffer's RNaT-slot.  */
+    load_rnat = (ia64_rse_rnat_addr ((unsigned long *) c.bsp) != jb_rnat_addr);
+  else
+    {
+      /* If we are on the alternate signal-stack and the jump-buffer
+	 lies outside the signal-stack, we may need to copy back the
+	 dirty partition which was torn off and saved on the
+	 signal-stack when the signal was delivered.
+
+	 Caveat: we assume that the top of the alternate signal-stack
+		 stores the sigcontext structure of the signal that
+		 caused the switch to the signal-stack.	 This should
+		 be a fairly safe assumption but the kernel _could_
+		 do things differently.. */
+      sc = ((struct sigcontext *) ((ss_sp + stk.ss_size) & -16) - 1);
+
+      /* As a sanity-check, verify that the register-backing-store base
+	 of the alternate signal-stack is where we expect it.  */
+      rbs_base = (unsigned long *)
+	((ss_sp + sizeof (long) - 1) & -sizeof (long));
+
+      assert ((unsigned long) rbs_base == sc->sc_rbs_base);
+
+      ndirty = ia64_rse_num_regs (rbs_base, rbs_base + (sc->sc_loadrs >> 19));
+      bsp = (unsigned long *) sc->sc_ar_bsp;
+      bspstore = ia64_rse_skip_regs (bsp, -ndirty);
+
+      if (bspstore < jb_bsp)
+	/* AR.BSPSTORE at the time of the signal was below the value
+	   of AR.BSP saved in the jump-buffer => copy the missing
+	   portion from the torn off dirty partition which got saved
+	   on the alternate signal-stack.  */
+	copy_rbs (bspstore, jb_bsp, sc->sc_ar_rnat,
+		  rbs_base, (unsigned long *) c.bsp, c.rnat);
+
+      load_rnat = 1;
+    }
+  if (load_rnat)
+    rnat = *jb_rnat_addr;
+  else
+    rnat = c.rnat;
+  __ia64_longjmp (buf, val, rnat, c.rsc);
+}
Index: nptl/sysdeps/unix/sysv/linux/ia64/jmpbuf-unwind.h
--- nptl/sysdeps/unix/sysv/linux/ia64/jmpbuf-unwind.h
+++ nptl/sysdeps/unix/sysv/linux/ia64/jmpbuf-unwind.h
@@ -32,5 +32,9 @@
 #define _JMPBUF_UNWINDS_ADJ(_jmpbuf, _address, _adj) \
   ((uintptr_t)(_address) - (_adj) < (uintptr_t)(((long *)_jmpbuf)[0]) - (_adj))
 
-/* We use the normal lobngjmp for unwinding.  */
-#define __libc_unwind_longjmp(buf, val) __libc_longjmp (buf, val)
+/* We use a longjmp() which can cross from the alternate signal-stack
+   to the normal stack.  */
+#define __libc_unwind_longjmp(buf, val) __libc_sigstack_longjmp (buf, val)
+extern void __libc_sigstack_longjmp (sigjmp_buf env, int val)
+          __attribute__ ((noreturn));
+hidden_proto (__libc_sigstack_longjmp)
Index: nptl/sysdeps/unix/sysv/linux/ia64/sigstack_longjmp.c
--- /dev/null
+++ nptl/sysdeps/unix/sysv/linux/ia64/sigstack_longjmp.c
@@ -0,0 +1,44 @@
+/* Copyright (C) 1991,92,94,95,97,98,2000,02,04 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+#include <stddef.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <pthreadP.h>
+#include <jmpbuf-unwind.h>
+
+extern void __sigstack_longjmp (__jmp_buf, int)
+     __attribute__ ((noreturn));
+
+/* Like __libc_siglongjmp(), but safe for crossing from alternate
+   signal stack to normal stack.  Needed by NPTL.  */
+void
+__libc_sigstack_longjmp (sigjmp_buf env, int val)
+{
+  /* Perform any cleanups needed by the frames being unwound.  */
+  __pthread_cleanup_upto (env->__jmpbuf, CURRENT_STACK_FRAME);
+
+  if (env[0].__mask_was_saved)
+    /* Restore the saved signal mask.  */
+    (void) __sigprocmask (SIG_SETMASK, &env[0].__saved_mask,
+			  (sigset_t *) NULL);
+
+  /* Call the machine-dependent function to restore machine state.  */
+  __sigstack_longjmp (env[0].__jmpbuf, val ?: 1);
+}
+hidden_def (__libc_sigstack_longjmp)

Re: fix ia64 longjmp() to work from alternate signal-stack

[David Mosberger]

Here is an updated (and working) patch.  If it looks OK, please apply.

	--david

----
./ChangeLog

2004-09-13  David Mosberger  <davidm@hpl.hp.com>

	* signal/Versions: Export __sigaltstack with GLIBC_PRIVATE.

./nptl/ChangeLog

2004-09-01  David Mosberger  <davidm@hpl.hp.com>

	* sysdeps/unix/sysv/linux/ia64/jmpbuf-unwind.h
	(__libc_unwind_longjmp): Delete macro and declare as function.
	* sysdeps/unix/sysv/linux/ia64/Makefile (sysdep_routines): Mention
	__ia64_longjmp, sigstack_longjmp, and __sigstack_longjmp for
	nptl directory.
	* sysdeps/unix/sysv/linux/ia64/__ia64_longjmp.S: New file.
	* sysdeps/unix/sysv/linux/ia64/__sigstack_longjmp.c: Likewise.
	* sysdeps/unix/sysv/linux/ia64/unwind_longjmp.c: Likewise.

Index: nptl/sysdeps/unix/sysv/linux/ia64/Makefile
--- /dev/null
+++ nptl/sysdeps/unix/sysv/linux/ia64/Makefile
@@ -0,0 +1,3 @@
+ifeq ($(subdir),nptl)
+libpthread-sysdep_routines += __ia64_longjmp unwind_longjmp __sigstack_longjmp
+endif
Index: nptl/sysdeps/unix/sysv/linux/ia64/__ia64_longjmp.S
--- /dev/null
+++ nptl/sysdeps/unix/sysv/linux/ia64/__ia64_longjmp.S
@@ -0,0 +1,156 @@
+/* Copyright (C) 1999, 2000, 2001, 2004 Free Software Foundation, Inc.
+   Contributed by David Mosberger-Tang <davidm@hpl.hp.com>.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+#include <sysdep.h>
+#include <features.h>
+
+LEAF(__ia64_flush_rbs)
+	flushrs
+	mov r9 = ar.rsc		// 12 cyc latency
+	;;
+	mov r8 = ar.bsp		// 12 cyc latency
+	;;
+	and r16 = ~0x3, r9	// clear ar.rsc.mode
+	;;
+	mov ar.rsc = r16	// put RSE into enforced-lazy mode
+	;;
+	mov r10 = ar.rnat	// 5 cyc latency
+	ret
+END(__ia64_flush_rbs)
+
+
+#	define	pPos	p6	/* is rotate count positive? */
+#	define	pNeg	p7	/* is rotate count negative? */
+
+/* __ia64_longjmp(__jmp_buf buf, int val, long rnat, long rsc)  */
+
+
+LEAF(__ia64_longjmp)
+	alloc r8=ar.pfs,4,0,0,0
+	add r2=0x98,in0		// r2 <- &jmpbuf.orig_jmp_buf_addr
+	add r3=0x88,in0		// r3 <- &jmpbuf.ar_bsp
+	;;
+	ld8 r8=[r2]		// r8 <- orig_jmp_buf_addr
+	ld8 r23=[r3],8		// r23 <- jmpbuf.ar_bsp
+	mov r2=in0
+	;;
+	//
+	// Note: we need to redo the "flushrs" here even though it's
+	// already been done by __ia64_flush_rbs.  It is needed to
+	// ensure that ar.bspstore == ar.bsp.
+	//
+	flushrs			// flush dirty regs to backing store
+	ld8 r25=[r3]		// r25 <- jmpbuf.ar_unat
+	sub r8=r8,in0		// r8 <- &orig_jmpbuf - &jmpbuf
+	;;
+	add r3=8,in0		// r3 <- &jmpbuf.r1
+	extr.u r8=r8,3,6	// r8 <- (&orig_jmpbuf - &jmpbuf)/8 & 0x3f
+	;;
+	cmp.lt pNeg,pPos=r8,r0
+	;;
+(pPos)	mov r16=r8
+(pNeg)	add r16=64,r8
+(pPos)	sub r17=64,r8
+(pNeg)	sub r17=r0,r8
+	;;
+	shr.u r8=r25,r16
+	shl r9=r25,r17
+	;;
+	or r25=r8,r9
+	;;
+	mov ar.unat=r25 // setup ar.unat (NaT bits for r1, r4-r7, and r12)
+	;;
+	ld8.fill.nta sp=[r2],16	// r12 (sp)
+	ld8.fill.nta gp=[r3],16 // r1 (gp)
+	dep r11=-1,r23,3,6	// r11 <- ia64_rse_rnat_addr(jmpbuf.ar_bsp)
+	;;
+	ld8.nta r16=[r2],16		// caller's unat
+	ld8.nta r17=[r3],16		// fpsr
+	;;
+	ld8.fill.nta r4=[r2],16		// r4
+	ld8.fill.nta r5=[r3],16		// r5 (gp)
+	;;
+	ld8.fill.nta r6=[r2],16		// r6
+	ld8.fill.nta r7=[r3],16		// r7
+	;;
+	mov ar.unat=r16			// restore caller's unat
+	mov ar.fpsr=r17			// restore fpsr
+	;;
+	ld8.nta r16=[r2],16		// b0
+	ld8.nta r17=[r3],16		// b1
+	;;
+	mov ar.bspstore=r23	// restore ar.bspstore
+	ld8.nta r18=[r2],16		// b2
+	;;
+	mov ar.rnat=in2		// restore ar.rnat
+	ld8.nta r19=[r3],16		// b3
+	;;
+	ld8.nta r20=[r2],16		// b4
+	ld8.nta r21=[r3],16		// b5
+	;;
+	ld8.nta r11=[r2],16		// ar.pfs
+	ld8.nta r22=[r3],56		// ar.lc
+	;;
+	ld8.nta r24=[r2],32		// pr
+	mov ar.rsc=in3		// restore ar.rsc
+	mov b0=r16
+	;;
+	ldf.fill.nta f2=[r2],32
+	ldf.fill.nta f3=[r3],32
+	mov b1=r17
+	;;
+	ldf.fill.nta f4=[r2],32
+	ldf.fill.nta f5=[r3],32
+	mov b2=r18
+	;;
+	ldf.fill.nta f16=[r2],32
+	ldf.fill.nta f17=[r3],32
+	mov b3=r19
+	;;
+	ldf.fill.nta f18=[r2],32
+	ldf.fill.nta f19=[r3],32
+	mov b4=r20
+	;;
+	ldf.fill.nta f20=[r2],32
+	ldf.fill.nta f21=[r3],32
+	mov b5=r21
+	;;
+	ldf.fill.nta f22=[r2],32
+	ldf.fill.nta f23=[r3],32
+	mov ar.lc=r22
+	;;
+	ldf.fill.nta f24=[r2],32
+	ldf.fill.nta f25=[r3],32
+	cmp.eq p8,p9=0,in1
+	;;
+	ldf.fill.nta f26=[r2],32
+	ldf.fill.nta f27=[r3],32
+	mov ar.pfs=r11
+	;;
+	ldf.fill.nta f28=[r2],32
+	ldf.fill.nta f29=[r3],32
+(p8)	mov r8=1
+	;;
+	ldf.fill.nta f30=[r2]
+	ldf.fill.nta f31=[r3]
+(p9)	mov r8=in1
+
+	invala			// virt. -> phys. regnum mapping may change
+	mov pr=r24,-1
+	ret
+END(__ia64_longjmp)
Index: nptl/sysdeps/unix/sysv/linux/ia64/__sigstack_longjmp.c
--- /dev/null
+++ nptl/sysdeps/unix/sysv/linux/ia64/__sigstack_longjmp.c
@@ -0,0 +1,166 @@
+/* Copyright (C) 2004 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+   Contributed by David Mosberger-Tang <davidm@hpl.hp.com>.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+/* The public __longjmp() implementation is limited to jumping within
+   the same stack.  That is, in general it is not possible to use this
+   __longjmp() implementation to cross from one stack to another.
+   In constrast, the __sigstack_longjmp() implemented here allows
+   crossing from the alternate signal stack to the normal stack
+   as a special case.  */
+
+#include <assert.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <stdint.h>
+#include <stdlib.h>
+
+#include <sys/rse.h>
+
+#define JB_SP	0
+#define JB_BSP	17
+
+struct rbs_flush_values
+  {
+    unsigned long bsp;
+    unsigned long rsc;
+    unsigned long rnat;
+  };
+
+extern struct rbs_flush_values __ia64_flush_rbs (void);
+extern void __ia64_longjmp (__jmp_buf buf, int val, long rnat, long rsc)
+     __attribute__ ((__noreturn__));
+
+static void
+copy_rbs (unsigned long *dst, unsigned long *dst_end, unsigned long dst_rnat,
+	  unsigned long *src, unsigned long *src_end,
+	  unsigned long current_rnat)
+{
+  unsigned long dst_slot, src_rnat = 0, src_slot, *src_rnat_addr, nat_bit;
+  int first_time = 1;
+
+  while (dst < dst_end)
+    {
+      dst_slot = ia64_rse_slot_num (dst);
+      if (dst_slot == 63)
+	{
+	  *dst++ = dst_rnat;
+	  dst_rnat = 0;
+	}
+      else
+	{
+	  /* read source value, including NaT bit: */
+	  src_slot = ia64_rse_slot_num (src);
+	  if (src_slot == 63)
+	    {
+	      /* skip src RNaT slot */
+	      ++src;
+	      src_slot = 0;
+	    }
+	  if (first_time || src_slot == 0)
+	    {
+	      first_time = 0;
+	      src_rnat_addr = ia64_rse_rnat_addr (src);
+	      if (src_rnat_addr < src_end)
+		src_rnat = *src_rnat_addr;
+	      else
+		src_rnat = current_rnat;
+	    }
+	  nat_bit = (src_rnat >> src_slot) & 1;
+
+	  assert (src < src_end);
+
+	  *dst++ = *src++;
+	  if (nat_bit)
+	    dst_rnat |=  (1UL << dst_slot);
+	  else
+	    dst_rnat &= ~(1UL << dst_slot);
+	}
+    }
+  dst_slot = ia64_rse_slot_num (dst);
+  if (dst_slot > 0)
+    *ia64_rse_rnat_addr (dst) = dst_rnat;
+}
+
+void
+__sigstack_longjmp (__jmp_buf buf, int val)
+{
+  unsigned long *rbs_base, *bsp, *bspstore, *jb_bsp, jb_sp, ss_sp;
+  unsigned long ndirty, rnat, load_rnat, *jb_rnat_addr;
+  struct sigcontext *sc;
+  stack_t stk;
+  struct rbs_flush_values c;
+
+  /* put RSE into enforced-lazy mode and return current bsp/rsc/rnat: */
+  c = __ia64_flush_rbs ();
+
+  jb_sp  = ((unsigned long *)  buf)[JB_SP];
+  jb_bsp = ((unsigned long **) buf)[JB_BSP];
+
+  __sigaltstack (NULL, &stk);
+
+  ss_sp = (unsigned long) stk.ss_sp;
+  jb_rnat_addr = ia64_rse_rnat_addr (jb_bsp);
+
+  if ((stk.ss_flags & SS_ONSTACK) == 0 || jb_sp - ss_sp < stk.ss_size)
+    /* Normal non-stack-crossing longjmp; if the RNaT slot for the bsp
+       saved in the jump-buffer is the same as the one for the current
+       BSP, use the current AR.RNAT value, otherwise, load it from the
+       jump-buffer's RNaT-slot.  */
+    load_rnat = (ia64_rse_rnat_addr ((unsigned long *) c.bsp) != jb_rnat_addr);
+  else
+    {
+      /* If we are on the alternate signal-stack and the jump-buffer
+	 lies outside the signal-stack, we may need to copy back the
+	 dirty partition which was torn off and saved on the
+	 signal-stack when the signal was delivered.
+
+	 Caveat: we assume that the top of the alternate signal-stack
+		 stores the sigcontext structure of the signal that
+		 caused the switch to the signal-stack.	 This should
+		 be a fairly safe assumption but the kernel _could_
+		 do things differently.. */
+      sc = ((struct sigcontext *) ((ss_sp + stk.ss_size) & -16) - 1);
+
+      /* As a sanity-check, verify that the register-backing-store base
+	 of the alternate signal-stack is where we expect it.  */
+      rbs_base = (unsigned long *)
+	((ss_sp + sizeof (long) - 1) & -sizeof (long));
+
+      assert ((unsigned long) rbs_base == sc->sc_rbs_base);
+
+      ndirty = ia64_rse_num_regs (rbs_base, rbs_base + (sc->sc_loadrs >> 19));
+      bsp = (unsigned long *) sc->sc_ar_bsp;
+      bspstore = ia64_rse_skip_regs (bsp, -ndirty);
+
+      if (bspstore < jb_bsp)
+	/* AR.BSPSTORE at the time of the signal was below the value
+	   of AR.BSP saved in the jump-buffer => copy the missing
+	   portion from the torn off dirty partition which got saved
+	   on the alternate signal-stack.  */
+	copy_rbs (bspstore, jb_bsp, sc->sc_ar_rnat,
+		  rbs_base, (unsigned long *) c.bsp, c.rnat);
+
+      load_rnat = 1;
+    }
+  if (load_rnat)
+    rnat = *jb_rnat_addr;
+  else
+    rnat = c.rnat;
+  __ia64_longjmp (buf, val, rnat, c.rsc);
+}
Index: nptl/sysdeps/unix/sysv/linux/ia64/jmpbuf-unwind.h
--- nptl/sysdeps/unix/sysv/linux/ia64/jmpbuf-unwind.h
+++ nptl/sysdeps/unix/sysv/linux/ia64/jmpbuf-unwind.h
@@ -32,5 +32,8 @@
 #define _JMPBUF_UNWINDS_ADJ(_jmpbuf, _address, _adj) \
   ((uintptr_t)(_address) - (_adj) < (uintptr_t)(((long *)_jmpbuf)[0]) - (_adj))
 
-/* We use the normal lobngjmp for unwinding.  */
-#define __libc_unwind_longjmp(buf, val) __libc_longjmp (buf, val)
+/* We use a longjmp() which can cross from the alternate signal-stack
+   to the normal stack.  */
+extern void __libc_unwind_longjmp (sigjmp_buf env, int val)
+          __attribute__ ((noreturn));
+hidden_proto (__libc_unwind_longjmp)
Index: nptl/sysdeps/unix/sysv/linux/ia64/unwind_longjmp.c
--- /dev/null
+++ nptl/sysdeps/unix/sysv/linux/ia64/unwind_longjmp.c
@@ -0,0 +1,44 @@
+/* Copyright (C) 1991,92,94,95,97,98,2000,02,04 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, write to the Free
+   Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+   02111-1307 USA.  */
+
+#include <stddef.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <pthreadP.h>
+#include <jmpbuf-unwind.h>
+
+extern void __sigstack_longjmp (__jmp_buf, int)
+     __attribute__ ((noreturn));
+
+/* Like __libc_siglongjmp(), but safe for crossing from alternate
+   signal stack to normal stack.  Needed by NPTL.  */
+void
+__libc_unwind_longjmp (sigjmp_buf env, int val)
+{
+  /* Perform any cleanups needed by the frames being unwound.  */
+  __pthread_cleanup_upto (env->__jmpbuf, CURRENT_STACK_FRAME);
+
+  if (env[0].__mask_was_saved)
+    /* Restore the saved signal mask.  */
+    (void) __sigprocmask (SIG_SETMASK, &env[0].__saved_mask,
+			  (sigset_t *) NULL);
+
+  /* Call the machine-dependent function to restore machine state.  */
+  __sigstack_longjmp (env[0].__jmpbuf, val ?: 1);
+}
+hidden_def (__libc_unwind_longjmp)
Index: signal/Versions
--- signal/Versions
+++ signal/Versions
@@ -49,4 +49,7 @@
     # Needed to provide a pointer to the XPG sigpause function.
     __xpg_sigpause;
   }
+  GLIBC_PRIVATE {
+    __sigaltstack;
+  }
 }

Re: fix ia64 longjmp() to work from alternate signal-stack

[Ulrich Drepper]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I've applied the patch after minor changes.  There is no need to require
the sigaltstack function being exported from libc.so.  It's a simple
syscall, just inline it.  Plus, even if the function would have needed
to be exported this must have happened only for ia64 and no other arch.

The result seems to work for me but then, I never saw the problem this
is supposed to fix in the first place.

- --
➧ Ulrich Drepper ➧ Red Hat, Inc. ➧ 444 Castro St ➧ Mountain View, CA ❖
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFBRell2ijCOnn/RHQRAvAfAKC+gd+9aAaQJj6lPNSHGXUnvo7eDwCffxEV
JM0EVyUYUDBX235Ru3eLP4E=
=eb5k
-----END PGP SIGNATURE-----

Re: fix ia64 longjmp() to work from alternate signal-stack

[David Mosberger]

>>>>> On Mon, 13 Sep 2004 11:39:34 -0700, Ulrich Drepper <drepper@redhat.com> said:

  Uli> I've applied the patch after minor changes.  There is no need
  Uli> to require the sigaltstack function being exported from
  Uli> libc.so.  It's a simple syscall, just inline it.

OK, that's certainly fine by me.

  Uli> The result seems to work for me but then, I never saw the
  Uli> problem this is supposed to fix in the first place.

I re-checked and the test-suite (in particular tst-cancel20) still
passes, so everything seems fine.  (As a reminder, you don't see the
problem with a GCC that's using the built-in unwinder since the
built-in unwinder maskes the problem due to some excessive copying;
the problem only shows when using a GCC that has libunwind enabled.)

Thanks,

	--david