2 * Emulation of Linux signals
4 * Copyright (c) 2003 Fabrice Bellard
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
19 #include "qemu/osdep.h"
20 #include "qemu/bitops.h"
21 #include "exec/gdbstub.h"
22 #include "hw/core/tcg-cpu-ops.h"
24 #include <sys/ucontext.h>
25 #include <sys/resource.h>
28 #include "user-internals.h"
32 #include "signal-common.h"
33 #include "host-signal.h"
34 #include "user/safe-syscall.h"
36 static struct target_sigaction sigact_table[TARGET_NSIG];
38 static void host_signal_handler(int host_signum, siginfo_t *info,
41 /* Fallback addresses into sigtramp page. */
42 abi_ulong default_sigreturn;
43 abi_ulong default_rt_sigreturn;
46 * System includes define _NSIG as SIGRTMAX + 1,
47 * but qemu (like the kernel) defines TARGET_NSIG as TARGET_SIGRTMAX
48 * and the first signal is SIGHUP defined as 1
49 * Signal number 0 is reserved for use as kill(pid, 0), to test whether
50 * a process exists without sending it a signal.
53 QEMU_BUILD_BUG_ON(__SIGRTMAX + 1 != _NSIG);
55 static uint8_t host_to_target_signal_table[_NSIG] = {
56 [SIGHUP] = TARGET_SIGHUP,
57 [SIGINT] = TARGET_SIGINT,
58 [SIGQUIT] = TARGET_SIGQUIT,
59 [SIGILL] = TARGET_SIGILL,
60 [SIGTRAP] = TARGET_SIGTRAP,
61 [SIGABRT] = TARGET_SIGABRT,
62 /* [SIGIOT] = TARGET_SIGIOT,*/
63 [SIGBUS] = TARGET_SIGBUS,
64 [SIGFPE] = TARGET_SIGFPE,
65 [SIGKILL] = TARGET_SIGKILL,
66 [SIGUSR1] = TARGET_SIGUSR1,
67 [SIGSEGV] = TARGET_SIGSEGV,
68 [SIGUSR2] = TARGET_SIGUSR2,
69 [SIGPIPE] = TARGET_SIGPIPE,
70 [SIGALRM] = TARGET_SIGALRM,
71 [SIGTERM] = TARGET_SIGTERM,
73 [SIGSTKFLT] = TARGET_SIGSTKFLT,
75 [SIGCHLD] = TARGET_SIGCHLD,
76 [SIGCONT] = TARGET_SIGCONT,
77 [SIGSTOP] = TARGET_SIGSTOP,
78 [SIGTSTP] = TARGET_SIGTSTP,
79 [SIGTTIN] = TARGET_SIGTTIN,
80 [SIGTTOU] = TARGET_SIGTTOU,
81 [SIGURG] = TARGET_SIGURG,
82 [SIGXCPU] = TARGET_SIGXCPU,
83 [SIGXFSZ] = TARGET_SIGXFSZ,
84 [SIGVTALRM] = TARGET_SIGVTALRM,
85 [SIGPROF] = TARGET_SIGPROF,
86 [SIGWINCH] = TARGET_SIGWINCH,
87 [SIGIO] = TARGET_SIGIO,
88 [SIGPWR] = TARGET_SIGPWR,
89 [SIGSYS] = TARGET_SIGSYS,
90 /* next signals stay the same */
93 static uint8_t target_to_host_signal_table[TARGET_NSIG + 1];
95 /* valid sig is between 1 and _NSIG - 1 */
96 int host_to_target_signal(int sig)
98 if (sig < 1 || sig >= _NSIG) {
101 return host_to_target_signal_table[sig];
104 /* valid sig is between 1 and TARGET_NSIG */
105 int target_to_host_signal(int sig)
107 if (sig < 1 || sig > TARGET_NSIG) {
110 return target_to_host_signal_table[sig];
113 static inline void target_sigaddset(target_sigset_t *set, int signum)
116 abi_ulong mask = (abi_ulong)1 << (signum % TARGET_NSIG_BPW);
117 set->sig[signum / TARGET_NSIG_BPW] |= mask;
120 static inline int target_sigismember(const target_sigset_t *set, int signum)
123 abi_ulong mask = (abi_ulong)1 << (signum % TARGET_NSIG_BPW);
124 return ((set->sig[signum / TARGET_NSIG_BPW] & mask) != 0);
127 void host_to_target_sigset_internal(target_sigset_t *d,
130 int host_sig, target_sig;
131 target_sigemptyset(d);
132 for (host_sig = 1; host_sig < _NSIG; host_sig++) {
133 target_sig = host_to_target_signal(host_sig);
134 if (target_sig < 1 || target_sig > TARGET_NSIG) {
137 if (sigismember(s, host_sig)) {
138 target_sigaddset(d, target_sig);
143 void host_to_target_sigset(target_sigset_t *d, const sigset_t *s)
148 host_to_target_sigset_internal(&d1, s);
149 for(i = 0;i < TARGET_NSIG_WORDS; i++)
150 d->sig[i] = tswapal(d1.sig[i]);
153 void target_to_host_sigset_internal(sigset_t *d,
154 const target_sigset_t *s)
156 int host_sig, target_sig;
158 for (target_sig = 1; target_sig <= TARGET_NSIG; target_sig++) {
159 host_sig = target_to_host_signal(target_sig);
160 if (host_sig < 1 || host_sig >= _NSIG) {
163 if (target_sigismember(s, target_sig)) {
164 sigaddset(d, host_sig);
169 void target_to_host_sigset(sigset_t *d, const target_sigset_t *s)
174 for(i = 0;i < TARGET_NSIG_WORDS; i++)
175 s1.sig[i] = tswapal(s->sig[i]);
176 target_to_host_sigset_internal(d, &s1);
179 void host_to_target_old_sigset(abi_ulong *old_sigset,
180 const sigset_t *sigset)
183 host_to_target_sigset(&d, sigset);
184 *old_sigset = d.sig[0];
187 void target_to_host_old_sigset(sigset_t *sigset,
188 const abi_ulong *old_sigset)
193 d.sig[0] = *old_sigset;
194 for(i = 1;i < TARGET_NSIG_WORDS; i++)
196 target_to_host_sigset(sigset, &d);
199 int block_signals(void)
201 TaskState *ts = (TaskState *)thread_cpu->opaque;
204 /* It's OK to block everything including SIGSEGV, because we won't
205 * run any further guest code before unblocking signals in
206 * process_pending_signals().
209 sigprocmask(SIG_SETMASK, &set, 0);
211 return qatomic_xchg(&ts->signal_pending, 1);
214 /* Wrapper for sigprocmask function
215 * Emulates a sigprocmask in a safe way for the guest. Note that set and oldset
216 * are host signal set, not guest ones. Returns -QEMU_ERESTARTSYS if
217 * a signal was already pending and the syscall must be restarted, or
219 * If set is NULL, this is guaranteed not to fail.
221 int do_sigprocmask(int how, const sigset_t *set, sigset_t *oldset)
223 TaskState *ts = (TaskState *)thread_cpu->opaque;
226 *oldset = ts->signal_mask;
232 if (block_signals()) {
233 return -QEMU_ERESTARTSYS;
238 sigorset(&ts->signal_mask, &ts->signal_mask, set);
241 for (i = 1; i <= NSIG; ++i) {
242 if (sigismember(set, i)) {
243 sigdelset(&ts->signal_mask, i);
248 ts->signal_mask = *set;
251 g_assert_not_reached();
254 /* Silently ignore attempts to change blocking status of KILL or STOP */
255 sigdelset(&ts->signal_mask, SIGKILL);
256 sigdelset(&ts->signal_mask, SIGSTOP);
261 #if !defined(TARGET_NIOS2)
262 /* Just set the guest's signal mask to the specified value; the
263 * caller is assumed to have called block_signals() already.
265 void set_sigmask(const sigset_t *set)
267 TaskState *ts = (TaskState *)thread_cpu->opaque;
269 ts->signal_mask = *set;
273 /* sigaltstack management */
275 int on_sig_stack(unsigned long sp)
277 TaskState *ts = (TaskState *)thread_cpu->opaque;
279 return (sp - ts->sigaltstack_used.ss_sp
280 < ts->sigaltstack_used.ss_size);
283 int sas_ss_flags(unsigned long sp)
285 TaskState *ts = (TaskState *)thread_cpu->opaque;
287 return (ts->sigaltstack_used.ss_size == 0 ? SS_DISABLE
288 : on_sig_stack(sp) ? SS_ONSTACK : 0);
291 abi_ulong target_sigsp(abi_ulong sp, struct target_sigaction *ka)
294 * This is the X/Open sanctioned signal stack switching.
296 TaskState *ts = (TaskState *)thread_cpu->opaque;
298 if ((ka->sa_flags & TARGET_SA_ONSTACK) && !sas_ss_flags(sp)) {
299 return ts->sigaltstack_used.ss_sp + ts->sigaltstack_used.ss_size;
304 void target_save_altstack(target_stack_t *uss, CPUArchState *env)
306 TaskState *ts = (TaskState *)thread_cpu->opaque;
308 __put_user(ts->sigaltstack_used.ss_sp, &uss->ss_sp);
309 __put_user(sas_ss_flags(get_sp_from_cpustate(env)), &uss->ss_flags);
310 __put_user(ts->sigaltstack_used.ss_size, &uss->ss_size);
313 abi_long target_restore_altstack(target_stack_t *uss, CPUArchState *env)
315 TaskState *ts = (TaskState *)thread_cpu->opaque;
316 size_t minstacksize = TARGET_MINSIGSTKSZ;
319 #if defined(TARGET_PPC64)
320 /* ELF V2 for PPC64 has a 4K minimum stack size for signal handlers */
321 struct image_info *image = ts->info;
322 if (get_ppc64_abi(image) > 1) {
327 __get_user(ss.ss_sp, &uss->ss_sp);
328 __get_user(ss.ss_size, &uss->ss_size);
329 __get_user(ss.ss_flags, &uss->ss_flags);
331 if (on_sig_stack(get_sp_from_cpustate(env))) {
332 return -TARGET_EPERM;
335 switch (ss.ss_flags) {
337 return -TARGET_EINVAL;
339 case TARGET_SS_DISABLE:
344 case TARGET_SS_ONSTACK:
346 if (ss.ss_size < minstacksize) {
347 return -TARGET_ENOMEM;
352 ts->sigaltstack_used.ss_sp = ss.ss_sp;
353 ts->sigaltstack_used.ss_size = ss.ss_size;
357 /* siginfo conversion */
359 static inline void host_to_target_siginfo_noswap(target_siginfo_t *tinfo,
360 const siginfo_t *info)
362 int sig = host_to_target_signal(info->si_signo);
363 int si_code = info->si_code;
365 tinfo->si_signo = sig;
367 tinfo->si_code = info->si_code;
369 /* This memset serves two purposes:
370 * (1) ensure we don't leak random junk to the guest later
371 * (2) placate false positives from gcc about fields
372 * being used uninitialized if it chooses to inline both this
373 * function and tswap_siginfo() into host_to_target_siginfo().
375 memset(tinfo->_sifields._pad, 0, sizeof(tinfo->_sifields._pad));
377 /* This is awkward, because we have to use a combination of
378 * the si_code and si_signo to figure out which of the union's
379 * members are valid. (Within the host kernel it is always possible
380 * to tell, but the kernel carefully avoids giving userspace the
381 * high 16 bits of si_code, so we don't have the information to
382 * do this the easy way...) We therefore make our best guess,
383 * bearing in mind that a guest can spoof most of the si_codes
384 * via rt_sigqueueinfo() if it likes.
386 * Once we have made our guess, we record it in the top 16 bits of
387 * the si_code, so that tswap_siginfo() later can use it.
388 * tswap_siginfo() will strip these top bits out before writing
389 * si_code to the guest (sign-extending the lower bits).
396 /* Sent via kill(), tkill() or tgkill(), or direct from the kernel.
397 * These are the only unspoofable si_code values.
399 tinfo->_sifields._kill._pid = info->si_pid;
400 tinfo->_sifields._kill._uid = info->si_uid;
401 si_type = QEMU_SI_KILL;
404 /* Everything else is spoofable. Make best guess based on signal */
407 tinfo->_sifields._sigchld._pid = info->si_pid;
408 tinfo->_sifields._sigchld._uid = info->si_uid;
409 if (si_code == CLD_EXITED)
410 tinfo->_sifields._sigchld._status = info->si_status;
412 tinfo->_sifields._sigchld._status
413 = host_to_target_signal(info->si_status & 0x7f)
414 | (info->si_status & ~0x7f);
415 tinfo->_sifields._sigchld._utime = info->si_utime;
416 tinfo->_sifields._sigchld._stime = info->si_stime;
417 si_type = QEMU_SI_CHLD;
420 tinfo->_sifields._sigpoll._band = info->si_band;
421 tinfo->_sifields._sigpoll._fd = info->si_fd;
422 si_type = QEMU_SI_POLL;
425 /* Assume a sigqueue()/mq_notify()/rt_sigqueueinfo() source. */
426 tinfo->_sifields._rt._pid = info->si_pid;
427 tinfo->_sifields._rt._uid = info->si_uid;
428 /* XXX: potential problem if 64 bit */
429 tinfo->_sifields._rt._sigval.sival_ptr
430 = (abi_ulong)(unsigned long)info->si_value.sival_ptr;
431 si_type = QEMU_SI_RT;
437 tinfo->si_code = deposit32(si_code, 16, 16, si_type);
440 void tswap_siginfo(target_siginfo_t *tinfo,
441 const target_siginfo_t *info)
443 int si_type = extract32(info->si_code, 16, 16);
444 int si_code = sextract32(info->si_code, 0, 16);
446 __put_user(info->si_signo, &tinfo->si_signo);
447 __put_user(info->si_errno, &tinfo->si_errno);
448 __put_user(si_code, &tinfo->si_code);
450 /* We can use our internal marker of which fields in the structure
451 * are valid, rather than duplicating the guesswork of
452 * host_to_target_siginfo_noswap() here.
456 __put_user(info->_sifields._kill._pid, &tinfo->_sifields._kill._pid);
457 __put_user(info->_sifields._kill._uid, &tinfo->_sifields._kill._uid);
460 __put_user(info->_sifields._timer._timer1,
461 &tinfo->_sifields._timer._timer1);
462 __put_user(info->_sifields._timer._timer2,
463 &tinfo->_sifields._timer._timer2);
466 __put_user(info->_sifields._sigpoll._band,
467 &tinfo->_sifields._sigpoll._band);
468 __put_user(info->_sifields._sigpoll._fd,
469 &tinfo->_sifields._sigpoll._fd);
472 __put_user(info->_sifields._sigfault._addr,
473 &tinfo->_sifields._sigfault._addr);
476 __put_user(info->_sifields._sigchld._pid,
477 &tinfo->_sifields._sigchld._pid);
478 __put_user(info->_sifields._sigchld._uid,
479 &tinfo->_sifields._sigchld._uid);
480 __put_user(info->_sifields._sigchld._status,
481 &tinfo->_sifields._sigchld._status);
482 __put_user(info->_sifields._sigchld._utime,
483 &tinfo->_sifields._sigchld._utime);
484 __put_user(info->_sifields._sigchld._stime,
485 &tinfo->_sifields._sigchld._stime);
488 __put_user(info->_sifields._rt._pid, &tinfo->_sifields._rt._pid);
489 __put_user(info->_sifields._rt._uid, &tinfo->_sifields._rt._uid);
490 __put_user(info->_sifields._rt._sigval.sival_ptr,
491 &tinfo->_sifields._rt._sigval.sival_ptr);
494 g_assert_not_reached();
498 void host_to_target_siginfo(target_siginfo_t *tinfo, const siginfo_t *info)
500 target_siginfo_t tgt_tmp;
501 host_to_target_siginfo_noswap(&tgt_tmp, info);
502 tswap_siginfo(tinfo, &tgt_tmp);
505 /* XXX: we support only POSIX RT signals are used. */
506 /* XXX: find a solution for 64 bit (additional malloced data is needed) */
507 void target_to_host_siginfo(siginfo_t *info, const target_siginfo_t *tinfo)
509 /* This conversion is used only for the rt_sigqueueinfo syscall,
510 * and so we know that the _rt fields are the valid ones.
514 __get_user(info->si_signo, &tinfo->si_signo);
515 __get_user(info->si_errno, &tinfo->si_errno);
516 __get_user(info->si_code, &tinfo->si_code);
517 __get_user(info->si_pid, &tinfo->_sifields._rt._pid);
518 __get_user(info->si_uid, &tinfo->_sifields._rt._uid);
519 __get_user(sival_ptr, &tinfo->_sifields._rt._sigval.sival_ptr);
520 info->si_value.sival_ptr = (void *)(long)sival_ptr;
523 static int fatal_signal (int sig)
528 case TARGET_SIGWINCH:
529 /* Ignored by default. */
536 /* Job control signals. */
543 /* returns 1 if given signal should dump core if not handled */
544 static int core_dump_signal(int sig)
560 static void signal_table_init(void)
562 int host_sig, target_sig, count;
565 * Signals are supported starting from TARGET_SIGRTMIN and going up
566 * until we run out of host realtime signals.
567 * glibc at least uses only the lower 2 rt signals and probably
568 * nobody's using the upper ones.
569 * it's why SIGRTMIN (34) is generally greater than __SIGRTMIN (32)
570 * To fix this properly we need to do manual signal delivery multiplexed
571 * over a single host signal.
572 * Attempts for configure "missing" signals via sigaction will be
575 for (host_sig = SIGRTMIN; host_sig <= SIGRTMAX; host_sig++) {
576 target_sig = host_sig - SIGRTMIN + TARGET_SIGRTMIN;
577 if (target_sig <= TARGET_NSIG) {
578 host_to_target_signal_table[host_sig] = target_sig;
582 /* generate signal conversion tables */
583 for (target_sig = 1; target_sig <= TARGET_NSIG; target_sig++) {
584 target_to_host_signal_table[target_sig] = _NSIG; /* poison */
586 for (host_sig = 1; host_sig < _NSIG; host_sig++) {
587 if (host_to_target_signal_table[host_sig] == 0) {
588 host_to_target_signal_table[host_sig] = host_sig;
590 target_sig = host_to_target_signal_table[host_sig];
591 if (target_sig <= TARGET_NSIG) {
592 target_to_host_signal_table[target_sig] = host_sig;
596 if (trace_event_get_state_backends(TRACE_SIGNAL_TABLE_INIT)) {
597 for (target_sig = 1, count = 0; target_sig <= TARGET_NSIG; target_sig++) {
598 if (target_to_host_signal_table[target_sig] == _NSIG) {
602 trace_signal_table_init(count);
606 void signal_init(void)
608 TaskState *ts = (TaskState *)thread_cpu->opaque;
609 struct sigaction act;
610 struct sigaction oact;
614 /* initialize signal conversion tables */
617 /* Set the signal mask from the host mask. */
618 sigprocmask(0, 0, &ts->signal_mask);
620 sigfillset(&act.sa_mask);
621 act.sa_flags = SA_SIGINFO;
622 act.sa_sigaction = host_signal_handler;
623 for(i = 1; i <= TARGET_NSIG; i++) {
625 if (i == TARGET_SIGPROF) {
629 host_sig = target_to_host_signal(i);
630 sigaction(host_sig, NULL, &oact);
631 if (oact.sa_sigaction == (void *)SIG_IGN) {
632 sigact_table[i - 1]._sa_handler = TARGET_SIG_IGN;
633 } else if (oact.sa_sigaction == (void *)SIG_DFL) {
634 sigact_table[i - 1]._sa_handler = TARGET_SIG_DFL;
636 /* If there's already a handler installed then something has
637 gone horribly wrong, so don't even try to handle that case. */
638 /* Install some handlers for our own use. We need at least
639 SIGSEGV and SIGBUS, to detect exceptions. We can not just
640 trap all signals because it affects syscall interrupt
641 behavior. But do trap all default-fatal signals. */
642 if (fatal_signal (i))
643 sigaction(host_sig, &act, NULL);
647 /* Force a synchronously taken signal. The kernel force_sig() function
648 * also forces the signal to "not blocked, not ignored", but for QEMU
649 * that work is done in process_pending_signals().
651 void force_sig(int sig)
653 CPUState *cpu = thread_cpu;
654 CPUArchState *env = cpu->env_ptr;
655 target_siginfo_t info = {};
659 info.si_code = TARGET_SI_KERNEL;
660 info._sifields._kill._pid = 0;
661 info._sifields._kill._uid = 0;
662 queue_signal(env, info.si_signo, QEMU_SI_KILL, &info);
666 * Force a synchronously taken QEMU_SI_FAULT signal. For QEMU the
667 * 'force' part is handled in process_pending_signals().
669 void force_sig_fault(int sig, int code, abi_ulong addr)
671 CPUState *cpu = thread_cpu;
672 CPUArchState *env = cpu->env_ptr;
673 target_siginfo_t info = {};
678 info._sifields._sigfault._addr = addr;
679 queue_signal(env, sig, QEMU_SI_FAULT, &info);
682 /* Force a SIGSEGV if we couldn't write to memory trying to set
683 * up the signal frame. oldsig is the signal we were trying to handle
684 * at the point of failure.
686 #if !defined(TARGET_RISCV)
687 void force_sigsegv(int oldsig)
689 if (oldsig == SIGSEGV) {
690 /* Make sure we don't try to deliver the signal again; this will
691 * end up with handle_pending_signal() calling dump_core_and_abort().
693 sigact_table[oldsig - 1]._sa_handler = TARGET_SIG_DFL;
695 force_sig(TARGET_SIGSEGV);
699 void cpu_loop_exit_sigsegv(CPUState *cpu, target_ulong addr,
700 MMUAccessType access_type, bool maperr, uintptr_t ra)
702 const struct TCGCPUOps *tcg_ops = CPU_GET_CLASS(cpu)->tcg_ops;
704 if (tcg_ops->record_sigsegv) {
705 tcg_ops->record_sigsegv(cpu, addr, access_type, maperr, ra);
708 force_sig_fault(TARGET_SIGSEGV,
709 maperr ? TARGET_SEGV_MAPERR : TARGET_SEGV_ACCERR,
711 cpu->exception_index = EXCP_INTERRUPT;
712 cpu_loop_exit_restore(cpu, ra);
715 void cpu_loop_exit_sigbus(CPUState *cpu, target_ulong addr,
716 MMUAccessType access_type, uintptr_t ra)
718 const struct TCGCPUOps *tcg_ops = CPU_GET_CLASS(cpu)->tcg_ops;
720 if (tcg_ops->record_sigbus) {
721 tcg_ops->record_sigbus(cpu, addr, access_type, ra);
724 force_sig_fault(TARGET_SIGBUS, TARGET_BUS_ADRALN, addr);
725 cpu->exception_index = EXCP_INTERRUPT;
726 cpu_loop_exit_restore(cpu, ra);
729 /* abort execution with signal */
730 static void QEMU_NORETURN dump_core_and_abort(int target_sig)
732 CPUState *cpu = thread_cpu;
733 CPUArchState *env = cpu->env_ptr;
734 TaskState *ts = (TaskState *)cpu->opaque;
735 int host_sig, core_dumped = 0;
736 struct sigaction act;
738 host_sig = target_to_host_signal(target_sig);
739 trace_user_force_sig(env, target_sig, host_sig);
740 gdb_signalled(env, target_sig);
742 /* dump core if supported by target binary format */
743 if (core_dump_signal(target_sig) && (ts->bprm->core_dump != NULL)) {
746 ((*ts->bprm->core_dump)(target_sig, env) == 0);
749 /* we already dumped the core of target process, we don't want
750 * a coredump of qemu itself */
751 struct rlimit nodump;
752 getrlimit(RLIMIT_CORE, &nodump);
754 setrlimit(RLIMIT_CORE, &nodump);
755 (void) fprintf(stderr, "qemu: uncaught target signal %d (%s) - %s\n",
756 target_sig, strsignal(host_sig), "core dumped" );
759 /* The proper exit code for dying from an uncaught signal is
760 * -<signal>. The kernel doesn't allow exit() or _exit() to pass
761 * a negative value. To get the proper exit code we need to
762 * actually die from an uncaught signal. Here the default signal
763 * handler is installed, we send ourself a signal and we wait for
765 sigfillset(&act.sa_mask);
766 act.sa_handler = SIG_DFL;
768 sigaction(host_sig, &act, NULL);
770 /* For some reason raise(host_sig) doesn't send the signal when
771 * statically linked on x86-64. */
772 kill(getpid(), host_sig);
774 /* Make sure the signal isn't masked (just reuse the mask inside
776 sigdelset(&act.sa_mask, host_sig);
777 sigsuspend(&act.sa_mask);
783 /* queue a signal so that it will be send to the virtual CPU as soon
785 int queue_signal(CPUArchState *env, int sig, int si_type,
786 target_siginfo_t *info)
788 CPUState *cpu = env_cpu(env);
789 TaskState *ts = cpu->opaque;
791 trace_user_queue_signal(env, sig);
793 info->si_code = deposit32(info->si_code, 16, 16, si_type);
795 ts->sync_signal.info = *info;
796 ts->sync_signal.pending = sig;
797 /* signal that a new signal is pending */
798 qatomic_set(&ts->signal_pending, 1);
799 return 1; /* indicates that the signal was queued */
803 /* Adjust the signal context to rewind out of safe-syscall if we're in it */
804 static inline void rewind_if_in_safe_syscall(void *puc)
806 ucontext_t *uc = (ucontext_t *)puc;
807 uintptr_t pcreg = host_signal_pc(uc);
809 if (pcreg > (uintptr_t)safe_syscall_start
810 && pcreg < (uintptr_t)safe_syscall_end) {
811 host_signal_set_pc(uc, (uintptr_t)safe_syscall_start);
815 static void host_signal_handler(int host_sig, siginfo_t *info, void *puc)
817 CPUArchState *env = thread_cpu->env_ptr;
818 CPUState *cpu = env_cpu(env);
819 TaskState *ts = cpu->opaque;
820 target_siginfo_t tinfo;
821 ucontext_t *uc = puc;
822 struct emulated_sigtable *k;
825 bool sync_sig = false;
828 * Non-spoofed SIGSEGV and SIGBUS are synchronous, and need special
829 * handling wrt signal blocking and unwinding.
831 if ((host_sig == SIGSEGV || host_sig == SIGBUS) && info->si_code > 0) {
832 MMUAccessType access_type;
837 host_addr = (uintptr_t)info->si_addr;
840 * Convert forcefully to guest address space: addresses outside
841 * reserved_va are still valid to report via SEGV_MAPERR.
843 guest_addr = h2g_nocheck(host_addr);
845 pc = host_signal_pc(uc);
846 is_write = host_signal_write(info, uc);
847 access_type = adjust_signal_pc(&pc, is_write);
849 if (host_sig == SIGSEGV) {
852 if (info->si_code == SEGV_ACCERR && h2g_valid(host_addr)) {
853 /* If this was a write to a TB protected page, restart. */
855 handle_sigsegv_accerr_write(cpu, &uc->uc_sigmask,
861 * With reserved_va, the whole address space is PROT_NONE,
862 * which means that we may get ACCERR when we want MAPERR.
864 if (page_get_flags(guest_addr) & PAGE_VALID) {
867 info->si_code = SEGV_MAPERR;
871 sigprocmask(SIG_SETMASK, &uc->uc_sigmask, NULL);
872 cpu_loop_exit_sigsegv(cpu, guest_addr, access_type, maperr, pc);
874 sigprocmask(SIG_SETMASK, &uc->uc_sigmask, NULL);
875 if (info->si_code == BUS_ADRALN) {
876 cpu_loop_exit_sigbus(cpu, guest_addr, access_type, pc);
883 /* get target signal number */
884 guest_sig = host_to_target_signal(host_sig);
885 if (guest_sig < 1 || guest_sig > TARGET_NSIG) {
888 trace_user_host_signal(env, host_sig, guest_sig);
890 host_to_target_siginfo_noswap(&tinfo, info);
891 k = &ts->sigtab[guest_sig - 1];
893 k->pending = guest_sig;
894 ts->signal_pending = 1;
897 * For synchronous signals, unwind the cpu state to the faulting
898 * insn and then exit back to the main loop so that the signal
899 * is delivered immediately.
902 cpu->exception_index = EXCP_INTERRUPT;
903 cpu_loop_exit_restore(cpu, pc);
906 rewind_if_in_safe_syscall(puc);
909 * Block host signals until target signal handler entered. We
910 * can't block SIGSEGV or SIGBUS while we're executing guest
911 * code in case the guest code provokes one in the window between
912 * now and it getting out to the main loop. Signals will be
913 * unblocked again in process_pending_signals().
915 * WARNING: we cannot use sigfillset() here because the uc_sigmask
916 * field is a kernel sigset_t, which is much smaller than the
917 * libc sigset_t which sigfillset() operates on. Using sigfillset()
918 * would write 0xff bytes off the end of the structure and trash
919 * data on the struct.
920 * We can't use sizeof(uc->uc_sigmask) either, because the libc
921 * headers define the struct field with the wrong (too large) type.
923 memset(&uc->uc_sigmask, 0xff, SIGSET_T_SIZE);
924 sigdelset(&uc->uc_sigmask, SIGSEGV);
925 sigdelset(&uc->uc_sigmask, SIGBUS);
927 /* interrupt the virtual CPU as soon as possible */
928 cpu_exit(thread_cpu);
931 /* do_sigaltstack() returns target values and errnos. */
932 /* compare linux/kernel/signal.c:do_sigaltstack() */
933 abi_long do_sigaltstack(abi_ulong uss_addr, abi_ulong uoss_addr,
936 target_stack_t oss, *uoss = NULL;
937 abi_long ret = -TARGET_EFAULT;
940 /* Verify writability now, but do not alter user memory yet. */
941 if (!lock_user_struct(VERIFY_WRITE, uoss, uoss_addr, 0)) {
944 target_save_altstack(&oss, env);
950 if (!lock_user_struct(VERIFY_READ, uss, uss_addr, 1)) {
953 ret = target_restore_altstack(uss, env);
960 memcpy(uoss, &oss, sizeof(oss));
961 unlock_user_struct(uoss, uoss_addr, 1);
968 unlock_user_struct(uoss, uoss_addr, 0);
973 /* do_sigaction() return target values and host errnos */
974 int do_sigaction(int sig, const struct target_sigaction *act,
975 struct target_sigaction *oact, abi_ulong ka_restorer)
977 struct target_sigaction *k;
978 struct sigaction act1;
982 trace_signal_do_sigaction_guest(sig, TARGET_NSIG);
984 if (sig < 1 || sig > TARGET_NSIG) {
985 return -TARGET_EINVAL;
988 if (act && (sig == TARGET_SIGKILL || sig == TARGET_SIGSTOP)) {
989 return -TARGET_EINVAL;
992 if (block_signals()) {
993 return -QEMU_ERESTARTSYS;
996 k = &sigact_table[sig - 1];
998 __put_user(k->_sa_handler, &oact->_sa_handler);
999 __put_user(k->sa_flags, &oact->sa_flags);
1000 #ifdef TARGET_ARCH_HAS_SA_RESTORER
1001 __put_user(k->sa_restorer, &oact->sa_restorer);
1004 oact->sa_mask = k->sa_mask;
1007 /* FIXME: This is not threadsafe. */
1008 __get_user(k->_sa_handler, &act->_sa_handler);
1009 __get_user(k->sa_flags, &act->sa_flags);
1010 #ifdef TARGET_ARCH_HAS_SA_RESTORER
1011 __get_user(k->sa_restorer, &act->sa_restorer);
1013 #ifdef TARGET_ARCH_HAS_KA_RESTORER
1014 k->ka_restorer = ka_restorer;
1016 /* To be swapped in target_to_host_sigset. */
1017 k->sa_mask = act->sa_mask;
1019 /* we update the host linux signal state */
1020 host_sig = target_to_host_signal(sig);
1021 trace_signal_do_sigaction_host(host_sig, TARGET_NSIG);
1022 if (host_sig > SIGRTMAX) {
1023 /* we don't have enough host signals to map all target signals */
1024 qemu_log_mask(LOG_UNIMP, "Unsupported target signal #%d, ignored\n",
1027 * we don't return an error here because some programs try to
1028 * register an handler for all possible rt signals even if they
1030 * An error here can abort them whereas there can be no problem
1031 * to not have the signal available later.
1032 * This is the case for golang,
1033 * See https://github.com/golang/go/issues/33746
1034 * So we silently ignore the error.
1038 if (host_sig != SIGSEGV && host_sig != SIGBUS) {
1039 sigfillset(&act1.sa_mask);
1040 act1.sa_flags = SA_SIGINFO;
1041 if (k->sa_flags & TARGET_SA_RESTART)
1042 act1.sa_flags |= SA_RESTART;
1043 /* NOTE: it is important to update the host kernel signal
1044 ignore state to avoid getting unexpected interrupted
1046 if (k->_sa_handler == TARGET_SIG_IGN) {
1047 act1.sa_sigaction = (void *)SIG_IGN;
1048 } else if (k->_sa_handler == TARGET_SIG_DFL) {
1049 if (fatal_signal (sig))
1050 act1.sa_sigaction = host_signal_handler;
1052 act1.sa_sigaction = (void *)SIG_DFL;
1054 act1.sa_sigaction = host_signal_handler;
1056 ret = sigaction(host_sig, &act1, NULL);
1062 static void handle_pending_signal(CPUArchState *cpu_env, int sig,
1063 struct emulated_sigtable *k)
1065 CPUState *cpu = env_cpu(cpu_env);
1068 target_sigset_t target_old_set;
1069 struct target_sigaction *sa;
1070 TaskState *ts = cpu->opaque;
1072 trace_user_handle_signal(cpu_env, sig);
1073 /* dequeue signal */
1076 sig = gdb_handlesig(cpu, sig);
1079 handler = TARGET_SIG_IGN;
1081 sa = &sigact_table[sig - 1];
1082 handler = sa->_sa_handler;
1085 if (unlikely(qemu_loglevel_mask(LOG_STRACE))) {
1086 print_taken_signal(sig, &k->info);
1089 if (handler == TARGET_SIG_DFL) {
1090 /* default handler : ignore some signal. The other are job control or fatal */
1091 if (sig == TARGET_SIGTSTP || sig == TARGET_SIGTTIN || sig == TARGET_SIGTTOU) {
1092 kill(getpid(),SIGSTOP);
1093 } else if (sig != TARGET_SIGCHLD &&
1094 sig != TARGET_SIGURG &&
1095 sig != TARGET_SIGWINCH &&
1096 sig != TARGET_SIGCONT) {
1097 dump_core_and_abort(sig);
1099 } else if (handler == TARGET_SIG_IGN) {
1101 } else if (handler == TARGET_SIG_ERR) {
1102 dump_core_and_abort(sig);
1104 /* compute the blocked signals during the handler execution */
1105 sigset_t *blocked_set;
1107 target_to_host_sigset(&set, &sa->sa_mask);
1108 /* SA_NODEFER indicates that the current signal should not be
1109 blocked during the handler */
1110 if (!(sa->sa_flags & TARGET_SA_NODEFER))
1111 sigaddset(&set, target_to_host_signal(sig));
1113 /* save the previous blocked signal state to restore it at the
1114 end of the signal execution (see do_sigreturn) */
1115 host_to_target_sigset_internal(&target_old_set, &ts->signal_mask);
1117 /* block signals in the handler */
1118 blocked_set = ts->in_sigsuspend ?
1119 &ts->sigsuspend_mask : &ts->signal_mask;
1120 sigorset(&ts->signal_mask, blocked_set, &set);
1121 ts->in_sigsuspend = 0;
1123 /* if the CPU is in VM86 mode, we restore the 32 bit values */
1124 #if defined(TARGET_I386) && !defined(TARGET_X86_64)
1126 CPUX86State *env = cpu_env;
1127 if (env->eflags & VM_MASK)
1128 save_v86_state(env);
1131 /* prepare the stack frame of the virtual CPU */
1132 #if defined(TARGET_ARCH_HAS_SETUP_FRAME)
1133 if (sa->sa_flags & TARGET_SA_SIGINFO) {
1134 setup_rt_frame(sig, sa, &k->info, &target_old_set, cpu_env);
1136 setup_frame(sig, sa, &target_old_set, cpu_env);
1139 /* These targets do not have traditional signals. */
1140 setup_rt_frame(sig, sa, &k->info, &target_old_set, cpu_env);
1142 if (sa->sa_flags & TARGET_SA_RESETHAND) {
1143 sa->_sa_handler = TARGET_SIG_DFL;
1148 void process_pending_signals(CPUArchState *cpu_env)
1150 CPUState *cpu = env_cpu(cpu_env);
1152 TaskState *ts = cpu->opaque;
1154 sigset_t *blocked_set;
1156 while (qatomic_read(&ts->signal_pending)) {
1157 /* FIXME: This is not threadsafe. */
1159 sigprocmask(SIG_SETMASK, &set, 0);
1162 sig = ts->sync_signal.pending;
1164 /* Synchronous signals are forced,
1165 * see force_sig_info() and callers in Linux
1166 * Note that not all of our queue_signal() calls in QEMU correspond
1167 * to force_sig_info() calls in Linux (some are send_sig_info()).
1168 * However it seems like a kernel bug to me to allow the process
1169 * to block a synchronous signal since it could then just end up
1170 * looping round and round indefinitely.
1172 if (sigismember(&ts->signal_mask, target_to_host_signal_table[sig])
1173 || sigact_table[sig - 1]._sa_handler == TARGET_SIG_IGN) {
1174 sigdelset(&ts->signal_mask, target_to_host_signal_table[sig]);
1175 sigact_table[sig - 1]._sa_handler = TARGET_SIG_DFL;
1178 handle_pending_signal(cpu_env, sig, &ts->sync_signal);
1181 for (sig = 1; sig <= TARGET_NSIG; sig++) {
1182 blocked_set = ts->in_sigsuspend ?
1183 &ts->sigsuspend_mask : &ts->signal_mask;
1185 if (ts->sigtab[sig - 1].pending &&
1186 (!sigismember(blocked_set,
1187 target_to_host_signal_table[sig]))) {
1188 handle_pending_signal(cpu_env, sig, &ts->sigtab[sig - 1]);
1189 /* Restart scan from the beginning, as handle_pending_signal
1190 * might have resulted in a new synchronous signal (eg SIGSEGV).
1196 /* if no signal is pending, unblock signals and recheck (the act
1197 * of unblocking might cause us to take another host signal which
1198 * will set signal_pending again).
1200 qatomic_set(&ts->signal_pending, 0);
1201 ts->in_sigsuspend = 0;
1202 set = ts->signal_mask;
1203 sigdelset(&set, SIGSEGV);
1204 sigdelset(&set, SIGBUS);
1205 sigprocmask(SIG_SETMASK, &set, 0);
1207 ts->in_sigsuspend = 0;
projects / qemu.git / blob