Use the (undocumented) MEMORY_WORKING_SET_EX_INFORMATION in dumper to
determine if a MEM_IMAGE region is unsharable, and hence has been
modified.
After this, we will end up dumping memory regions where:
- state is MEM_COMMIT (i.e. is not MEM_RESERVE or MEM_FREE), and
-- type is MEM_PRIVATE and protection allows reads (i.e. not a guardpage), or
-- type is MEM_IMAGE and attribute is non-sharable (i.e. it was WC, got
written to, and is now a RW copy)
After this, we will end up dumping memory regions where:
- state is MEM_COMMIT (i.e. is not MEM_RESERVE or MEM_FREE), and
-- type is MEM_PRIVATE and protection allows reads (i.e. not a guardpage), or
-- type is MEM_IMAGE and protection allows writes
Making this decision based on the current protection isn't 100% correct,
because it may have been changed using VirtualProtect(). But we don't
know how to determine if a region is shareable.
(As a practical matter, anything which gets us the stack (MEM_PRIVATE)
and .data/.bss (RW MEM_IMAGE) is going to be enough for 99% of cases)
PMEM_EXTENDED_PARAMETER is defined in the local winlean.h as long
as mingw-w64 doesn't define it (in winnt.h). ntdll.h needs the
definition for declaring NtMapViewOfSectionEx. cygpath.cc and ps.cc
both include ntdll.h but not winlean.h, so they complain about the
missing definition.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Update dumper for bfd API changes in binutils 2.34
libbfd doesn't guarantee API stability, so we've just been lucky this
hasn't broken more often.
See binutils commit fd361982.
The helper function ttynam creates a tty name by using sprintf wrongly
on a pretty short buffer. The foramt string only specifies a minimum
field length, not a maximum field length, so gcc-9.2.0 complains:
ps.cc:101:23: warning: 'sprintf' may write a terminating nul past the
end of the destination [-Wformat-overflow=]
Fix this thoroughly by specifying a maximum field width as well as by
using snprintf with a fixed buffer length. Also, drop using a static
buffer in favor of using a buffer in the caller.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Support pseudo console in PTY. Pseudo console is a new feature
in Windows 10 1809, which provides console APIs on virtual
terminal. With this patch, native console applications can work
in PTYs such as mintty, ssh, gnu screen or tmux.
Borrow a trick from strace to lessen occurrences of "??? => ???" in ldd
output. Specifically, if the module name isn't found in the usual place
in the mapped image, use the file handle we have to look up the name.
An increasing number of tools are being included in Windows which have the
same names as those included in Cygwin packages. Indicating which one is
first in PATH can be helpful in diagnosing behavioural discrepencies
between them.
Also, fix the alphabetization of ssh.
strace only printed the Windows PID in event output so far.
Especially now that Windows and Cygwin PID are decoupled, the
strace user might like to see the Cygwin pid in event output as
well. However, at process startup, the process might not have
a Cygwin PID yet.
To mitigate this, always print the Windows PID and only add the
Cygwin pid if it exists.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Always use NtQuerySystemInformation(SystemProcessIdInformation).
This drops two code paths calling NtQueryInformationProcess or
GetModuleFileNameExW and only requires to open the process
to fetch system time info.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
There's a long-standing bug in ps -W. It only shows processes which ps
can open with PROCESS_QUERY_LIMITED_INFORMATION permissions. However,
that fails for a lot of system processes. Due to that, output is
basically restricted to processes in the same session, as well as Cygwin
processes... which isn't *quite* what ps -W was supposed to do.
Basically we only need to open the process to fetch the image name. If
that fails, utilize the undocumented SystemProcessIdInformation info
class introduced with Windows Vista, which allows to fetch the image
name by specifying the PID. Restructure the code a bit.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When recognizing a negative pid, optind is off by one. The
code correcting this has been erroneously removed by commit
8de660271f. Revert that.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This may end up killing the wrong process. Only allow Cygwin PID.
Slightly clean up code: Remove outdated W95 considerations. Fix
a bug in commandline argument processing.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- Remove another unfortunate amalgamation: Mount flags (MOUNT_xxx)
are converted to path_types (PATH_xxx) and mixed with non-mount
path_types flags in the same storage, leading to a tangled,
pell-mell usage of mount flags and path flags in path_conv and
symlink_info.
- There's also the case of PC_NONULLEMPTY. It's used in exactly
one place with a path_conv constructor only used in this single
place, just to override the automatic PC_NULLEMPTY addition
when calling the other path_conv constructors. Crazily,
PC_NONULLEMPTY is a define, no path_types flag, despite its
name.
- It doesn't help that the binary flag exists as mount and path
flag, while the text flag only exists as path flag. This leads
to mount code using path flags to set text/binary. Very confusing
is the fact that a text mount/path flag is not actually required;
the mount code sets the text flag on non binary mounts anyway, so
there are only two states. However, to puzzle people a bit more,
path_conv::binary wrongly implies there's a third, non-binary/non-text
state.
Clean up this mess:
- Store path flags separately from mount flags in path_conv and
symlink_info classes and change all checks and testing inline
methods accordingly.
- Make PC_NONULLEMPTY a simple path_types flag and drop the
redundant path_check constructor.
- Clean up the definition of pathconv_arg, path_types, and mount flags.
Use _BIT expression, newly define in cygwin/bits.h.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Updates to misc files to integrate AIO into the Cygwin source tree.
Much of it has to be done when adding any new syscalls. There are
some updates to limits.h for AIO-specific limits. And some doc mods.
Make getfacl print two colons instead of one after "other" and "mask".
Change the help text for setfacl to indicate that there can be either
one colon or two.
This was called only on filenames in /etc/setup/installed.db, which
are all basenames anyway. Moreover, base wasn't correctly handling
filenames containing colons.
Error messages of regtool can't be read, which are encoded in,
for instance, SHIFT_JIS in Japanese Windows. Fix by using
wide chars instead of multibyte.
Recent versions of gcc are optimizing away the TLS buffer allocated in
main, so we need to tell gcc that it's really used. RtlSecureZeroMemory
accomplishes this while also inlining the memset.
Signed-off-by: Daniel Santos <daniel.santos@pobox.com>