* Clear faulting_p from a safepoint rather than inside general_error, because jumping into unwind-native-frames could blow up.
* Handle multiple faults from fatal_error by breakpointing. Is there anything else we can safely do at that point?
* Verify memory protection faults in the top half of the signal handlers because signal dispatch could fault. Treat memory faults during gc or fep as fatal errors.
* Add a function factor_vm::abort() that restores the default SIGABRT handler and ::abort()s. Use it from fatal_error() so we get useful context from gdb and so the user gets feedback from the system crash reporter that Factor blew up and didn't just disappear.
* In factorbug(), don't proceed with .s .r .c if it would be unsafe to do so.
* Don't pile on signals if we've already called fatal_error().
On OS X it appears the mach exception thread and libdispatch queue threads occasionally get the SIGALRM from the itimer. Count those as foreign_thread_samples instead of letting the signal kill the process.
Set up the state necessary to collect samples. We still need to add GC support for walking the sample set, and the compiler needs to register GC roots before safepoints as well. We also need primitives to expose the data to Factor for reporting.
This will let us safely unguard the callstack overflow guard page as a grace page so the callstack overflow handler can do its business without discarding frames.
Also rename "q" to "c" because it "c"ontinues, remove the useless "im" command, and rename the less useful "t" to "trim" so we can use "t" to mean "throw"
It's not robust currently to raise an exception because a lot of our code that isn't already written with exceptions in mind breaks. Also, a signal is likely to be received by an FFI callback installed on the IO multiplexer, which will cause Factor to die since the callback cannot handle the exception. We need a more robust solution to dealing with SIGINT.
Also lay some groundwork for counting profile samples and reporting non-interrupting asynchronous signals.
Remove the weird and broken functions fix_callstack_top and scrub_return_address. Instead, simply decrement the SP and store the PC from the front end of the signal handler so that the back end can return back into the original context normally. Currently aborts for leaf procedure frames pending a more robust solution.
- Crash if allocating error triggers a GC from a signal/SEH handler
- Crash if GC runs with floating point traps enabled on Windows
- Floating point traps didn't prettyprint properly
Joe Groff
Slava Pestov
Slava Pestov
Slava Pestov