The goal of the separate stacks was to allow this, but I never quite finished the job. Now, when a SEH exception (generally a Rust panic in a guest syscall handler, or a C# Exception in a callback) tries to unwind through guest code, it works. Note that we don't actually unwind the guest stack, as there's nothing useful to be gained from that; When an emulator core throws an exception like this, it should be considered completely hosed. Throw it out and get a new one.
There were two bugs stopping this from working.
First of all, we had custom thunks that lacked sufficient unwind information for RtlUnwind to get through. For the sysv <-> msabi adapter, this was fixed by making it regular Rust code instead of hand assembled junkus. So the compiler generates valid unwind information for all of that. Then we just JIT a small stub on top in the MsHostSysVGuest code, which needs no unwind information because it won't throw an exception itself and transparently passes execution to something with valid unwind information without invalidating that information. (NB: Clr JIT stubs use the same strategy.) For the host <-> guest stack transition code, a small hand generated unwind stub was added to interop.s that is registered with `RtlAddFunctionTable`. I've seen the unwind work successfully without this second set of unwind information, but better safe than sorry.
Secondly, our misuse of SubSystemTib caught up with us. It's an old field, allegedly from OS/2, that we repurposed to hold TLS information needed for the waterbox stack transitions. Most people think nothing uses it any more, but in fact if it's set to a non-NULL value, but doesn't contain valid information, `KERNELBASE!GetModuleFileNameW` will crash when it tries to get a module name from there. The fix here was to simply tighten up our usage of SubSystemTib: We were already nulling it out when returning from guest code, but not when calling back to host code in guest code.
Fixes#2487. Unwinding of this sort has never worked well in waterbox; the reason why that issue is more recent is that the particular reproducing case of firmware didn't cause an exception in a callback in older code; the exception happened in pure managed code.
* Move .so libraries to dll dir, update some build scripts
* Move OpenTK.dll.config with OpenTK.dll
* Keep EmuHawkMono.sh in Windows-built artifacts
* Add Package.sh to match QuickTestBuildAndPackage.bat
used as `Dist/BuildRelease.sh && Dist/Package.sh`
* Update GitLab CI to use Package.sh
Waterbox supports threads now, but they're not real threads on the host side because that's complicated and can be nondeterministic. Instead, everything is scheduled to share one host thread. This means that scheduling is actually cooperative and certain patterns of spinlocks and other nonsense can fail to work at all, but "regular" code probably will.
With this, add DobieStation PS2 core. This core was selected because it has threads and is otherwise simple to port; easy to build and a good core/frontend separation. It's not a wonderful core however, with low speed (made abysmally lower by our lack of real threads) and low compatibility, so it remains a curiosity for now.
The description in the previous commit is accurate, but the problem runs deeper and was on the whole a complete failure for me to appreciate the difference between active and swapped in on memoryblocks. Bleeecch.
This was broken by 175556529e, with two related issues: When we allowed for some operations to happen even when the block is inactive, we didn't account for the fact that in swapin, the block technically is not active yet (the lock is not on the self), and similarly in swapout, the lock has already been moved out of self. The former caused all memory areas to revert to RWX at the host OS level after a swap, so no dirty detection was done. After the former was fixed, the latter caused saved costacks to still get missed.
At the same time we ran into a perfect storm with costacks on Windows; if a stack page is not yet dirty, but we hit a fault for something else, Windows will not call our VEH handler unless the TIB stack extents are satisfactory, since it needs userspace to fix up the TIB extents via VEH or SEH handler, but there's already an exception pending.
This broke any waterbox core that called in to native code in the same EnterExit() right after sealing. All nyma cores were broken, 32x was not, didn't check the rest. Regressed in 175556529e.
It worked fine in release mode, theoretically
Set up a second mirror of guest memory; easily accomplished because we were already using memfd_create / CreateFileMappingW.
This lets us simplify a lot of host code that has to access guest memory that may not be active right now, or might have been mprotect()ed to something weird. Activate is only needed now to run guest code, or when the C# side wants to peer into guest memory for memory domains and such (waterboxhost does not share the mirror address with the C# side).
Bizhawk never would hit this because it only ever runs waterboxes in one host thread, but an application that spun up many threads and ran waterboxes in each would leak 32 bytes of heap for each native thread destroyed, which is super duper not really meaningful at all
Waterbox guest code now runs on a stack inside the guest memory space. This removes some potential opportunities for nondeterminism and makes future porting of libco-enabled cores easier.
This replaces the old managed one. The only direct effect of this is to fix some hard to reproduce crashes in bsnes.
In the long run, we'll use this new code to help build more waterbox features.
Morilli