X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:content-type:to:subject:references:date
	:mime-version:content-transfer-encoding:from:message-id
	:in-reply-to; q=dns; s=default; b=jnDBTPS73sPa8Nm2xqHLLSDzpClAa/
	X3jl4q7ZM6MxxUjLgdD3R7wcqDqU5DNyYoq6EB0xhmSIcU7fKSMCw0pOAiABwPXT
	3+nI6wSbToqdejLwXv9Ep9DCcDyyKhZj/PaOvpa4JEYCOeuj89xLtUrzUo4u5Ef9
	66P+X2fagBrWg=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:content-type:to:subject:references:date
	:mime-version:content-transfer-encoding:from:message-id
	:in-reply-to; s=default; bh=teHCHMUnM4Rk0FeRZ3yPhsBWVts=; b=h0qg
	57qqzM0J2uEVI73WnpderZDyPFR/QTAQ4sirmyo2Z04znIS+e2u3zTD9pNzkvJYZ
	fE+DX2BQsQueBxK6IRiq1cKGdpOCBnVz/ZzRqwhjjP6vlPernWbphBwNRGwjiGIj
	3whCgZ5xcG7awUAAYKETyPDGrJB7seMkUp8EGTg=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE,SPF_PASS,T_RP_MATCHES_RCVD autolearn=ham version=3.3.2
X-HELO:	mailout.ish.de
To:	cygwin AT cygwin DOT com
Subject:	Re: TP_NUM_C_BUFS too small
References:	<op DOT x7fnnjtmofd6j1 AT frascati DOT upc DOT de> <op DOT x7fspszwofd6j1 AT frascati DOT upc DOT de> <loom DOT 20151102T032737-854 AT post DOT gmane DOT org> <20151102111532 DOT GA5319 AT calimero DOT vinschen DOT de>
Date:	Tue, 03 Nov 2015 00:07:36 +0100
MIME-Version:	1.0
From:	"Helmut Karlowski" <helmut DOT karlowski AT ish DOT de>
Message-ID:	<op.x7hw6yifofd6j1@frascati.upc.de>
In-Reply-To:	<20151102111532.GA5319@calimero.vinschen.de>
User-Agent:	Opera Mail/12.17 (Win32)
X-IsSubscribed:	yes

Am 02.11.2015, 12:15 Uhr, schrieb Corinna Vinschen:

>> Glad it's fixed!  For the record, could you say what sort of bug would  
>> cause
>> a fatal internal error like that?
>> Just curious,
>
> Me too.  Sounds like some kind of recursion.

It all happened after I had replaced all strcpy/strcat by strlcpy like  
this:

strcpy(t,s) -> pos = strlcpy(t,s,size)
strcat(t,s) -> pos += strlcpy(t+pos,s,size-pos)

At some point the pos-parameter was wrong and the resulting string became  
something undesired. And that string probably was passed to fopen, maybe  
pos became very large way beyond the boundaries of the string which is  
 from the stack.

It's hard to reproduce what happened in a simple case, and I was in some  
hurry then, but I saved the strace-output:

   459 4265672 [main] ue 460 open: open(u, 0x0)
    33 4265705 [main] ue 460 normalize_posix_path: src u
    33 4265738 [main] ue 460 cwdstuff::get: posix /usr/src/ue314/bin
    32 4265770 [main] ue 460 cwdstuff::get: (/usr/src/ue314/bin) =  
cwdstuff::get (0x80000008, 32768, 1, 0), errno 2
    33 4265803 [main] ue 460 normalize_posix_path: /usr/src/ue314/bin/u =  
normalize_posix_path (u)
    33 4265836 [main] ue 460 mount_info::conv_to_win32_path:  
conv_to_win32_path (/usr/src/ue314/bin/u)
    33 4265869 [main] ue 460 set_flags: flags: binary (0x2)
    33 4265902 [main] ue 460 mount_info::conv_to_win32_path: src_path  
/usr/src/ue314/bin/u, dst C:\cygwin\usr\src\ue314\bin\u, flags 0x3000A, rc  
0
    63 4265965 [main] ue 460 symlink_info::check: 0x0 = NtCreateFile  
(\??\C:\cygwin\usr\src\ue314\bin\u)
    49 4266014 [main] ue 460 symlink_info::check: not a symlink
    47 4266061 [main] ue 460 symlink_info::check: 0 =  
symlink.check(C:\cygwin\usr\src\ue314\bin\u, 0x29B598) (0x3000A)
    35 4266096 [main] ue 460 path_conv::check:  
this->path(C:\cygwin\usr\src\ue314\bin\u), has_acls(1)
    37 4266133 [main] ue 460 build_fh_pc: fh 0x61302754, dev 000000C3
    34 4266167 [main] ue 460 fhandler_base::open:  
(\??\C:\cygwin\usr\src\ue314\bin\u, 0x108000)
    70 4266237 [main] ue 460 fhandler_base::set_flags: flags 0x108000,  
supplied_bin 0x10000
    34 4266271 [main] ue 460 fhandler_base::set_flags: filemode set to  
binary
    33 4266304 [main] ue 460 fhandler_base::open: 0x0 = NtCreateFile  
(0x170, 0x80100000, \??\C:\cygwin\usr\src\ue314\bin\u, io, NULL, 0x0, 0x7,  
0x1, 0x4020, NULL, 0)
    35 4266339 [main] ue 460 fhandler_base::open: 1 =  
fhandler_base::open(\??\C:\cygwin\usr\src\ue314\bin\u, 0x108000)
    41 4266380 [main] ue 460 fhandler_base::open_fs: 1 =  
fhandler_disk_file::open(\??\C:\cygwin\usr\src\ue314\bin\u, 0x8000)
    34 4266414 [main] ue 460 open: 3 = open(u, 0x8000)
   186 4266600 [main] ue 460 _cygwin_istext_for_stdio: fd 3: opened as  
binary
   232 4266832 [main] ue 460 close: close(3)
    32 4266864 [main] ue 460 fhandler_base::close: closing  
'/usr/src/ue314/bin/u' handle 0x170
    49 4266913 [main] ue 460 close: 0 = close(3)
   460 4267373 [main] 20 460 open: open(u, 0x0)

This loops some 100 times, then:

   460 4267373 [main] 20 460 open: open(u, 0x0)
    32 4267405 [main] 20 460 normalize_posix_path: src u
    32 4267437 [main] 20 460 cwdstuff::get: posix /usr/src/ue314/bin
    33 4267470 [main] 20 460 cwdstuff::get: (/usr/src/ue314/bin) =  
cwdstuff::get (0x80000008, 32768, 1, 0), errno 2
    33 4267503 [main] 20 460 normalize_posix_path: /usr/src/ue314/bin/u =  
normalize_posix_path (u)
    32 4267535 [main] 20 460 mount_info::conv_to_win32_path:  
conv_to_win32_path (/usr/src/ue314/bin/u)
    34 4267569 [main] 20 460 set_flags: flags: binary (0x2)
    32 4267601 [main] 20 460 mount_info::conv_to_win32_path: src_path  
/usr/src/ue314/bin/u, dst C:\cygwin\usr\src\ue314\bin\u, flags 0x3000A, rc  
0
    59 4267660 [main] 20 460 symlink_info::check: 0x0 = NtCreateFile  
(\??\C:\cygwin\usr\src\ue314\bin\u)
    50 4267710 [main] 20 460 symlink_info::check: not a symlink
    47 4267757 [main] 20 460 symlink_info::check: 0 =  
symlink.check(C:\cygwin\usr\src\ue314\bin\u, 0x29B598) (0x3000A)
    35 4267792 [main] 20 460 path_conv::check:  
this->path(C:\cygwin\usr\src\ue314\bin\u), has_acls(1)
    36 4267828 [main] 20 460 build_fh_pc: fh 0x61302754, dev 000000C3
    33 4267861 [main] 20 460 fhandler_base::open:  
(\??\C:\cygwin\usr\src\ue314\bin\u, 0x108000)
    72 4267933 [main] 20 460 fhandler_base::set_flags: flags 0x108000,  
supplied_bin 0x10000
    34 4267967 [main] 20 460 fhandler_base::set_flags: filemode set to  
binary
    33 4268000 [main] 20 460 fhandler_base::open: 0x0 = NtCreateFile  
(0x16C, 0x80100000, \??\C:\cygwin\usr\src\ue314\bin\u, io, NULL, 0x0, 0x7,  
0x1, 0x4020, NULL, 0)
    34 4268034 [main] 20 460 fhandler_base::open: 1 =  
fhandler_base::open(\??\C:\cygwin\usr\src\ue314\bin\u, 0x108000)
    42 4268076 [main] 20 460 fhandler_base::open_fs: 1 =  
fhandler_disk_file::open(\??\C:\cygwin\usr\src\ue314\bin\u, 0x8000)
    34 4268110 [main] 20 460 open: 3 = open(u, 0x8000)
   186 4268296 [main] 20 460 _cygwin_istext_for_stdio: fd 3: opened as  
binary
   231 4268527 [main] 20 460 close: close(3)
    33 4268560 [main] 20 460 fhandler_base::close: closing  
'/usr/src/ue314/bin/u' handle 0x16C
    49 4268609 [main] 20 460 close: 0 = close(3)
   476 4269085 [main] 2046121 460 open: open(u, 0x0)

Note the process-name gets overwritten by a number of increasing length,  
the last being 254 bytes long before the process exits.

Don't know if that's of any use. It crashed not only on cygwin.

BTW: Is there a documentation about the columns of the strace-output  
somewhere?

-Helmut

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -