X-Recipient: archive-cygwin@delorie.com
X-Spam-Check-By: sourceware.org
Date: Fri, 1 Jul 2011 11:43:39 +0200
From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin@cygwin.com
Subject: Re: Vim segv'ing
Message-ID: <20110701094339.GO9552@calimero.vinschen.de>
Reply-To: cygwin@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
References: <20110630072012.GB9552@calimero.vinschen.de> <2BF01EB27B56CC478AD6E5A0A28931F202CFAFF7@A1DAL1SWPES19MB.ams.acs-inc.net> <20110630142353.GH9552@calimero.vinschen.de> <20110630150502.GJ9552@calimero.vinschen.de> <20110701083603.GM9552@calimero.vinschen.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20110701083603.GM9552@calimero.vinschen.de>
User-Agent: Mutt/1.5.21 (2010-09-15)
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie.com@cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com

On Jul  1 10:36, Corinna Vinschen wrote:
> FYI, I tracked it down to the place where the stack overwrite occurs.
> This is most puzzeling.  When typing :wq!, the following chain of functions
> is called:
> 
>   nv_colon
>    do_cmdline
>     ex_exit
>      do_write
>       open                           <- Here it calls into the Cygwin DLL
>        fhandler_base::open_with_arch
>         fhandler_base::open_fs
>          fhandler_base::open
>           NtCreateFile               <--Here it calls into NTDLL.DLL
>               
> The open call tries to open the backup file "/etc/hosts~", not the
> symlink itself.
> 
> In the optimized version of vim, the local variable "cap" in the
> function nv_colon is kept in register $esi.  When do_cmdline is called,
> $esi is pushed onto the stack.  Then everything goes its normal ways,
> until NtCreateFile is called.
> 
> And here's the puzzler: This call to NtCreateFile overwrites the 4 byte
> stack slot in which the "cap" pointer is saved with the value 0x10c!
> [...]
> Oh, and here's a last-minute surprise:  It does not happen if you run
> gvim, rather than vim.  Maybe I should just give up to provide packages.

And it also does not happen if I build Cygwin with gcc 4.5.1 rather than
with gcc 4.3.4.  Is it possible that a compiler bug is playing a role
here?  I can't quite believe it, the effect is too specific.


Corinna


P.S.: Yaakov, is there any chance to get a 4.5.3 x86_64 cross compiler
package?  Yum always tries to replace my x86_64 4.5.1 package with the
4.5.3 package for i686, but that doesn't work due to missing
dependencies...

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple