X-Recipient: archive-cygwin AT delorie DOT com X-Spam-Check-By: sourceware.org Date: Sun, 13 Feb 2011 17:24:49 +0100 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: Preremove/postinstall scripts fail with snapshot installed Message-ID: <20110213162449.GA20855@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: <4D55A88E DOT 3090301 AT cornell DOT edu> <20110212142555 DOT GB5682 AT calimero DOT vinschen DOT de> <4D56A002 DOT 2090707 AT cornell DOT edu> <4D56A7D5 DOT 6010104 AT cornell DOT edu> <20110212164415 DOT GB3264 AT calimero DOT vinschen DOT de> <20110212181224 DOT GC3264 AT calimero DOT vinschen DOT de> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20110212181224.GC3264@calimero.vinschen.de> User-Agent: Mutt/1.5.21 (2010-09-15) Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com On Feb 12 19:12, Corinna Vinschen wrote: > On Feb 12 17:44, Corinna Vinschen wrote: > > On Feb 12 10:31, Ken Brown wrote: > > > I just did a system restore to undo the last round of Windows > > > updates, and the problem went away. I'm not sure where to go from > > > here. > > > > You're right, I can reproduce it on W7 32 and 64 bit. > > [...] > > By installing the security updates again, one by one, I figure out > > that it is the security update connected to KB 2393802 which triggers > > the problem. > > [...] > > Just FYI, I have a working workaround. It's not exactly how I would > like to handle this stuff, but at least we know there *is* a solution > which still maintains the desired ability to delete an in-use directory. Ok, I think I have a solution now. A few hours of debugging turned up that the KB 2393802 patch introduces a change to the layout of the (undocumented) structure in which Windows stores the CWD starting with Vista. That's the structure we called FAST_CWD in Cygwin. The new layout is sufficiently different that Cygwin scrambled the contents of the structure from the Win32 perspective. Above all, the new structure layout is 4 bytes bigger, because RtlSetCurrentDirectory_U now also stores some filesystem flags which RtlGetCurrentDirectory_U uses to find out if the CWD is on a removable device, and if that device is still available. If Cygwin scrambled the content effectivly enough, Win32 calls like CreateProcess could become so confused that they potentially crash with a SEGV. I just checked in a patch to Cygwin which uses the new structure layout on systems which already have the KB 2393802 patch installed and the old structure layout otherwise. I also uploaded a new Cygwin snapshot to http://cygwin.com/snapshots/ Please give the today's snapsot a try. I tested it on Windows 2008 32 bit as well as on W7 32 and 64 bit, with and without KB 2393802 installed. "It works for me."(TM) I sure hope that Microsoft does not change the structure layout again any time soon... Corinna (*) As a side note, what strikes me as weird is the fact that nothing at all in the information about KB 2393802(**) points to a vulnerability related to the CWD and removable devices. Somehow this change seems to be entirely unrelated to what the MS11-011 security bulletin is about. I also inspected all other security bulletins from this month, but to no avail. (**) http://www.microsoft.com/technet/security/bulletin/MS11-011.mspx -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple