DMARC-Filter: OpenDMARC Filter v1.4.2 delorie.com 52NBteuT1873614 Authentication-Results: delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com Authentication-Results: delorie.com; spf=pass smtp.mailfrom=cygwin.com DKIM-Filter: OpenDKIM Filter v2.11.0 delorie.com 52NBteuT1873614 Authentication-Results: delorie.com; dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=dzPbIjOe X-Recipient: archive-cygwin AT delorie DOT com DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 0798B3858280 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; s=default; t=1742730938; bh=c6US/YLhh40LttJU+hGmenciqbNojb1yK1UlGrNdEi8=; h=Subject:To:Date:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:Cc:From; b=dzPbIjOeaiHCzW/OqbwTq+8fwnDu000M+NoSNKkzi8eFIaCtZL76HzD05biT5tEXi NF+XvOLegAzMaZlmr10GzsaQcagfLeqg13Z98uziryjN7tTyiuu+9dkUeJAxfXIhlG rSqQ5JSRqXSNFaAZW7D+Md43dg7PfWqY91+JIB/I= X-Original-To: cygwin AT cygwin DOT com Delivered-To: cygwin AT cygwin DOT com DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 06A133858D21 ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 06A133858D21 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1742730881; cv=none; b=vYXMF8EkJWn/kOXKIieyfRlShs/lN3FJMPgaXtycvPN9UH0s6B0Qrv7NBdZlypqs61oMWofKCRiqBuPMPXRAbN/pRoQrWCLdGoWZiuCvKcajFFaJaRO4pIPIaiegX3iPL18ibrsWlWoLISbaAMd6rw5TH40m6p4kIN78dmbHjg0= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1742730881; c=relaxed/simple; bh=qaTNiJNKmvZTI5OSlveNYIzci7hC2Pg7k/vf4391Z4M=; h=From:Subject:To:Message-ID:Date:MIME-Version; b=Pw1ib+YP7bKb8qfUrHQpb80f3v0pnzaasEPlseDqouyjJ4Ij+Bzidw4LU2cYbceT89iAF7JD0ZB1TGKSnEpJhNZFOv7Irhc+qHGgnSOzvtE5Uqbt06V3LHQIUckUfqXQyn2nbSMbRHajRco0AvqQCpi5DFXEaTn1UHAK3me3eHI= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 06A133858D21 Subject: STATUS_HEAP_CORRUPTION if signal arrives when x86 direction flag is set To: cygwin AT cygwin DOT com Message-ID: <9413f848-7e2b-7044-be11-93045c75dc40@t-online.de> Date: Sun, 23 Mar 2025 12:54:36 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 SeaMonkey/2.53.20 MIME-Version: 1.0 X-TOI-EXPURGATEID: 150726::1742730876-31FEDB7D-FF63476A/0/0 CLEAN NORMAL X-TOI-MSGID: b9e2230d-0f55-4872-8314-e14c8e352e6d X-BeenThere: cygwin AT cygwin DOT com X-Mailman-Version: 2.1.30 List-Id: General Cygwin discussions and problem reports List-Archive: List-Post: List-Help: List-Subscribe: , From: Christian Franke via Cygwin Reply-To: cygwin AT cygwin DOT com Cc: Christian Franke Content-Type: text/plain; charset="utf-8"; Format="flowed" Sender: "Cygwin" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by delorie.com id 52NBteuT1873614 Found because 'stress-ng --memcpy ...' and other tests report segfaults: An exception 0xc0000374 (STATUS_HEAP_CORRUPTION) occurs if a signal arrives during a memmove() which copies backwards due to overlap. The related snippet[s] from winsup/cygwin/x86_64/bcopy.S: std rep movs[qb] cld The testcase below shows that a set DF arrives at the signal handler. This violates the ABI, AFAIK. After return, the process aborts regardless of a "cld" in the signal handler. $ uname -r # also reproducible with 3.5.7-1 3.6.0-1.x86_64 $ cat dflagsig.c #include #include static volatile sig_atomic_t sigcnt; static void sighandler(int sig) { (void)sig; // asm volatile ("cld"); // <== does not prevent crash if (__builtin_ia32_readeflags_u64() & 0x0400) write(1, "[DF=1]\n", 7); else write(1, "[DF=0]\n", 7); ++sigcnt; } int main() { signal(SIGINT, sighandler); int std = 0, cnt; while ((cnt = sigcnt) < 5) { if (cnt == 2 && !std) { asm volatile ("std"); std = 1; } else if (cnt > 2 && std) { asm volatile ("cld"); std = 0; } } return 42; } $ gcc -o dflagsig dflagsig.c $ ./dflagsig # ... and press 3x ^C [DF=0] [DF=0] [DF=1] $ echo $? # Hmm... "silent" crash! 0 $ strace ./dflagsig # ... and run 3x 'kill -INT 1288' from other window ... 48 14882485 [main] dflagsig 1288 set_signal_mask: setmask 2, newmask 0, mask_bits 2 863030 15745515 [sig] dflagsig 1288 sigpacket::process: signal 2 processing ... 55 15746773 [sig] dflagsig 1288 _cygtls::interrupt_setup: armed signal_arrived 0x0, signal 2 70 15746843 [sig] dflagsig 1288 sigpacket::setup_handler: signal 2 delivered --- Process 12736 (pid: 1288), exception c0000374 at 00007ffe342dcba9 ... --- Process 12736 exited with status 0xc0000374 -- Regards, Christian -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple