This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: TP_NUM_C_BUFS too small


Am 02.11.2015, 12:15 Uhr, schrieb Corinna Vinschen:

Glad it's fixed! For the record, could you say what sort of bug would cause
a fatal internal error like that?
Just curious,

Me too.  Sounds like some kind of recursion.

It all happened after I had replaced all strcpy/strcat by strlcpy like this:

strcpy(t,s) -> pos = strlcpy(t,s,size)
strcat(t,s) -> pos += strlcpy(t+pos,s,size-pos)

At some point the pos-parameter was wrong and the resulting string became something undesired. And that string probably was passed to fopen, maybe pos became very large way beyond the boundaries of the string which is from the stack.

It's hard to reproduce what happened in a simple case, and I was in some hurry then, but I saved the strace-output:

  459 4265672 [main] ue 460 open: open(u, 0x0)
   33 4265705 [main] ue 460 normalize_posix_path: src u
   33 4265738 [main] ue 460 cwdstuff::get: posix /usr/src/ue314/bin
32 4265770 [main] ue 460 cwdstuff::get: (/usr/src/ue314/bin) = cwdstuff::get (0x80000008, 32768, 1, 0), errno 2 33 4265803 [main] ue 460 normalize_posix_path: /usr/src/ue314/bin/u = normalize_posix_path (u) 33 4265836 [main] ue 460 mount_info::conv_to_win32_path: conv_to_win32_path (/usr/src/ue314/bin/u)
   33 4265869 [main] ue 460 set_flags: flags: binary (0x2)
33 4265902 [main] ue 460 mount_info::conv_to_win32_path: src_path /usr/src/ue314/bin/u, dst C:\cygwin\usr\src\ue314\bin\u, flags 0x3000A, rc 0 63 4265965 [main] ue 460 symlink_info::check: 0x0 = NtCreateFile (\??\C:\cygwin\usr\src\ue314\bin\u)
   49 4266014 [main] ue 460 symlink_info::check: not a symlink
47 4266061 [main] ue 460 symlink_info::check: 0 = symlink.check(C:\cygwin\usr\src\ue314\bin\u, 0x29B598) (0x3000A) 35 4266096 [main] ue 460 path_conv::check: this->path(C:\cygwin\usr\src\ue314\bin\u), has_acls(1)
   37 4266133 [main] ue 460 build_fh_pc: fh 0x61302754, dev 000000C3
34 4266167 [main] ue 460 fhandler_base::open: (\??\C:\cygwin\usr\src\ue314\bin\u, 0x108000) 70 4266237 [main] ue 460 fhandler_base::set_flags: flags 0x108000, supplied_bin 0x10000 34 4266271 [main] ue 460 fhandler_base::set_flags: filemode set to binary 33 4266304 [main] ue 460 fhandler_base::open: 0x0 = NtCreateFile (0x170, 0x80100000, \??\C:\cygwin\usr\src\ue314\bin\u, io, NULL, 0x0, 0x7, 0x1, 0x4020, NULL, 0) 35 4266339 [main] ue 460 fhandler_base::open: 1 = fhandler_base::open(\??\C:\cygwin\usr\src\ue314\bin\u, 0x108000) 41 4266380 [main] ue 460 fhandler_base::open_fs: 1 = fhandler_disk_file::open(\??\C:\cygwin\usr\src\ue314\bin\u, 0x8000)
   34 4266414 [main] ue 460 open: 3 = open(u, 0x8000)
186 4266600 [main] ue 460 _cygwin_istext_for_stdio: fd 3: opened as binary
  232 4266832 [main] ue 460 close: close(3)
32 4266864 [main] ue 460 fhandler_base::close: closing '/usr/src/ue314/bin/u' handle 0x170
   49 4266913 [main] ue 460 close: 0 = close(3)
  460 4267373 [main] 20 460 open: open(u, 0x0)

This loops some 100 times, then:

  460 4267373 [main] 20 460 open: open(u, 0x0)
   32 4267405 [main] 20 460 normalize_posix_path: src u
   32 4267437 [main] 20 460 cwdstuff::get: posix /usr/src/ue314/bin
33 4267470 [main] 20 460 cwdstuff::get: (/usr/src/ue314/bin) = cwdstuff::get (0x80000008, 32768, 1, 0), errno 2 33 4267503 [main] 20 460 normalize_posix_path: /usr/src/ue314/bin/u = normalize_posix_path (u) 32 4267535 [main] 20 460 mount_info::conv_to_win32_path: conv_to_win32_path (/usr/src/ue314/bin/u)
   34 4267569 [main] 20 460 set_flags: flags: binary (0x2)
32 4267601 [main] 20 460 mount_info::conv_to_win32_path: src_path /usr/src/ue314/bin/u, dst C:\cygwin\usr\src\ue314\bin\u, flags 0x3000A, rc 0 59 4267660 [main] 20 460 symlink_info::check: 0x0 = NtCreateFile (\??\C:\cygwin\usr\src\ue314\bin\u)
   50 4267710 [main] 20 460 symlink_info::check: not a symlink
47 4267757 [main] 20 460 symlink_info::check: 0 = symlink.check(C:\cygwin\usr\src\ue314\bin\u, 0x29B598) (0x3000A) 35 4267792 [main] 20 460 path_conv::check: this->path(C:\cygwin\usr\src\ue314\bin\u), has_acls(1)
   36 4267828 [main] 20 460 build_fh_pc: fh 0x61302754, dev 000000C3
33 4267861 [main] 20 460 fhandler_base::open: (\??\C:\cygwin\usr\src\ue314\bin\u, 0x108000) 72 4267933 [main] 20 460 fhandler_base::set_flags: flags 0x108000, supplied_bin 0x10000 34 4267967 [main] 20 460 fhandler_base::set_flags: filemode set to binary 33 4268000 [main] 20 460 fhandler_base::open: 0x0 = NtCreateFile (0x16C, 0x80100000, \??\C:\cygwin\usr\src\ue314\bin\u, io, NULL, 0x0, 0x7, 0x1, 0x4020, NULL, 0) 34 4268034 [main] 20 460 fhandler_base::open: 1 = fhandler_base::open(\??\C:\cygwin\usr\src\ue314\bin\u, 0x108000) 42 4268076 [main] 20 460 fhandler_base::open_fs: 1 = fhandler_disk_file::open(\??\C:\cygwin\usr\src\ue314\bin\u, 0x8000)
   34 4268110 [main] 20 460 open: 3 = open(u, 0x8000)
186 4268296 [main] 20 460 _cygwin_istext_for_stdio: fd 3: opened as binary
  231 4268527 [main] 20 460 close: close(3)
33 4268560 [main] 20 460 fhandler_base::close: closing '/usr/src/ue314/bin/u' handle 0x16C
   49 4268609 [main] 20 460 close: 0 = close(3)
  476 4269085 [main] 2046121 460 open: open(u, 0x0)

Note the process-name gets overwritten by a number of increasing length, the last being 254 bytes long before the process exits.

Don't know if that's of any use. It crashed not only on cygwin.

BTW: Is there a documentation about the columns of the strace-output somewhere?

-Helmut

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]