This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: Vim segv'ing
- From: Andy Koppe <andy dot koppe at gmail dot com>
- To: cygwin at cygwin dot com
- Date: Fri, 1 Jul 2011 11:21:08 +0100
- Subject: Re: Vim segv'ing
- References: <20110630072012.GB9552@calimero.vinschen.de> <2BF01EB27B56CC478AD6E5A0A28931F202CFAFF7@A1DAL1SWPES19MB.ams.acs-inc.net> <20110630142353.GH9552@calimero.vinschen.de> <20110630150502.GJ9552@calimero.vinschen.de> <20110701083603.GM9552@calimero.vinschen.de> <20110701094339.GO9552@calimero.vinschen.de>
On 1 July 2011 10:43, Corinna Vinschen wrote:
> On Jul Â1 10:36, Corinna Vinschen wrote:
>> FYI, I tracked it down to the place where the stack overwrite occurs.
>> This is most puzzeling. ÂWhen typing :wq!, the following chain of functions
>> is called:
>>
>> Â nv_colon
>> Â Âdo_cmdline
>> Â Â ex_exit
>> Â Â Âdo_write
>>    open              <- Here it calls into the Cygwin DLL
>> Â Â Â Âfhandler_base::open_with_arch
>> Â Â Â Â fhandler_base::open_fs
>> Â Â Â Â Âfhandler_base::open
>>      NtCreateFile        <--Here it calls into NTDLL.DLL
>>
>> The open call tries to open the backup file "/etc/hosts~", not the
>> symlink itself.
>>
>> In the optimized version of vim, the local variable "cap" in the
>> function nv_colon is kept in register $esi. ÂWhen do_cmdline is called,
>> $esi is pushed onto the stack. ÂThen everything goes its normal ways,
>> until NtCreateFile is called.
>>
>> And here's the puzzler: This call to NtCreateFile overwrites the 4 byte
>> stack slot in which the "cap" pointer is saved with the value 0x10c!
What else has access to that? The signal thread?
>> [...]
>> Oh, and here's a last-minute surprise: ÂIt does not happen if you run
>> gvim, rather than vim. ÂMaybe I should just give up to provide packages.
>
> And it also does not happen if I build Cygwin with gcc 4.5.1 rather than
> with gcc 4.3.4. ÂIs it possible that a compiler bug is playing a role
> here? ÂI can't quite believe it, the effect is too specific.
This sounds similar to some unexplained mintty crashes that Chris
Sutcliffe and I have seen with gcc 4.3.4, triggered by setup.exe
running postinstall scripts or vim accessing /etc/fstab. Unfortunately
we never managed to pin down the actual cause, inspite of a fair bit
of debugging and staring at the compiler's assembly output. The
crashes went away with changes that should have made no difference.
See here:
http://code.google.com/p/mintty/source/detail?r=928
http://code.google.com/p/mintty/source/detail?r=894
http://groups.google.com/group/mintty-discuss/browse_thread/thread/7f1afcb74c61fe99
Andy
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple