From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 39321 invoked by alias); 4 Jan 2017 00:36:53 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 39306 invoked by uid 89); 4 Jan 2017 00:36:52 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-5.1 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD,SPF_PASS autolearn=ham version=3.3.2 spammy=pierre, 979, ross, Ross X-HELO: alum-mailsec-scanner-8.mit.edu Received: from alum-mailsec-scanner-8.mit.edu (HELO alum-mailsec-scanner-8.mit.edu) (18.7.68.20) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 04 Jan 2017 00:36:42 +0000 Received: from outgoing-alum.mit.edu (OUTGOING-ALUM.MIT.EDU [18.7.68.33]) by alum-mailsec-scanner-8.mit.edu (Symantec Messaging Gateway) with SMTP id 40.88.19077.8934C685; Tue, 3 Jan 2017 19:36:40 -0500 (EST) Received: from [192.168.1.19] (pool-108-7-8-180.bstnma.east.verizon.net [108.7.8.180]) (authenticated bits=0) (User authenticated as Pierre.Humblet@ALUM.MIT.EDU) by outgoing-alum.mit.edu (8.13.8/8.12.4) with ESMTP id v040aQId031997 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 3 Jan 2017 19:36:39 -0500 Message-ID: <586C438A.1060206@alum.mit.edu> Date: Wed, 04 Jan 2017 00:36:00 -0000 From: "Pierre A. Humblet" User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130911 Thunderbird/17.0.9 MIME-Version: 1.0 To: cygwin@cygwin.com Subject: Re: Exim & cygwin-2.6.0-1 (x86) fatal Signal 6 on start References: <31f6707c-6600-c0a3-daff-c0825dcf4f04@rosshemail.com> In-Reply-To: <31f6707c-6600-c0a3-daff-c0825dcf4f04@rosshemail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-SW-Source: 2017-01/txt/msg00014.txt.bz2 On 9/12/2016 8:26 AM, Ross Hemingway wrote: > Update to cygwin-2.6.0-1. Exim has a fatal start error - exim: PID > 3756: service `exim' failed: signal 6 raised. > > Rolled back to cygwin-2.5.2-1, problem averted. > Sorry for the very long delay in answering. The debugging below was done from a non-privileged account, and the setuid32() should thus fail, but the program should not abort. It aborts in the call to "free (privs)". "privs" are obtained by get_priv_list(). When the target user is SYSTEM, get_priv_list() returns (PTOKEN_PRIVILEGES) &sys_privs; where "sys_privs" is a constant structure that cannot be freed. Pierre Breakpoint 2, setuid32 (uid=18) at /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/syscalls.cc:3426 3426 { (gdb) c Continuing. Breakpoint 3, create_token (usersid=..., new_groups=...) at /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/sec_auth.cc:856 856 { (gdb) b 978 Breakpoint 4 at 0x180107e98: file /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/sec_auth.cc, line 978. (gdb) c Continuing. Breakpoint 4, create_token (usersid=..., new_groups=...) at /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/sec_auth.cc:978 978 if (status) (gdb) n 979 __seterrno_from_nt_status (status); (gdb) n 993 pop_self_privilege (); (gdb) n 994 if (token != INVALID_HANDLE_VALUE) (gdb) n 996 if (privs) (gdb) n 997 free (privs); (gdb) s free (p=0x180247e40 ) at /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/malloc_wrapper.cc:36 36 malloc_printf ("(%p), called by %p", p, caller_return_address ()); (gdb) n 35 { (gdb) n 36 malloc_printf ("(%p), called by %p", p, caller_return_address ()); (gdb) n 37 if (!use_internal) (gdb) n 41 __malloc_lock (); (gdb) n 42 dlfree (p); (gdb) s dlfree (mem=mem@entry=0x180247e40 ) at /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/malloc.cc:4688 4688 if (mem != 0) { (gdb) p mem $8 = (void *) 0x180247e40 (gdb) n 4701 if (RTCHECK(ok_address(fm, p) && ok_inuse(p))) { (gdb) n 4689 mchunkptr p = mem2chunk(mem); (gdb) n 4701 if (RTCHECK(ok_address(fm, p) && ok_inuse(p))) { (gdb) n 4780 USAGE_ERROR_ACTION(fm, p); (gdb) s abort () at /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/signal.cc:364 364 _my_tls.incyg++; (gdb) n 365 sig_dispatch_pending (); (gdb) s 364 _my_tls.incyg++; (gdb) s 365 sig_dispatch_pending (); (gdb) s sig_dispatch_pending (fast=fast@entry=false) at /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/sigproc.cc:438 438 if (sigq.pending () && &_my_tls != _sig_tls) (gdb) s pending_signals::pending (this=0x180212220 , this=0x180212220 ) at /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/sigproc.cc:77 77 bool pending () {retry = true; return !!start.next;} (gdb) s sig_dispatch_pending (fast=fast@entry=false) at /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/sigproc.cc:438 438 if (sigq.pending () && &_my_tls != _sig_tls) (gdb) s 440 } (gdb) s abort () at /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/signal.cc:369 369 sigdelset (&sig_mask, SIGABRT); (gdb) s 368 sigfillset (&sig_mask); (gdb) s sigfillset (set=0xffff9c68) at /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/signal.cc:506 506 *set = ~((sigset_t) 0); (gdb) s abort () at /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/signal.cc:369 369 sigdelset (&sig_mask, SIGABRT); (gdb) s sigdelset (set=0xffff9c68, sig=6) at /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/signal.cc:466 466 { (gdb) s 468 if (sig <= 0 || sig >= NSIG) (gdb) s 466 { (gdb) s 468 if (sig <= 0 || sig >= NSIG) (gdb) s 475 *set &= ~SIGTOMASK (sig); (gdb) s 477 } (gdb) s abort () at /ext/build/mknetrel/src/cygwin-snapshot-20161214-1/winsup/cygwin/signal.cc:370 370 set_signal_mask (_my_tls.sigmask, sig_mask); -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple