strace (from git) segfaults

strace (from git) segfaults

[Daniel Santos]

This is a silly one because I ran gdb --args strace ls and it doesn't 
crash.  Then I ran 'gdb --args strace strace ls' and it crashed in gdb 
ONCE!  However, I don't usually work on Cygwin/Windows so I think gdb 
loaded up the wrong debug info and/or source files.  I built 
cygwin-newlib from git (with -O2 -g3) and did make install, so I didn't 
strip them.  Anyway, this is the measly backtrace I got and I wish I 
hadn't restarted the debug session because I haven't been able to get it 
to happen in the debugger since:

#0  0x0000000076f4c3bc in KERNEL32!GetVolumePathNamesForVolumeNameW () 
from /c/Windows/system32/kernel32.dll
#1  0x00000001800c8b54 in dos_drive_mappings::dos_drive_mappings() () 
from /usr/bin/cygwin1.dll
#2  0x000000018005fc25 in cygwin_internal () from /usr/bin/cygwin1.dll
#3  0x0000000000402b7b in main2 (argc=argc@entry=3, argv=0x0, 
argv@entry=0x5a2010) at ../../../../../winsup/utils/strace.cc:1175
#4  0x00000000004074ea in main (argc=3, argv=0x5a2010) at 
../../../../../winsup/utils/strace.cc:1195

Also, I even overwrote the cygwin1.dll with another build, I don't even 
have that *blushes*

Daniel

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

strace (from git) segfaults

[Daniel Santos]

This is a silly one because I ran gdb --args strace ls and it doesn't 
crash.  Then I ran 'gdb --args strace strace ls' and it crashed in gdb 
ONCE!  However, I don't usually work on Cygwin/Windows so I think gdb 
loaded up the wrong debug info and/or source files.  I built 
cygwin-newlib from git (with -O2 -g3) and did make install, so I didn't 
strip them.  Anyway, this is the measly backtrace I got and I wish I 
hadn't restarted the debug session because I haven't been able to get it 
to happen in the debugger since:

#0  0x0000000076f4c3bc in KERNEL32!GetVolumePathNamesForVolumeNameW () 
from /c/Windows/system32/kernel32.dll
#1  0x00000001800c8b54 in dos_drive_mappings::dos_drive_mappings() () 
from /usr/bin/cygwin1.dll
#2  0x000000018005fc25 in cygwin_internal () from /usr/bin/cygwin1.dll
#3  0x0000000000402b7b in main2 (argc=argc@entry=3, argv=0x0, 
argv@entry=0x5a2010) at ../../../../../winsup/utils/strace.cc:1175
#4  0x00000000004074ea in main (argc=3, argv=0x5a2010) at 
../../../../../winsup/utils/strace.cc:1195

Also, I even overwrote the cygwin1.dll with another build, I don't even 
have that *blushes*

Daniel

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: strace (from git) segfaults

[Daniel Santos]

I got the crash again (when trying to do something else of course). So 
here is the complete backtrace:

Program received signal SIGSEGV, Segmentation fault.
0x00000000771fc3bc in KERNEL32!GetVolumePathNamesForVolumeNameW () from 
/c/Windows/system32/kernel32.dll
(gdb) bt
#0  0x00000000771fc3bc in KERNEL32!GetVolumePathNamesForVolumeNameW () 
from /c/Windows/system32/kernel32.dll
#1  0x00000001800c92a4 in dos_drive_mappings::dos_drive_mappings 
(this=0x600000010) at 
/d/src/cygwin-newlib/build/../winsup/cygwin/mount.cc:1947
#2  0x000000018005fdf5 in cygwin_internal (t=<optimized out>) at 
/d/src/cygwin-newlib/build/../winsup/cygwin/external.cc:535
#3  0x0000000000402b6b in main2 (argc=argc@entry=8, argv=0x0, 
argv@entry=0x802220) at 
/d/src/cygwin-newlib/build/../winsup/utils/strace.cc:1175
#4  0x00000000004074da in main (argc=8, argv=0x802220) at 
/d/src/cygwin-newlib/build/../winsup/utils/strace.cc:1195


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

strace crash (TLS data not initializing?)

[Daniel Santos]

Is anybody else getting this problem?  I'm using Windows 7 pro that's 
fully updated.  At least I'm getting the crash consistently now, even 
when debugging. I didn't have cygwin1.dll built with -O3, so I had to 
experiment to find the thread local storage.  If I've done in correctly, 
then it looks like this data is not initialized.  This is right after a 
mov %gs:0x30,%rax

(gdb) p ((_cygtls *)(((TEB*)$rax)->Tib.StackBase - 
CYGTLS_PADSIZE))->locals.pathbufs
$61 = {{{c_cnt = 2282544, w_cnt = 0}, _counters = 2282544}, c_buf = 
{0x76cea36e <ntdll!LdrInitializeThunk+14> 
"\262\001H\213\313\350\350\035\002",
     0x76cca228 <ntdll!RtlAdjustPrivilege+408> 
"L\213\330H\205\300\017\204", <incomplete sequence \362\007>, 0x0, 
0x22d430 "", 0x22d3e8 "\354'\001", 0x76cc0000 "MZ\220",
(etc.)

If there are really 2,282,544 single-char path buffers, then that would 
overflow the char *c_buf[50] buffer. Further, the first buffer exists in 
an executable section of ntdll.  So I would say that this looks 
uninitialized.

Anyway, below is the backtrace.  When I call tp.get_w() from the gdb 
prompt, it gives me more bad pointers.

(gdb) run
Starting program: /usr/bin/strace ls
[New Thread 2444.0x990]

Program received signal SIGSEGV, Segmentation fault.
0x0000000076bfc6c3 in KERNEL32!GetVolumePathNamesForVolumeNameW () from 
/c/Windows/system32/kernel32.dll
(gdb) bt full
#0  0x0000000076bfc6c3 in KERNEL32!GetVolumePathNamesForVolumeNameW () 
from /c/Windows/system32/kernel32.dll
No symbol table info available.
#1  0x00000001800c9764 in dos_drive_mappings::dos_drive_mappings 
(this=0x600000010) at 
/usr/src/debug/cygwin-2.8.0-1/winsup/cygwin/mount.cc:1948
         len = 0
         tp = {c_buf_old = 2282544, w_buf_old = 0}
         vol = 
L"\\\\?\\Volume{317caba3-0b62-11e7-afc1-806e6f6e6963}\\\000\006\000ꏢ耋\001\000\000\000\000\000\000\000\000"
         mounts = 0x53002b002b0033 <error: Cannot access memory at 
address 0x53002b002b0033>
         devpath = 0x1f800010000f <error: Cannot access memory at 
address 0x1f800010000f>
         sh = 0x1d490d0
         __PRETTY_FUNCTION__ = "dos_drive_mappings::dos_drive_mappings()"
#2  0x000000018005fde5 in cygwin_internal (t=<optimized out>) at 
/usr/src/debug/cygwin-2.8.0-1/winsup/cygwin/external.cc:535
         ddm = <optimized out>
         arg = 0x22fc88 ""
         res = 18446744073709551615
         __PRETTY_FUNCTION__ = "uintptr_t 
cygwin_internal(cygwin_getinfo_types, ...)"
#3  0x0000000000402b43 in main2 (argc=<optimized out>, argc@entry=2, 
argv=argv@entry=0x1f71f20) at 
/usr/src/debug/cygwin-2.8.0-1/winsup/utils/strace.cc:1175
         mask = 1
         ofile = 0x0
         pid = 32978536
         opt = <optimized out>
         toggle = 0
         sawquiet = -25362252
         ret = 0
#4  0x000000000040c37a in main (argc=2, argv=0x1f71f20) at 
/usr/src/debug/cygwin-2.8.0-1/winsup/utils/strace.cc:1195
No locals.

Daniel

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

strace crash (TLS data not initializing?)

[Daniel Santos]

Is anybody else getting this problem?  I'm using Windows 7 pro that's 
fully updated.  At least I'm getting the crash consistently now, even 
when debugging. I didn't have cygwin1.dll built with -O3, so I had to 
experiment to find the thread local storage.  If I've done in correctly, 
then it looks like this data is not initialized.  This is right after a 
mov %gs:0x30,%rax

(gdb) p ((_cygtls *)(((TEB*)$rax)->Tib.StackBase - 
CYGTLS_PADSIZE))->locals.pathbufs
$61 = {{{c_cnt = 2282544, w_cnt = 0}, _counters = 2282544}, c_buf = 
{0x76cea36e <ntdll!LdrInitializeThunk+14> 
"\262\001H\213\313\350\350\035\002",
     0x76cca228 <ntdll!RtlAdjustPrivilege+408> 
"L\213\330H\205\300\017\204", <incomplete sequence \362\007>, 0x0, 
0x22d430 "", 0x22d3e8 "\354'\001", 0x76cc0000 "MZ\220",
(etc.)

If there are really 2,282,544 single-char path buffers, then that would 
overflow the char *c_buf[50] buffer. Further, the first buffer exists in 
an executable section of ntdll.  So I would say that this looks 
uninitialized.

Anyway, below is the backtrace.  When I call tp.get_w() from the gdb 
prompt, it gives me more bad pointers.

(gdb) run
Starting program: /usr/bin/strace ls
[New Thread 2444.0x990]

Program received signal SIGSEGV, Segmentation fault.
0x0000000076bfc6c3 in KERNEL32!GetVolumePathNamesForVolumeNameW () from 
/c/Windows/system32/kernel32.dll
(gdb) bt full
#0  0x0000000076bfc6c3 in KERNEL32!GetVolumePathNamesForVolumeNameW () 
from /c/Windows/system32/kernel32.dll
No symbol table info available.
#1  0x00000001800c9764 in dos_drive_mappings::dos_drive_mappings 
(this=0x600000010) at 
/usr/src/debug/cygwin-2.8.0-1/winsup/cygwin/mount.cc:1948
         len = 0
         tp = {c_buf_old = 2282544, w_buf_old = 0}
         vol = 
L"\\\\?\\Volume{317caba3-0b62-11e7-afc1-806e6f6e6963}\\\000\006\000ꏢ耋\001\000\000\000\000\000\000\000\000"
         mounts = 0x53002b002b0033 <error: Cannot access memory at 
address 0x53002b002b0033>
         devpath = 0x1f800010000f <error: Cannot access memory at 
address 0x1f800010000f>
         sh = 0x1d490d0
         __PRETTY_FUNCTION__ = "dos_drive_mappings::dos_drive_mappings()"
#2  0x000000018005fde5 in cygwin_internal (t=<optimized out>) at 
/usr/src/debug/cygwin-2.8.0-1/winsup/cygwin/external.cc:535
         ddm = <optimized out>
         arg = 0x22fc88 ""
         res = 18446744073709551615
         __PRETTY_FUNCTION__ = "uintptr_t 
cygwin_internal(cygwin_getinfo_types, ...)"
#3  0x0000000000402b43 in main2 (argc=<optimized out>, argc@entry=2, 
argv=argv@entry=0x1f71f20) at 
/usr/src/debug/cygwin-2.8.0-1/winsup/utils/strace.cc:1175
         mask = 1
         ofile = 0x0
         pid = 32978536
         opt = <optimized out>
         toggle = 0
         sawquiet = -25362252
         ret = 0
#4  0x000000000040c37a in main (argc=2, argv=0x1f71f20) at 
/usr/src/debug/cygwin-2.8.0-1/winsup/utils/strace.cc:1195
No locals.

Daniel

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: strace crash (TLS data not initializing?)

[Daniel Santos]

> I didn't have cygwin1.dll built with -O3, 

oops, I meant -g3 :)

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: strace crash (TLS data not initializing?)

[Daniel Santos]

> I didn't have cygwin1.dll built with -O3, 

oops, I meant -g3 :)

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: strace crash (TLS data not initializing?)

[Daniel Santos]

On 04/14/2017 10:49 PM, Dan Kegel wrote:
> On Fri, Apr 14, 2017 at 8:41 PM, Daniel Santos <daniel.santos@pobox.com> wrote:
>> oops, I meant -g3 :)
> That was suboptimal of you
>
> /me ducks

lol!
/me swings

> /me ducks

/me misses, damn!

> strace ls doesn't die for me with plain old cygwin installed a while ago.
> Is this only with fresh cygwin?

Well, I installed this only about 2 months ago to do gcc testing -- what 
a fun ride that was!  While waiting for the last three P1 gcc bugs to 
get solved (so they can release gcc7 and open up gcc8 stage1) I decided 
to troubleshoot expect ... except that I didn't expect to have to fix 
this strace thing.... DAMN, I really need to work on being brief and 
succinct!

So yes, fairly a new install.  Also, it's in a qemu/kvm vm, not that 
that should matter (with virtio sata driver).  So maybe I should try to 
debug where ever that TLS data is supposed to get initialized. Also, 
this is one of those things that didn't happen much when I was actually 
debugging strace, but at least it is now.  This is on 64-bit Cygwin.  I 
just tried on 32-bit a few times and it's working.

On the bright side, better understanding Cygwin's internals will help me 
be a better Wine programmer.

Daniel

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: strace crash (TLS data not initializing?)

[Daniel Santos]

Well here's the problem, gcc got too smart and optimized out the stack 
buffer.

int
main (int argc, char **argv)
{
   4074c0:       56                      push   %rsi
   4074c1:       53                      push   %rbx
   4074c2:       48 83 ec 28             sub    $0x28,%rsp
   4074c6:       89 cb                   mov    %ecx,%ebx
   4074c8:       48 89 d6                mov    %rdx,%rsi
   4074cb:       e8 e0 d9 ff ff          callq  404eb0 <__main>
      reliably.  This problem has been noticed under AllocationPreference
      registry setting to 0x100000 (TOP_DOWN). */
   char buf[CYGTLS_PADSIZE];

   memset (buf, 0, sizeof (buf));
   exit (main2 (argc, argv));
   4074d0:       89 d9                   mov    %ebx,%ecx
   4074d2:       48 89 f2                mov    %rsi,%rdx
   4074d5:       e8 56 b0 ff ff          callq  402530 <_Z5main2iPPc>
   4074da:       89 c1                   mov    %eax,%ecx
   4074dc:       e8 57 fd ff ff          callq  407238 <exit>




--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: strace (from git) segfaults

[Marco Atzeri]

On 21/03/2017 21:08, Daniel Santos wrote:
> This is a silly one because I ran gdb --args strace ls and it doesn't
> crash.  Then I ran 'gdb --args strace strace ls' and it crashed in gdb
> ONCE!  However, I don't usually work on Cygwin/Windows so I think gdb
> loaded up the wrong debug info and/or source files.  I built
> cygwin-newlib from git (with -O2 -g3) and did make install, so I didn't
> strip them.  Anyway, this is the measly backtrace I got and I wish I
> hadn't restarted the debug session because I haven't been able to get it
> to happen in the debugger since:

May be a BLODA effect ?

On my W7 64bit strace segfaults when Symantec is working
but not in SafeMode when it is disabled.

Regards
Marco




--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple