This is the mail archive of the cygwin mailing list for the Cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Hi Qian, sorry for the late reply, somehow I missed this mail. On Sep 5 04:22, Qian Hong wrote: > Dear list, > > When testing Cygwin/MSYS2 on Wine, I found randomly failure of flock(): > https://bugs.wine-staging.com/show_bug.cgi?id=466#c13 > > I ran MSYS2 with Wine+Valgrind, and found warnings like below when > calling flock(): I'd still be glad to stick to upstream Cygwin, but, oh well. > 7 ==19315== Conditional jump or move depends on uninitialised value(s) > 8 ==19315== at 0x7BC82750: RtlGetOwnerSecurityDescriptor (sec.c:740) > 9 ==19315== by 0x7BC9222A: NTDLL_create_struct_sd (sync.c:96) > 10 ==19315== by 0x7BC92CE4: NtCreateEvent (sync.c:294) > 11 ==19315== by 0x6107B687: ??? > 12 ==19315== by 0x612FC347: ??? > > Then I read Cygwin/MSYS2 source code, and found: > > --- snip --- > extern PSECURITY_DESCRIPTOR _everyone_sd (void *buf, ACCESS_MASK access); > #define everyone_sd(access) (_everyone_sd (alloca (SD_MIN_SIZE), (access))) > --- snip --- > > man alloca says: > The alloca() function allocates size bytes of space in the > stack frame of the caller. This temporary space is automatically > freed when > the function that called alloca() returns to its caller. > > However, Cygwin/MSYS2 seems passed a freed pointer to NtCreateEvent: > https://cygwin.com/git/gitweb.cgi?p=newlib-cygwin.git;a=blob;f=winsup/cygwin/flock.cc;h=2332f5467e37d124acfd12c0f85a30281f10a952;hb=HEAD#l773 > > 638 POBJECT_ATTRIBUTES > 639 lockf_t::create_lock_obj_attr (lockfattr_t *attr, ULONG flags) > 640 { > 641 __small_swprintf (attr->name, LOCK_OBJ_NAME_FMT, > 642 lf_flags & (F_POSIX | F_FLOCK), lf_type, > lf_start, lf_end, > 643 lf_id, lf_wid, lf_ver); > 644 RtlInitCountedUnicodeString (&attr->uname, attr->name, > 645 LOCK_OBJ_NAME_LEN * sizeof (WCHAR)); > 646 InitializeObjectAttributes (&attr->attr, &attr->uname, flags, > lf_inode->i_dir, > 647 everyone_sd (FLOCK_EVENT_ACCESS)); > 648 return &attr->attr; > 649 } > > 772 status = NtCreateEvent (&lf_obj, CYG_EVENT_ACCESS, > 773 create_lock_obj_attr (&attr, OBJ_INHERIT), > 774 NotificationEvent, FALSE); Yuk! You're right. This is certainly a bug. > It seems flock() works very stable on Windows according to my previous > testing, however, I have feeling that as a kernel function, > NtCreateEvent on Windows doesn't have terrible affects to the user > space stack of the process, while Wine implements NtCreateEvent as a > user space function, so the old stack was easier to be destroyed. > > I write a hack as attachment 0001-cygwin-flock-user-static-buffer.txt > and recompile MSYS2, then the bug seems go away. Right, but you can't use a static buffer here. > Could someone confirm whether there is a potential Cygwin bug? If true > I'd love to leave the bug for Cygwin devs to write a fix. Please try the attached patch. Thanks, Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
Attachment:
0001-flock.cc-Fix-stack-allocation-from-callee-used-in-ca.patch
Description: Text document
Attachment:
pgpcbflMfocDK.pgp
Description: PGP signature
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |