On 1 July 2011 10:43, Corinna Vinschen wrote: > On Jul 1 10:36, Corinna Vinschen wrote: >> FYI, I tracked it down to the place where the stack overwrite occurs. >> This is most puzzeling. When typing :wq!, the following chain of functions >> is called: >> >> nv_colon >> do_cmdline >> ex_exit >> do_write >> open <- Here it calls into the Cygwin DLL >> fhandler_base::open_with_arch >> fhandler_base::open_fs >> fhandler_base::open >> NtCreateFile <--Here it calls into NTDLL.DLL >> >> The open call tries to open the backup file "/etc/hosts~", not the >> symlink itself. >> >> In the optimized version of vim, the local variable "cap" in the >> function nv_colon is kept in register $esi. When do_cmdline is called, >> $esi is pushed onto the stack. Then everything goes its normal ways, >> until NtCreateFile is called. >> >> And here's the puzzler: This call to NtCreateFile overwrites the 4 byte >> stack slot in which the "cap" pointer is saved with the value 0x10c!
What else has access to that? The signal thread? >> [...] >> Oh, and here's a last-minute surprise: It does not happen if you run >> gvim, rather than vim. Maybe I should just give up to provide packages. > > And it also does not happen if I build Cygwin with gcc 4.5.1 rather than > with gcc 4.3.4. Is it possible that a compiler bug is playing a role > here? I can't quite believe it, the effect is too specific. This sounds similar to some unexplained mintty crashes that Chris Sutcliffe and I have seen with gcc 4.3.4, triggered by setup.exe running postinstall scripts or vim accessing /etc/fstab. Unfortunately we never managed to pin down the actual cause, inspite of a fair bit of debugging and staring at the compiler's assembly output. The crashes went away with changes that should have made no difference. See here: http://code.google.com/p/mintty/source/detail?r=928 http://code.google.com/p/mintty/source/detail?r=894 http://groups.google.com/group/mintty-discuss/browse_thread/thread/7f1afcb74c61fe99 Andy -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
