Mail Archives: cygwin/2011/07/01/05:44:45
On Jul 1 10:36, Corinna Vinschen wrote:
> FYI, I tracked it down to the place where the stack overwrite occurs.
> This is most puzzeling. When typing :wq!, the following chain of functions
> is called:
>
> nv_colon
> do_cmdline
> ex_exit
> do_write
> open <- Here it calls into the Cygwin DLL
> fhandler_base::open_with_arch
> fhandler_base::open_fs
> fhandler_base::open
> NtCreateFile <--Here it calls into NTDLL.DLL
>
> The open call tries to open the backup file "/etc/hosts~", not the
> symlink itself.
>
> In the optimized version of vim, the local variable "cap" in the
> function nv_colon is kept in register $esi. When do_cmdline is called,
> $esi is pushed onto the stack. Then everything goes its normal ways,
> until NtCreateFile is called.
>
> And here's the puzzler: This call to NtCreateFile overwrites the 4 byte
> stack slot in which the "cap" pointer is saved with the value 0x10c!
> [...]
> Oh, and here's a last-minute surprise: It does not happen if you run
> gvim, rather than vim. Maybe I should just give up to provide packages.
And it also does not happen if I build Cygwin with gcc 4.5.1 rather than
with gcc 4.3.4. Is it possible that a compiler bug is playing a role
here? I can't quite believe it, the effect is too specific.
Corinna
P.S.: Yaakov, is there any chance to get a 4.5.3 x86_64 cross compiler
package? Yum always tries to replace my x86_64 4.5.1 package with the
4.5.3 package for i686, but that doesn't work due to missing
dependencies...
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
- Raw text -