DMARC-Filter:	OpenDMARC Filter v1.4.2 delorie.com 562EInkI3847241
Authentication-Results:	delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com
Authentication-Results:	delorie.com; spf=pass smtp.mailfrom=cygwin.com
DKIM-Filter:	OpenDKIM Filter v2.11.0 delorie.com 562EInkI3847241
Authentication-Results:	delorie.com;
	dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=Xx81CxxR
X-Recipient:	archive-cygwin AT delorie DOT com
DKIM-Filter:	OpenDKIM Filter v2.11.0 sourceware.org CA14B3852FD6
DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1751465928;
	bh=zJBhNHSyvH9iZVkvggMwAWknvOQ2gj3uW8FtfIxakmQ=;
	h=Subject:To:References:Date:In-Reply-To:List-Id:List-Unsubscribe:
	List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc:
	From;
	b=Xx81CxxRz17ZL9CCC4iwgQfT8kaSx6gNwUSiqIA2Hc4bd+5OHEoSIP+ulpqTYDp6Y
	fQXjV5D6VNVGWeGWQP0ijom9A58ogarwD3W8SgfDv3eHk8M/ieNHHlDD3s5xzZoMZC
	ZCvYID5+F8PusgqvyFQzLIwE29VnMdW+f7rt2nTk=
X-Original-To:	cygwin AT cygwin DOT com
Delivered-To:	cygwin AT cygwin DOT com
DMARC-Filter:	OpenDMARC Filter v1.4.2 sourceware.org 20E60385DDE3
ARC-Filter:	OpenARC Filter v1.0.0 sourceware.org 20E60385DDE3
ARC-Seal:	i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1751465901; cv=none;
	b=bt+iVtp0WnjlrLMCbzg6YK4HbJQ4f5erAbb8HMLab3t9y4BSAFgTPqEdPNcik20nmh8U1ADJGlWu5PVY2rW2GLgX6yVnuR/zkGtfxILvmQJ+UV54aL9wACNolP2sZZ4uQuQv7VlbhbcF77eqOhJzCQtO93rzZ9Wjq8LLvEtSUCY=
ARC-Message-Signature:	i=1; a=rsa-sha256; d=sourceware.org; s=key;
	t=1751465901; c=relaxed/simple;
	bh=iKPsWDoz22at/BI7xouwP3MzGvM2B71nSNu6gjiykXs=;
	h=Subject:From:To:Message-ID:Date:MIME-Version;
	b=XsPsCghixNyDMKD0yVVOoXIeq95UgiIKDMV1kz3DXxDnHZnjqLn+w0k0oGRrDZNIcs6LzjyivlmUMy2XEC9H0SywLqNJPJ/DwQrZct1aleMgT5rE1Wv5Ko1jq4bcUwY9y5pGOPMQcYlmxXZtwEqTAnBbsiyzhKPiwOUQ0G862n4=
ARC-Authentication-Results:	i=1; server2.sourceware.org
DKIM-Filter:	OpenDKIM Filter v2.11.0 sourceware.org 20E60385DDE3
Subject:	Re: Segfault if /proc/PID/maps is opened in parallel threads [CAUSE:
	RtlQueryProcessDebugInformation]
To:	cygwin AT cygwin DOT com
References:	<2f7ae08b-80c9-4497-f07c-5d527bbb7ec2 AT t-online DOT de>
	<17bba06c-4bdd-01df-8477-235aff98b2cb AT t-online DOT de>
	<9deb7d60-b05d-ad7f-e316-64781687953b AT t-online DOT de>
Message-ID:	<68cbc37b-4825-6e3f-5918-f4fee20d7c05@t-online.de>
Date:	Wed, 2 Jul 2025 16:18:13 +0200
User-Agent:	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101
	SeaMonkey/2.53.20
MIME-Version:	1.0
In-Reply-To:	<9deb7d60-b05d-ad7f-e316-64781687953b@t-online.de>
X-TOI-EXPURGATEID:	150726::1751465896-44F9E5CA-4A0C7446/0/0 CLEAN NORMAL
X-TOI-MSGID:	19be3259-539e-4e67-a05b-ecf77f415459
X-BeenThere:	cygwin AT cygwin DOT com
X-Mailman-Version:	2.1.30
List-Id:	General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe:	<https://cygwin.com/mailman/options/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive:	<https://cygwin.com/pipermail/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe:	<https://cygwin.com/mailman/listinfo/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From:	Christian Franke via Cygwin <cygwin AT cygwin DOT com>
Reply-To:	cygwin AT cygwin DOT com
Cc:	Christian Franke <Christian DOT Franke AT t-online DOT de>
Errors-To:	cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com
Sender:	"Cygwin" <cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com>

This is a multi-part message in MIME format.
--------------87FF849F1191D93AFF3A3638
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit

On Tue, 27 May 2025 17:44:10 +0200 Christian Franke wrote:
> On Sun, 25 May 2025 16:46:49 +0200, Christian Franke wrote:
>> On Sat, 24 May 2025 15:19:10 +0200, Christian Franke wrote:
>>> If /proc/PID/maps is opened in parallel threads, the process PID may 
>>> segfault.
>>>
>>> Testcase:
>>>
>>> ...
>>>
>>> Problem is not reproducible with any of the other /proc/PID/* files.
>>>
>>
>> A closer look shows that the problem is unrelated to thread safety. 
>> The segfault also occurs when the following command is run 
>> simultaneously in two terminals:
>>
>> $ while cat /proc/1234/maps > /dev/null; do printf .; done
>> .............cat: /proc/1234/maps: No such file or directory
>>
>
> The root of the problem is the call of 
> RtlQueryProcessDebugInformation() here:
> https://cygwin.com/git/?p=newlib-cygwin.git;a=blob;f=winsup/cygwin/fhandler/process.cc;h=8fae9be5#l630 
>
>
> If this part is removed, the segfault does no longer occur. Then 
> /proc/PID/maps still work but the "[win heap ...]" information is 
> missing. No patch provided because I don't know whether this could 
> possibly be fixed without removing this functionality.
>
> A test with a separate test program shows that the problem is 
> unrelated to Cygwin: Parallel calls to 
> RtlQueryProcessDebugInformation() with the same PID could be used to 
> crash this process. It also "worked" with Notepad.exe.
>
> Possible Windows (Version 10.0.22631.5039) bug?
>

Testcase (attached):

$ gcc -o querydebug querydebug.c -lntdll

$ sleep 3600 &
[1] 3940

$ ps -p 3940
       PID    PPID    PGID     WINPID   TTY         UID    STIME COMMAND
      3940    1379    3940      18036  pty0      197609 15:52:50 
/usr/bin/sleep

$ while ./querydebug 18036; do printf .; done & \
while ./querydebug 18036; do printf +; done
[2] 3943
.+.+.+.+.+RtlQueryProcessDebugInformation(): NTSTATUS = 0xC0000005
+RtlQueryProcessDebugInformation(): NTSTATUS = 0xC000000B
[1]-  Done                    sleep 3600
[2]+  Done                   while ./querydebug ...


Conclusion: Possible Windows bug in RtlQueryProcessDebugInformation(). 
Cygwin should not use this function to provide "nice to have" types of 
information like "[win heap...]" if this may crash the target process.

-- 
Regards,
Christian


--------------87FF849F1191D93AFF3A3638
Content-Type: text/plain; charset=UTF-8;
 name="querydebug.c"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
 filename="querydebug.c"

I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RkbGliLmg+DQojaW5jbHVkZSA8d2lu
ZG93cy5oPg0KDQovLyBGcm9tIG50ZGxsLmgNCnR5cGVkZWYgc3RydWN0IHsgaW50IGR1bW15
OyB9ICpQREVCVUdfQlVGRkVSOw0KUERFQlVHX0JVRkZFUiBSdGxDcmVhdGVRdWVyeURlYnVn
QnVmZmVyIChVTE9ORywgQk9PTEVBTik7DQpOVFNUQVRVUyBSdGxRdWVyeVByb2Nlc3NEZWJ1
Z0luZm9ybWF0aW9uIChVTE9ORywgVUxPTkcsIFBERUJVR19CVUZGRVIpOw0KTlRTVEFUVVMg
UnRsRGVzdHJveVF1ZXJ5RGVidWdCdWZmZXIgKFBERUJVR19CVUZGRVIpOw0KI2RlZmluZSBQ
RElfSEVBUFMgMHgwNA0KI2RlZmluZSBQRElfSEVBUF9CTE9DS1MgMHgxMA0KLy8gRnJvbSBu
dGRsbC5oIGVuZA0KDQppbnQgbWFpbihpbnQgYXJnYywgY2hhciAqKmFyZ3YpDQp7DQogIGlm
IChhcmdjICE9IDIpIHsNCiAgICBwcmludGYoIlVzYWdlOiAlcyBXSU5QSURcbiIsIGFyZ3Zb
MF0pOyByZXR1cm4gMTsNCiAgfQ0KICBpbnQgcGlkID0gYXRvaShhcmd2WzFdKTsNCiAgUERF
QlVHX0JVRkZFUiBidWYgPSBSdGxDcmVhdGVRdWVyeURlYnVnQnVmZmVyKDB4MTAwMDAwLCBG
QUxTRSk7DQogIGlmICghYnVmKSB7DQogICAgcHJpbnRmKCJSdGxDcmVhdGVRdWVyeURlYnVn
QnVmZmVyKCk6IGZhaWxlZFxuIik7IHJldHVybiAxOw0KICB9DQogIE5UU1RBVFVTIHMgPSBS
dGxRdWVyeVByb2Nlc3NEZWJ1Z0luZm9ybWF0aW9uKHBpZCwNCiAgICAgICAgICAgICAgICAg
UERJX0hFQVBTIHwgUERJX0hFQVBfQkxPQ0tTLCBidWYpOw0KICBSdGxEZXN0cm95UXVlcnlE
ZWJ1Z0J1ZmZlcihidWYpOw0KICBpZiAocyA8IDApIHsNCiAgICAvLyBPYnNlcnZlZDoNCiAg
ICAvLyBTVEFUVVNfQUNDRVNTX1ZJT0xBVElPTiAoMHhDMDAwMDAwNSkNCiAgICAvLyBTVEFU
VVNfSU5WQUxJRF9DSUQgKDB4QzAwMDAwMEIpDQogICAgLy8gU1RBVFVTX1BST0NFU1NfSVNf
VEVSTUlOQVRJTkcgKDB4QzAwMDAxMEEpDQogICAgcHJpbnRmKCJSdGxRdWVyeVByb2Nlc3NE
ZWJ1Z0luZm9ybWF0aW9uKCk6IE5UU1RBVFVTID0gMHglWFxuIiwgcyk7DQogICAgcmV0dXJu
IDE7DQogIH0NCiAgcmV0dXJuIDA7DQp9DQo=
--------------87FF849F1191D93AFF3A3638
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline


-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

--------------87FF849F1191D93AFF3A3638--

- Raw text -