| www.delorie.com/archives/browse.cgi | search |
| DMARC-Filter: | OpenDMARC Filter v1.4.2 delorie.com 565HYqDa2464140 |
| Authentication-Results: | delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com |
| Authentication-Results: | delorie.com; spf=pass smtp.mailfrom=cygwin.com |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 delorie.com 565HYqDa2464140 |
| Authentication-Results: | delorie.com; |
| dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=SZO5XG0P | |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 sourceware.org B02CA385DC1A |
| DKIM-Signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; |
| s=default; t=1751736890; | |
| bh=mf7bwBigDTnZLcGSczhPLX9272xt40Y9NLeJFVYGhXo=; | |
| h=Subject:To:References:Date:In-Reply-To:List-Id:List-Unsubscribe: | |
| List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: | |
| From; | |
| b=SZO5XG0P4kVcv8jjALyC91MwxZ8ttJ11vfkp19dTBiEJqBOtgJmNaol3Bq75ahVVV | |
| Nc9JVhokVkd1WzN0DEKL+LTPVCYiPtwQ7KPZn6PTqSPc1GNHRtlktD1PuZ6UbdDUmZ | |
| dX1hEBTMOKn5kop6STuflB17vw6vuO6kBhqiUIr0= | |
| X-Original-To: | cygwin AT cygwin DOT com |
| Delivered-To: | cygwin AT cygwin DOT com |
| DMARC-Filter: | OpenDMARC Filter v1.4.2 sourceware.org 91E08385F024 |
| ARC-Filter: | OpenARC Filter v1.0.0 sourceware.org 91E08385F024 |
| ARC-Seal: | i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1751736866; cv=none; |
| b=fMYN6CklanVX53XXcn/KvFOMENwBw8Sug8MHvK+EO2xdkF384f4NP2+Rus09kArXtgnT0uxJd42eYqVyyt+CEQbGzSEVk6t0Es22PNyL6Q/KR3se2NhwXJBPQy+yut+NVN75GIuhhKuHt5/tlnnaYXIAkC5I7egdNjSdhqql++o= | |
| ARC-Message-Signature: | i=1; a=rsa-sha256; d=sourceware.org; s=key; |
| t=1751736866; c=relaxed/simple; | |
| bh=gvhjbbR6/yruspib81X7QSInU3VYP0w8DmxNDOGzqQs=; | |
| h=Subject:To:From:Message-ID:Date:MIME-Version; | |
| b=QYDIX5DP/KSoH+Z9y7yk3DMv2WoZXQP6cQIhrFZrF88L1APtpFKomQHyODHRgifhe1ITKQJFiAc1pPnnhekUFK3cjSuqIA6P1fMwJG1dWKzmkF1B04eUTlWw2M5LRTSSq+Yhmthpgfz+vHSiTIGL81GjZgszZWMWzCXMbChTI4A= | |
| ARC-Authentication-Results: | i=1; server2.sourceware.org |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 sourceware.org 91E08385F024 |
| Subject: | Re: Segfault if /proc/PID/maps is opened in parallel threads [CAUSE: |
| RtlQueryProcessDebugInformation] | |
| To: | cygwin AT cygwin DOT com |
| References: | <2f7ae08b-80c9-4497-f07c-5d527bbb7ec2 AT t-online DOT de> |
| <17bba06c-4bdd-01df-8477-235aff98b2cb AT t-online DOT de> | |
| <9deb7d60-b05d-ad7f-e316-64781687953b AT t-online DOT de> | |
| <68cbc37b-4825-6e3f-5918-f4fee20d7c05 AT t-online DOT de> | |
| <aGVeI9glhLe2UzTu AT calimero DOT vinschen DOT de> | |
| <aGZjZKoT86ptfahW AT calimero DOT vinschen DOT de> | |
| Message-ID: | <1627d7b2-15f0-c58e-49e1-13f992561bc9@t-online.de> |
| Date: | Sat, 5 Jul 2025 19:34:20 +0200 |
| User-Agent: | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 |
| SeaMonkey/2.53.20 | |
| MIME-Version: | 1.0 |
| In-Reply-To: | <aGZjZKoT86ptfahW@calimero.vinschen.de> |
| X-TOI-EXPURGATEID: | 150726::1751736863-167FA4FC-22E84DE5/0/0 CLEAN NORMAL |
| X-TOI-MSGID: | 4e400e2d-1a3a-48b2-9aa3-c42277bfe22d |
| X-BeenThere: | cygwin AT cygwin DOT com |
| X-Mailman-Version: | 2.1.30 |
| List-Id: | General Cygwin discussions and problem reports <cygwin.cygwin.com> |
| List-Unsubscribe: | <https://cygwin.com/mailman/options/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe> | |
| List-Archive: | <https://cygwin.com/pipermail/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-request AT cygwin DOT com?subject=help> |
| List-Subscribe: | <https://cygwin.com/mailman/listinfo/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=subscribe> | |
| From: | Christian Franke via Cygwin <cygwin AT cygwin DOT com> |
| Reply-To: | cygwin AT cygwin DOT com |
| Cc: | Christian Franke <Christian DOT Franke AT t-online DOT de> |
| Errors-To: | cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com |
| Sender: | "Cygwin" <cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com> |
Corinna Vinschen via Cygwin wrote: > On Jul 2 18:28, Corinna Vinschen via Cygwin wrote: >> On Jul 2 16:18, Christian Franke via Cygwin wrote: >>> On Tue, 27 May 2025 17:44:10 +0200 Christian Franke wrote: >>>> On Sun, 25 May 2025 16:46:49 +0200, Christian Franke wrote: >>>>> On Sat, 24 May 2025 15:19:10 +0200, Christian Franke wrote: >>>>>> If /proc/PID/maps is opened in parallel threads, the process PID >>>>>> may segfault. >>>>>> >>>>>> Testcase: >>>>>> >>>>>> ... >>>>>> >>>>>> Problem is not reproducible with any of the other /proc/PID/* files. >>>>>> >>>>> A closer look shows that the problem is unrelated to thread safety. >>>>> The segfault also occurs when the following command is run >>>>> simultaneously in two terminals: >>>>> >>>>> $ while cat /proc/1234/maps > /dev/null; do printf .; done >>>>> .............cat: /proc/1234/maps: No such file or directory >>>>> >>>> The root of the problem is the call of RtlQueryProcessDebugInformation() >>>> here: >>>> https://cygwin.com/git/?p=newlib-cygwin.git;a=blob;f=winsup/cygwin/fhandler/process.cc;h=8fae9be5#l630 >>>> >>>> >>>> If this part is removed, the segfault does no longer occur. Then >>>> /proc/PID/maps still work but the "[win heap ...]" information is >>>> missing. No patch provided because I don't know whether this could >>>> possibly be fixed without removing this functionality. >>>> >>>> A test with a separate test program shows that the problem is unrelated >>>> to Cygwin: Parallel calls to RtlQueryProcessDebugInformation() with the >>>> same PID could be used to crash this process. It also "worked" with >>>> Notepad.exe. >>>> >>>> Possible Windows (Version 10.0.22631.5039) bug? >> Looks very much like a Windows bug to me. But the function is supposed >> to be run under a debugger, so there's a chance multiple parallel calls >> were never part of the picture. And given the function is undocumented, >> I guess we have to keep the broken pieces... >> >>> Testcase (attached): >>> [...] >>> Conclusion: Possible Windows bug in RtlQueryProcessDebugInformation(). >>> Cygwin should not use this function to provide "nice to have" types of >>> information like "[win heap...]" if this may crash the target process. >> RtlQueryProcessDebugInformation isn't only called to emulate maps, >> it is also called from within dlsym(). >> >> A valid patch might be to move the RtlQueryProcessDebugInformation >> into its own function which adds a global lock. But obviouly the >> function can be called in a non-Cygwin process in parallel, so there's >> no 100% safe way to do it. >> >> Any other idea? > I just added two patches, one of them dropping RtlQueryProcessDebugInformation > in favor of EnumProcessModules in dlsym(), the other by adding a global > mutex to format_process_maps while accessing the debug buffer. I could > reproduce the crash even if RtlQueryProcessDebugInformation was serialized. > I could only avoid the crash by serializing the entire code from > RtlCreateQueryDebugBuffer up to and including RtlDestroyQueryDebugBuffer. > > This ignores native processes which have a hard time to access > /proc anyway. Many tests show that the problem with /proc/PID/maps does no longer occur, thanks. dlsym() not tested, sorry. -- Thanks, Christian -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |