many cygwin shells/tools (tcsh, fish, bash, and zsh) crashing STATUS_ACCESS_VIOLATION
Mark Geisert
mark@maxrnd.com
Wed Aug 11 05:27:08 GMT 2021
Replying to myself, ahem...
Mark Geisert wrote:
> Hi David,
>
> David Dyck via Cygwin wrote:
>> On Tue, Aug 10, 2021 at 10:56 AM Brian Inglis wrote:
>>> Apparently that Windows Version is for the Windows 11 Preview.
>>> That appears to be an alpha quality product, from bug fix announcements.
>>> I didn't find anything much useful from MS or articles only features.
>>> You might want to reach out for help via the Windows Feedback Hub,
>>> and/or MS App Assure re compatibility if your org has 150+ licenses.
>>
>> I'm interested in what could be going wrong that would cause only some
>> cygwin programs to fail.
>>
>> I'd be happy to report the issue via Windows Feedback if I could point
>> to something specific.
[...]
> You could try downgrading ncurses via Cygwin setup. Best case: things work. Worst
> case: things break but at a different address within the DLL.
On another branch of this thread David reported that downgrading worked. We still
don't know what the issue with current ncurses is, so I did try the following:
> Another tack could be for somebody *on a working system* install the debuginfo for
> ncurses, figure out the exception's address *in the ncurses installed locally*,
> run 'more' under gdb after setting a breakpoint at that address. Poke around to
> see what ncurses is doing in that area. Maybe it's acting on a Windows result
> that's busted on the Windows preview. Or something else. Good luck with this
> route :-/.
Here's the gdb session from my own Windows 10 machine...
/usr/lib/debug/usr/bin gdb -q more.exe
Reading symbols from more.exe...
(No debugging symbols found in more.exe)
(gdb) b main
No symbol table is loaded. Use the "file" command.
Make breakpoint pending on future shared library load? (y or [n]) y
Breakpoint 1 (main) pending.
(gdb) b ncwrap_cur_term <-- I deduced the faulting func using exception address
No symbol table is loaded. Use the "file" command.
Make breakpoint pending on future shared library load? (y or [n]) y
Breakpoint 2 (ncwrap_cur_term) pending.
(gdb) r
Starting program: /usr/bin/more.exe
[New Thread 12052.0x388]
[New Thread 12052.0x2750]
[New Thread 12052.0x2d08]
[New Thread 12052.0x275c]
Thread 1 "more" hit Breakpoint 2, ncwrap_cur_term ()
at /usr/src/debug/ncurses-6.1-1.20190727/ncurses/tinfo/lib_cur_term.c:68
68 return NCURSES_SP_NAME(_nc_get_cur_term) (CURRENT_SCREEN);
(gdb) disassem ncwrap_cur_term
Dump of assembler code for function ncwrap_cur_term:
=> 0x00000003cc658a30 <+0>: mov 0x18a39(%rip),%rax # 0x3cc671470
<.refptr.SP>
0x00000003cc658a37 <+7>: mov (%rax),%rcx
0x00000003cc658a3a <+10>: jmp 0x3cc658a10 <_nc_get_cur_term_sp>
End of assembler dump.
(gdb) list
63
64 NCURSES_EXPORT(TERMINAL *)
65 NCURSES_PUBLIC_VAR(cur_term) (void)
66 {
67 #if NCURSES_SP_FUNCS
68 return NCURSES_SP_NAME(_nc_get_cur_term) (CURRENT_SCREEN);
69 #else
70 return NCURSES_SP_NAME(_nc_get_cur_term) (NCURSES_SP_ARG);
71 #endif
72 }
(gdb) bt
#0 ncwrap_cur_term ()
at /usr/src/debug/ncurses-6.1-1.20190727/ncurses/tinfo/lib_cur_term.c:68
#1 0x00000003cc65ac7c in _nc_setupterm (tname=0x80003a055 "xterm", Filedes=1,
errret=0xffffc4e4, reuse=0)
at /usr/src/debug/ncurses-6.1-1.20190727/ncurses/tinfo/lib_setup.c:646
#2 0x00000001004057fd in ?? ()
#3 0x0000000180049cbb in dll_crt0_1 () at /oss/src/winsup/cygwin/dcrt0.cc:1037
#4 0x0000000180047736 in _cygtls::call2 (this=0xffffce00,
func=0x180048c40 <dll_crt0_1(void*)>, arg=0x0, buf=buf@entry=0xffffcdf0)
at /oss/src/winsup/cygwin/cygtls.cc:40
#5 0x00000001800477e4 in _cygtls::call (func=<optimized out>,
arg=<optimized out>) at /usr/include/w32api/psdk_inc/intrin-impl.h:838
#6 0x0000000000000000 in ?? ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb)
So the fault happens during ncurses initialization. As to why this happens on a
Win 11 Preview and evidently not on Win 10, I have no idea. The code is trying to
get the current value of 'cur_term', but that's not a local variable and I don't
grok what the machine instructions are doing. The fault address is the 2nd mov,
so I believe the fault occurred during the 1st mov.
That is all the help/damage I can do at this point.
Cheers,
..mark
More information about the Cygwin
mailing list