On Wed, 2 Jul 2025, Corinna Vinschen wrote:
> On Jun 30 10:11, Jeremy Drake via Cygwin-patches wrote:
> > On Mon, 30 Jun 2025, Corinna Vinschen wrote:
> >
> > > On Jun 27 10:34, Jeremy Drake via Cygwin-patches wrote:
> > > > On Fri, 27 Jun 2025, Corinna Vinschen wrote:
> > > >
> > > > > On Jun 26 13:31, Jeremy Drake via Cygwin-patches wrote:
> > > > > > BTW, I noticed while editing mingw/Makefile.am, shouldn't cygload
> > > > > > have
> > > > > > -Wl,--disable-high-entropy-va in LDFLAGS?
> > > > >
> > > > > Why?
> > > >
> > > > With high-entropy-va, it has been observed that the PEB, TEB and stack
> > > > can
> > > > happen to overlap with the cygheap
> > > > https://cygwin.com/pipermail/cygwin/2024-May/256000.html
> > >
> > > Yeah, but HEVA simply breaks fork. We don't have to test this, because
> > > it won't work and we don't do it. You can set the PE flag, but than
> > > you're on your own.
> >
> > Outside of fork, is cygheap able to "relocate" in case the memory it would
> > like to occupy is already used?
>
> I don't think so, without checking and, well, fixing every pointer usage
> potentially pointing into the cygheap. Even fhandlers have pointers to
> fhandlers...
>
So shouldn't any user of the cygwin dll then need
-Wl,--disable-high-entropy-va to avoid the chance that Windows places its
structures where cygheap wants to be?
#define CYGHEAP_STORAGE_LOW 0x800000000UL
#define CYGHEAP_STORAGE_HIGH 0xa00000000UL
cygheap = (init_cygheap *) VirtualAlloc ((LPVOID) CYGHEAP_STORAGE_LOW,
CYGHEAP_STORAGE_HIGH
- CYGHEAP_STORAGE_LOW,
MEM_RESERVE, PAGE_NOACCESS);
0:000> !gle
LastErrorValue: (Win32) 0x1e7 (487) - Attempt to access invalid address.
LastStatusValue: (NTSTATUS) 0xc0000018 - {Conflicting Address Range} The
specified address range conflicts with the address space.
>From the linked email, the failing memory layout with high entropy va set
was:
BaseAddress EndAddress+1 RegionSize Type
State Protect Usage
--------------------------------------------------------------------------------------------------------------------------
+ 5`e8181000 8`05a00000 2`1d87f000 MEM_FREE
PAGE_NOACCESS Free
+ 8`05a00000 8`05b57000 0`00157000 MEM_PRIVATE MEM_RESERVE
<unknown>
8`05b57000 8`05b58000 0`00001000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE PEB [4628]
8`05b58000 8`05b5a000 0`00002000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE TEB [~0; 4628.31ac]
8`05b5a000 8`05b5c000 0`00002000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE TEB [~1; 4628.4aac]
8`05b5c000 8`05b5e000 0`00002000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE TEB [~2; 4628.5840]
8`05b5e000 8`05b60000 0`00002000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE TEB [~3; 4628.6b9c]
8`05b60000 8`05c00000 0`000a0000 MEM_PRIVATE MEM_RESERVE
<unknown>
+ 8`05c00000 8`05df6000 0`001f6000 MEM_PRIVATE MEM_RESERVE
Stack [~0; 4628.31ac]
8`05df6000 8`05df9000 0`00003000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE | PAGE_GUARD Stack [~0; 4628.31ac]
8`05df9000 8`05e00000 0`00007000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE Stack [~0; 4628.31ac]
+ 8`05e00000 8`05ffb000 0`001fb000 MEM_PRIVATE MEM_RESERVE
Stack [~1; 4628.4aac]
8`05ffb000 8`05ffe000 0`00003000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE | PAGE_GUARD Stack [~1; 4628.4aac]
8`05ffe000 8`06000000 0`00002000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE Stack [~1; 4628.4aac]
+ 8`06000000 8`061fb000 0`001fb000 MEM_PRIVATE MEM_RESERVE
Stack [~2; 4628.5840]
8`061fb000 8`061fe000 0`00003000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE | PAGE_GUARD Stack [~2; 4628.5840]
8`061fe000 8`06200000 0`00002000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE Stack [~2; 4628.5840]
+ 8`06200000 8`063fb000 0`001fb000 MEM_PRIVATE MEM_RESERVE
Stack [~3; 4628.6b9c]
8`063fb000 8`063fe000 0`00003000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE | PAGE_GUARD Stack [~3; 4628.6b9c]
8`063fe000 8`06400000 0`00002000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE Stack [~3; 4628.6b9c]
+ 8`06400000 19e`64400000 196`5e000000 MEM_FREE
PAGE_NOACCESS Free
