[Bug 49265] New: Segfault when gcc uses MSVCRT_memcpy in copy constructor

Wed May 27 09:26:29 CDT 2020

https://bugs.winehq.org/show_bug.cgi?id=49265

            Bug ID: 49265
           Summary: Segfault when gcc uses MSVCRT_memcpy in copy
                    constructor
           Product: Wine
           Version: 5.8
          Hardware: x86-64
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: winelib
          Assignee: wine-bugs at winehq.org
          Reporter: winehq at twig.hk
      Distribution: ---

Created attachment 67269
  --> https://bugs.winehq.org/attachment.cgi?id=67269
Test Code

When gcc use memcpy to implement the copy constructor of an object with both
the '-mno-cygwin' and '-march=native' flags set for wineg++, the .exe.so
segfaults. The backtrace seems to have the arguments src & n switched for
MSVCRT_memcpy.

Code:
#include <windows.h>
#include <new>

struct Chars{
    int a[100];

    Chars(){
        for(int i = 0; i != sizeof(a); ++i)
            a[i] = i % 10;
    }
};

BOOL WINAPI WinMain( HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR
lpCmdLine, int nShowCmd)
{
    char x[10000];
    const Chars c;
    new (reinterpret_cast<Chars *>(&x)) Chars(c);

    return 0;
}

If Chars::a[i] are all set to 0, it doesn't segfault. Probably as memcpy isn't
used. 

Compiled & run with:
./../wine/tools/winegcc/wineg++ -MD -isystem ./../wine/include -isystem
./../wine/include/msvcrt -O0 -g3 -ggdb -mno-cygwin -march=native  -c simple.cpp
-o build/simple.cpp.o
./../wine/tools/winegcc/wineg++ -L./../wine/dlls -L -fno-pic  -isystem
./../wine/include -isystem ./../wine/include/msvcrt -O0 -g3 -ggdb -mno-cygwin
-march=native  ./build/simple.cpp.o   
--winebuild=./../wine/tools/winebuild/winebuild -o ./bin/simple
LD_LIBRARY_PATH=./../wine/libs/wine/:$LD_LIBRARY_PATH gdb --args
./../wine/loader/wine64-installed ./bin/simple.exe.so

Wine has been compiled from the git repo (./../wine/ , tagged with wine-5.8),
with configure args: --enable-win64 CFLAGS="-O0 -g3 -ggdb"

Removing either -mno-cygwin or -march=native stops the segfault

GDB backtrace:
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7748b77 in __memmove_ssse3_back () from /lib64/libc.so.6
(gdb) bt
#0  0x00007ffff7748b77 in __memmove_ssse3_back () from /lib64/libc.so.6
#1  0x00007ffff0629a3a in MSVCRT_memcpy (dst=0x21d450, src=0x190, n=71474) at
string.c:2338
#2  0x00007ffff7e691d3 in WinMain (hInstance=0x7ffff7e60000
<__wine_spec_pe_header+32742>,
    hPrevInstance=0x0, lpCmdLine=0x11732 "", nShowCmd=1) at simple.cpp:17
#3  0x00007ffff7e694a1 in main (argc=1, argv=0x714630) at crt_winmain.c:53
#4  0x00007ffff7e69333 in mainCRTStartup () at crt_main.c:62
#5  0x000000007b4568ec in call_process_entry (peb=0x7fffffd8f000,
    entry=0x7ffff7e692be <mainCRTStartup>) at process.c:119
#6  0x000000007b456af1 in __wine_start_process (entry=0x7ffff7e692be
<mainCRTStartup>,
    peb=0x7fffffd8f000) at process.c:153
#7  0x0000000000000000 in ?? ()

in #1 the src=0x190 (400) and n=71474 (0x11732) seem switched, as src is the
sizeof(Chars)

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.