https://bugs.winehq.org/show_bug.cgi?id=49265
Bug ID: 49265 Summary: Segfault when gcc uses MSVCRT_memcpy in copy constructor Product: Wine Version: 5.8 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: winelib Assignee: wine-bugs@winehq.org Reporter: winehq@twig.hk Distribution: ---
Created attachment 67269 --> https://bugs.winehq.org/attachment.cgi?id=67269 Test Code
When gcc use memcpy to implement the copy constructor of an object with both the '-mno-cygwin' and '-march=native' flags set for wineg++, the .exe.so segfaults. The backtrace seems to have the arguments src & n switched for MSVCRT_memcpy.
Code: #include <windows.h> #include <new>
struct Chars{ int a[100];
Chars(){ for(int i = 0; i != sizeof(a); ++i) a[i] = i % 10; } };
BOOL WINAPI WinMain( HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd) { char x[10000]; const Chars c; new (reinterpret_cast<Chars *>(&x)) Chars(c);
return 0; }
If Chars::a[i] are all set to 0, it doesn't segfault. Probably as memcpy isn't used.
Compiled & run with: ./../wine/tools/winegcc/wineg++ -MD -isystem ./../wine/include -isystem ./../wine/include/msvcrt -O0 -g3 -ggdb -mno-cygwin -march=native -c simple.cpp -o build/simple.cpp.o ./../wine/tools/winegcc/wineg++ -L./../wine/dlls -L -fno-pic -isystem ./../wine/include -isystem ./../wine/include/msvcrt -O0 -g3 -ggdb -mno-cygwin -march=native ./build/simple.cpp.o --winebuild=./../wine/tools/winebuild/winebuild -o ./bin/simple LD_LIBRARY_PATH=./../wine/libs/wine/:$LD_LIBRARY_PATH gdb --args ./../wine/loader/wine64-installed ./bin/simple.exe.so
Wine has been compiled from the git repo (./../wine/ , tagged with wine-5.8), with configure args: --enable-win64 CFLAGS="-O0 -g3 -ggdb"
Removing either -mno-cygwin or -march=native stops the segfault
GDB backtrace: Program received signal SIGSEGV, Segmentation fault. 0x00007ffff7748b77 in __memmove_ssse3_back () from /lib64/libc.so.6 (gdb) bt #0 0x00007ffff7748b77 in __memmove_ssse3_back () from /lib64/libc.so.6 #1 0x00007ffff0629a3a in MSVCRT_memcpy (dst=0x21d450, src=0x190, n=71474) at string.c:2338 #2 0x00007ffff7e691d3 in WinMain (hInstance=0x7ffff7e60000 <__wine_spec_pe_header+32742>, hPrevInstance=0x0, lpCmdLine=0x11732 "", nShowCmd=1) at simple.cpp:17 #3 0x00007ffff7e694a1 in main (argc=1, argv=0x714630) at crt_winmain.c:53 #4 0x00007ffff7e69333 in mainCRTStartup () at crt_main.c:62 #5 0x000000007b4568ec in call_process_entry (peb=0x7fffffd8f000, entry=0x7ffff7e692be <mainCRTStartup>) at process.c:119 #6 0x000000007b456af1 in __wine_start_process (entry=0x7ffff7e692be <mainCRTStartup>, peb=0x7fffffd8f000) at process.c:153 #7 0x0000000000000000 in ?? ()
in #1 the src=0x190 (400) and n=71474 (0x11732) seem switched, as src is the sizeof(Chars)