Bug 19196

Summary: MinGW ld from msys2 crashes on Wine when linking MinGW xz
Product: binutils Reporter: Qian Hong <fracting>
Component: binutilsAssignee: Not yet assigned to anyone <unassigned>
Status: NEW ---    
Severity: normal    
Priority: P2    
Version: 2.26   
Target Milestone: ---   
Host: Target:
Build: Last reconfirmed:
Attachments: Backtrace: ld crashes, with debugging symbol, compile with -g -O2 -gdwarf2 -gstrict-dwarf

Description Qian Hong 2015-11-01 02:22:03 UTC 
Hi,

When compiling MinGW xz package on Wine, ld crashing while linking xzdec.exe

Backtrace is like below:
Backtrace:
=>0 0xb74e1f83 (0x0122f928)
  1 0x7fa9329f MSVCRT_fwrite+0x3d(ptr=<couldn't compute location>, size=<couldn't compute location>, nmemb=<couldn't compute location>, file=<couldn't compute location>) [/home/fracting/src/wine-patched-auto/dlls/msvcrt/file.c:3885] in msvcrt (0x0122f978)
  2 0x0042d6c0 in ld (+0x2d6bf) (0x7fb12660)


My MSYS2 version:
$ uname -a
MINGW32_NT-5.1  2.3.0(0.290/5/3) 2015-10-20 10:21 i686 Msys

ld version:
$ ld --version
GNU ld (GNU Binutils) 2.25.2
Copyright (C) 2014 Free Software Foundation, Inc.
This program is free software; you may redistribute it under the terms of
the GNU General Public License version 3 or (at your option) a later version.
This program has absolutely no warranty.

This ld version is build on latest git source ( e01b05685cba63977cd76bed14399bd81f1289f4 ) from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=shortlog;h=refs/heads/binutils-2_25-branch
With 4 additional patches from https://github.com/Alexpux/MINGW-packages/tree/e59f73314e7d3eec75822eb4d342997217f2845a/mingw-w64-binutils-git

Wine version:
wine-1.7.53 (Staging)

I'll start from a full reproducing steps from scratch, and then upload some binary test cases.
Comment 1 Qian Hong 2015-11-01 02:51:55 UTC 
Pre-request:

*important*: Install latest Wine Staging (1.7.53) on Linux. I'm using 32bit Ubuntu 15.10 with Linux kernel 4.2.0-16-generic.

Wine Staging is an official part of Wine, installation steps refer to https://github.com/wine-compholio/wine-staging/wiki/Installation

Steps to reproduce:

1. Install MSYS2 on Wine

1) *important*: MSYS2's installer works mostly out of box on Wine Staging today, except a few workaround is needed:

$ export STAGING_WRITECOPY=1

2) download MSYS2 installer from https://msys2.github.io/
http://repo.msys2.org/distrib/i686/msys2-i686-20150916.exe

3) install on Wine:
$ mv ~/.wine ~/.wine.bak
$ wine msys2-i686-20150916.exe
The installer should work out of box just like on Windows.
Refer to http://sourceforge.net/p/msys2/wiki/MSYS2%20installation/ for additional introduction for usage of MSYS2 on Windows, it is the same for Wine.

4) install toolchain on MSYS2:

Start a MINGW32 shell:
$ cd ~/.wine/drive_c/msys32/
$ wine start mingw32_shell.bat

Inside the MINGW32 shell in mintty terminal:
$ pacman -S --noconfirm base-devel mingw-w64-i686-toolchain

This will install gcc / bintuils / make and other tools for compiling Win32 software. Refer to http://sourceforge.net/p/msys2/wiki/Contributing%20to%20MSYS2/ for additional information. 

Note that currently MSYS2 provides binary package for binutils 2.25.1, but I can also reproduce the same ld crashing bug with latest binutils compiled by myself.

2. Build MinGW xz package on MSYS2 (inside MINGW32 shell on Wine):

1) firstly clone MINGW packages PKGBUILD files:

$ git clone https://github.com/Alexpux/MINGW-packages.git
(If git is not installed, try `pacman -S git`)

2) cd to the directory of xz:
$ xd MINGW-packages/mingw-w64-xz

3) use makepkg-mingw to compile xz package:
$ makepkg-mingw -f -s --skippgpcheck --noconfirm

This will download the xz source code and build dependencies for xz then build the xz package.
Refer to http://sourceforge.net/p/msys2/wiki/Contributing%20to%20MSYS2/ for additional information. 

Expect result:
Build the xz package successfully.

Actual result:
ld crashes when linking lzmadec.exe (sorry, my #comment 1 is wrong, not crashing for xzdec.exe, but for lzmadec.exe)
collect2 reports: collect2.exe: error: ld returned 5 exit status

Command line below:

 /bin/sh ../../libtool  --tag=CC   --mode=link i686-w64-mingw32-gcc -Wall -Wextra -Wvla -Wformat=2 -Winit-self -Wmissing-include-dirs -Wstrict-aliasing -Wfloat-equal -Wundef -Wshadow -Wpointer-arith -Wbad-function-cast -Wwrite-strings -Wlogical-op -Waggregate-return -Wstrict-prototypes -Wold-style-definition -Wmissing-prototypes -Wmissing-declarations -Wmissing-noreturn -Wredundant-decls -march=i686 -mtune=generic -O2 -pipe  -pipe -o lzmadec.exe lzmadec-xzdec.o lzmadec-tuklib_progname.o lzmadec-tuklib_exit.o lzmadec_w32res.o ../../src/liblzma/liblzma.la  -L/mingw32/lib -lintl
libtool: link: i686-w64-mingw32-gcc -Wall -Wextra -Wvla -Wformat=2 -Winit-self -Wmissing-include-dirs -Wstrict-aliasing -Wfloat-equal -Wundef -Wshadow -Wpointer-arith -Wbad-function-cast -Wwrite-strings -Wlogical-op -Waggregate-return -Wstrict-prototypes -Wold-style-definition -Wmissing-prototypes -Wmissing-declarations -Wmissing-noreturn -Wredundant-decls -march=i686 -mtune=generic -O2 -pipe -pipe -o .libs/lzmadec.exe lzmadec-xzdec.o lzmadec-tuklib_progname.o lzmadec-tuklib_exit.o lzmadec_w32res.o  ../../src/liblzma/.libs/liblzma.dll.a -L/mingw32/lib -lintl -L/mingw32/lib


Backtrace below: (note I'm not sure I can reproduce this bug with debugging build of binutils, but I'll try harder again)

Unhandled exception: page fault on read access to 0x013e0038 in 32-bit code (0xb744af83).
Register dump:
 CS:0073 SS:007b DS:007b ES:007b FS:003b GS:0033
 EIP:b744af83 ESP:0122f8d8 EBP:0122f928 EFLAGS:00010287(  R- --  I S - -P-C)
 EAX:013df649 EBX:b74d8000 ECX:000009ff EDX:00273129
 ESI:0122f940 EDI:00000000
Stack dump:
0x0122f8d8:  7fb0a000 7fa9339c 00273129 013df649
0x0122f8e8:  000009ff 7fa932d9 7fb0a000 000009ff
0x0122f8f8:  00000001 7fa8c6b3 000009ff 7fb0a000
0x0122f908:  0122f958 7fa8c6b3 00000023 7fb0a000
0x0122f918:  0122f958 0122f940 7fb0a000 0122f990
0x0122f928:  0122f978 7fa9329f 0000002c 00251518
Backtrace:
=>0 0xb744af83 (0x0122f928)
  1 0x7fa9329f MSVCRT_fwrite+0x3d(ptr=<couldn't compute location>, size=<couldn't compute location>, nmemb=<couldn't compute location>, file=<couldn't compute location>) [/home/fracting/src/wine-patched-auto/dlls/msvcrt/file.c:3885] in msvcrt (0x0122f978)
  2 0x0042d6c0 in ld (+0x2d6bf) (0x7fb12660)
  3 0x0042cc2f in ld (+0x2cc2e) (0x00251518)
  4 0x00456354 in ld (+0x56353) (0x00251518)
  5 0x00435f95 in ld (+0x35f94) (0x00000000)
  6 0x00450413 in ld (+0x50412) (0x00000001)
  7 0x00454b3d in ld (+0x54b3c) (0x00000000)
  8 0x00415363 in ld (+0x15362) (0x0122fd38)
  9 0x004dea26 in ld (+0xdea25) (0x0122fd38)
  10 0x004013e2 in ld (+0x13e1) (0x0122fe00)
  11 0x7b869694 call_process_entry+0xb() in kernel32 (0x0122fe18)
Comment 2 Qian Hong 2015-11-01 02:54:37 UTC 
Pre-request:

*important*: Install latest Wine Staging (1.7.53) on Linux. I'm using 32bit Ubuntu 15.10 with Linux kernel 4.2.0-16-generic.

Wine Staging is an official part of Wine, installation steps refer to https://github.com/wine-compholio/wine-staging/wiki/Installation

Steps to reproduce:

1. Install MSYS2 on Wine

1) *important*: MSYS2's installer works mostly out of box on Wine Staging today, except a few workaround is needed:

$ export STAGING_WRITECOPY=1

2) download MSYS2 installer from https://msys2.github.io/
http://repo.msys2.org/distrib/i686/msys2-i686-20150916.exe

3) install on Wine:
$ mv ~/.wine ~/.wine.bak
$ wine msys2-i686-20150916.exe
The installer should work out of box just like on Windows.
Refer to http://sourceforge.net/p/msys2/wiki/MSYS2%20installation/ for additional introduction for usage of MSYS2 on Windows, it is the same for Wine.

4) install toolchain on MSYS2:

Start a MINGW32 shell:
$ cd ~/.wine/drive_c/msys32/
$ wine start mingw32_shell.bat

Inside the MINGW32 shell in mintty terminal:
$ pacman -S --noconfirm base-devel mingw-w64-i686-toolchain

This will install gcc / bintuils / make and other tools for compiling Win32 software. Refer to http://sourceforge.net/p/msys2/wiki/Contributing%20to%20MSYS2/ for additional information. 

Note that currently MSYS2 provides binary package for binutils 2.25.1, but I can also reproduce the same ld crashing bug with latest binutils compiled by myself.

2. Build MinGW xz package on MSYS2 (inside MINGW32 shell on Wine):

1) firstly clone MINGW packages PKGBUILD files:

$ git clone https://github.com/Alexpux/MINGW-packages.git
(If git is not installed, try `pacman -S git`)

2) cd to the directory of xz:
$ xd MINGW-packages/mingw-w64-xz

3) use makepkg-mingw to compile xz package:
$ makepkg-mingw -f -s --skippgpcheck --noconfirm

This will download the xz source code and build dependencies for xz then build the xz package.
Refer to http://sourceforge.net/p/msys2/wiki/Contributing%20to%20MSYS2/ for additional information. 

Expect result:
Build the xz package successfully.

Actual result:
ld crashes when linking lzmadec.exe (sorry, my #comment 1 is wrong, not crashing for xzdec.exe, but for lzmadec.exe)
collect2 reports: collect2.exe: error: ld returned 5 exit status

Command line below:

 /bin/sh ../../libtool  --tag=CC   --mode=link i686-w64-mingw32-gcc -Wall -Wextra -Wvla -Wformat=2 -Winit-self -Wmissing-include-dirs -Wstrict-aliasing -Wfloat-equal -Wundef -Wshadow -Wpointer-arith -Wbad-function-cast -Wwrite-strings -Wlogical-op -Waggregate-return -Wstrict-prototypes -Wold-style-definition -Wmissing-prototypes -Wmissing-declarations -Wmissing-noreturn -Wredundant-decls -march=i686 -mtune=generic -O2 -pipe  -pipe -o lzmadec.exe lzmadec-xzdec.o lzmadec-tuklib_progname.o lzmadec-tuklib_exit.o lzmadec_w32res.o ../../src/liblzma/liblzma.la  -L/mingw32/lib -lintl
libtool: link: i686-w64-mingw32-gcc -Wall -Wextra -Wvla -Wformat=2 -Winit-self -Wmissing-include-dirs -Wstrict-aliasing -Wfloat-equal -Wundef -Wshadow -Wpointer-arith -Wbad-function-cast -Wwrite-strings -Wlogical-op -Waggregate-return -Wstrict-prototypes -Wold-style-definition -Wmissing-prototypes -Wmissing-declarations -Wmissing-noreturn -Wredundant-decls -march=i686 -mtune=generic -O2 -pipe -pipe -o .libs/lzmadec.exe lzmadec-xzdec.o lzmadec-tuklib_progname.o lzmadec-tuklib_exit.o lzmadec_w32res.o  ../../src/liblzma/.libs/liblzma.dll.a -L/mingw32/lib -lintl -L/mingw32/lib


Backtrace below: (note I'm not sure I can reproduce this bug with debugging build of binutils, but I'll try harder again)

Unhandled exception: page fault on read access to 0x013e0038 in 32-bit code (0xb744af83).
Register dump:
 CS:0073 SS:007b DS:007b ES:007b FS:003b GS:0033
 EIP:b744af83 ESP:0122f8d8 EBP:0122f928 EFLAGS:00010287(  R- --  I S - -P-C)
 EAX:013df649 EBX:b74d8000 ECX:000009ff EDX:00273129
 ESI:0122f940 EDI:00000000
Stack dump:
0x0122f8d8:  7fb0a000 7fa9339c 00273129 013df649
0x0122f8e8:  000009ff 7fa932d9 7fb0a000 000009ff
0x0122f8f8:  00000001 7fa8c6b3 000009ff 7fb0a000
0x0122f908:  0122f958 7fa8c6b3 00000023 7fb0a000
0x0122f918:  0122f958 0122f940 7fb0a000 0122f990
0x0122f928:  0122f978 7fa9329f 0000002c 00251518
Backtrace:
=>0 0xb744af83 (0x0122f928)
  1 0x7fa9329f MSVCRT_fwrite+0x3d(ptr=<couldn't compute location>, size=<couldn't compute location>, nmemb=<couldn't compute location>, file=<couldn't compute location>) [/home/fracting/src/wine-patched-auto/dlls/msvcrt/file.c:3885] in msvcrt (0x0122f978)
  2 0x0042d6c0 in ld (+0x2d6bf) (0x7fb12660)
  3 0x0042cc2f in ld (+0x2cc2e) (0x00251518)
  4 0x00456354 in ld (+0x56353) (0x00251518)
  5 0x00435f95 in ld (+0x35f94) (0x00000000)
  6 0x00450413 in ld (+0x50412) (0x00000001)
  7 0x00454b3d in ld (+0x54b3c) (0x00000000)
  8 0x00415363 in ld (+0x15362) (0x0122fd38)
  9 0x004dea26 in ld (+0xdea25) (0x0122fd38)
  10 0x004013e2 in ld (+0x13e1) (0x0122fe00)
  11 0x7b869694 call_process_entry+0xb() in kernel32 (0x0122fe18)
Comment 3 Qian Hong 2015-11-01 03:06:07 UTC 
Sorry for duplicate post, network problem due to evil China government firewall... (GFW: https://en.wikipedia.org/wiki/Great_Firewall)
Comment 4 Qian Hong 2015-11-01 03:17:25 UTC 
Bug report to Wine Staging, cross-reference: https://bugs.wine-staging.com/show_bug.cgi?id=591
Comment 5 Qian Hong 2015-11-01 03:27:57 UTC 
Created attachment 8760 [details]
Backtrace: ld crashes, with debugging symbol, compile with -g -O2 -gdwarf2 -gstrict-dwarf

Hi, this is a backtrace with debugging symbol, ld from git HEAD, compiled with "-g -O2 -dwarf2 -gstric-dwarf". I'll try further with a build of -O0, but I remember it doesn't crash last time when I was testing. Anyway it worth try again.
Comment 6 Qian Hong 2015-11-01 03:32:47 UTC 
I upload a compressed directory of xzdec/ , which includes all object files to reproduce this bug:
https://drive.google.com/file/d/0BxjsxTbiBaUHYmtQQkdiZlp0T1U/view?usp=sharing

I'll try to investigate how to reduce the test case size.
Comment 7 Qian Hong 2015-11-01 03:35:11 UTC 
When running ld on Wine with Valgrind, Valgrind reports some invalid read which seems related to this bug. Additional information here: https://sourceware.org/ml/binutils/2015-10/msg00058.html

Once I can reproduce same valgrind error report with latest binutils, I'll copy them here. (No time right now, sorry)
Comment 8 Qian Hong 2015-11-02 08:39:06 UTC 
(In reply to Qian Hong from comment #7)
> When running ld on Wine with Valgrind, Valgrind reports some invalid read
> which seems related to this bug. Additional information here:
> https://sourceware.org/ml/binutils/2015-10/msg00058.html
> 
> Once I can reproduce same valgrind error report with latest binutils, I'll
> copy them here. (No time right now, sorry)

Update: this time valgrind doesn't report anything related to this bug for me.

BTW, I'm @fracting in freenode #gdb irc channel, I'm glad to provide more information either here or at irc if required.
I'm still hoping to reduce the size of test case, but no time to do that right now.