DMARC-Filter: OpenDMARC Filter v1.4.2 delorie.com 55REgrpi1472861 Authentication-Results: delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com Authentication-Results: delorie.com; spf=pass smtp.mailfrom=cygwin.com DKIM-Filter: OpenDKIM Filter v2.11.0 delorie.com 55REgrpi1472861 Authentication-Results: delorie.com; dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=fIIDCZ5S X-Recipient: archive-cygwin AT delorie DOT com DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org CFF3A3856256 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; s=default; t=1751035371; bh=ZWgAEQpItmsp9vqtuv14HWPUgyp3eqg8MFt814HhMTY=; h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:From; b=fIIDCZ5SUSwsSDwY7X3VZM4AWnCUQuy0XiNw8cuYrPvHvslganhKAVxLNuP1Zk/cy pXSD/WluMix/zQroBSU206PV5lHm1XUmRLGr9961dM3wm/eQ/SoTTPTcUU1qXT6OsB lcH2LXJTIlz/ww+DZ5j4SfBnGj2sidPB7AqdHWoc= X-Original-To: cygwin AT cygwin DOT com Delivered-To: cygwin AT cygwin DOT com DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 5CF1F3858408 ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 5CF1F3858408 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1751035307; cv=none; b=pNbGlJr/3qgFxumdtDJRKBy6izeEraafq/1KAvIJZOOjKjL/Obf1b3Mig+J2QykAU3ca72uncVQFfFqsCIHYYcIXIwy6Zs9UIo6rQ0EI9Drxm96gvleUfAPWgfUlGUqNowR5AIjlzLzVUmV0zRAEP0nee2MLxu9VIUdxCe0LNJU= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1751035307; c=relaxed/simple; bh=Tu5U9gRZHBV5WSqbFk2rRTktEr9Twt7VNhxaCan1QGg=; h=DKIM-Signature:Date:To:From:Subject:Message-ID:MIME-Version; b=rk4jSi19BTmDECSqIXV29/lwBtqEtO9Ap/5KB7UPe2g403RjNN1Z6bkLXaiPgTq2t2DWDrdU12kebwuRo4X1vhNNvwTuEVj+X0s0HE5j4Iu3N/AeAQamafsrR+fOXWB+RVuBmWrdlVQJfQx9DEyYwfkQUz5vdMDjTnheMURQtcA= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 5CF1F3858408 Date: Fri, 27 Jun 2025 14:41:39 +0000 To: cygwin AT cygwin DOT com Subject: XSAVE-related segfaults observed under wine Message-ID: <87bjq9457k.fsf@protonmail.com> Feedback-ID: 112775352:user:proton X-Pm-Message-ID: 88ff261607baf6284b511eda6e9e449167981ee8 MIME-Version: 1.0 X-BeenThere: cygwin AT cygwin DOT com X-Mailman-Version: 2.1.30 List-Id: General Cygwin discussions and problem reports List-Archive: List-Post: List-Help: List-Subscribe: , From: Pip Cet via Cygwin Reply-To: Pip Cet Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "Cygwin" This is about a bug which was observed when running msys2 binaries in Wine under recent Linux kernels on new Intel/AMD CPUs that support the PKU/PKRU feature, but it appears to be a bug in Cygwin; specifically, in: c607889824395f0eac7e85d5b81c906bf8025321 Author: Takashi Yano AuthorDate: Sun Oct 13 07:41:40 2024 +0900 Commit: Takashi Yano CommitDate: Fri Nov 1 04:56:27 2024 +0900 Cygwin: sigfe: Fix a bug that signal handler destroys fpu states In this commit, we added these lines of code: movl \$0x0d,%eax xorl %ecx,%ecx cpuid # get necessary space for xsave movq %rbx,%rcx addq \$0x48,%rbx # 0x18 for alignment, 0x30 for additional space subq %rbx,%rsp movl %ebx,0x24(%rsp) xorq %rax,%rax shrq \$3,%rcx leaq 0x30(%rsp),%rdi rep stosq xgetbv # get XCR0 (ecx is 0 after rep) movl %eax,0x28(%rsp) movl %edx,0x2c(%rsp) notl %ecx # set ecx non-zero movl %ecx,0x20(%rsp) xsave64 0x30(%rsp) The problem is that those new Intel/AMD CPUs (I have one of each here) report the PKU/PKRU feature with an additional XSAVE area of 8 bytes (only 4 bytes are used). This means that the cpuid instruction will return in %rbx a value which is not aligned to 64 bytes, so our subtraction will make %rsp+0x30 (the target of the xsave64 instruction) misaligned (by 8 bytes) when we execute the xsave64 instruction, which assumes its argument to be 64-byte aligned. This causes a segfault and abnormal program termination. Disabling the PKU feature ("nopku" on the Linux kernel command line; reboot) makes the problem go away, as does working around it in winedbg --gdb: b *0x18019c647 Breakpoint 1 at 0x18019c647 Wine-gdb> command 1 command 1 Type commands for breakpoint(s) 1, one per line. End with a line saying just "end". >p $rbx += 56 >c >end Wine-gdb> c (Here, 0x18019c647 is the address of the movq %rbx, %rcx instruction in the segment above). My suggested fix is to align the value in %rbx to the next 64-byte multiple after the "cpuid" instruction is executed, by performing the assembler equivalent of $rbx += 63; $rbx &= -64; I tried this: diff --git a/winsup/cygwin/scripts/gendef b/winsup/cygwin/scripts/gendef index 861a2405b..d681fde3f 100755 --- a/winsup/cygwin/scripts/gendef +++ b/winsup/cygwin/scripts/gendef @@ -232,6 +232,8 @@ sigdelayed: movl \$0x0d,%eax xorl %ecx,%ecx cpuid # get necessary space for xsave + addq \$63, %rbx + andq \$-64, %rbx # align to next 64-byte multiple movq %rbx,%rcx addq \$0x48,%rbx # 0x18 for alignment, 0x30 for additional space subq %rbx,%rsp And it worked in a very simple test, on the msys2-runtime source (copying the DLL from a partially-successful build to the msys2 image). I hope it's small enough to be exempt from copyright requirements! I don't know whether (or when) Windows systems will support the PKU/PKRU feature (which is extremely useful!), but I suspect the bug would occur there, too, or with other small additional XSAVE areas. Links to GitHub issues for the related msys2 problem: https://github.com/msys2/msys2-runtime/issues/295 https://github.com/msys2/msys2-docker/issues/18 Sorry this got a bit long, and thanks! Pip -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple