#968 (major|minor)-os-version and (major|minor)-subsystem-version are broken

[Ivan Komissarov]

(major|minor)-os-version and (major|minor)-subsystem-version seems to be broken for values above 6.2

If I compile a simple hello world example* for Windows 8.0, it works:

>g++.exe  "-Wl,-m,i386pep,--major-os-version,6,--minor-os-version,2,--major-subsystem-version,6,--minor-subsystem-version,2" main.c -o main.6.2.exe
>main.6.2.exe
Hello, World!

>g++.exe  "-Wl,-m,i386pep,--major-os-version,6,--minor-os-version,3,--major-subsystem-version,6,--minor-subsystem-version,3" main.c -o main.6.3.exe

However, compiling for 6.3 and above (e.g. 10.0) produces binaries that are not runnable - it fails with an 0xc00007b “Application was unable to start correctly” error.

Comparing PE headers using PE Tools shows diff in respected versions/checksum/timestamp and weirdly in "Size of Heap Reserve" which is seem to be the same (1MB).
MSVC built binaries only differ in versions/checksum/timestamp

main.c:

#include <stdio.h>

int main()
{
    printf("hello world\n");
    return 0;
}

Linked issue: https://bugreports.qt.io/projects/QBS/issues/QBS-1724

[BugMeNot114514]

Subsystem version >= 6.3 requires IMAGE_LOAD_CONFIG_DIRECTORY::SecurityCookie != 0.

This can also be reproduced in MSVC.

cl /MD main.c /link ucrt.lib msvcrt.lib /subsystem:console,6.3 /entry:main

prevent happen

cl /MD main.c /link ucrt.lib msvcrt.lib /subsystem:console,6.3 /entry:main /include:__load_config_used

It's not strange for Windows to look at the image's subsystem version and enable mitigation, as it has in the past with heap termination and SEHOP.