[Bug 31892] New: Handle failure to reserve NT shared user data at 0x7ffe0000 (Windows on ARM)
wine-bugs at winehq.org
wine-bugs at winehq.org
Fri Oct 5 14:56:29 CDT 2012
http://bugs.winehq.org/show_bug.cgi?id=31892
Bug #: 31892
Summary: Handle failure to reserve NT shared user data at
0x7ffe0000 (Windows on ARM)
Product: Wine
Version: 1.5.14
Platform: arm
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ntdll
AssignedTo: wine-bugs at winehq.org
ReportedBy: focht at gmx.net
Classification: Unclassified
Hello,
I recently resumed some investigations with Windows on ARM apps/installers and
ran into a problem due to a kernel 3.2 -> 3.0 downgrade.
The kernel downgrade was necessary because Freescale left Linaro some months
ago, stalling/halting all Linaro projects targeting i.mx platforms (the last
kernels were still buggy as hell anyway).
Back to a Linux 3.0.x kernel now which is being actively developed/maintained
within Freescale.
Unfortunately all wine builtins simply segfault on startup.
The code that fails:
http://source.winehq.org/git/wine.git/blob/6ec731b65cb6525d04b86737ff85a3e77054ed36:/dlls/ntdll/thread.c#l196
--- snip ---
196 HANDLE thread_init(void)
197 {
198 TEB *teb;
199 void *addr;
200 SIZE_T size, info_size;
201 HANDLE exe_file = 0;
202 LARGE_INTEGER now;
203 struct ntdll_thread_data *thread_data;
204 static struct debug_info debug_info; /* debug info for initial thread
*/
205
206 virtual_init();
207
208 /* reserve space for shared user data */
209
210 addr = (void *)0x7ffe0000;
211 size = 0x10000;
212 NtAllocateVirtualMemory( NtCurrentProcess(), &addr, 0, &size,
MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE );
213 user_shared_data = addr;
...
293 /* initialize time values in user_shared_data */
294 NtQuerySystemTime( &now );
295 user_shared_data->SystemTime.LowPart = now.u.LowPart;
--- snip ---
NtAllocateVirtualMemory() fails to reserve that range but no return value
evaluation takes place hence the initial start address value is still taken.
Dereferencing of "user_shared_data" (USER_SHARED_DATA) causes the segfault.
Before the syscall:
--- snip ---
...
(gdb) bt
#0 0x2acc4a80 in mmap64 () from /lib/arm-linux-gnueabi/libc.so.6
#1 0x2aad45cc in wine_anon_mmap (start=0x7ffe0000, size=65536, prot=3,
flags=34)
at /home/linaro/projects/wine/wine-git/libs/wine/mmap.c:221
#2 0x2add2cf8 in map_view (view_ret=0x7effebe4, base=0x7ffe0000, size=65536,
mask=65535, top_down=0,
vprot=1091) at /home/linaro/projects/wine/wine-git/dlls/ntdll/virtual.c:794
#3 0x2add7594 in NtAllocateVirtualMemory (process=0xffffffff, ret=0x7effecb0,
zero_bits=0,
size_ptr=0x7effecb4, type=12288, protect=4)
at /home/linaro/projects/wine/wine-git/dlls/ntdll/virtual.c:1937
#4 0x2adc6554 in thread_init () at
/home/linaro/projects/wine/wine-git/dlls/ntdll/thread.c:212
#5 0x2ad8d5f4 in __wine_process_init () at
/home/linaro/projects/wine/wine-git/dlls/ntdll/loader.c:2892
#6 0x2aad2fdc in wine_init (argc=2, argv=0x7efff2a4, error=0x7effed4c "",
error_size=1024)
at /home/linaro/projects/wine/wine-git/libs/wine/loader.c:831
#7 0x00008bbc in main (argc=2, argv=0x7efff2a4) at
/home/linaro/projects/wine/wine-git/loader/main.c:237
..
--- snip ---
After syscall:
--- snip ---
(gdb) n
map_view (view_ret=0x7effebe4, base=0x7ffe0000, size=65536, mask=65535,
top_down=0, vprot=1091)
at /home/linaro/projects/wine/wine-git/dlls/ntdll/virtual.c:799
799 if (ptr != base)
(gdb) info locals
ptr = 0x2ac05000
status = 2147352576
...
--- snip ---
-> STATUS_CONFLICTING_ADDRESSES
mmap() failed to reserve 0x7ffe0000 and instead gave a different address range
in TASK_UNMAPPED_BASE area (0x2ac05000).
mmap VM area for userspace tasks: "arch/arm/include/asm/memory.h"
--- snip ---
...
#ifdef CONFIG_MMU
/*
* PAGE_OFFSET - the virtual address of the start of the kernel image
* TASK_SIZE - the maximum size of a user space task.
* TASK_UNMAPPED_BASE - the lower boundary of the mmap VM area
*/
#define PAGE_OFFSET UL(CONFIG_PAGE_OFFSET)
#define TASK_SIZE (UL(CONFIG_PAGE_OFFSET) - UL(0x01000000))
#define TASK_UNMAPPED_BASE (UL(CONFIG_PAGE_OFFSET) / 3)
/*
* The maximum size of a 26-bit user space task.
*/
#define TASK_SIZE_26 UL(0x04000000)
/*
* The module space lives between the addresses given by TASK_SIZE
* and PAGE_OFFSET - it must be within 32MB of the kernel text.
*/
#ifndef CONFIG_THUMB2_KERNEL
#define MODULES_VADDR (PAGE_OFFSET - 16*1024*1024)
#else
/* smaller range for Thumb-2 symbols relocation (2^24)*/
#define MODULES_VADDR (PAGE_OFFSET - 8*1024*1024)
#endif
#if TASK_SIZE > MODULES_VADDR
#error Top of user space clashes with start of module space
#endif
...
--- snip ---
Relevant kernel config settings:
--- snip ---
...
# CONFIG_VMSPLIT_3G is not set
CONFIG_VMSPLIT_2G=y
# CONFIG_VMSPLIT_1G is not set
CONFIG_PAGE_OFFSET=0x80000000
...
--- snip ---
(TASK_SIZE = 0x7F000000) -> arch_get_unmapped_area() will not accept address
0x7ffe0000.
I worked around by moving to a 3GiB/1GiB user/kernel virtual memory split ->
CONFIG_PAGE_OFFSET=0xC0000000.
Anyway the reservation failure should be handled gracefully by either refusing
to run (at least on x86 platforms) or accept a new address range.
I don't know if USER_SHARED_DATA at 0x7ffe0000 exists/makes sense for Windows
on ARM platforms.
One has yet to see a real WoA system...
Regards
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the wine-bugs
mailing list