[Bug 19296] Multiple apps wrapped with Shrinker 3.5 fail with unexpected guard page fault caused by Wine's ATL thunk check (Uru: Ages beyond Myst, Football Manager 2010 Demo)

Mon Oct 13 15:34:47 CDT 2014

https://bugs.winehq.org/show_bug.cgi?id=19296

--- Comment #21 from Sebastian Lackner <sebastian at fds-team.de> ---
(In reply to Anastasius Focht from comment #20)
> Hello folks,
> 
> the recent ATL thunk patch series made the thing more compliant :)
> There is still a missing piece though, that is not executing ATL thunk check
> on a guard page.

Thats not right, the tests definitely show that the ATL thunk check is also
performed on guard pages (because the guard page flag is removed before thunk
check happens). Nevertheless, there are still a couple of patches missing, so
there is a chance that the remaining issues might be solved afterwards.

> 
> Another thing I noticed...
> 
> Wine's process execution flags are reversed for 'enabled' and 'disabled'
> options.
> 
> From my comment here: https://bugs.winehq.org/show_bug.cgi?id=24125#c7
> 
> https://src.chromium.org/svn/trunk/src/sandbox/win/src/
> process_mitigations_test.cc
> 
> Chromium source snippet, part of test suite:
> 
> --- snip ---
>     const int MEM_EXECUTE_OPTION_ENABLE = 1;
>     const int MEM_EXECUTE_OPTION_DISABLE = 2;
>     const int MEM_EXECUTE_OPTION_ATL7_THUNK_EMULATION = 4;
>     const int MEM_EXECUTE_OPTION_PERMANENT = 8;
>     dep_flags &= 0xff;
> --- snip ---
> 
> vs.
> 
> Source:
> http://source.winehq.org/git/wine.git/blob/
> 9a806d0f1c10289241500519beda73f1ac556586:/include/winternl.h#l729
> 
> --- snip ---
> 729 #define MEM_EXECUTE_OPTION_DISABLE 0x01
> 730 #define MEM_EXECUTE_OPTION_ENABLE 0x02
> 731 #define MEM_EXECUTE_OPTION_DISABLE_THUNK_EMULATION 0x04
> 732 #define MEM_EXECUTE_OPTION_PERMANENT 0x08
> --- snip ---

I noticed that, but Wine is right in this case. I've looked up several pages,
and the meaning of MEM_EXECUTE_OPTION_ENABLE is that executing pages is always
enabled, which means DEP is disabled. Chrome uses the flags with inversed
order, but it shouldn't matter - it is swapped everywhere. This especially
means that their way to set the DEP policy is wrong, and only works because of
the swapped constants.

> 
> Applications that use the native API way to achieve
> '[Get|Set]ProcessDEPPolicy' on pre-Vista Windows OS where this entry point
> is not available will have the reverse effect.

Those functions are the next on my plan, already started working on them. ;)

> 
> Thanks for the work so far, Sebastian.
> 
> Regards

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.