[Bug 46155] Windows PowerShell Core 6.1 for ARM64 crashes on unimplemented function KERNEL32.dll.RaiseFailFastException

wine-bugs at winehq.org wine-bugs at winehq.org
Mon Nov 19 15:20:48 CST 2018 

https://bugs.winehq.org/show_bug.cgi?id=46155

--- Comment #3 from Anastasius Focht <focht at gmx.net> ---
Hello André,

here is the output as requested, with the patch applied.

--- snip ---
...
002b:Call KERNEL32.VirtualAlloc(00000000,003a0000,00202000,00000004)
ret=0083fb90
002b:Ret  KERNEL32.VirtualAlloc() retval=18f30000 ret=0083fb90
002b:Call KERNEL32.VirtualAlloc(18f30000,00090168,00001000,00000004)
ret=0083fbdc
002b:Ret  KERNEL32.VirtualAlloc() retval=18f30000 ret=0083fbdc
002b:trace:seh:raise_exception code=c0000005 flags=0 addr=0x83fc2c pc=83fc2c
tid=002b
002b:trace:seh:raise_exception  info[0]=0000000000000000
002b:trace:seh:raise_exception  info[1]=0000000018f30000
002b:trace:seh:raise_exception  x0=0000000018f30000 x1=000000007bd43e1f
x2=0000000000000000 x3=0000000000000000
002b:trace:seh:raise_exception  x4=000000007bd43e1f x5=000000007bd43de0
x6=0000007f86c9ef10 x7=0000000000000002
002b:trace:seh:raise_exception  x8=000000000000c000 x9=000000000000003f
x10=0000000000000001 x11=0000000000000000
002b:trace:seh:raise_exception  x12=000000000000003a x13=0000000018f30040
x14=ffffffffffffffc1 x15=000000007bd25a70
002b:trace:seh:raise_exception  x16=000000007bd26008 x17=0000007f86d35dc0
x18=000000007ffd8000 x19=0000000000a77348
002b:trace:seh:raise_exception  x20=0000000018f30000 x21=0000000018f30000
x22=0000000000f30000 x23=0000000000090168
002b:trace:seh:raise_exception  x24=0000000000a6a270 x25=00000000000000c4
x26=0000000000a69ea8 x27=0000000000030000
002b:trace:seh:raise_exception  x28=0000000000595290 fp=00000000002ada30
lr=000000000083fbdc sp=00000000002ada30
002b:trace:seh:raise_exception  pc=000000000083fc2c
002b:trace:seh:call_vectored_handlers calling handler at 0x5e4550 code=c0000005
flags=0
002b:Call KERNEL32.GetLastError() ret=005e458c
002b:Ret  KERNEL32.GetLastError() retval=0000007a ret=005e458c
002b:Call KERNEL32.IsDebuggerPresent() ret=007665f4
002b:Ret  KERNEL32.IsDebuggerPresent() retval=00000000 ret=007665f4 
...
002b:err:eventlog:ReportEventW L"Application: pwsh.exe\nCoreCLR Version:
4.6.26919.2\nDescription: The process was terminated due to an internal error
in the .NET Runtime at IP 000000000083FC2C (0000000000570000) with exit code
80131506.\n" 
...
002b:Call KERNEL32.IsDebuggerPresent() ret=005e0498
002b:Ret  KERNEL32.IsDebuggerPresent() retval=00000000 ret=005e0498
...
002b:Call KERNEL32.RaiseFailFastException(002ad990,002ad600,00000000)
ret=005e05fc
wine: Unhandled page fault on read access to 0x18f30000 at address 0x83fc2c
(thread 002b), starting debugger...
002b:trace:seh:start_debugger Starting debugger "winedbg --auto 42 160"
...
002b:trace:process:CreateProcessInternalW starting
L"C:\\windows\\system32\\winedbg.exe" as Win64 binary (10000000-10050000,
ARM64)
002b:trace:process:CreateProcessInternalW started process pid 002d tid 002e
002b:Ret  KERNEL32.RaiseFailFastException() retval=00000001 ret=005e05fc
002b:Call KERNEL32.SetEvent(00000064) ret=00922a20
002b:Ret  KERNEL32.SetEvent() retval=00000001 ret=00922a20
002b:Call KERNEL32.SetEvent(00000060) ret=00922a30
002b:Ret  KERNEL32.SetEvent() retval=00000001 ret=00922a30
002b:Call KERNEL32.IsDebuggerPresent() ret=005e0660
002b:Ret  KERNEL32.IsDebuggerPresent() retval=00000001 ret=005e0660
002b:Call KERNEL32.SetErrorMode(00000000) ret=005e06a0
002b:trace:process:NtQueryInformationProcess
(0xffffffffffffffff,0x0000000c,0x2abb78,0x00000004,(nil))
002b:Ret  KERNEL32.SetErrorMode() retval=00000000 ret=005e06a0
002b:Call KERNEL32.SetErrorMode(00000002) ret=005e06ac
002b:trace:process:NtQueryInformationProcess
(0xffffffffffffffff,0x0000000c,0x2abb78,0x00000004,(nil))
002b:Ret  KERNEL32.SetErrorMode() retval=00000000 ret=005e06ac
002b:Call KERNEL32.IsDebuggerPresent() ret=005e0764
002b:Ret  KERNEL32.IsDebuggerPresent() retval=00000001 ret=005e0764
002b:Call KERNEL32.DebugBreak() ret=005e0774
002b:trace:seh:raise_exception code=80000003 flags=0 addr=0x7f86ce72b8
pc=7f86ce72b8 tid=002b
002b:trace:seh:raise_exception  x0=0000000000000000 x1=0000000000000005
x2=00000000002abc20 x3=0000000000000000
002b:trace:seh:raise_exception  x4=000000007bd43e0d x5=000000007bd43de0
x6=0000007f86c9ef10 x7=0000000000000002
002b:trace:seh:raise_exception  x8=0000000000000081 x9=000000007bcd2ef8
x10=0000000000000001 x11=0000000000000000
002b:trace:seh:raise_exception  x12=000000000000000f x13=0000000000000000
x14=ffffffffffffffd3 x15=000000007bd25a70
002b:trace:seh:raise_exception  x16=000000007bd26138 x17=0000007f86ce72b0
x18=000000007ffd8000 x19=00000000002abc20
002b:trace:seh:raise_exception  x20=0000000000a6a280 x21=00000000002ad310
x22=0000000000074520 x23=000000000006e680
002b:trace:seh:raise_exception  x24=0000000000947000 x25=0000000000000000
x26=0000000000000001 x27=0000000000947000
002b:trace:seh:raise_exception  x28=00000000002abcf0 fp=00000000002abb80
lr=000000007bcd2f18 sp=00000000002abb70
002b:trace:seh:raise_exception  pc=0000007f86ce72b8
0x0000007f86ce72b8 kill+0x8 in libc.so.6: be_arm64_disasm_one_insn: not done
... 
Modules:
Module    Address                    Debug info    Name (63 modules)
PE              3d0000-          45d000    Deferred        hostpolicy
PE              570000-          ac8000    Export          coreclr
ELF            7b400000-        7b827000    Dwarf           kernel32<elf>
  \-PE            7b420000-        7b827000    \               kernel32
ELF            7bc00000-        7bd45000    Dwarf           ntdll<elf>
  \-PE            7bc20000-        7bd45000    \               ntdll
ELF            7c000000-        7c004000    Deferred        <wine-loader>
PE           140000000-       140042000    Deferred        pwsh
PE           180000000-       18005d000    Deferred        hostfxr 
...
Threads:
process  tid      prio (all id:s are in hex)
...
0000002a (D) Z:\home\focht\projects\woa-winrt\powershell611-arm64\pwsh.exe
    0000002c    0
    0000002b    0 <==
System information:
    Wine build: wine-3.20-149-g04fe35a0a3
    Platform: arm64
    Version: Windows 7
    Host system: Linux 
--- snip ---

One potential problem is that the function returns after the debugger/crash
reporter process is started. The app code (CLR) raises another exception ->
debugbreak. So one gets some sort of double-exception race, although only the
first one is seen by winedbg/crash reporter.

That kind of "runaway" problem is essentially the same as bug 24038
("kernel32.UnhandledExceptionFilter: ensure that registered JIT debugger can
attach and collect debugging info before return ("Cannot get info on module
while no process is loaded")" -> different problem.

Anyway, this is still better than abusing unhandled stub exception which just
hides the actual exception.

@Zeb:

--- quote ---
Along the lines of bug 45656, is there really any point implementing this
function?
--- quote ---

Bug 45656 is certainly a different class than this one. This one is part of
public userland API and actually being called by apps or compiler
generated/injected code.

* Microsoft Control Flow Guard (CFG) feature:
https://blogs.msdn.microsoft.com/vcblog/2014/12/08/visual-studio-2015-preview-work-in-progress-security-feature/ 

* Microsoft .NET Core CLR:
https://github.com/dotnet/corert/blob/master/src/System.Private.CoreLib/src/Interop/Interop.manual.cs#L41

* Google Chromium project:
https://chromium.googlesource.com/chromium/src/+/master/base/debug/invalid_access_win.cc#19

* http://kirkshoop.github.io/2011/11/01/failfast.html (just a random blog
entry)

Regards

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list