[Bug 52646] wit.exe from Wimms Iso Tools crashes on iso extraction

WineHQ Bugzilla wine-bugs at winehq.org
Sat Mar 19 09:44:16 CDT 2022 

https://bugs.winehq.org/show_bug.cgi?id=52646

Bernhard Übelacker <bernhardu at mailbox.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |bernhardu at mailbox.org

--- Comment #12 from Bernhard Übelacker <bernhardu at mailbox.org> ---
Created attachment 72050
  --> https://bugs.winehq.org/attachment.cgi?id=72050
debugging attempt

> wine: Unhandled page fault on read access to 00000001 at address 610B1B48 ...
> => 0x610b1b48 <_ZN8cwdstuff18override_win32_cwdEbm+744>:        movzbl 0x1(%eax),%ecx

Hello, I tried to reproduce and found that the crash at 610B1B48 is caused
in find_fast_cwd_pointer searching in RtlGetCurrentDirectory_U for a
call instruction, taking the function from that call and searching in this
function for a "push %edi" there.
But if there is no such instruction above page fault is received.

Upstream leaves now the function if no such instruction is found:
https://sourceware.org/git/?p=newlib-cygwin.git;a=commitdiff;h=4ddf5903fd24feaa6f75ffb12f9cafdd266b386a
The cygwin1.dll versions up to 3.1.2 are affected, 3.1.3 contain this fix.
Unfortunately this wit application bundles cygwin1.dll in version 3.0.7.

One can still use older cygwin1.dll releases by adding 64 nop instructions
at the begin of RtlGetCurrentDirectory_U like this line:
        __asm__ __volatile__( "nop" );

With this modification "wine wit.exe -h" shows it help page.


> ...: page fault on read access to 0x00000001 in 32-bit code (0x610a24aa).
> 0x610a24aa cygwin1+0xa24aa: movzbl	0x1(%eax),%ecx

The crashing address 0x610b1b48 for Fabian Maurer and me is quite different
to the address 0x610a24aa shown to Joel G.
But the instruction shown there and the read access address is equal.
Therefore I wouldn't exclude the initial crash is what I received above,
but especially the different alignment looks strange.

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list