Use of virtual_check_buffer_for_write / IsBadWritePtr

Andrew Wesie awesie at
Wed May 6 19:45:13 CDT 2020

While trying to solve bug 48665 by fixing the ntdll-WRITE_COPY staging
patches, I think I am now faced with a fundamental problem with Wine
that has been noted in the past but I'm hoping for some resolution.

In ntdll, most functions that indirectly modify a buffer will call
virtual_check_buffer_for_write or use one of the virtual_locked_*
functions. This is required to support write watches, and, with the
staging patchset above, WRITECOPY. There is a race condition with
virtual_check_buffer_for_write but it generally works.

However, not all Wine functions do this; e.g. NtReadFileScatter does
not. And if a buffer gets passed to a third party library, then that
third party library definitely won't call these functions even if it
is appropriate, so, theoretically, the Wine interface should be
calling IsBadReadPtr / IsBadWritePtr for any buffers that may be
touched by a third party library.

The current situation is one where some APIs in ntdll do the correct
thing but most Wine functions do not. My question is then: do we
continue the practice of adding calls to IsBadReadPtr / IsBadWritePtr
/ virtual_check_buffer_for_write when things break, or should these be
added more proactively? It feels a little inconsistent at the moment.

(As a side note, I investigated using userfaultfd-wp to solve this
problem more generally, but it is Linux-specific and not quite ready
for prime time.)


More information about the wine-devel mailing list