wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2025-01-28 22:04:43 -08:00
Code Issues Packages Projects Releases Wiki Activity

Added patch to fix crash when trying to switch back to a 16-bit stack.

Browse Source
This commit is contained in:
Sebastian Lackner 2015-03-02 16:25:46 +01:00
parent e86c1653d8
commit ce2930fb30
5 changed files with 138 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@ -38,7 +38,7 @@ Wine. All those differences are also documented on the
Included bug fixes and improvements
===================================
**Bugfixes and features included in the next upcoming release [15]:**
**Bugfixes and features included in the next upcoming release [16]:**
* Add stub for gdiplus.GdipCreateEffect ([Wine Bug #32163](https://bugs.winehq.org/show_bug.cgi?id=32163))
* Add support for CopyFileEx progress callback ([Wine Bug #22692](https://bugs.winehq.org/show_bug.cgi?id=22692))
@ -50,6 +50,7 @@ Included bug fixes and improvements
* Enforce that surfaces are flushed after ReleaseDC
* Fallback to global key state for threads without a queue ([Wine Bug #27238](https://bugs.winehq.org/show_bug.cgi?id=27238))
* Fix crash in clip_cursor_notify caused by uninitialized TLS
* Fix crash when trying to switch back to a 16-bit stack
* Fix race-condition when threads are killed during shutdown
* Implement SetFileInformationByHandle
* Process Hacker 2.x needs ntoskrnl.ProbeForRead ([Wine Bug #38103](https://bugs.winehq.org/show_bug.cgi?id=38103))

1
debian/changelog vendored
View File

@ -31,6 +31,7 @@ wine-staging (1.7.38) UNRELEASED; urgency=low
* Added patches to fix race-condition when closing browseui IProcessDialog.
* Added patch to avoid unloading msctf library while textservices are activated.
* Added patch to correct DDSCAPS2 and DDSURFACEDESC2 structure (by Amine Khaldi, wine-patched/pull/7).
* Added patch to fix crash when trying to switch back to a 16-bit stack.
* Removed patch to properly call DriverUnload when unloading device drivers (accepted upstream).
* Removed patch to allow Accept-Encoding for HTTP/1.0 in wininet (accepted upstream).
* Removed patch to declare pDirectInputCreateEx in a MSVC compatible way (accepted upstream).

16
patches/patchinstall.sh
View File

@ -197,6 +197,7 @@ patch_enable_all ()
enable_wine_inf_Performance="$1"
enable_wineboot_HKEY_DYN_DATA="$1"
enable_winebuild_LinkerVersion="$1"
enable_winebuild_Restore_Context="$1"
enable_winecfg_Libraries="$1"
enable_winecfg_Staging="$1"
enable_wined3d_CSMT_Helper="$1"
@ -632,6 +633,9 @@ patch_enable ()
winebuild-LinkerVersion)
enable_winebuild_LinkerVersion="$2"
;;
winebuild-Restore_Context)
enable_winebuild_Restore_Context="$2"
;;
winecfg-Libraries)
enable_winecfg_Libraries="$2"
;;
@ -3954,6 +3958,18 @@ if test "$enable_winebuild_LinkerVersion" -eq 1; then
) >> "$patchlist"
fi
# Patchset winebuild-Restore_Context
# |
# | Modified files:
# | * tools/winebuild/relay.c
# |
if test "$enable_winebuild_Restore_Context" -eq 1; then
patch_apply winebuild-Restore_Context/0001-winebuild-Conditionally-use-different-code-for-resto.patch
(
echo '+ { "Sebastian Lackner", "winebuild: Conditionally use different code for restoring the context structure.", 1 },';
) >> "$patchlist"
fi
# Patchset winecfg-Libraries
# |
# | This patchset fixes the following Wine bugs:

118
patches/winebuild-Restore_Context/0001-winebuild-Conditionally-use-different-code-for-resto.patch Normal file
View File

@ -0,0 +1,118 @@
From 771d35e63a5f64f82ac9f16d790033763fa82002 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Mon, 2 Mar 2015 01:59:00 +0100
Subject: winebuild: Conditionally use different code for restoring the context
structure.
Fixes a regression introduced by 44fbc018eda12bdee5c2c1e2e40dbdc6a81b27fd.
See for example: https://bugs.winehq.org/show_bug.cgi?id=26344#c9
The previous code was not completely correct for the situation when switching
back to a 16-bit stack. If ESP contains garbage in the high word, then accessing
the memory on the target stack fails. We could theoretically use only the lower
16-bits for accessing the memory, but there is no good way to determine if a
segment if 16- or 32-bit. To ensure that the original issue stays fixed this
patch adds a check, to decide at runtime if we can safely copy values on the target
stack or not. If not then we use again the "old" method of restoring the thread
context.
---
tools/winebuild/relay.c | 57 +++++++++++++++++++++++++++++++++++--------------
1 file changed, 41 insertions(+), 16 deletions(-)
diff --git a/tools/winebuild/relay.c b/tools/winebuild/relay.c
index 63c2ca4..cb4b0ca 100644
--- a/tools/winebuild/relay.c
+++ b/tools/winebuild/relay.c
@@ -852,36 +852,35 @@ static void build_call_from_regs_x86(void)
/* Restore the context structure */
- output( "2:\n" );
+ output( "2:\tpushl 0x94(%%ecx)\n" ); /* SegEs */
+ output( "\tpopl %%es\n" );
+ output( "\tpushl 0x90(%%ecx)\n" ); /* SegFs */
+ output( "\tpopl %%fs\n" );
+ output( "\tpushl 0x8c(%%ecx)\n" ); /* SegGs */
+ output( "\tpopl %%gs\n" );
+
+ output( "\tmovw %%ss,%%ax\n" );
+ output( "\tcmpw 0xc8(%%ecx),%%ax\n" ); /* SegSs */
+ output( "\tjne 3f\n" );
/* As soon as we have switched stacks the context structure could
* be invalid (when signal handlers are executed for example). Copy
* values on the target stack before changing ESP. */
- output( "\tpushl 0xc8(%%ecx)\n" ); /* SegSs */
- output( "\tpopl %%es\n" );
output( "\tmovl 0xc4(%%ecx),%%eax\n" ); /* Esp */
output( "\tleal -4*4(%%eax),%%eax\n" );
output( "\tmovl 0xc0(%%ecx),%%edx\n" ); /* EFlags */
- output( "\t.byte 0x26\n\tmovl %%edx,3*4(%%eax)\n" );
+ output( "\t.byte 0x36\n\tmovl %%edx,3*4(%%eax)\n" );
output( "\tmovl 0xbc(%%ecx),%%edx\n" ); /* SegCs */
- output( "\t.byte 0x26\n\tmovl %%edx,2*4(%%eax)\n" );
+ output( "\t.byte 0x36\n\tmovl %%edx,2*4(%%eax)\n" );
output( "\tmovl 0xb8(%%ecx),%%edx\n" ); /* Eip */
- output( "\t.byte 0x26\n\tmovl %%edx,1*4(%%eax)\n" );
+ output( "\t.byte 0x36\n\tmovl %%edx,1*4(%%eax)\n" );
output( "\tmovl 0xb0(%%ecx),%%edx\n" ); /* Eax */
- output( "\t.byte 0x26\n\tmovl %%edx,0*4(%%eax)\n" );
+ output( "\t.byte 0x36\n\tmovl %%edx,0*4(%%eax)\n" );
- output( "\tpushl %%es\n" );
output( "\tpushl 0x98(%%ecx)\n" ); /* SegDs */
- output(" \tpushl 0x94(%%ecx)\n" ); /* SegEs */
- output( "\tpopl %%es\n" );
- output( "\tpushl 0x90(%%ecx)\n"); /* SegFs */
- output( "\tpopl %%fs\n" );
- output( "\tpushl 0x8c(%%ecx)\n"); /* SegGs */
- output( "\tpopl %%gs\n" );
-
output( "\tmovl 0x9c(%%ecx),%%edi\n" ); /* Edi */
output( "\tmovl 0xa0(%%ecx),%%esi\n" ); /* Esi */
output( "\tmovl 0xa4(%%ecx),%%ebx\n" ); /* Ebx */
@@ -890,11 +889,37 @@ static void build_call_from_regs_x86(void)
output( "\tmovl 0xac(%%ecx),%%ecx\n" ); /* Ecx */
output( "\tpopl %%ds\n" );
- output( "\tpopl %%ss\n" );
output( "\tmovl %%eax,%%esp\n" );
output( "\tpopl %%eax\n" );
output( "\tiret\n" );
+
+ output("3:\n");
+
+ /* Restore the context when the stack segment changes. We can't use
+ * the same code as above because we do not know if the stack segment
+ * is 16 or 32 bit, and 'movl' will throw an exception when we try to
+ * access memory above the limit. */
+
+ output( "\tmovl 0x9c(%%ecx),%%edi\n" ); /* Edi */
+ output( "\tmovl 0xa0(%%ecx),%%esi\n" ); /* Esi */
+ output( "\tmovl 0xa4(%%ecx),%%ebx\n" ); /* Ebx */
+ output( "\tmovl 0xa8(%%ecx),%%edx\n" ); /* Edx */
+ output( "\tmovl 0xb0(%%ecx),%%eax\n" ); /* Eax */
+ output( "\tmovl 0xb4(%%ecx),%%ebp\n" ); /* Ebp */
+
+ output( "\tpushl 0xc8(%%ecx)\n" ); /* SegSs */
+ output( "\tpopl %%ss\n" );
+ output( "\tmovl 0xc4(%%ecx),%%esp\n" ); /* Esp */
+
+ output( "\tpushl 0xc0(%%ecx)\n" ); /* EFlags */
+ output( "\tpushl 0xbc(%%ecx)\n" ); /* SegCs */
+ output( "\tpushl 0xb8(%%ecx)\n" ); /* Eip */
+ output( "\tpushl 0x98(%%ecx)\n" ); /* SegDs */
+ output( "\tmovl 0xac(%%ecx),%%ecx\n" ); /* Ecx */
+
+ output( "\tpopl %%ds\n" );
+ output( "\tiret\n" );
output_cfi( ".cfi_endproc" );
output_function_size( "__wine_call_from_regs" );
--
2.3.0

1
patches/winebuild-Restore_Context/definition Normal file
View File

@ -0,0 +1 @@
Fixes: Fix crash when trying to switch back to a 16-bit stack