[Bug 59850] New: Exit unwind is broken
http://bugs.winehq.org/show_bug.cgi?id=59850 Bug ID: 59850 Summary: Exit unwind is broken Product: Wine Version: 10.0 Hardware: x86-64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs@list.winehq.org Reporter: lh_mouse@126.com Distribution: --- Created attachment 81147 --> http://bugs.winehq.org/attachment.cgi?id=81147 reproducible testcase The attached testcase attempts to perform an exit unwind without a target frame. The exception handler should handle the exception and terminate the process normally. Compiling and running this program on Windows prints: ``` doing exit unwind code = 0xc0000027 flags = 0x6 ``` It used to work on Wine on Debian Bookworm (?), but it no longer works on Trixie. ``` $ wine --version wine-10.0 (Debian 10.0~repack-6) ``` -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59850 --- Comment #1 from LIU Hao <lh_mouse@126.com> --- Created attachment 81148 --> http://bugs.winehq.org/attachment.cgi?id=81148 wine 10.0 backtrace On Wine 10.0 this causes access violation because RIP becomes null. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59850 Ken Sharp <imwellcushtymelike@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |testcase --- Comment #2 from Ken Sharp <imwellcushtymelike@gmail.com> --- We're already on Wine 11.11. Please upgrade and try again. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59850 LIU Hao <lh_mouse@126.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #81148|0 |1 is obsolete| | --- Comment #3 from LIU Hao <lh_mouse@126.com> --- Created attachment 81157 --> http://bugs.winehq.org/attachment.cgi?id=81157 wine 11.11 log yes same. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59850 Bernhard Übelacker <bernhardu@mailbox.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bernhardu@mailbox.org --- Comment #4 from Bernhard Übelacker <bernhardu@mailbox.org> --- I tried to collect some details. But could not get the testcase to succed within a Bookworm VM with the winehq packages. As far as I see RIP gets the null pointer via the parameter to RtlUnwind. Bolow is the backtrace where the context is set, which later tries to execute at the null pointer. (rr) bt #0 NtSetContextThread at dlls/ntdll/unix/signal_x86_64.c:1061 #1 signal_set_full_context at dlls/ntdll/unix/signal_x86_64.c:975 #2 NtContinueEx at dlls/ntdll/unix/server.c:865 #3 NtContinue at dlls/ntdll/unix/server.c:842 #4 __wine_syscall_dispatcher () from dlls/ntdll/ntdll.so #5 NtContinue () from dlls/ntdll/x86_64-windows/ntdll.dll #6 RtlRestoreContext at dlls/ntdll/signal_x86_64.c:682 #7 RtlUnwindEx at dlls/ntdll/signal_x86_64.c:817 #8 RtlUnwind at dlls/ntdll/unwind.c:2383 #9 test_exit_unwind () at 59850_unwind.c:31 #10 main () at 59850_unwind.c:37 -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59850 --- Comment #5 from LIU Hao <lh_mouse@126.com> --- (In reply to Bernhard Übelacker from comment #4)
I tried to collect some details. But could not get the testcase to succed within a Bookworm VM with the winehq packages.
As far as I see RIP gets the null pointer via the parameter to RtlUnwind. Bolow is the backtrace where the context is set, which later tries to execute at the null pointer.
https://learn.microsoft.com/en-us/windows/win32/api/winnt/nf-winnt-rtlunwind...
Parameters [in, optional] TargetFrame
A pointer to the call frame that is the target of the unwind. If this parameter is NULL, the function performs an exit unwind.
[in, optional] TargetIp
The continuation address of the unwind. This parameter is ignored if TargetFrame is NULL.
A null `TargetFrame` means the unwinder should unwind every frame it encounters and `TargetIp` should be ignored. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59850 Alex Henrie <alexhenrie24@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |NEW Keywords| |source CC| |alexhenrie24@gmail.com Version|10.0 |9.12 Component|-unknown |ntdll Regression SHA1| |6e82d33eb70d88a72eed03c2fc9 | |9ff4402a50a54 Ever confirmed|0 |1 --- Comment #6 from Alex Henrie <alexhenrie24@gmail.com> --- I can reproduce the crash. `git bisect` says: 6e82d33eb70d88a72eed03c2fc99ff4402a50a54 is the first bad commit commit 6e82d33eb70d88a72eed03c2fc99ff4402a50a54 Author: Alexandre Julliard <julliard@winehq.org> Date: Thu Jun 20 16:23:25 2024 +0200 ntdll: Don't set the TEB ExceptionList to -1 on 64-bit. The tests show that it should be zero. dlls/ntdll/unix/virtual.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59850 Alex Henrie <alexhenrie24@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |regression -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
WineHQ Bugzilla