https://bugs.winehq.org/show_bug.cgi?id=52646
Bernhard Übelacker bernhardu@mailbox.org changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |bernhardu@mailbox.org
--- Comment #12 from Bernhard Übelacker bernhardu@mailbox.org --- Created attachment 72050 --> https://bugs.winehq.org/attachment.cgi?id=72050 debugging attempt
wine: Unhandled page fault on read access to 00000001 at address 610B1B48 ... => 0x610b1b48 <_ZN8cwdstuff18override_win32_cwdEbm+744>: movzbl 0x1(%eax),%ecx
Hello, I tried to reproduce and found that the crash at 610B1B48 is caused in find_fast_cwd_pointer searching in RtlGetCurrentDirectory_U for a call instruction, taking the function from that call and searching in this function for a "push %edi" there. But if there is no such instruction above page fault is received.
Upstream leaves now the function if no such instruction is found: https://sourceware.org/git/?p=newlib-cygwin.git;a=commitdiff;h=4ddf5903fd24f... The cygwin1.dll versions up to 3.1.2 are affected, 3.1.3 contain this fix. Unfortunately this wit application bundles cygwin1.dll in version 3.0.7.
One can still use older cygwin1.dll releases by adding 64 nop instructions at the begin of RtlGetCurrentDirectory_U like this line: __asm__ __volatile__( "nop" );
With this modification "wine wit.exe -h" shows it help page.
...: page fault on read access to 0x00000001 in 32-bit code (0x610a24aa). 0x610a24aa cygwin1+0xa24aa: movzbl 0x1(%eax),%ecx
The crashing address 0x610b1b48 for Fabian Maurer and me is quite different to the address 0x610a24aa shown to Joel G. But the instruction shown there and the read access address is equal. Therefore I wouldn't exclude the initial crash is what I received above, but especially the different alignment looks strange.