http://bugs.winehq.org/show_bug.cgi?id=34479
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |focht@gmx.net Component|-unknown |ntdll Summary|Advantage Cooking: crashes |Advantage Cooking: crashes |on start |on start (check for ATL | |thunk triggers unexpected | |guard page fault)
--- Comment #2 from Anastasius Focht focht@gmx.net 2013-09-09 19:59:52 CDT --- Hello folks,
confirming.
From a quick glance it seems the check for ATL thunk triggers a guard page
fault which the parent process (which acts as debugger) doesn't expect.
Source: http://source.winehq.org/git/wine.git/blob/f8cdbecc25b589ce3e008f9d735fbd9df...
--- snip --- 1602 static BOOL check_atl_thunk( EXCEPTION_RECORD *rec, CONTEXT *context ) 1603 { 1604 const struct atl_thunk *thunk = (const struct atl_thunk *)rec->ExceptionInformation[1]; 1605 BOOL ret = FALSE; 1606 1607 if (!virtual_is_valid_code_address( thunk, sizeof(*thunk) )) return FALSE; 1608 1609 __TRY 1610 { 1611 if (thunk->movl == 0x042444c7 && thunk->jmp == 0xe9) 1612 { 1613 *((DWORD *)context->Esp + 1) = thunk->this; 1614 context->Eip = (DWORD_PTR)(&thunk->func + 1) + thunk->func; 1615 TRACE( "emulating ATL thunk at %p, func=%08x arg=%08x\n", 1616 thunk, context->Eip, *((DWORD *)context->Esp + 1) ); 1617 ret = TRUE; 1618 } 1619 } 1620 __EXCEPT_PAGE_FAULT 1621 { 1622 return FALSE; 1623 } 1624 __ENDTRY 1625 return ret; 1626 } --- snip ---
Guard pages are for example used when CopyMem-II feature has been enabled in protection (client causes access fault, parent = debugger sees special exception type and writes decrypted page back to client process).
Regards