Module: wine Branch: master Commit: e628eb2c6ff84ff347d78b0c7a601665a51dbcef URL: https://gitlab.winehq.org/wine/wine/-/commit/e628eb2c6ff84ff347d78b0c7a60166...
Author: Brendan Shanks bshanks@codeweavers.com Date: Tue Feb 20 21:49:36 2024 -0800
ntdll: On x86_64, don't access %gs in signal_start_thread().
%gs is not set until call_init_thunk(). Also, adjust other TEB accesses to be consistent with the surrounding functions.
Fixes a crash on macOS introduced by 7ae488a2bb58501684c6475d4942277b852475fc ("ntdll: Don't hardcode xstate size in syscall frame.")
---
dlls/ntdll/unix/signal_i386.c | 4 ++-- dlls/ntdll/unix/signal_x86_64.c | 21 +++------------------ 2 files changed, 5 insertions(+), 20 deletions(-)
diff --git a/dlls/ntdll/unix/signal_i386.c b/dlls/ntdll/unix/signal_i386.c index 93bcf607f41..3ac12a35db6 100644 --- a/dlls/ntdll/unix/signal_i386.c +++ b/dlls/ntdll/unix/signal_i386.c @@ -1618,7 +1618,7 @@ __ASM_GLOBAL_FUNC( call_user_mode_callback, "movl 0x18(%ebp),%edx\n\t" /* teb */ "pushl 0(%edx)\n\t" /* teb->Tib.ExceptionList */ "subl $0x280,%esp\n\t" /* sizeof(struct syscall_frame) */ - "subl %fs:0x204,%esp\n\t" /* x86_thread_data()->xstate_features_size */ + "subl 0x204(%edx),%esp\n\t" /* x86_thread_data()->xstate_features_size */ "andl $~63,%esp\n\t" "leal 8(%ebp),%eax\n\t" "movl %eax,0x38(%esp)\n\t" /* frame->syscall_cfa */ @@ -2547,7 +2547,7 @@ __ASM_GLOBAL_FUNC( signal_start_thread, "orl %eax,%eax\n\t" "jnz 1f\n\t" "leal -0x280(%esp),%eax\n\t" /* sizeof(struct syscall_frame) */ - "subl %fs:0x204,%eax\n\t" /* x86_thread_data()->xstate_features_size */ + "subl 0x204(%ecx),%eax\n\t" /* x86_thread_data()->xstate_features_size */ "andl $~63,%eax\n\t" "movl %eax,0x1f8(%ecx)\n" /* x86_thread_data()->syscall_frame */ /* switch to kernel stack */ diff --git a/dlls/ntdll/unix/signal_x86_64.c b/dlls/ntdll/unix/signal_x86_64.c index 501ae14cae5..01bbd2e3572 100644 --- a/dlls/ntdll/unix/signal_x86_64.c +++ b/dlls/ntdll/unix/signal_x86_64.c @@ -1584,12 +1584,7 @@ __ASM_GLOBAL_FUNC( call_user_mode_callback, "movq %rsi,-0x38(%rbp)\n\t" /* ret_ptr */ "movq %rdx,-0x40(%rbp)\n\t" /* ret_len */ "subq $0x308,%rsp\n\t" /* sizeof(struct syscall_frame) + exception */ -#ifdef __APPLE__ - "movq %gs:0x30,%rsi\n\t" - "movl 0x33c(%rsi),%esi\n\t" -#else - "movl %gs:0x33c,%esi\n\t" /* amd64_thread_data()->xstate_features_size */ -#endif + "movl 0x33c(%r8),%esi\n\t" /* amd64_thread_data()->xstate_features_size */ "subq %rsi,%rsp\n\t" "andq $~63,%rsp\n\t" "leaq 0x10(%rbp),%rax\n\t" @@ -1629,12 +1624,7 @@ __ASM_GLOBAL_FUNC( user_mode_callback_return, __ASM_CFI(".cfi_rel_offset %r13,-0x18\n\t") __ASM_CFI(".cfi_rel_offset %r14,-0x20\n\t") __ASM_CFI(".cfi_rel_offset %r15,-0x28\n\t") -#ifdef __APPLE__ - "movq %gs:0x30,%rax\n\t" - "movl 0x33c(%rax),%eax\n\t" -#else - "movl %gs:0x33c,%eax\n\t" /* amd64_thread_data()->xstate_features_size */ -#endif + "movl 0x33c(%rcx),%eax\n\t" /* amd64_thread_data()->xstate_features_size */ "movq 0x300(%r10,%rax),%rax\n\t" /* exception list */ "movq %rax,0(%rcx)\n\t" /* teb->Tib.ExceptionList */ "movq -0x38(%rbp),%r10\n\t" /* ret_ptr */ @@ -2600,12 +2590,7 @@ __ASM_GLOBAL_FUNC( signal_start_thread, "orq %r8,%r8\n\t" "jnz 1f\n\t" "leaq -0x300(%rsp),%r8\n\t" /* sizeof(struct syscall_frame) */ -#ifdef __APPLE__ - "movq %gs:0x30,%rax\n\t" - "movl 0x33c(%rax),%eax\n\t" -#else - "movl %gs:0x33c,%eax\n\t" /* amd64_thread_data()->xstate_features_size */ -#endif + "movl 0x33c(%rcx),%eax\n\t" /* amd64_thread_data()->xstate_features_size */ "subq %rax,%r8\n\t" "andq $~63,%r8\n\t" "movq %r8,0x328(%rcx)\n" /* amd64_thread_data()->syscall_frame */