On 2020-06-22 23:27, Rémi Bernon wrote:
CoD: Black Ops 3 and CoD: WWII modify these (and several others) and expect to have enough space for a few instructions.
It then verifies later that the patches are still in place, and terminates if the byte sequence do not match. Having small symbols can make the patches to overlap and the check to fail.
Signed-off-by: Rémi Bernon rbernon@codeweavers.com
dlls/ntdll/signal_arm64.c | 4 ++-- dlls/ntdll/signal_i386.c | 4 ++-- dlls/ntdll/signal_x86_64.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/dlls/ntdll/signal_arm64.c b/dlls/ntdll/signal_arm64.c index 0159888f7ab..10cbb7c131a 100644 --- a/dlls/ntdll/signal_arm64.c +++ b/dlls/ntdll/signal_arm64.c @@ -1358,12 +1358,12 @@ USHORT WINAPI RtlCaptureStackBackTrace( ULONG skip, ULONG count, PVOID *buffer, /**********************************************************************
DbgBreakPoint (NTDLL.@)*/ -__ASM_STDCALL_FUNC( DbgBreakPoint, 0, "brk #0; ret") +__ASM_STDCALL_FUNC( DbgBreakPoint, 0, "brk #0; ret\n\t.nops 16")
/**********************************************************************
DbgUserBreakPoint (NTDLL.@)*/ -__ASM_STDCALL_FUNC( DbgUserBreakPoint, 0, "brk #0; ret") +__ASM_STDCALL_FUNC( DbgUserBreakPoint, 0, "brk #0; ret\n\t.nops 16")
/**********************************************************************
NtCurrentTeb (NTDLL.@)diff --git a/dlls/ntdll/signal_i386.c b/dlls/ntdll/signal_i386.c index 21cc1b3ead4..e050b87257d 100644 --- a/dlls/ntdll/signal_i386.c +++ b/dlls/ntdll/signal_i386.c @@ -565,12 +565,12 @@ USHORT WINAPI RtlCaptureStackBackTrace( ULONG skip, ULONG count, PVOID *buffer, /**********************************************************************
DbgBreakPoint (NTDLL.@)*/ -__ASM_STDCALL_FUNC( DbgBreakPoint, 0, "int $3; ret") +__ASM_STDCALL_FUNC( DbgBreakPoint, 0, "int $3; ret\n\t.nops 16")
/**********************************************************************
DbgUserBreakPoint (NTDLL.@)*/ -__ASM_STDCALL_FUNC( DbgUserBreakPoint, 0, "int $3; ret") +__ASM_STDCALL_FUNC( DbgUserBreakPoint, 0, "int $3; ret\n\t.nops 16")
/**********************************************************************
NtCurrentTeb (NTDLL.@)diff --git a/dlls/ntdll/signal_x86_64.c b/dlls/ntdll/signal_x86_64.c index 52f7b73f8bf..3bae66be188 100644 --- a/dlls/ntdll/signal_x86_64.c +++ b/dlls/ntdll/signal_x86_64.c @@ -2751,11 +2751,11 @@ USHORT WINAPI RtlCaptureStackBackTrace( ULONG skip, ULONG count, PVOID *buffer, /**********************************************************************
DbgBreakPoint (NTDLL.@)*/ -__ASM_STDCALL_FUNC( DbgBreakPoint, 0, "int $3; ret") +__ASM_STDCALL_FUNC( DbgBreakPoint, 0, "int $3; ret\n\t.nops 64")
/**********************************************************************
DbgUserBreakPoint (NTDLL.@)*/ -__ASM_STDCALL_FUNC( DbgUserBreakPoint, 0, "int $3; ret") +__ASM_STDCALL_FUNC( DbgUserBreakPoint, 0, "int $3; ret\n\t.nops 64")
#endif /* __x86_64__ */
So apparently old binutils like what's used in default Proton build doesn't know about .nops, I guess it could be .fill, or possibly .align before and after the int.