On May 19, 2019, at 3:54 PM, Andrew Wesie awesie@gmail.com wrote:
In bug 47198 (https://bugs.winehq.org/show_bug.cgi?id=47198), we found that League of Legends is trying to access the 64-bit TEB if it detects that it is running under a 64-bit kernel. It does this by checking if the %cs segment selector matches a WoW64 environment, and if it does, it will then access %gs:0x60.
I take it the program is a 32-bit program. Otherwise, this would be fine.
On WoW64, %gs points to the 64-bit TEB and %gs:0x60 is a pointer to the 64-bit PEB. Under Wine on Linux, however, %gs is reserved for glibc and %gs:0x60 contains a list pointer that we cannot corrupt without crashing. The current solution in the referenced bug is to patch glibc to reserve some space for Wine; thankfully that portion of the TEB is glibc internal and can be reserved without rebuilding other libraries.
So, my question is how to move forward. I see a few options:
- Require users to have a patched glibc.
1a) Ask glibc nicely to upstream this patch. 1b) Lutris and downstream packagers can ship a compatible glibc with their Wine builds if they choose. 2. Similar to the aarch64 issue with x18, find a way to save and restore %gs at the boundary between PE modules and native modules. 3. Find some way to trap accesses to %gs:0x60 without using hardware breakpoints and without destroying performance.
Perhaps 4: use a different code segment so that the %cs segment selector doesn't look like a WoW64 environment. Kind of specific to this particular app's behavior, so not great, but maybe passable.
-Ken