[PATCH v2 0/2] MR85: ntdll: Fix Wow64 crashes when many threads are created.

List overview All Threads

newer

older

Re: [PATCH v2 0/6] MR103: winemac:...

Re: [PATCH v2 0/2] MR102: d3dx9:...

Brendan Shanks (＠bshanks)

20 May 2022 20 May '22

8:23 p.m.

On both Mac and Linux under Wow64, after ~120 threads are created, the 64-bit stacks start to be allocated above 4GB.

This triggered crashes in alloc_fs_sel() and when the result of get_cpu_area() was used. (On Mac the ntdll threadpool tests reproduced this, but on both platforms a test app that created 256 threads also worked).

-- v2: ntdll: Avoid truncating pointer to 32-bits in get_cpu_area(). ntdll: Use 32-bit stack in alloc_fs_sel().

https://gitlab.winehq.org/wine/wine/-/merge_requests/85

Show replies by date

Brendan Shanks

20 May 20 May

8:23 p.m.

New subject: [PATCH v2 1/2] ntdll: Use 32-bit stack in alloc_fs_sel().

From: Brendan Shanks bshanks@codeweavers.com

Signed-off-by: Brendan Shanks bshanks@codeweavers.com Signed-off-by: Alexandre Julliard julliard@winehq.org --- dlls/ntdll/unix/signal_x86_64.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dlls/ntdll/unix/signal_x86_64.c b/dlls/ntdll/unix/signal_x86_64.c index 34334f72ff0..cd50df0c805 100644 --- a/dlls/ntdll/unix/signal_x86_64.c +++ b/dlls/ntdll/unix/signal_x86_64.c @@ -94,7 +94,7 @@ __ASM_GLOBAL_FUNC( alloc_fs_sel, "pushq %rbx\n\t" "pushq %rdi\n\t" "movq %rsp,%rdi\n\t" - "movq %gs:0x8,%rsp\n\t" /* NtCurrentTeb()->Tib.StackBase */ + "movl 0x4(%rdx),%esp\n\t" /* Tib.StackBase */ "subl $0x10,%esp\n\t" /* setup modify_ldt struct on 32-bit stack */ "movl %ecx,(%rsp)\n\t" /* entry_number */

-- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/85

Brendan Shanks

8:23 p.m.

New subject: [PATCH v2 2/2] ntdll: Avoid truncating pointer to 32-bits in get_cpu_area().

From: Brendan Shanks bshanks@codeweavers.com

Signed-off-by: Brendan Shanks bshanks@codeweavers.com Signed-off-by: Alexandre Julliard julliard@winehq.org --- dlls/ntdll/process.c | 2 +- dlls/ntdll/unix/thread.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/dlls/ntdll/process.c b/dlls/ntdll/process.c index 7b36c988e81..0b4245fdd42 100644 --- a/dlls/ntdll/process.c +++ b/dlls/ntdll/process.c @@ -161,7 +161,7 @@ NTSTATUS WINAPI RtlWow64GetCpuAreaInfo( WOW64_CPURESERVED *cpu, ULONG reserved,

for (i = 0; i < ARRAY_SIZE(data); i++) { -#define ALIGN(ptr,align) ((void *)(((ULONG_PTR)(ptr) + (align) - 1) & ~((align) - 1))) +#define ALIGN(ptr,align) ((void *)(((ULONG_PTR)(ptr) + (align) - 1) & ~((ULONG_PTR)(align) - 1))) if (data[i].machine != cpu->Machine) continue; info->Context = ALIGN( cpu + 1, data[i].align ); info->ContextEx = ALIGN( (char *)info->Context + data[i].size, sizeof(void *) ); diff --git a/dlls/ntdll/unix/thread.c b/dlls/ntdll/unix/thread.c index 503230e4634..6d937675bcb 100644 --- a/dlls/ntdll/unix/thread.c +++ b/dlls/ntdll/unix/thread.c @@ -1111,7 +1111,7 @@ void *get_cpu_area( USHORT machine ) case IMAGE_FILE_MACHINE_ARM64: align = TYPE_ALIGNMENT(ARM64_NT_CONTEXT); break; default: return NULL; } - return (void *)(((ULONG_PTR)(cpu + 1) + align - 1) & ~(align - 1)); + return (void *)(((ULONG_PTR)(cpu + 1) + align - 1) & ~((ULONG_PTR)align - 1)); }

-- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/85

Alexandre Julliard (＠julliard)

8:23 p.m.

New subject: [PATCH v2 0/2] MR85: ntdll: Fix Wow64 crashes when many threads are created. - approved

This merge request was approved by Alexandre Julliard.

-- https://gitlab.winehq.org/wine/wine/-/merge_requests/85

963

Age (days ago)

963

Last active (days ago)

wine-devel@winehq.org

3 comments

3 participants

tags (0)

participants (3)

Alexandre Julliard (＠julliard)
Brendan Shanks
Brendan Shanks (＠bshanks)