ntdll: Store instruction pointer register in x86_64 syscall frame.

dlls/ntdll/unix/signal_x86_64.c

@@ -1946,7 +1946,7 @@ NTSTATUS WINAPI NtGetContextThread( HANDLE handle, CONTEXT *context )
         {
             context->Rsp    = (ULONG64)&frame->ret_addr;
             context->Rbp    = frame->rbp;
-            context->Rip    = frame->thunk_addr;
+            context->Rip    = frame->rip;
             context->EFlags = frame->eflags;
             __asm__( "movw %%cs,%0" : "=g" (context->SegCs) );
             __asm__( "movw %%ss,%0" : "=g" (context->SegSs) );
@@ -2410,7 +2410,7 @@ static BOOL handle_syscall_fault( ucontext_t *sigcontext, EXCEPTION_RECORD *rec,
         R14_sig(sigcontext) = frame->r14;
         R15_sig(sigcontext) = frame->r15;
         RSP_sig(sigcontext) = (ULONG_PTR)&frame->ret_addr;
-        RIP_sig(sigcontext) = frame->thunk_addr;
+        RIP_sig(sigcontext) = frame->rip;
         if (fpu) *fpu = get_syscall_xsave( frame )->xsave;
         amd64_thread_data()->syscall_frame = NULL;
     }

tools/winebuild/import.c

@@ -1522,10 +1522,12 @@ void output_syscalls( DLLSPEC *spec )
             output( "\tmovq %%r13,-0x40(%%rbp)\n" );
             output( "\tmovq %%r14,-0x38(%%rbp)\n" );
             output( "\tmovq %%r15,-0x30(%%rbp)\n" );
-            output( "\tfxsave64 (%%rsp)\n" );
             /* Legends of Runeterra hooks the first system call return instruction, and
              * depends on us returning to it. Adjust the return address accordingly. */
             output( "\tsubq $0xb,0x8(%%rbp)\n" );
+            output( "\tmovq 0x8(%%rbp),%%rbx\n" );
+            output( "\tmovq %%rbx,-0x28(%%rbp)\n" );
+            output( "\tfxsave64 (%%rsp)\n" );
             output( "\tmovq %%gs:0x30,%%rcx\n" );
             output( "\tleaq -0x98(%%rbp),%%rbx\n" );
             output( "\tmovq %%rbx,0x328(%%rcx)\n" );  /* amd64_thread_data()->syscall_frame */