Commit cc9d69b2 authored by Alexandre Julliard's avatar Alexandre Julliard

ntdll: Pop the Unix stack completely in call_user_apc_dispatcher().

parent 5754bd9c
...@@ -602,18 +602,16 @@ __ASM_GLOBAL_FUNC( call_user_apc_dispatcher, ...@@ -602,18 +602,16 @@ __ASM_GLOBAL_FUNC( call_user_apc_dispatcher,
"mov sp, r0\n\t" "mov sp, r0\n\t"
"b 2f\n" "b 2f\n"
"1:\tldr r0, [r10]\n\t" "1:\tldr r0, [r10]\n\t"
"sub r11, r0, #0x1a0\n\t" "sub sp, r0, #0x1a0\n\t"
"cmp r11, sp\n\t"
"movlo sp, r11\n\t"
"mov r0, #3\n\t" "mov r0, #3\n\t"
"movt r0, #32\n\t" "movt r0, #32\n\t"
"str r0, [r11]\n\t" /* context.ContextFlags = CONTEXT_FULL */ "str r0, [sp]\n\t" /* context.ContextFlags = CONTEXT_FULL */
"mov r1, r11\n\t" "mov r1, sp\n\t"
"mov r0, #~1\n\t" "mov r0, #~1\n\t"
"bl " __ASM_NAME("NtGetContextThread") "\n\t" "bl " __ASM_NAME("NtGetContextThread") "\n\t"
"mov r0, #0xc0\n\t" "mov r0, #0xc0\n\t"
"str r0, [r11, #4]\n\t" /* context.R0 = STATUS_USER_APC */ "str r0, [sp, #4]\n\t" /* context.R0 = STATUS_USER_APC */
"mov r0, r11\n\t" "mov r0, sp\n\t"
"mov ip, #0\n\t" "mov ip, #0\n\t"
"str ip, [r10]\n\t" "str ip, [r10]\n\t"
"2:\tmov r1, r5\n\t" /* ctx */ "2:\tmov r1, r5\n\t" /* ctx */
......
...@@ -655,21 +655,17 @@ __ASM_GLOBAL_FUNC( call_user_apc_dispatcher, ...@@ -655,21 +655,17 @@ __ASM_GLOBAL_FUNC( call_user_apc_dispatcher,
"mov sp, x0\n\t" "mov sp, x0\n\t"
"b 2f\n" "b 2f\n"
"1:\tldr x0, [x25]\n\t" "1:\tldr x0, [x25]\n\t"
"sub x19, x0, #0x390\n\t" "sub sp, x0, #0x390\n\t"
"mov x0, sp\n\t"
"cmp x19, x0\n\t"
"csel x0, x19, x0, lo\n\t"
"mov sp, x0\n\t"
"mov w2, #0x400000\n\t" /* context.ContextFlags = CONTEXT_FULL */ "mov w2, #0x400000\n\t" /* context.ContextFlags = CONTEXT_FULL */
"movk w2, #7\n\t" "movk w2, #7\n\t"
"mov x1, x19\n\t" "str w2, [sp]\n\t"
"str w2, [x19]\n\t" "mov x1, sp\n\t"
"mov x0, #~1\n\t" "mov x0, #~1\n\t"
"bl " __ASM_NAME("NtGetContextThread") "\n\t" "bl " __ASM_NAME("NtGetContextThread") "\n\t"
"mov w2, #0xc0\n\t" /* context.X0 = STATUS_USER_APC */ "mov w2, #0xc0\n\t" /* context.X0 = STATUS_USER_APC */
"str x2, [x19, #8]\n\t" "str x2, [sp, #8]\n\t"
"str xzr, [x25]\n\t" "str xzr, [x25]\n\t"
"mov x0, x19\n" /* context */ "mov x0, sp\n" /* context */
"2:\tldr lr, [x0, #0xf8]\n\t" /* context.Lr */ "2:\tldr lr, [x0, #0xf8]\n\t" /* context.Lr */
"mov x1, x20\n\t" /* ctx */ "mov x1, x20\n\t" /* ctx */
"mov x2, x21\n\t" /* arg1 */ "mov x2, x21\n\t" /* arg1 */
......
...@@ -1669,34 +1669,36 @@ __ASM_GLOBAL_FUNC( call_user_apc_dispatcher, ...@@ -1669,34 +1669,36 @@ __ASM_GLOBAL_FUNC( call_user_apc_dispatcher,
"jz 1f\n\t" "jz 1f\n\t"
"movl 0xc4(%esi),%eax\n\t" /* context_ptr->Rsp */ "movl 0xc4(%esi),%eax\n\t" /* context_ptr->Rsp */
"leal -0x2f8(%eax),%eax\n\t" /* sizeof(CONTEXT) + offsetof(frame,ret_addr) + params */ "leal -0x2f8(%eax),%eax\n\t" /* sizeof(CONTEXT) + offsetof(frame,ret_addr) + params */
"movl %esi,4(%eax)\n\t"
"movl 8(%esp),%ecx\n\t" /* ctx */
"movl %ecx,8(%eax)\n\t"
"movl 12(%esp),%ecx\n\t" /* arg1 */
"movl %ecx,12(%eax)\n\t"
"movl 16(%esp),%ecx\n\t" /* arg2 */
"movl %ecx,16(%eax)\n\t"
"movl 20(%esp),%ecx\n\t" /* func */ "movl 20(%esp),%ecx\n\t" /* func */
"movl %ecx,20(%eax)\n\t" "movl %ecx,20(%eax)\n\t"
"movl 8(%esp),%ebx\n\t" /* ctx */
"movl 12(%esp),%edx\n\t" /* arg1 */
"movl 16(%esp),%ecx\n\t" /* arg2 */
"leal 4(%eax),%esp\n\t" "leal 4(%eax),%esp\n\t"
"jmp 2f\n" "jmp 2f\n"
"1:\tmovl %fs:0x1f8,%eax\n\t" /* x86_thread_data()->syscall_frame */ "1:\tmovl %fs:0x1f8,%eax\n\t" /* x86_thread_data()->syscall_frame */
"leal -0x2cc(%eax),%esi\n\t" "leal -0x2cc(%eax),%esi\n\t"
"movl %esp,%ecx\n\t" "movl %esp,%ebx\n\t"
"cmpl %esp,%esi\n\t" "cmpl %esp,%esi\n\t"
"cmovbl %esi,%esp\n\t" "cmovbl %esi,%esp\n\t"
"pushl 20(%ecx)\n\t" /* func */
"pushl 16(%ecx)\n\t" /* arg2 */
"pushl 12(%ecx)\n\t" /* arg1 */
"pushl 8(%ecx)\n\t" /* ctx */
"pushl %esi\n\t" /* context */
"movl $0x00010007,(%esi)\n\t" /* context.ContextFlags = CONTEXT_FULL */ "movl $0x00010007,(%esi)\n\t" /* context.ContextFlags = CONTEXT_FULL */
"pushl %esi\n\t" /* context */ "pushl %esi\n\t" /* context */
"pushl $0xfffffffe\n\t" "pushl $0xfffffffe\n\t"
"call " __ASM_STDCALL("NtGetContextThread",8) "\n\t" "call " __ASM_STDCALL("NtGetContextThread",8) "\n\t"
"movl $0xc0,0xb0(%esi)\n" /* context.Eax = STATUS_USER_APC */ "movl $0xc0,0xb0(%esi)\n" /* context.Eax = STATUS_USER_APC */
"2:\tmovl $0,%fs:0x1f8\n\t" /* x86_thread_data()->syscall_frame = NULL */ "movl 20(%ebx),%eax\n\t" /* func */
"pushl $0xdeaddead\n\t" "movl 16(%ebx),%ecx\n\t" /* arg2 */
"movl 12(%ebx),%edx\n\t" /* arg1 */
"movl 8(%ebx),%ebx\n\t" /* ctx */
"leal -20(%esi),%esp\n\t"
"movl %eax,16(%esp)\n" /* func */
"2:\tmovl %ecx,12(%esp)\n\t" /* arg2 */
"movl %edx,8(%esp)\n\t" /* arg1 */
"movl %ebx,4(%esp)\n\t" /* ctx */
"movl %esi,(%esp)\n\t" /* context */
"movl $0,%fs:0x1f8\n\t" /* x86_thread_data()->syscall_frame = NULL */
"movl 0xb4(%esi),%ebp\n\t" /* context.Ebp */
"pushl 0xb8(%esi)\n\t" /* context.Eip */
"jmp *%edi\n" ) "jmp *%edi\n" )
......
...@@ -2013,26 +2013,24 @@ __ASM_GLOBAL_FUNC( call_user_apc_dispatcher, ...@@ -2013,26 +2013,24 @@ __ASM_GLOBAL_FUNC( call_user_apc_dispatcher,
"leaq -0x5c0(%rax),%rsp\n\t" /* sizeof(CONTEXT) + offsetof(frame,ret_addr) */ "leaq -0x5c0(%rax),%rsp\n\t" /* sizeof(CONTEXT) + offsetof(frame,ret_addr) */
"jmp 2f\n" "jmp 2f\n"
"1:\tmovq 0x328(%rbx),%rax\n\t" /* amd64_thread_data()->syscall_frame */ "1:\tmovq 0x328(%rbx),%rax\n\t" /* amd64_thread_data()->syscall_frame */
"leaq -0x4d0(%rax),%r10\n\t" "leaq -0x4d0(%rax),%rsp\n\t"
"andq $~15,%rsp\n\t"
"movq %rdx,%r12\n\t" /* ctx */ "movq %rdx,%r12\n\t" /* ctx */
"movq %r8,%r13\n\t" /* arg1 */ "movq %r8,%r13\n\t" /* arg1 */
"movq %r9,%r14\n\t" /* arg2 */ "movq %r9,%r14\n\t" /* arg2 */
"cmpq %rsp,%r10\n\t"
"cmovbq %r10,%rsp\n\t"
"andq $~15,%rsp\n\t"
"movq %rsp,%rdx\n\t" /* context */ "movq %rsp,%rdx\n\t" /* context */
"movl $0x10000b,0x30(%rdx)\n\t" /* context.ContextFlags */ "movl $0x10000b,0x30(%rdx)\n\t" /* context.ContextFlags */
"movq $~1,%rcx\n\t" "movq $~1,%rcx\n\t"
"call " __ASM_NAME("NtGetContextThread") "\n\t" "call " __ASM_NAME("NtGetContextThread") "\n\t"
"movq %rsp,%rcx\n\t" /* context */ "movq %rsp,%rcx\n\t" /* context */
"movl $0xc0,%eax\n\t" "movq $0xc0,0x78(%rcx)\n\t" /* context.Rax = STATUS_USER_APC */
"movq %rax,0x78(%rcx)\n\t" /* context.Rax = STATUS_USER_APC */
"movq %r12,%rdx\n\t" /* ctx */ "movq %r12,%rdx\n\t" /* ctx */
"movq %r13,%r8\n\t" /* arg1 */ "movq %r13,%r8\n\t" /* arg1 */
"movq %r14,%r9\n" /* arg2 */ "movq %r14,%r9\n" /* arg2 */
"2:\tmovq $0,0x328(%rbx)\n\t" "2:\tmovq $0,0x328(%rbx)\n\t"
"movq %rsi,0x20(%rsp)\n\t" /* func */ "movq %rsi,0x20(%rsp)\n\t" /* func */
"leaq -8(%rsp),%rsp\n\t" "movq 0xa0(%rcx),%rbp\n\t" /* context.Rbp */
"pushq 0xf8(%rcx)\n\t" /* context.Rip */
"jmp *%rdi" ) "jmp *%rdi" )
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment