https://sourceware.org/bugzilla/show_bug.cgi?id=32675
--- Comment #7 from LIU Hao <lh_mouse at 126 dot com> ---
```
00007FFA9AF3C81C <ntdll.sub_7FFA | 48:8BC4 | mov rax,
rsp |
00007FFA9AF3C81F | 48:8958 08 | mov
qword ptr ds:[rax + 0x8], rbx |
00007FFA9AF3C823 | 48:8968 10 | mov
qword ptr ds:[rax + 0x10], rbp |
... ...
00007FFA9AF3C93A | 48:893E | mov
qword ptr ds:[rsi], rdi | rdi:InitCommonControls
00007FFA9AF3C93D | EB D8 | jmp
ntdll.7FFA9AF3C917 |
00007FFA9AF3C93F | 45:33C0 | xor r8d,
r8d |
00007FFA9AF3C942 | E9 59FFFFFF | jmp
ntdll.7FFA9AF3C8A0 |
```
It faults at 00007FFA9AF3C93A, writing to `[rsi]` which is in `.idata`
```
00007FF7757F0000 0000000000001000 regedit.exe
IMG -R---
ERWC-
00007FF7757F1000 0000000000010000 ".text"
IMG ER---
ERWC-
00007FF775801000 0000000000001000 ".data"
IMG -RW--
ERWC-
00007FF775802000 0000000000001000 ".rodata"
IMG -RWC-
ERWC-
00007FF775803000 0000000000002000 ".rdata"
IMG -R---
ERWC-
00007FF775805000 0000000000001000 ".pdata"
IMG -R---
ERWC-
00007FF775806000 0000000000001000 ".xdata"
IMG -R---
ERWC-
00007FF775807000 0000000000001000 ".bss"
IMG -RWC-
ERWC-
00007FF775808000 0000000000002000 ".idata"
IMG -R---
ERWC-
00007FF77580A000 0000000000094000 ".rsrc"
IMG -R---
ERWC-
00007FF77589E000 0000000000001000 ".reloc"
IMG -R---
ERWC-
```
Also please be advised this happens in the main function, so it's Wine regedit
that bugs. It must unprotect the `.idata` section before overwriting that
pointer.
--
You are receiving this mail because:
You are on the CC list for the bug.
