On Feb 15 09:46, Kevin Ushey via Cygwin wrote: > Thanks -- I've put the associated WinDbg output up at > https://gist.github.com/kevinushey/cdbd15cdf22e5cdcd094b0ad80347dce. > (Sharing it externally just because it's relatively large.)
Thank you! > The important thing to note is that #RtlGetCurrentDirectory_U appears > to be valid ARM assembly, but not x86_64 assembly. My hypothesis here > is that the stub is used to allow emulated x86_64 processes to call > back into native ARM code... which would further confirm that > disabling the find_fast_cwd_pointer checks for ARM is the correct > choice. I guess so, but I'm quite puzzled how the emulator is supposed to know that it just left the x86_64 assembler code. Magic!!! Checking the ARM code, it might even be possible to come up with a real solution, given this line in the first few bytes of ntdll!#RtlGetCurrentDirectory_U: 00000001`802b7054 db030094 bl ntdll!#RtlpReferenceCurrentDirectory (1802b7fc0) This seems to fetch the address of the pointer we're interested in. It's unlikely (but not impossible) that the structure differs from the same struct as on x86_64. We may have a chance there, but I would feel better if I could debug my code by myself. Thanks, Corinna -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
