Hi Corinna, I just updated https://gist.github.com/kevinushey/cdbd15cdf22e5cdcd094b0ad80347dce with that output (windbg-output-2.txt); let me know if that gives you what you need.
As an aside, a new version of the Windows Insider edition was just released, and the memory addresses for the stubs in ntdll.dll have changed such that the original issue no longer occurs (ie, 0xe8 no longer happens to be part of the jumped-to address in the following stub), but I presume that is just luck and not an intentional change. Best, Kevin On Mon, Feb 19, 2024 at 6:36 AM Corinna Vinschen <corinna-cyg...@cygwin.com> wrote: > > Hi Kevin, > > On Feb 15 20:13, Corinna Vinschen via Cygwin wrote: > > On Feb 15 09:46, Kevin Ushey via Cygwin wrote: > > > https://gist.github.com/kevinushey/cdbd15cdf22e5cdcd094b0ad80347dce. > > [...] > > 00000001`802b7054 db030094 bl ntdll!#RtlpReferenceCurrentDirectory > > (1802b7fc0) > > I'm not familiar with ARM assembler, but a quick search showed that the > `bl' opcode is basically a subroutine call. > > So ntdll!#RtlpReferenceCurrentDirectory is not the address of the struct > pointer, as I surmised, but the address of the function (probably) > fetching the address of the struct pointer. > > Would you mind to send the assembler output for this function as well? > > > Thanks, > Corinna -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple