http://bugs.winehq.org/show_bug.cgi?id=9685
--- Comment #46 from Anastasius Focht focht@gmx.net 2007-09-29 16:50:49 --- Created an attachment (id=8295) --> (http://bugs.winehq.org/attachment.cgi?id=8295) patch to prevent kernel driver entry point called in LoadLibrary
Hello,
seems some progress has been made last time I visited ;-)
The crash is due to driver entry point being called when winedevice loads the kernel driver using LoadLibrary(). This is incorrect, although the dll export/import stuff is the same, the entry point of a kernel driver is special (parameters/signature) and is only to be called at a certain place within winedevice.
To make minimal intrusive changes, the optional NT headers subsystem flag is evaluated in "dlls/ntdll/loader.c:alloc_module()" to detect native exectuables. In that case the entry point field of loaders module structure is not set to executable entry point. This prevents accidental calls of entry point during dll events (attach/detach).
--- snip dlls/ntdll/loader.c --- static WINE_MODREF *alloc_module( HMODULE hModule, LPCWSTR filename ) { ... /* do not setup entry point if kernel driver */ if( !(nt->OptionalHeader.Subsystem & IMAGE_SUBSYSTEM_NATIVE) && (nt->FileHeader.Characteristics & IMAGE_FILE_DLL)) { wm->ldr.Flags |= LDR_IMAGE_IS_DLL; if (nt->OptionalHeader.AddressOfEntryPoint) wm->ldr.EntryPoint = (char *)hModule + nt->OptionalHeader.AddressOfEntryPoint; }
... } --- snip dlls/ntdll/loader.c ---
Although native executables can have "dll" characteristic flags set too, I omitted the "wm->ldr.Flags |= LDR_IMAGE_IS_DLL" on purpose to prevent snooping. It doesnt make sense to snoop on native kmode drivers.
For the uninitiated reader: don't mix "native" with wine's concept of "native" vs. "builtin" libraries - windows native subsystem executables are a completely different beast. ;-)
Regards