On Mon, 25 Mar 2002, Ulrich Weigand wrote:
what I'd do is:
- simulate (as for DR?) the IDTR read/write (memory/instr)
- provide our own interrupt table
- then hook the signal catches to this table (dlls/ntdll/
- in your case, especially the divide by 0 signal to entry 1 of this
table
however, I don't think this is the best way to go. It will add lots of code to Wine (mainly i386 virtualization), and let programs modify things they shouldn't normally need to touch.
Even if you did this, it probably wouldn't help much, as the interrupt routine is supposed to be executed in ring 0 (which presumably is the very *reason* the program does this nonsense).
So you'll fail immediately afterwards due to privilege violations as the app does whatever it wants to do in ring 0 ...
Of course, you could add virtualization for all the ring 0 stuff, but this is quite open-ended :-(
The copy-protection support in WineX does some of this stuff. If the stuff the application in question does is just another copy protection (sounds like it), then the additional ring 0 stuff you need to virtualize is probably just access to the debug registers.