20 Jan
2016
20 Jan
'16
12:07 p.m.
On 01/19/16 13:03, Sebastian Lackner wrote:
- Last but not least, one of the reasons why I haven't submitted my own approach so far: The whole idea only works reliable as long as we do NOT forward Ldr* functions to syscall thunks. If we do, like it should work on Windows, and like it is most likely required by other apps, there are race conditions all over the place and Steam webstore only works with a probability of about 50% or less. I haven't figured out what causes it yet.
How can I reproduce it? I tried your patches with Steam, but they didn't work. My patches that use syscall thunks only for NtOpenFile (and that's needed for Office) work 100% time. This means that we have a version that calls too many and another with too few calls through those thunks, so it should be easy to bisect, which exact calls cause problems. I used your ntdll-Syscall_Wrappers patches from staging tree on top of clean Wine. Am I missing something?
(BTW, my first guess without any debugging would be that with your patches, we call memory management functions inside Nt* calls, which definitely shouldn't go through thunks).
Thanks, Jacek