On Tue, 06 Apr 2004 09:23:45 +0100, James Perry wrote:
It's difficult to trace properly as PECrypt has debugger detection and behaves oddly if it detects breakpoints or whatever. But I narrowed it down to 3 Wine calls in the critical loop: SetEvent, WaitForSingleObject and ResetEvent. I tried wrapping each of these functions with __asm__("pushfl\n"); at the start and __asm__("popfl\n"); at the end to preserve the flags - with this, PECrypt works fine and the game gets as far as trying to initialise DirectX. Not exactly a neat fix though.
Did you have to do all of them, or is it just one function that needs this treatment? Are you sure it's not that we need to set the flag before jumping to the entrypoint? PECrypt sounds like it should run very early on in the programs lifetime: how much stuff does it do before hitting this bug?
I never did trace exactly where the flag was getting clobbered, but I disassembled some basic libc functions and found that memcpy and memset both clear the direction flag. So it could be happening almost anywhere - looks like it is standard practise in UNIX to clobber this flag.
I wouldn't say standard practice in UNIX, more just a quirk of the GNU implementations. If there is really widespread software that depends on this behaviour though there is precedent for including a hack for it - see the DllMain wrapper which preserves %ebx for an example.
thanks -mike