在 2026-2-25 04:46, Pali Rohár 写道:
From a30d95935cf77baf36c1447e3dc984b30ba881ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pali=20Roh=C3=A1r?=<[email protected]> Date: Fri, 21 Nov 2025 18:37:53 +0100 Subject: [PATCH 1/4] crt: Fix kernel32 BaseAttachCompleteThunk symbol decorationFunction BaseAttachCompleteThunk() takes one CONTEXT pointer argument and on WinNT it "jumps" to address specified in the CONTEXT pointer argument. So it does not return to the caller. On Win32s it sets win32 error to ERROR_CALL_NOT_IMPLEMENTED, returns zero and does not touch stack pointer. So gendef detects decoration for BaseAttachCompleteThunk incorrectly. It is not stdcall @16 (detected for WinNT versions) and neither stdcall @0 (detected for Win32s versions). The correct decoration should be cdecl calling convention to match above description. BaseAttachCompleteThunk is mostly used as a callsite pointer argument for RtlRemoteCall() function call, called by debuggers.
There's leaked source code of this function on GitHub [1] which says this function is stdcall and takes no argument, so existing code which says `@0` should be correct.
The other patches look good to me, and I have pushed them to master. Thanks.[1] https://github.com/yair-k/Win2000SRC/blob/fd809a81098565b33f52d0f65925159de8f4c337/private/windows/base/client/i386/thunk.asm#L158-L192
-- Best regards, LIU Hao
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ Mingw-w64-public mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/mingw-w64-public
