Patrik Stridvall <[EMAIL PROTECTED]> wrote:
>> PM pushes some arguments on the stack before call to QT_Thunk and then
>> doesn't pop them, i.e. PM assumes, that it is QT_Thunk's job.
>
>Only a little strange. Many functions are stdcall (callee pop arguments)
>However it makes less sense for variable argument functions.
I already had burned my fingers with the Wine's "register" calling convention
in the spec-files. Function, declared as "register" in a spec-file, can do
at return any thing, what it wants: i.e. removing or adding WINAPI, cdecl etc.
in the c-file doesn't change anything, no crashes at all. Is it by design?
[...]
>> So, the question: what the right way of popping right number
>> of bytes from the
>> stack after CallTo16?
>
>I think you ask the wrong question. It don't think it is anything
>to do with CallTo16 in itself. The problem might be that the
>argsize is wrongly calculated.
>
>It is possible that the way argsize is calculated by subtracting
>0x40 only worked for the specific application that was tested.
>
>However FT_Thunk is calculated the same way which weakens the case.
>Hmm. I'm not sure why the argsize is wrong, if indeed it is wrong.
Examining the disassembled text of pm65.exe, I noted, that PM pushes
different number of bytes in different places in the code before call
to QT_Thunk. I assume, that it is an exact number of bytes, that 16-bit
callee will get as arguments and should pop from the stack with pascal16
function return type.
I made some addtional traces to find out the way to properly calculate
number of bytes popped by 16-bit function from the 16-bit stack, but failed.
...
Call kernel32.559: QT_Thunk() ret=006f8e1c fs=008f
eax=03af0000 ebx=00000002 ecx=40886d64 edx=01b70902 esi=65f0fa10 edi=40f80a9a
ebp=40886ca0 esp=40886c54 ds=002b es=002b gs=0000 flags=00000212
trace:thunk:QT_Thunk Before: CURRENT_STACK16 = 0x40896fd0
esp = 40886c54, ebp = 0000fffa
COMMENT: esp and ebp are from context16 structure
CallTo16(func=01b7:0902,ds=002b,0x65f0,0xfa10,0x40f8,0x0a9a,0x03af,0x0000)
ss:sp=0177:ffd0
AX=0000 BX=0002 CX=6d64 DX=0902 SI=fa10 DI=0a9a BP=fffa ES=002b FS=008f
Call KERNEL.47: GETMODULEHANDLE(03af:0000 "ATM") ret=00a7:0000 ds=002b
trace:module:GetModuleHandle16 (ATM)
Ret KERNEL.47: GETMODULEHANDLE() retval=0x03a60000 ret=00a7:0000 ds=002b
CallTo16() ss:sp=0177:ffd0 retval=0x03a60000
trace:thunk:QT_Thunk After: CURRENT_STACK16 = 0x40896fd0
esp = 40886c54, ebp = 0000fffa
COMMENT: esp and ebp are from context16 structure
trace:thunk:QT_Thunk argsize = 12, bumping ESP by 4 bytes
Ret kernel32.559: QT_Thunk() retval=00000000 ret=006f8e1c fs=008f
eax=00000000 ebx=00000002 ecx=40886d64 edx=000003a6 esi=65f0fa10 edi=40f80a9a
ebp=40886ca0 esp=40886c58 ds=002b es=002b gs=0000 flags=00000212
...
Could someone who is actually knowledgeable with thunking code in Wine help here?
>You will have to keep investigating.
I'm keeping, but an inventing of new approaches becomes harder without any light
from outside...
Dmitry.
