I used WinDbg to show the memory protections that were placed on the
executable image just after it was loaded, and just before the app starts.
Here is what wine shows:
View: 0x400000 - 0x765fff 28
0x400000 - 0x765fff c-rw-
Here is what WinDbg shows (manually edited to look like the wine view):
0x400000 - 0x400fff c-r-- (PAGE_READONLY)
0x401000 - 0x454fff c--W- (PAGE_WRITECOPY)
0x455000 - 0x455fff c-rw- (PAGE_READWRITE)
0x456000 - 0x457fff c--W- (PAGE_WRITECOPY)
0x458000 - 0x458fff c-rw- (PAGE_READWRITE)
0x459000 - 0x459fff c-r-- (PAGE_READONLY)
0x45a000 - 0x758fff c--W- (PAGE_WRITECOPY)
0x759000 - 0x75afff c-r-- (PAGE_READONLY)
0x75b000 - 0x75dfff c--W- (PAGE_WRITECOPY)
0x75e000 - 0x75efff c-rw- (PAGE_READWRITE)
0x75f000 - 0x762fff c-r-x (PAGE_EXECUTE_READ)
0x763000 - 0x765fff c-r-- (PAGE_READONLY)
Remember, this is *before* the app even starts.
You can see from this that there is a difference between how Windows
loads an executable image and how Wine does it. This is why trying to
write to 0x75F07E throws an exception under W2K but succeeds under Wine.
I guess the W2K exception is the right one.
Wine developers: Should I attempt a patch, or am I going in the wrong
direction?
Thanks,
--Rob
