32-bit hotpatching question
Thomas Faber
thomas.faber at reactos.org
Sun Jun 7 10:24:00 CDT 2020
On 2020-06-07 11:56, Stefan Dösinger wrote:
> Am 07.06.20 um 11:47 schrieb Stefan Dösinger:
>> Check the nop opcode in Windows DLLs. If Microsoft's kernel32.dll
>> switched to 66 90 we're safe to switch too. If they still use 8b ff we
>> probably should stick to that.
>
> I just checked my Win10 19.09, it still uses 8b ff. So either Microsoft
> compiles Windows with an old Visual Studio or they kept the old style
> nops for Windows itself.
Looks like the /arch:IA32 option changes the hotpatch instruction from
66 90 back to 8b ff. This is true in a simple test and also my
observation from looking at ReactOS binaries, which use that option.
It makes sense to assume that 32-bit Windows binaries would be built
with that option for compatibility; the compiler default is to assume
SSE2 these days.
More information about the wine-devel
mailing list