I spent many years prior to coming to Microsoft doing “dangerous” things inside of DllMain. If you’re a diagnostic tool developer, it’s often the only reasonable place to take key actions that must occur as soon as possible.
Unfortunately, the MSDN doc has long warned against doing much of anything inside your DllMain code. Unfortunately, the list of “OK” things to do seemed unreasonably restrictive, and I could never find a comprehensive list of why things shouldn’t be done inside DllMain.
A big part of the issues concern the relatively undocumented “Loader Lock”, which is essentially a critical section that the OS enters and leaves on your behalf in a variety of places, not just DllMain. Without a good understanding of it, you might go nuts trying to figure out why some seemingly fine piece of code chokes.
I learned about many mysteries of DllMain the hard way. Now it’s finally here in blessed MSDN form:
Interestingly, one useful nugget of information that’s not in the article is that GetProcAddress temporarily requires the loader lock. (At least that’s my recollection from a few years ago. It may have changed since then. YMMV.)
If only this document had been around 13 years ago when I first needed it!