Jump to content

Kext: DIY KernelEx extensions


Recommended Posts

VLC Player 2.1.0: It should run with "Default mode" (specific) or "use default comp options", if 2.0.8 works for you.

Something learned again - I would have never thought that an App which has to be installed in XP-comp-mode could

work then at "default" !! Thank you very much.

Link to comment
Share on other sites

  • 4 weeks later...

@MiKl: "complains on start about uxtheme.dll"

Details, please. KernelEx4.5.2 supports all uxtheme api's listed by schwups.

If needed, however, we can move uxtheme.dll from the Windows\KernelEx folder to Windows\System, and add stubs to it.

I've previously searched for a good uxtheme.dll replacement, and the current version from ReactOS looks very promising.

Edited by jumper
Link to comment
Share on other sites

The error message states and I hope I translate it correctly 'mpc-be is linked to the missing Export-UXTHEME.DLL:61'.
And:

[importPatcher.37]
;Edit parameters and replacement strings, then Retry or run again to patch. <=

[Parameters]
Test by loading=Y
Walk dependencies=N
Link to copies=N
Unbind broken bindings=N
OS Subsystem Version Ceiling=4.10

[DLL replacements]
UxTheme.dll=

[uxTheme.dll]
DrawThemeBackground=
CloseThemeData=
GetThemeSysColor=
IsThemeBackgroundPartiallyTransparent=
OpenThemeData=
DrawThemeText=
SetWindowTheme=

[KERNEL32.dll]
CreateActCtxW=
ReleaseActCtx=
GetSystemTimes=
ActivateActCtx=
DeactivateActCtx=

[sHELL32.dll]
SHParseDisplayName=

[Patches needed]
mpc-be.exe=Subsystem, DLLs, Functions

Link to comment
Share on other sites

Good work. I was finally able to download and test mpc-be and confirmed your results.

I found three versions of uxtheme.dll that contained ordinal:61 and tested with two of them. I also added several stub definitions and was able to launch the app. Unfortunately, the first window that pops up is an error MessageBox titled: "MPC-BE Mini Dump" with just an [ OK ] button, but no message. Clicking [ OK ] results in a crash dialog with the details:

MPC-BE executed an invalid instruction inmodule MPC-BE.EXE at 016f:0041bb23.
and

Bytes at CS:EIP:f3 0f 10 05 28 c4 d2 00 8d be dc 13 00 00 f3 0f
My C3 processor doesn't support SSE and fineSSE isn't currently enabled, so this result wasn't totally unexpected!

More on the ordinal problem later, but clearly I need to add ordinal support to both Kexstubs and ImportPatcher. :yes:

Link to comment
Share on other sites

  • 4 weeks later...

Related to running MPC on 98SE, I played with KernelEx. Found that the missing ordinal 61 in uxtheme.dll is actually OpenThemeDataEx which is exported by name starting with Vista.

I added it to the list of stubs, recompiled uxtheme.dll but there's a problem: exporting by name works fine, but that would only help in a Vista+ environment. Trying to export by ordinal succeeded at some point, but I wanted to respect the original positions and while ordinal 1 is not defined, all ordinals will be shifted back by 5. I wonder what ordinal 1 does and if it could safely be replaced by a stub, so that original ordinal positions would be respected. I found that it takes no parameters and on XP with themes enabled returns 0x3 while with Classic style returns 0x1. I'd say 0x1 should be the return value in KernelEx's stubbed uxtheme.dll.

However, in the case where ordinal 61 was recognized, a kernel32.dll error popped up: missing HeapQueryInformation. And there are more missing APIs in kernel32.dll, user32.dll (related to raw input devices) and shell32.dll. Some may be covered by KernelEx, but not all.

Another ugly thing I discovered while testing in Dependency Walker: the MSVCR70.DLL 7.0.9981.0 I used as replacement for MSVCRT.DLL (and at least another one, v7.0.9466.0) doesn't seem to export __unDName under the same ordinal number and as a result the function names cannot be displayed in Dependency Walker. Apparently, DW loads __unDName by ordinal, which is 138 in MSVCRT v6.x while in MSVCR7x is 168. This is a major bugger with replacing MSVCRT by MSVCR70 since any other application out there may be doing this. Reason why I'm trying to keep uxtheme.dll's exports in original positions. But who knows how many others may have to be fixed.

EDIT:

Just stumbled into this WINE library that I believe covers some ordinal exports in uxtheme.dll. Should help if we ever need to add something to KernelEx's uxtheme.dll or in Kext.

Edited by Drugwash
Link to comment
Share on other sites

  • 2 weeks later...

FWIW, i have 'dbghelp.dll' version 6.0.0017.0 (DbgBuild.020528-1721) on my system. I think it came with Real Player 6.

Joe.


I can't install new Foxit Reader 6.0.2.407. Message: "Runtime Error (at -1:0) Cannot Import dll: C:\Windows\Temp\...\FXCUSTOM.dll"

But there is a possibility to start and run it. I installed it on XP SP2 (SP1 isn't enough), copied the Foxit program folder onto the Win ME desktop. The Foxit Reader.exe needs Kstub822 with following definitions

[KERNEL32.dll]
ReleaseActCtx=z1
CreateActCtxW=p1e0
ActivateActCtx=o2e0
DeactivateActCtx=o2e0


to start. Better run it with comp.mode XP.

The ImportPatcher complains about jrsysMSCryptoDll.dll and imgseg.dll, too. The jrsysMSCryptoDll.dll is located in the plugin folder.

Printing isn't possible anymore. => The DBGHELP.dll of ME is too old. Upgrade required.

As a reminder: I'd installed already MSXML 4.0 SP2 for version 5 and I've the winhttp.dll of XP in my system folder.


Now I've successfully installed Foxit Reader 6.0.2 0413 and 6.0.3.0524 with an additional entry.


[WINSPOOL.DRV]
XcvDataW=z8e


Also Required:

[KERNEL32.dll]
ActivateActCtx=o2e0
CreateActCtxW=p1e0
DeactivateActCtx=o2e0
ReleaseActCtx=z1

winhttp.dll

msxml4 SP2
Link to comment
Share on other sites

Hallo Joe,

I already unsuccessfully tried different versions of the dbghelp.dll some month ago. Since then, I haven't inspected the problem anymore. Newer file versions prevent the message (something like: "The DBGHELP.dll is too old"). But Foxit still crashes in order to print. I don't know enough to understand the crashlog. Are you able to interpret this log file? :hello:

Link to comment
Share on other sites

  • 3 weeks later...

Java 6 fails with CPU error (cmov) despite FineSSE.

I attempt to start Java 6 on Win98SE/KernelEx.

I unpacked this from DOS:

jre-6u31-windows-i586-s.exe /s

Then I started the MSI installer:

E:\WINDOWS\Anwendungsdaten\Sun\Java\jre1.6.0_31\jre1.6.0_31.msi

I have successfully installed everything, but clicking on the Java control panel icon does nothing, beside producing an error log file in my Java directory. The error looks like when my CPU was not supporting the "cmov()" instruction, however the installed FineSSE should fix this.

E:\Programme\Java\jre6\bin\hs_err_pid4294274257.log

## A fatal error has been detected by the Java Runtime Environment:##  Internal Error (assembler_x86.cpp:1071), pid=-693039, tid=4294251761#  guarantee(VM_Version::supports_cmov()) failed: illegal instruction## JRE version: 6.0_31-b05# Java VM: Java HotSpot(TM) Client VM (20.6-b01 mixed mode, sharing windows-x86 )# If you would like to submit a bug report, please visit:#   http://java.sun.com/webapps/bugreport/crash.jsp#---------------  T H R E A D  ---------------Current thread (0x00704800):  JavaThread "Unknown thread" [_thread_in_vm, id=-715535, stack(0x00800000,0x00870000)]Stack: [0x00800000,0x00870000],  sp=0x0085fbc0,  free space=382kNative frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)[error occurred during error reporting (printing native stack), id 0xc0000005]---------------  P R O C E S S  ---------------Java Threads: ( => current thread )Other Threads:=>0x00704800 (exited) JavaThread "Unknown thread" [_thread_in_vm, id=-715535, stack(0x00800000,0x00870000)]VM state:not at safepoint (not fully initialized)VM Mutex/Monitor currently owned by a thread: NoneDynamic libraries:0x6d7e0000 - 0x6d7ef000 	E:\PROGRAMME\JAVA\JRE6\BIN\ZIP.DLL0x6d320000 - 0x6d33f000 	E:\PROGRAMME\JAVA\JRE6\BIN\JAVA.DLL0x6d7a0000 - 0x6d7ac000 	E:\PROGRAMME\JAVA\JRE6\BIN\VERIFY.DLL0x6d7f0000 - 0x6da9f000 	E:\PROGRAMME\JAVA\JRE6\BIN\CLIENT\JVM.DLL0xbfdf0000 - 0xbfe00000 	E:\WINDOWS\SYSTEM\WINMM.DLL0x7c340000 - 0x7c396000 	E:\PROGRAMME\JAVA\JRE6\BIN\MSVCR71.DLL0x00400000 - 0x00425000 	E:\PROGRAMME\JAVA\JRE6\BIN\JAVAW.EXE0x7d000000 - 0x7d018000 	E:\WINDOWS\KERNELEX\KEXBASEN.DLL0xbfa00000 - 0xbfa0d000 	E:\WINDOWS\KERNELEX\KERNELEX.DLL0xbfa40000 - 0xbfa78000 	E:\WINDOWS\KERNELEX\KEXBASES.DLL0xbfe70000 - 0xbfe76000 	E:\WINDOWS\SYSTEM\VERSION.DLL0xbfc00000 - 0xbfc11000 	E:\WINDOWS\SYSTEM\USER32.DLL0xbff20000 - 0xbff46000 	E:\WINDOWS\SYSTEM\GDI32.DLL0xbfe80000 - 0xbfe90000 	E:\WINDOWS\SYSTEM\ADVAPI32.DLL0xbff70000 - 0xbffe6000 	E:\WINDOWS\SYSTEM\KERNEL32.DLLVM Arguments:jvm_args: -Xbootclasspath/a:E:\Programme\Java\jre6\bin\..\lib\deploy.jar -Duser.home=E:\WINDOWS java_command: com.sun.deploy.panel.ControlPanelLauncher Type: SUN_STANDARDEnvironment Variables:CLASSPATH=E:\PROGRA~1\PROGRA~1\JAVA\JDK\JDK1.1.5\LIB\CLASSES.ZIP;E:\PROGRA~1\COSMOSOFTWARE\COSMOPLAYER\NPCOSMOP21.ZIPPATH=E:\WINDOWS;E:\WINDOWS\COMMAND;E:\PROGRA~1\PROGRA~1\JAVA\JDK\JDK1.1.5\BIN;E:\WINDOWS;E:\WINDOWS;E:\WINDOWS\COMMAND;E:\WINDOWS;E:\WINDOWS\COMMAND;C:\S;C:\C;C:\WINDOWS;C:\WINDOWS\SYSTEM;C:\DOS;C:\EXPANS;C:\DEVS;C:\EXPANS\MOUSE;C:\EXPANS\ULTRASND;E:\PROGRA~1\GEMEIN~1\ULEADS~1\MPEG;E:\PROGRA~1\PROGRA~1\VISUAL~1.1\SOFTWARE\LIB---------------  S Y S T E M  ---------------OS: Windows 98 Build 67766446  A CPU:total 1 (1 cores per cpu, 1 threads per core) family 5 model 13 stepping 0, cx8, mmx, 3dnow, 3dnowextMemory: 4k page, physical 785036k(40k free), swap 1312112k(674816k free)vm_info: Java HotSpot(TM) Client VM (20.6-b01) for windows-x86 JRE (1.6.0_31-b05), built on Feb  3 2012 18:44:09 by "java_re" with MS VC++ 7.1 (VS2003)time: Wed Dec 11 21:51:47 2013elapsed time: 0 seconds

Because FineSSE should emulate "cmov", I suspect that Java polls the CPU type and throws an error without ever trying whether the instruction works.

DependencyWalker shows in Java.exe:

...GetProcAddress(0xBFF70000 [e:\windows\system\KERNEL32.DLL], "Module32First") called from "e:\programme\java\jre6\bin\client\JVM.DLL" at address 0x6D92E61D and returned 0x8FC1E2A0.GetProcAddress(0xBFF70000 [e:\windows\system\KERNEL32.DLL], "Module32Next") called from "e:\programme\java\jre6\bin\client\JVM.DLL" at address 0x6D92E62A and returned 0x8FC1E2B0.GetProcAddress(0xBFF70000 [e:\windows\system\KERNEL32.DLL], "GetNativeSystemInfo") called from "e:\programme\java\jre6\bin\client\JVM.DLL" at address 0x6D92E637 and returned NULL. Error: Der angegebene Pfad wurde nicht gefunden (3).DllMain(0x02AF0000, DLL_PROCESS_DETACH, 0x00000000) in "e:\windows\system\DBGHELP.DLL" called.DllMain(0x02AF0000, DLL_PROCESS_DETACH, 0x00000000) in "e:\windows\system\DBGHELP.DLL" returned 1 (0x1).Unloaded "e:\windows\system\DBGHELP.DLL" at address 0x02AF0000.DllMain(0x70100000, DLL_PROCESS_DETACH, 0x00000001) in "e:\windows\system\RPCRT4.DLL" called....
before it unloads and exits everything.

In kernel32.dll it calls:

InitializeCriticalSectionAndSpinCount,FlsAllocFlsGetValueFlsSetValueFlsFreeIsProcessorFeaturePresent
IsProcessorFeaturePresent has Ordinal 541 and Hint 420. I suspect that this is a stub going wrong in Win98SE. How can I fix this? Edited by CyberyogiCoWindler
Link to comment
Share on other sites

  • 2 weeks later...

Sorry I've fallen so far behind in responding, but here are some new discoveries:

The other day I realized I could monitor usage of existing standard functions by having Kexstubs log them and then pass the call through:

[User32.dll]
MessageBoxA=>User32: ;log and pass through

Log entry each time a MessageBox is created:
= User32.dll:MessageBoxA=>User32: ;log and pass through =

This led to another discovery: Logging can be enabled/disabled on-the-fly with just an app restart (just like changing a definition).

Here are scripts that will quickly set the logging mode:

Kexstubs Log=0.vbs
------------------
set o=CreateObject("Scripting.FileSystemObject")
s=o.OpenTextFile("Kexstubs.ini",1).ReadAll
o.OpenTextFile("Kexstubs.ini",2).Write(Replace(s,"Log=1","Log=0"))
wscript.echo "Kexstubs logging is OFF"

Kexstubs Log=1.vbs
------------------
set o=CreateObject("Scripting.FileSystemObject")
s=o.OpenTextFile("Kexstubs.ini",1).ReadAll
o.OpenTextFile("Kexstubs.ini",2).Write(Replace(s,"Log=0","Log=1"))
wscript.echo "Kexstubs logging is ON"

Kstub822 Log=0.vbs
------------------
set o=CreateObject("Scripting.FileSystemObject")
s=o.OpenTextFile("Kstub822.ini",1).ReadAll
o.OpenTextFile("Kstub822.ini",2).Write(Replace(s,"Log=1","Log=0"))
wscript.echo "Kstub822 logging is OFF"

Kstub822 Log=1.vbs
------------------
set o=CreateObject("Scripting.FileSystemObject")
s=o.OpenTextFile("Kstub822.ini",1).ReadAll
o.OpenTextFile("Kstub822.ini",2).Write(Replace(s,"Log=0","Log=1"))
wscript.echo "Kstub822 logging is ON"

Kexstubs Log=n.7z

Edit: To monitor standard functions, Kexstubs needs to have a higher priority than them. So in CORE.INI:

contents=std,Kexstubs,kexbases,kexbasen
- or -
contents=std,Kstub822,kexbases,kexbasen

Originally edited December 21, 2013 by jumper

Edited by jumper
restore original formatting
Link to comment
Share on other sites

  • 5 months later...

Huh? Oh, that's... odd, I'm sure I set it to that yesterday.... I'll try again later. Thanks! ;)

 

Oh, on the subject, if a game wants d3dx9_43.dll, Can I just rename an older dll or can I just use this dll? I haven't looked at directx-based software in ages....

Link to comment
Share on other sites

Apparently, d3dx9_43.dll (the x86 version) has only one missing dependency in kernel32.dll, which is GetFileSizeEx. AFAIK, this one is already implemented in KernelEx, so choosing Win2000 or XP-SP2 compatibility for the file might allow it to work. But one never knows for sure until they actually try it.

 

The respective file can be found in the June 2010 version of the DirectX package (and probably other newer versions, if any).

Link to comment
Share on other sites

Thanks, mate!

 

So far so good. But I'm afraid I've hit a brick wall, now it wants Kernel32:GetLogicalProcessorInformation, which seems to not be supported by anything....

 

what now? :S

 

(PS: The game I'm trying to run is PES2014 :P)

 

The game itself seems to be a lot less of a hassle, the program that allows you to change controller settings etc is a .NET 4.0 program... but I can copy settings from my main computer :)

Edited by oerg866
Link to comment
Share on other sites

That may be both a check for minimum supported OS and information necessary for better distribution of tasks in case of hyperthreading/multicore processors. MSDN states minimum supported OS for that API is Server 2003/XP x64/Vista ... however it exists in XP-SP3 x86 too (tested by myself just earlier)[1].

 

I'm afraid you're stretching way too far. Even if that API could somehow be implemented (I doubt it can be stubbed since it has to fill a buffer with information that may be used by the application), there may always be other APIs required. Dunno what that game is - I'm not into gaming - but judging by the name it's too recent and requirements may just be too high.

 

If anybody else knows better please speak up.

 

[1] (edit: some correction was needed, because as always Microsoft's documentation is incomplete, misleading and therefore mostly useless)

Edited by Drugwash
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...