[jumper]

With R70 or R71 subbed for RT in <system>, DevStudio'97 / VC++5.0 gives me dual GPF's in first DM.DLL (Debuggee Module for WinDbg) and then in MFC42.DLL when I try to run a release build.

At this point, using KnownDLLs to sub in and out SP3 modules on-the-fly became invaluable--great tip, loblo!

• Backing out the RT sub, I reloaded VC5, reloaded the project (IP.33), and clicked 'Run'; no problem.
  
• Subbed RT 6.10.9848.0, reloaded VC5; no problem.
  
• Subbed MSVCP50 version 5.00.7051 for MSVCP50; no problem.
  
• Subbed MFC42.DLL version 6.02.8081.0 for MFC42.DLL; Dual GPF's in DM and MFC42.

I read yesterday about MSVC interdependencies and backwards compatibility at fighting-the-msvcrt-dll-hell (See great comment by Andrew on August 9). Remembering that, instead of backing out the MFC42 sub, I also

• subbed R71 back in...and it worked! (R70 also works.)

(Note: this testing was all done with KernelEx 4.52 installed and defaulting to 'off', my normal setup.)

So now I'm worried about M*10,20,30,40, etc. interacting with R70/71 subbed as RT. I haven't actually installed SP3, so this would be a great place for a Newby to jump in, install SP3 then sub in R70/71 for RT and begin testing with older apps. Building a test suit of small apps that exercise various legacy DLL's would be a great help. I'll add this to the Wish List.

[loblo]

I'm having mitigated success using the XPSP2 msvcrt (used in conjunction with the XPSP2 ntdll ).

Msvcrt renamed as msvc9x, ntdll renamed as 9xdll and substituted for ntdll in the renamed msvcrt.

Msvcrt substituted for msvc9x in target test applications.

Works with paint and wordpad but crashes with calc and winipcfg.

An attempt to boot windows with those failed with an error of cmdninst in kernel32.

[loblo]

Using msvcr70 in place of msvcrt, it is now possible to run avidemux 2.5.5:

http://sourceforge.n...32.exe/download

The latest version 2.5.6 crashes in libADM_core.dll unfortunately.

[rainyd]

loblo, on 12 January 2012 - 10:16 PM, said:

Using msvcr70 in place of msvcrt, it is now possible to run avidemux 2.5.5:

What is needed to run Avidemux 2.5.5 ( I have 2.5.3)?

Btw, Xeno knows about ImportPatcher?
Looks like it could be a value add to the KeX project.

[loblo]

rainyd, on 13 January 2012 - 06:42 AM, said:

loblo, on 12 January 2012 - 10:16 PM, said:

Using msvcr70 in place of msvcrt, it is now possible to run avidemux 2.5.5:

What is needed to run Avidemux 2.5.5 ( I have 2.5.3)?

Missing functions imported from msvcrt as you should have guessed.

[rainyd]

loblo, on 12 January 2012 - 10:16 PM, said:

The latest version 2.5.6 crashes in libADM_core.dll unfortunately.

I've got similar crash with Avidemux 2.5.5.
Additionally there's message about missing ktmdll.dll(?)

[loblo]

rainyd, on 14 January 2012 - 11:33 AM, said:

loblo, on 12 January 2012 - 10:16 PM, said:

The latest version 2.5.6 crashes in libADM_core.dll unfortunately.

I've got similar crash with Avidemux 2.5.5.
Additionally there's message about missing ktmdll.dll(?)

I have just googled for that filename and it seems like it's part of some old and obsolete version of Revolutions Pack so it would perhaps mean that you've got some old RP files hooking in your system and causing those problems.

Perhaps I should disable RP9 myself and see if Avidemux 2.5.6 still crashes in libadm_core, additionally there's message about missing quserex.dll (now that more mysterious), 2.5.5 runs fine here with msvcr70 in place of msvcrt, I have done some video transcoding with it.

[rainyd]

loblo, on 14 January 2012 - 12:59 PM, said:

I have just googled for that filename and it seems like it's part of some old and obsolete version of Revolutions Pack so it would perhaps mean that you've got some old RP files hooking in your system and causing those problems.

Maybe indeed this an old Revolutions Pack but if I remember correctly, it was called Windows 98 32-Bit Icon Patch.
I haven't idea how to remove it.

This post has been edited by rainyd: 14 January 2012 - 01:21 PM

[loblo]

Latest version of LMMS running thanks to the msvcrt/msvcr70 subst:

http://www.msfn.org/...post__p__987735

[jumper]

IP.33 is finally done. VC6-style delay load imports took longer than expected. Some design changes were needed that affected a lot of the little details. After much testing and code clean-up, the only casualty was 'Link to copies.' Since this feature is only needed when walking and patching dependent DLLs, I decide not to hold up the release any longer.

From ImportPatcher.c:

// To do:
// create DLL with families of stubs with various parameter counts and return values
// fix 'Link to copies'
// if bind mismatch, unbind by restoring parallel lists, then reprocess
// if ILT null, set to IAT
// list imports even if DLL missing or has no exports
// ordinal support: replace, check, look up name
// function substitution within a bound DLL implies unbinding!
// display TimeDateStamp as words
// custom file search path order w/o app folder, w/ KnownDLLs
// batch process a folder of files: no-walk analyze only; first/last MB or progress window
// dialog box interface
// stub insertion

// Future expansion:
// create inf un/installer for patched file(s)
// After patching, launch
// ExportPatcher: add to a DLL's exports function forwards to a custom DLL

[divad]

now we have a crash.  1.jpg (44.35K)
Number of downloads: 5

[jumper]

divad, on 18 January 2012 - 11:17 AM, said:

now we have a crash. 1.jpg

The ini and log files would have been nice to see, but looking at what we have:

Image base is $400000
Code base is $401000

Map file says:

 0001:0000038a       _PatchFile                 0040138a f   ImportPatcher.obj 

so error is at b91 - 38a = 807 in PatchFile()

Cod file says:

; 682  :             wsprintf (szBuff, "%s\t(%d)\t* not found", pSearch, ByName->Hint);

  00804	8b 45 e8	 mov	 eax, DWORD PTR _ByName$17417[ebp]
  00807	0f b7 00	 movzx	 eax, WORD PTR [eax]

A function search by name has just failed. Eax appears just a tad high, so must be pointing past end of file mapping.

From the information here, it looks like the file is truncated. Or maybe it was produced by an early Borland linker without an ILT:

Quote

// if ILT null, set to IAT

Such files can't be bound, so evidence of binding in the log file would discount this theory.

If the file works in IP.32, it is likely a problem with the delay-import data stuctures. A DW test would also be a good idea.

Please post the text of the .ini and .log files (in spoilers if large).

Thank you for testing!

This post has been edited by jumper: 18 January 2012 - 04:13 PM

[divad]

I am sending here the files.

Attached File(s)

•  coretemp10rc2_123#.ini (397bytes)
  Number of downloads: 4
•  coretemp10rc2_123#.log.txt (30.38K)
  Number of downloads: 3

This post has been edited by divad: 18 January 2012 - 04:18 PM

[jumper]

divad, on 18 January 2012 - 04:11 PM, said:

I am sending here the files.

It looks like either your overclocked memory glitched or your copy of shell32.dll has been corrupted.

...
    Importing from module: 'SHELL32.dll'
        TimeDateStamp: 3c106ecb
        Target OS:     4.0  
        (300) Shell_NotifyIconA	
        (288) ShellExecuteExA	
        (224) SHGetSpecialFolderPathA	
        Importing from module: 'KERNEL32.DLL'
            TimeDateStamp: 3caba233
            Target OS:     4.0  
            

Clues:

• These TimeDateStamps for Shell32 and Kernel32 match those in SP3.
  
• Kernel32 is processed higher in the log with no problems.
  
• I can successfully walk Shell32 directly with IP.33 and also indirectly via Explorer.
  
• Shell32 should be importing from GDI32 first, not Kernel32 (confirmed with DW and other sources).

Please try analyzing Shell32 directly, with and without walking dependencies. Also see if you can analyze coretemp10rc2_1236.exe (Walk=N), then try to reproduce the error with Walk=Y.

Meanwhile, I'll continue to investigate the twelve trailing spaces that don't seem to jive with the rest of the clues....

[loblo]

Don't waste your time trying to run the coretemp installer divad, as 1) there is a zipped no-install download and 2) Coretemp doesn't work on 9x/ME as it relies on NT drivers. If you want a CPU voltage/temperature/fan speed monitor that works, get the latest 9x/ME compatible version of HWMonitor here: http://www.cpuid.com.../1.17-win98.zip

This post has been edited by loblo: 19 January 2012 - 02:35 AM

[divad]

I do not know why, it works now but it works.
thanks

[jumper]

divad, on 19 January 2012 - 03:45 AM, said:

I do not know why, it works now but it works.
thanks

After modding PEfinder to search for local files without ILTs, I discovered it's not just a few files from old linkers (as mentioned in one of the classic '90s PE guides). Many new apps (including a .NET installer!) suffer from this malady.

So I quickly added support for missing ILTs and a related unbinding issue last night and posted IP.34 a few minutes ago. I don't think this was the problem, but uninitialized variables and bad pointers are leading causes of sporadic program behavior.

In the course of this investigation, I also noticed that DW reports that COMCTL32.DLL and USER32.DLL both want to load at the same preferred base! That means every time the second one loads, there is a performance hit as it is relocated.

[jumper]

IPstub.dll is a library of 42 small functions that can be used to plug holes left by missing imports. There are four basic stub families and three debugging stubs.

Basic stub families:

n = 0..9 (0 to 9 32-bit parameters)

• pn (p1..p9): return <parameter 1>
  
• fn (f0..f9): return flast / 0
  
• on (o0..o9): return one / 1
  
• tn (t0..t9): return true / -1 Ordinal assignment (@1..@39): 4*n + { pn:0 | fn:1 | on:2 | tn:3 }
  (There is no p0: can't return 1 of 0 parameters, ordinals start at 1)

Debugging stubs:

• yn @ 40 : Yes/No/Cancel messagebox
  [ Yes ] returns true
  [ No ] returns false
  [ Cancel ] calls ExitProcess(-1)
  - zero parameters
  
• op @ 41 : Cascading Yes/No/Cancel messageboxes
  [ Yes ] returns true
  [ No ] returns false
  [ Cancel ] invokes 2nd messagebox
  [ Yes ] returns <param1>
  [ No ] returns 1
  [ Cancel ] calls ExitProcess(-1)
  - one parameter
  
• bp @ 42 : calls MessageBeep (MB_ICONHAND), returns 0, zero parameters

Tested with IP.7 (first to display usage MessageBox):

[ImportPatcher.34]
;Edit parameters and replacement strings, then Retry or run again to patch. <=

[Parameters]
Walk dependencies=N
Link to copies=N
Unbind broken bindings=N
Target OS=4.10

[DLL substitutions]
USER32.dll=IPstub.dll

[IPstub.dll]
MessageBoxA=op
wsprintfA=yn

[Patch list]
ip7.exe=DLLs, Functions 

Fun, fun! Did I mention it comes with source code?

[rloew]

jumper, on 19 January 2012 - 09:48 PM, said:

IPstub.dll is a library of 42 small functions that can be used to plug holes left by missing imports. There are four basic stub families and three debugging stubs.

Basic stub families:

n = 0..9 (0 to 9 32-bit parameters)

• pn (p1..p9): return <parameter 1>
  
• fn (f0..f9): return flast / 0
  
• on (o0..o9): return one / 1
  
• tn (t0..t9): return true / -1 Ordinal assignment (@1..@39): 4*n + { pn:0 | fn:1 | on:2 | tn:3 }
  (There is no p0: can't return 1 of 0 parameters, ordinals start at 1)

You will need to cover more than 9 parameters. CreateFontA uses 14 parameters. There probably are larger ones elsewhere.

[jumper]

rloew, on 20 January 2012 - 12:07 AM, said:

You will need to cover more than 9 parameters. CreateFontA uses 14 parameters. There probably are larger ones elsewhere.

Fortunately CreateFontA has been in GDI32 since Win32s so we don't need a stub for it. We can cross other bridges when we come to them.

Do you know of any recent comprehensive lists of functions similar to the old WIN32API.CSV? I may need to bite the bullet and download a recent platform SDK, then look at the header files.