jumper

Kext: DIY KernelEx extensions

338 posts in this topic

Running µTorrent 3.0: Main Problem: The downloads aren't saved - The download folder remains empty. 

Kstub822.log: NTdll.dll:NTAllocateVirtualMemory=t6=

Configuration: stable Kstub822  - *ActCtx* functions commented out

Supplement:

The ImportPatcher generats this ini µTorren#3.0.0 26473.zip file of µTorrent 3.0 exe. It lists many missing functions, but in comparison to the generated file of version 2.0.4 (stable with KernelEX) there are only seven functions more.

The difference:

[ntdll.dll]

NtStopProfile=

RtlUnicodeToOemN=

_chkstk=

RtlAdjustPrivilege=

NtSetIntervalProfile=

NtStartProfile=

NtSetInformationProcess=

[Patches needed]

PSAPI.DLL=Functions, Unbind

0

Share this post


Link to post
Share on other sites

> > If you have an NT2K mode that sticks [...]

> All the attempts don't work. All the specfic compatibility modes don't stick!

If you are saying NT2K mode won't stick, and that even Win95 mode won't stick, check that the Kstub822 module names match:


  • [DCFG1]
    contents=Kstub822,std,kexbases,kexbasen
    [WIN95.names]
    ComDlg32.PrintDlgExA=Kstub822.0
    ComDlg32.PrintDlgExW=Kstub822.0

[DCFG1]

contents=Kstub822,std,kexbases,kexbasen

desc=Base enhancements

[WIN95.names]

ComDlg32.PrintDlgExA=Kexstubs.0

ComDlg32.PrintDlgExW=Kexstubs.0

KERNEL32.GetVersion=kexbases.0

KERNEL32.GetVersionExA=kexbases.1

KERNEL32.GetVersionExW=kexbases.1

I'll test method 4 on a second machine. 

Edited by schwups
0

Share this post


Link to post
Share on other sites
If you have an NT2K mode that sticks and supports KERNEL32.FindActCtxSectionStringW, NOFACSS should also stick--those are the only two dependencies:

[NOFACSS]

inherit=NT2K

desc=Win2000 SP4 (for OpenOffice)

[NOFACSS.names]

KERNEL32.FindActCtxSectionStringW=none

OpenOffice can't run with Win2K mode! :no: It starts with default (KernelEX is enabled) mode only.

-------------------------------------------------------------------------------------------------------

New test of method four on the first machine with corected entries:

[WIN95.names]

ComDlg32.PrintDlgExA=Kstub822.0

ComDlg32.PrintDlgExW=Kstub822.0

The specfic compatibility modes stick. Explorer set to "Win2000 SP4, no ActCtx (for MSVCRT 8+)":)

Unfortunately the test led to new problems. First some things have failed on Win startup (ClamTray.exe, NVCPL.dll, AVM IGD Service...). When opening a new window the Explorer caused a not further explained error in Kernel32.dll, but afterwards the window has opened. Sometimes I've got the runtime error by moving the mouse over the start menu. :}

Explorer set to mode "disabled" solves these errors, but it seems not a good idea. For example OpenOffice reports "The ...swriter.exe file expects a newer version of windows". I think this applies to some KernelEX dependant apps.

A mode "default (KernelEX is enabled) or base Base enhancements, no ActCtx (for MSVCRT 8+)" could work as compromise solution.

Edited by schwups
0

Share this post


Link to post
Share on other sites

OK, I changed the core.ini:

[NOAC]

inherit=DCFG1

desc=Base enhancements, no ActCtx (for MSVCRT 8+)

[NOAC.names]

KERNEL32.ActivateActCtx=none

KERNEL32.CreateActCtxA=none

KERNEL32.CreateActCtxW=none

KERNEL32.DeactivateActCtx=none

KERNEL32.FindActCtxSectionStringA=none

KERNEL32.FindActCtxSectionStringW=none

KERNEL32.ReleaseActCtx=none

After I've set the Explorer to the new mode, Windows seems to run fine. OpenOffice starts, too. Reboot required.

Edited by schwups
0

Share this post


Link to post
Share on other sites

OK, I changed the core.ini:

[NOAC]

inherit=DCFG1

desc=Base enhancements, no ActCtx (for MSVCRT 8+)

[NOAC.names]

KERNEL32.ActivateActCtx=none

KERNEL32.CreateActCtxA=none

KERNEL32.CreateActCtxW=none

KERNEL32.DeactivateActCtx=none

KERNEL32.FindActCtxSectionStringA=none

KERNEL32.FindActCtxSectionStringW=none

KERNEL32.ReleaseActCtx=none

After I've set the Explorer to the new mode, Windows seems to run fine. OpenOffice starts, too. Reboot required.

Isn't that the same as if you would commenting these entries out in the stubs.ini ??

Jumper mentioned K-Meleon a few posts up - maybe you can try if it works.

Edited by MiKl
0

Share this post


Link to post
Share on other sites
Thanks you, loblo, for providing us with the first working solution to the ActCtx conundrum! :thumbup

I just followed your instructions. ;)

0

Share this post


Link to post
Share on other sites

Good news: I'm posting this from K-Meleon 1.6.0 Beta2 using new Method 2 definitions. :yes:

Obstacles:


  1. 1. FindActCtxSectionStringW
    To avoid the R6034 error, previously this function needed to be undefined. I found that declaring success also works:
    FindActCtxSectionStringW=o5e0
    2. CreateActCtxW
    Neither T nor F worked, but returning the first parameter (pointer to ACTCTX struct) works:
    CreateActCtxW=p1e0
    3. ActivateActCtx
    Once again, declaring success instead of failure was the key:
    ActivateActCtx=t2e0

After redefining each function, I relaunched KM and then checked Kstub822.log to monitor the progress.

In all three cases, the 'e0' (ERROR_SUCCESS) is probably not needed, but MSDN states "This function sets errors that can be retrieved by calling GetLastError" without limiting the scope to failure cases.

Additionally, I've deleted the two ANSI functions as they don't seem to be needed.

In summary, the new ActCtx definition set is:


[Kernel32.dll]
ActivateActCtx=t2e0
CreateActCtxW=p1e0
DeactivateActCtx=f2e
FindActCtxSectionStringW=o5e0
ReleaseActCtx=f1

I haven't exit KM yet, but will update if DeactivateActCtx or ReleaseActCtx also need to report success.

0

Share this post


Link to post
Share on other sites

Even better, the VST plugins built with recent versions of Synthedit which didn't run at all without KexStub and which I had reported running but without an useable UI with the old actctx definitions... Guess what now, they now display their UI which is fully functional!!!!

:thumbup

0

Share this post


Link to post
Share on other sites

Good news: I'm posting this from K-Meleon 1.6.0 Beta2 using new Method 2 definitions. :yes:

Obstacles:


  1. 1. FindActCtxSectionStringW
    To avoid the R6034 error, previously this function needed to be undefined. I found that declaring success also works:
    FindActCtxSectionStringW=o5e0
    2. CreateActCtxW
    Neither T nor F worked, but returning the first parameter (pointer to ACTCTX struct) works:
    CreateActCtxW=p1e0
    3. ActivateActCtx
    Once again, declaring success instead of failure was the key:
    ActivateActCtx=t2e0

After redefining each function, I relaunched KM and then checked Kstub822.log to monitor the progress.

In all three cases, the 'e0' (ERROR_SUCCESS) is probably not needed, but MSDN states "This function sets errors that can be retrieved by calling GetLastError" without limiting the scope to failure cases.

Additionally, I've deleted the two ANSI functions as they don't seem to be needed.

In summary, the new ActCtx definition set is:


[Kernel32.dll]
ActivateActCtx=t2e0
CreateActCtxW=p1e0
DeactivateActCtx=f2e
FindActCtxSectionStringW=o5e0
ReleaseActCtx=f1

I haven't exit KM yet, but will update if DeactivateActCtx or ReleaseActCtx also need to report success.

Hi jumper,

I've just tried these ActCtx definitions in 'Kstub822.ini' and "contents=Kstub822,std,kexbases,kexbasen" in 'core.ini'.

Starting Open Office 3.2.1 'SCALC.EXE' produced an error R6034 and the follow-on error about 'MSVCR90.DLL' not starting. I expect the solutions from post #144 would be able to resolve this.

I then tried 'HoverIP' - worked fine.

However, when I tried SAP GUI for Java, I got the following error :

JAVAW caused an exception 03H in module KERNEL32.DLL at 016f:bff768a1.

Registers:

EAX=c0030900 CS=016f EIP=bff768a1 EFLGS=00000246

EBX=00000000 SS=0177 ESP=1845e5c8 EBP=1845e5fc

ECX=ffffff64 DS=0177 ESI=7813220d FS=1b2f

EDX=00000000 ES=0177 EDI=00000000 GS=0000

Bytes at CS:EIP:

c3 cc cc 55 8b ec 56 57 68 c0 d4 fc bf e8 01 d9

Stack dump:

78132225 3fcdce11 00000000 78130000 81d55e8c 0000000a 00000004 1845e5cc 1845e3e0 1845e7c4 78138ad1 5f9360b5 fffffffe 1845e7d4 78132337 78130000

Joe.

0

Share this post


Link to post
Share on other sites

Joe, it's the FindActCtxSectionStringW definition which appears to be not good enough. You may want to hex that string in msvcr90 to something else as to fix your problem for now.

I am now also able to run the excellent GraphStudioNext: https://code.google.com/p/graph-studio-next/

0

Share this post


Link to post
Share on other sites

Running µTorrent 3.0: Main Problem: The downloads aren't saved - The download folder remains empty.

Kstub822.log: NTdll.dll:NTAllocateVirtualMemory=t6=

Configuration: stable Kstub822 - *ActCtx* functions commented out

Shame on µTorrent 3.0. NTAllocateVirtualMemory is a Windows Native System Services routine; apps should be calling VirtualAlloc instead.

You can try using some of the other return codes as documented at MSDN, but I think this function will require a full Wine implementation.

0

Share this post


Link to post
Share on other sites

Running µTorrent 3.0: Main Problem: The downloads aren't saved - The download folder remains empty. 

By now I have come across a few apps who don't appear to be able to read or write or both. There is implementation of new file I/O APIs in KernelEx as well as fixes for file I/O APIs already present in 98/ME but I think something might still not be complete there. And I suspect that the well known Firefox issue missing History and Bookmarks might be related.

0

Share this post


Link to post
Share on other sites

After much definition testing, I was unable to find one for FindActCtxSectionStringW that would appease Msvcrt90.

The ActCtx definitions were introduced way back in post #10 and schwups first reported problems with it in post #15. Joe traced the main problem to FindActCtxSectionStringW in post #25. Clearly including FindActCtxSectionStringW was a big mistake (mine!), as no app is known to need it.

Removing FindActCtxSectionStringW, retaining the other new definitions, and adding similar new definitions for the rest of the (non-Find*) ActCtx clan, we get:


[Kernel32.dll]
ActivateActCtx=o2e0
AddRefActCtx=z1
CreateActCtxA=p1e0
CreateActCtxW=p1e0
DeactivateActCtx=o2e0
GetCurrentActCtx=f1e ; needs code for success
IsolationAwareCleanup=z0 ; for ActCtx/manifest
QueryActCtxSettingsW=o7e0
QueryActCtxW=o7e0
ReleaseActCtx=z1
ZombifyActCtx=o1e0

Using these "Method 2" definitions, we shouldn't need method 4 (or 3). So here is a Core.ini that reverts nearly back to the original:

[ApiConfigurations]

default=0

0=DCFG1

1=WIN95

2=WIN98

3=WINME

4=NT40

5=NT2K

6=WINXP

7=WIN2K3

8=VISTA

9=WIN2K8

10=NOHEAP

[DCFG1]

contents=Kstub822,std,kexbases,kexbasen

desc=Base enhancements

[DCFG1.names.98]

ComDlg32.PrintDlgExA=Kstub822

ComDlg32.PrintDlgExW=Kstub822

KERNEL32.GetVersion=std

GDI32.SetWorldTransform=kexbases.0

GDI32.GetRandomRgn=std

GDI32.SetGraphicsMode=std

GDI32.GetTextMetricsA=std

GDI32.GetWorldTransform=std

GDI32.ModifyWorldTransform=std

GDI32.SetMapMode=std

KERNEL32.VerSetConditionMask=none

KERNEL32.VerifyVersionInfoA=none

KERNEL32.VerifyVersionInfoW=none

KERNEL32.CreateIoCompletionPort=std

SHELL32.SHParseDisplayName=none

[DCFG1.names.Me]

ComDlg32.PrintDlgExA=Kstub822

ComDlg32.PrintDlgExW=Kstub822

KERNEL32.GetVersion=std

GDI32.SetWorldTransform=kexbases.0

GDI32.GetRandomRgn=std

GDI32.SetGraphicsMode=std

GDI32.GetTextMetricsA=std

GDI32.GetWorldTransform=std

GDI32.ModifyWorldTransform=std

GDI32.SetMapMode=std

KERNEL32.VerSetConditionMask=none

KERNEL32.VerifyVersionInfoA=none

KERNEL32.VerifyVersionInfoW=none

KERNEL32.CreateIoCompletionPort=std

USER32.AllowSetForegroundWindow=std

USER32.LockSetForegroundWindow=std

USER32.GetMouseMovePointsEx=std

SHELL32.SHParseDisplayName=none

[WIN95]

inherit=DCFG1

desc=Windows 95

[WIN95.names]

KERNEL32.GetVersion=kexbases.0

KERNEL32.GetVersionExA=kexbases.1

KERNEL32.GetVersionExW=kexbases.1

[WIN98]

inherit=WIN95

desc=Windows 98 SE

[WIN98.names]

KERNEL32.GetVersion=kexbases.1

KERNEL32.GetVersionExA=kexbases.2

KERNEL32.GetVersionExW=kexbases.2

[WINME]

inherit=WIN98

desc=Windows Millennium

[WINME.names]

KERNEL32.GetVersion=kexbases.2

KERNEL32.GetVersionExA=kexbases.3

KERNEL32.GetVersionExW=kexbases.3

[NT40]

inherit=WIN95

desc=Windows NT 4.0 SP6

[NT40.names]

KERNEL32.GetVersion=kexbases.3

KERNEL32.GetVersionExA=kexbases.4

KERNEL32.GetVersionExW=kexbases.4

KERNEL32.CreateIoCompletionPort=kexbases.0

GDI32.GetRandomRgn=kexbases.0

GDI32.SetGraphicsMode=kexbases.0

GDI32.GetTextMetricsA=kexbases.0

GDI32.GetWorldTransform=kexbases.0

GDI32.ModifyWorldTransform=kexbases.0

GDI32.SetMapMode=kexbases.0

GDI32.SetWorldTransform=kexbases.1

[NT2K]

inherit=NT40

desc=Windows 2000 SP4

[NT2K.names]

KERNEL32.GetVersion=kexbases.4

KERNEL32.GetVersionExA=kexbases.5

KERNEL32.GetVersionExW=kexbases.5

KERNEL32.VerSetConditionMask=kexbases.0

KERNEL32.VerifyVersionInfoA=kexbases.0

KERNEL32.VerifyVersionInfoW=kexbases.0

[WINXP]

inherit=NT2K

desc=Windows XP SP2

[WINXP.names]

KERNEL32.GetVersion=kexbases.5

KERNEL32.GetVersionExA=kexbases.6

KERNEL32.GetVersionExW=kexbases.6

KERNEL32.VerifyVersionInfoA=kexbases.1

KERNEL32.VerifyVersionInfoW=kexbases.1

SHELL32.SHParseDisplayName=kexbasen.0

[WIN2K3]

inherit=WINXP

desc=Windows 2003 SP1

[WIN2K3.names]

KERNEL32.GetVersion=kexbases.6

KERNEL32.GetVersionExA=kexbases.7

KERNEL32.GetVersionExW=kexbases.7

KERNEL32.VerifyVersionInfoA=kexbases.2

KERNEL32.VerifyVersionInfoW=kexbases.2

[VISTA]

inherit=WIN2K3

desc=Windows Vista

[VISTA.names]

KERNEL32.GetVersion=kexbases.7

KERNEL32.GetVersionExA=kexbases.8

KERNEL32.GetVersionExW=kexbases.8

KERNEL32.VerifyVersionInfoA=kexbases.3

KERNEL32.VerifyVersionInfoW=kexbases.3

[WIN2K8]

inherit=VISTA

desc=Windows 2008 SP1

[WIN2K8.names]

KERNEL32.GetVersion=kexbases.8

KERNEL32.GetVersionExA=kexbases.9

KERNEL32.GetVersionExW=kexbases.9

KERNEL32.VerifyVersionInfoA=kexbases.4

KERNEL32.VerifyVersionInfoW=kexbases.4

[NOHEAP]

inherit=DCFG1

desc=Disable custom heap

[NOHEAP.names]

KERNEL32.HeapCreate=std

KERNEL32.HeapDestroy=std

KERNEL32.HeapAlloc=std

KERNEL32.HeapFree=std

KERNEL32.HeapSize=std

KERNEL32.HeapReAlloc=std

The only differences are:


[ApiConfigurations]
default=0

[DCFG1]
contents=Kstub822,std,kexbases,kexbasen
desc=Base enhancements

[DCFG1.names.98]
ComDlg32.PrintDlgExA=Kstub822
ComDlg32.PrintDlgExW=Kstub822

[DCFG1.names.Me]
ComDlg32.PrintDlgExA=Kstub822
ComDlg32.PrintDlgExW=Kstub822

I'm hoping to assemble this week a release package for Kexstubs that will be easy to install. I'll be reviewing Kstub822.ini and preparing a stubs.ini that has logging disabled and any last definitions that should go in. All suggestions are very welcome! :yes:

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.