search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Define strncpyW to ensure that users know why it is not present.
[wine/hacks.git] / documentation / architecture.sgml
blob9ec7cbff519eafafcc0f43ecb7668fe2497488aa
1 <chapter id="architecture">
2 <title>Overview</title>
3 <para>Brief overview of Wine's architecture...</para>
4
5 <sect1 id="basic-overview">
6 <title>Wine Overview</title>
7
8 <para>
9 With the fundamental architecture of Wine stabilizing, and
10 people starting to think that we might soon be ready to
11 actually release this thing, it may be time to take a look at
12 how Wine actually works and operates.
13 </para>
14
15 <sect2>
16 <title>Foreword</title>
17 <para>
18 Wine is often used as a recursive acronym, standing for
19 "Wine Is Not an Emulator". Sometimes it is also known to be
20 used for "Windows Emulator". In a way, both meanings are
21 correct, only seen from different perspectives. The first
22 meaning says that Wine is not a virtual machine, it does not
23 emulate a CPU, and you are not supposed to install
24 Windows nor any Windows device drivers on top of it; rather,
25 Wine is an implementation of the Windows API, and can be
26 used as a library to port Windows applications to Unix. The
27 second meaning, obviously, is that to Windows binaries
28 (<filename>.exe</filename> files), Wine does look like
29 Windows, and emulates its behaviour and quirks rather
30 closely.
31 </para>
32 <note>
33 <title>"Emulator"</title>
34 <para>
35 The "Emulator" perspective should not be thought of as if
36 Wine is a typical inefficient emulation layer that means
37 Wine can't be anything but slow - the faithfulness to the
38 badly designed Windows API may of course impose a minor
39 overhead in some cases, but this is both balanced out by
40 the higher efficiency of the Unix platforms Wine runs on,
41 and that other possible abstraction libraries (like Motif,
42 GTK+, CORBA, etc) has a runtime overhead typically
43 comparable to Wine's.
44 </para>
45 </note>
46 </sect2>
47
48 <sect2>
49 <title>Executables</title>
50 <para>
51 Wine's main task is to run Windows executables under non
52 Windows operating systems. It supports different types of
53 executables:
54 <itemizedlist>
55 <listitem>
56 <para>
57 DOS executable. Those are even older programs, using
58 the DOS format (either <filename>.com</filename> or
59 <filename>.exe</filename> (the later being also called
60 MZ)).
61 </para>
62 </listitem>
63 <listitem>
64 <para>
65 Windows NE executable, also called 16 bit. They were
66 the native processes run by Windows 2.x and 3.x. NE
67 stands for New Executable &lt;g&gt;.
68 </para>
69 </listitem>
70 <listitem>
71 <para>
72 Windows PE executable. These are programs were
73 introduced in Windows 95 (and became the native
74 formats for all later Windows version), even if 16 bit
75 applications were still supported. PE stands for
76 Portable Executable, in a sense where the format of
77 the executable (as a file) is independent of the CPU
78 (even if the content of the file - the code - is CPU
79 dependent).
80 </para>
81 </listitem>
82 <listitem>
83 <para>
84 Winelib executable. These are applications, written
85 using the Windows API, but compiled as a Unix
86 executable. Wine provides the tools to create such
87 executables.
88 </para>
89 </listitem>
90 </itemizedlist>
91 </para>
92 <para>
93 Let's quickly review the main differences for the supported
94 executables:
95 <table>
96 <title>Wine executables</title>
97 <tgroup cols="5" align="left" colsep="1" rowsep="1">
98 <thead>
99 <row>
100 <entry></entry>
101 <entry>DOS (.COM or .EXE)</entry>
102 <entry>Win16 (NE)</entry>
103 <entry>Win32 (PE)</entry>
104 <entry>Winelib</entry>
105 </row>
106 </thead>
107 <tbody>
108 <row>
109 <entry>Multitasking</entry>
110 <entry>Only one application at a time (except for TSR)</entry>
111 <entry>Cooperative</entry>
112 <entry>Preemptive</entry>
113 <entry>Preemptive</entry>
114 </row>
115 <row>
116 <entry>Address space</entry>
117 <entry>
118 One MB of memory, where each application is loaded
119 and unloaded.
120 </entry>
121 <entry>
122 All 16 bit applications share a single address
123 space, protected mode.
124 </entry>
125 <entry>
126 Each application has it's own address
127 space. Requires MMU support from CPU.
128 </entry>
129 <entry>
130 Each application has it's own address
131 space. Requires MMU support from CPU.
132 </entry>
133 </row>
134 <row>
135 <entry>Windows API</entry>
136 <entry>
137 No Windows API but the DOS API (like <function>Int
138 21h</function> traps).
139 </entry>
140 <entry>
141 Will call the 16 bit Windows API.
142 </entry>
143 <entry>
144 Will call the 32 bit Windows API.
145 </entry>
146 <entry>
147 Will call the 32 bit Windows API, and possibly
148 also the Unix APIs.
149 </entry>
150 </row>
151 <row>
152 <entry>Code (CPU level)</entry>
153 <entry>
154 Only available on x86 in real mode. Code and data
155 are in segmented forms, with 16 bit
156 offsets. Processor is in real mode.
157 </entry>
158 <entry>
159 Only available on IA-32 architectures, code and
160 data are in segmented forms, with 16 bit offsets
161 (hence the 16 bit name). Processor is in protected
162 mode.
163 </entry>
164 <entry>
165 Available (with NT) on several CPUs, including
166 IA-32. On this CPU, uses a flat memory model with
167 32 bit offsets (hence the 32 bit name).
168 </entry>
169 <entry>
170 Flat model, with 32 bit addresses.
171 </entry>
172 </row>
173 <row>
174 <entry>Multi-threading</entry>
175 <entry>Not available.</entry>
176 <entry>Not available.</entry>
177 <entry>
178 Available.
179 </entry>
180 <entry>
181 Available, but must use the Win32 APIs for
182 threading and synchronization, not the Unix ones.
183 </entry>
184 </row>
185 </tbody>
186 </tgroup>
187 </table>
188 </para>
189
190 <para>
191 Wine deals with this issue by launching a separate Wine process (which
192 is in fact a Unix process) for each Win32 process, but not for Win16
193 tasks. Win16 tasks are run as different intersynchronized Unix-threads
194 in the same dedicated Wine process; this Wine process is commonly
195 known as a <firstterm>WOW</firstterm> process (Windows on Windows),
196 referring to a similar mechanism used by Windows NT.
197 </para>
198 <para>
199 Synchronization between the Win16 tasks running in the WOW
200 process is normally done through the Win16 mutex - whenever
201 one of them is running, it holds the Win16 mutex, keeping
202 the others from running. When the task wishes to let the
203 other tasks run, the thread releases the Win16 mutex, and
204 one of the waiting threads will then acquire it and let its
205 task run.
206 </para>
207 <para>
208 <command>winevdm</command> is the Wine process dedicated to running the
209 Win16 processes. Note that several instances of this process could
210 exist, has Windows has support for different VDM (Virtual Dos
211 Machines) in order to have Win16 processes running in different
212 address spaces. Wine also uses the same architecture to run DOS
213 programs (in this case, the DOS emulation is provided by a Wine only
214 DLL called <filename>winedos</filename>.
215 </para>
216 </sect2>
217 </sect1>
218
219 <sect1>
220 <title>Standard Windows Architectures</title>
221
222 <sect2>
223 <title>Windows 9x architecture</title>
224
225 <para>
226 The windows architecture (Win 9x way) looks like this:
227 <screen>
228 +---------------------+ \
229 | Windows EXE | } application
230 +---------------------+ /
231
232 +---------+ +---------+ \
233 | Windows | | Windows | \ application & system DLLs
234 | DLL | | DLL | /
235 +---------+ +---------+ /
236
237 +---------+ +---------+ \
238 | GDI32 | | USER32 | \
239 | DLL | | DLL | \
240 +---------+ +---------+ } core system DLLs
241 +---------------------+ /
242 | Kernel32 DLL | /
243 +---------------------+ /
244
245 +---------------------+ \
246 | Win9x kernel | } kernel space
247 +---------------------+ /
248
249 +---------------------+ \
250 | Windows low-level | \ drivers (kernel space)
251 | drivers | /
252 +---------------------+ /
253 </screen>
254 </para>
255 </sect2>
256 <sect2>
257 <title>Windows NT architecture</title>
258
259 <para>
260 The windows architecture (Windows NT way) looks like the
261 following drawing. Note the new DLL
262 (<filename>NTDLL</filename>) which allows implementing
263 different subsystems (as win32);
264 <filename>kernel32</filename> in NT architecture
265 implements the Win32 subsystem on top of
266 <filename>NTDLL</filename>.
267 <screen>
268 +---------------------+ \
269 | Windows EXE | } application
270 +---------------------+ /
271
272 +---------+ +---------+ \
273 | Windows | | Windows | \ application & system DLLs
274 | DLL | | DLL | /
275 +---------+ +---------+ /
276
277 +---------+ +---------+ +-----------+ \
278 | GDI32 | | USER32 | | | \
279 | DLL | | DLL | | | \
280 +---------+ +---------+ | | \ core system DLLs
281 +---------------------+ | | / (on the left side)
282 | Kernel32 DLL | | Subsystem | /
283 | (Win32 subsystem) | |Posix, OS/2| /
284 +---------------------+ +-----------+ /
285
286 +---------------------------------------+
287 | NTDLL.DLL |
288 +---------------------------------------+
289
290 +---------------------------------------+ \
291 | NT kernel | } NT kernel (kernel space)
292 +---------------------------------------+ /
293 +---------------------------------------+ \
294 | Windows low-level drivers | } drivers (kernel space)
295 +---------------------------------------+ /
296 </screen>
297 </para>
298 <para>
299 Note also (not depicted in schema above) that the 16 bit
300 applications are supported in a specific subsystem.
301 Some basic differences between the Win9x and the NT
302 architectures include:
303 <itemizedlist>
304 <listitem>
305 <para>
306 Several subsystems (Win32, Posix...) can be run on NT,
307 while not on Win 9x
308 </para>
309 </listitem>
310 <listitem>
311 <para>
312 Win 9x roots its architecture in 16 bit systems, while
313 NT is truly a 32 bit system.
314 </para>
315 </listitem>
316 <listitem>
317 <para>
318 The drivers model and interfaces in Win 9x and NT are
319 different (even if Microsoft tried to bridge the gap
320 with some support of WDM drivers in Win 98 and above).
321 </para>
322 </listitem>
323 </itemizedlist>
324 </para>
325 </sect2>
326 </sect1>
327
328 <sect1>
329 <title>Wine architecture</title>
330
331 <sect2>
332 <title>Global picture</title>
333
334 <para>
335 Wine implementation is closer to the Windows NT
336 architecture, even if several subsystems are not implemented
337 yet (remind also that 16bit support is implemented in a 32-bit
338 Windows EXE, not as a subsystem). Here's the overall picture:
339 <screen>
340 +---------------------+ \
341 | Windows EXE | } application
342 +---------------------+ /
343
344 +---------+ +---------+ \
345 | Windows | | Windows | \ application & system DLLs
346 | DLL | | DLL | /
347 +---------+ +---------+ /
348
349 +---------+ +---------+ +-----------+ +--------+ \
350 | GDI32 | | USER32 | | | | | \
351 | DLL | | DLL | | | | Wine | \
352 +---------+ +---------+ | | | Server | \ core system DLLs
353 +---------------------+ | | | | / (on the left side)
354 | Kernel32 DLL | | Subsystem | | NT-like| /
355 | (Win32 subsystem) | |Posix, OS/2| | Kernel | /
356 +---------------------+ +-----------+ | | /
357 | |
358 +---------------------------------------+ | |
359 | NTDLL | | |
360 +---------------------------------------+ +--------+
361
362 +---------------------------------------+ \
363 | Wine executable (wine-?thread) | } unix executable
364 +---------------------------------------+ /
365 +---------------------------------------------------+ \
366 | Wine drivers | } Wine specific DLLs
367 +---------------------------------------------------+ /
368
369 +------------+ +------------+ +--------------+ \
370 | libc | | libX11 | | other libs | } unix shared libraries
371 +------------+ +------------+ +--------------+ / (user space)
372
373 +---------------------------------------------------+ \
374 | Unix kernel (Linux,*BSD,Solaris,OS/X) | } (Unix) kernel space
375 +---------------------------------------------------+ /
376 +---------------------------------------------------+ \
377 | Unix device drivers | } Unix drivers (kernel space)
378 +---------------------------------------------------+ /
379 </screen>
380 </para>
381
382 <para>
383 Wine must at least completely replace the "Big Three" DLLs
384 (<filename>KERNEL</filename>/<filename>KERNEL32</filename>,
385 <filename>GDI</filename>/<filename>GDI32</filename>, and
386 <filename>USER</filename>/<filename>USER32</filename>),
387 which all other DLLs are layered on top of. But since Wine
388 is (for various reasons) leaning towards the NT way of
389 implementing things, the <filename>NTDLL</filename> is
390 another core DLL to be implemented in Wine, and many
391 <filename>KERNEL32</filename> and
392 <filename>ADVAPI32</filename> features will be
393 implemented through the <filename>NTDLL</filename>.
394 </para>
395 <para>
396 As of today, no real subsystem (apart the Win32 one) has
397 been implemented in Wine.
398 </para>
399 <para>
400 The Wine server provides the backbone for the implementation
401 of the core DLLs. It mainly implementents inter-process
402 synchronization and object sharing. It can be seen, from a
403 functional point of view, as a NT kernel (even if the APIs
404 and protocols used between Wine's DLL and the Wine server
405 are Wine specific).
406 </para>
407 <para>
408 Wine uses the Unix drivers to access the various hardware
409 pieces on the box. However, in some cases, Wine will
410 provide a driver (in Windows sense) to a physical hardware
411 device. This driver will be a proxy to the Unix driver
412 (this is the case, for example, for the graphical part
413 with X11 or SDL drivers, audio with OSS or ALSA drivers...).
414 </para>
415 <para>
416 All DLLs provided by Wine try to stick as much as possible
417 to the exported APIs from the Windows platforms. There are
418 rare cases where this is not the case, and have been
419 propertly documented (Wine DLLs export some Wine specific
420 APIs). Usually, those are prefixed with
421 <function>__wine</function>.
422 </para>
423 <para>
424 Let's now review in greater details all of those components.
425 </para>
426 </sect2>
427
428 <sect2>
429 <title>The Wine server</title>
430 <para>
431 The Wine server is among the most confusing concepts in
432 Wine. What is its function in Wine? Well, to be brief, it
433 provides Inter-Process Communication (IPC),
434 synchronization, and process/thread management. When the
435 Wine server launches, it creates a Unix socket for the
436 current host based on (see below) your home directory's
437 <filename>.wine</filename> subdirectory (or wherever the
438 <envar>WINEPREFIX</envar> environment variable points to)
439 - all Wine processes launched later connects to the Wine
440 server using this socket. If a Wine server was not
441 already running, the first Wine process will start up the
442 Wine server in auto-terminate mode (i.e. the Wine server
443 will then terminate itself once the last Wine process has
444 terminated).
445 </para>
446 <para>
447 In earlier versions of Wine the master socket mentioned
448 above was actually created in the configuration directory;
449 either your home directory's <filename>/wine</filename>
450 subdirectory or wherever the
451 <envar>WINEPREFIX</envar> environment variable points>.
452 Since that might not be possible the socket is actually
453 created within the <filename>/tmp</filename> directory
454 with a name that reflects the configuration directory.
455 This means that there can actually be several separate
456 copies of the Wine server running; one per combination of
457 user and configuration directory. Note that you should
458 not have several users using the same configuration
459 directory at the same time; they will have different
460 copies of the Wine server running and this could well
461 lead to problems with the registry information that
462 they are sharing.
463 </para>
464 <para>
465 Every thread in each Wine process has its own request
466 buffer, which is shared with the Wine server. When a
467 thread needs to synchronize or communicate with any other
468 thread or process, it fills out its request buffer, then
469 writes a command code through the socket. The Wine server
470 handles the command as appropriate, while the client
471 thread waits for a reply. In some cases, like with the
472 various <function>WaitFor???</function> synchronization
473 primitives, the server handles it by marking the client
474 thread as waiting and does not send it a reply before the
475 wait condition has been satisfied.
476 </para>
477 <para>
478 The Wine server itself is a single and separate Unix
479 process and does not have its own threading - instead, it
480 is built on top of a large <function>poll()</function>
481 loop that alerts the Wine server whenever anything
482 happens, such as a client having sent a command, or a wait
483 condition having been satisfied. There is thus no danger
484 of race conditions inside the Wine server itself - it is
485 often called upon to do operations that look completely
486 atomic to its clients.
487 </para>
488 <para>
489 Because the Wine server needs to manage processes,
490 threads, shared handles, synchronization, and any related
491 issues, all the clients' Win32 objects are also managed by
492 the Wine server, and the clients must send requests to the
493 Wine server whenever they need to know any Win32 object
494 handle's associated Unix file descriptor (in which case
495 the Wine server duplicates the file descriptor, transmits
496 it back to the client, and leaves it to the client to
497 close the duplicate when the client has finished with
498 it).
499 </para>
500 </sect2>
501
502 <sect2>
503 <title>
504 Wine builtin DLLs: about Relays, Thunks, and DLL
505 descriptors
506 </title>
507 <para>
508 This section mainly applies to builtin DLLs (DLLs provided
509 by Wine). See section <xref linkend="arch-dlls"> for the
510 details on native vs. builtin DLL handling.
511 </para>
512 <para>
513 Loading a Windows binary into memory isn't that hard by
514 itself, the hard part is all those various DLLs and entry
515 points it imports and expects to be there and function as
516 expected; this is, obviously, what the entire Wine
517 implementation is all about. Wine contains a range of DLL
518 implementations. You can find the DLLs implementation in the
519 <filename>dlls/</filename> directory.
520 </para>
521 <para>
522 Each DLL (at least, the 32 bit version, see below) is
523 implemented in a Unix shared library. The file name of this
524 shared library is the module name of the DLL with a
525 <filename>.dll.so</filename> suffix (or
526 <filename>.drv.so</filename> or any other relevant extension
527 depending on the DLL type). This shared library contains the
528 code itself for the DLL, as well as some more information,
529 as the DLL resources and a Wine specific DLL descriptor.
530 </para>
531 <para>
532 The DLL descriptor, when the DLL is instanciated, is used to
533 create an in-memory PE header, which will provide access to
534 various information about the DLL, including but not limited
535 to its entry point, its resources, its sections, its debug
536 information...
537 </para>
538 <para>
539 The DLL descriptor and entry point table is generated by
540 the <command>winebuild</command> tool (previously just
541 named <command>build</command>), taking DLL specification
542 files with the extension <filename>.spec</filename> as
543 input. Resources (after compilation by
544 <command>wrc</command>) or message tables (after
545 compilation by <command>wmc</command>) are also added to
546 the descriptor by <command>winebuild</command>.
547 </para>
548 <para>
549 Once an application module wants to import a DLL, Wine
550 will look at:
551 <itemizedlist>
552 <listitem>
553 <para>
554 through its list of registered DLLs (in fact, both
555 the already loaded DLLs, and the already loaded
556 shared libraries which has registered a DLL
557 descriptor). Since, the DLL descriptor is
558 automatically registered when the shared library is
559 loaded - remember, registration call is put inside a
560 shared library constructor - using the
561 <envar>PRELOAD</envar> environment variable when
562 running a Wine process can force the registration of
563 some DLL descriptors.
564 </para>
565 </listitem>
566 <listitem>
567 <para>
568 If it's not registered, Wine will look for it on
569 disk, building the shared library name from the DLL
570 module name. Directory searched for are specified by
571 the <envar>WINEDLLPATH</envar> environment variable.
572 </para>
573 </listitem>
574 <listitem>
575 <para>
576 Failing that, it will look for a real Windows
577 <filename>.DLL</filename> file to use, and look
578 through its imports, etc) and use the loading of
579 native DLLs.
580 </para>
581 </listitem>
582 </itemizedlist>
583 </para>
584 <para>
585 After the DLL has been identified (assuming it's still a
586 native one), it's mapped into memory using a
587 <function>dlopen()</function> call. Note, that Wine doesn't
588 use the shared library mechanisms for resolving and/or
589 importing functions between two shared libraries (for two
590 DLLs). The shared library is only used for providing a way
591 to load a piece of code on demand. This piece of code,
592 thanks the DLL descriptor, will provide the same type of
593 information a native DLL would. Wine can then use the same
594 code for native and builtin DLL to handle imports/exports.
595 </para>
596 <para>
597 Wine also relies on the dynamic loading features of the Unix
598 shared libraries to relocate the DLLs if needed (the same
599 DLL can be loaded at different address in two different
600 processes, and even in two consecutive run of the same
601 executable if the order of loading the DLLs differ).
602 </para>
603 <para>
604 The DLL descriptor is registered in the Wine realm using
605 some tricks. The <command>winebuild</command> tool, while
606 creating the code for DLL descriptor, also creates a
607 constructor, that will be called when the shared library is
608 loaded into memory. This constructor will actually register
609 the descriptor to the Wine DLL loader. Hence, before the
610 <function>dlopen</function> call returns, the DLL descriptor
611 will be known and registered. This also helps to deal with
612 the cases where there's still dependencies (at the ELF
613 shared lib level, not at the embedded DLL level) between
614 different shared libraries: the embedded DLLs will be
615 properly registered, and even loaded (from a Windows point
616 of view).
617 </para>
618 <para>
619 Since Wine is 32-bit code itself, and if the compiler
620 supports Windows' calling convention, <type>stdcall</type>
621 (<command>gcc</command> does), Wine can resolve imports
622 into Win32 code by substituting the addresses of the Wine
623 handlers directly without any thunking layer in
624 between. This eliminates the overhead most people
625 associate with "emulation", and is what the applications
626 expect anyway.
627 </para>
628 <para>
629 However, if the user specified <parameter>WINEDEBUG=+relay
630 </parameter>, a thunk layer is inserted between the
631 application imports and the Wine handlers (actually the
632 export table of the DLL is modified, and a thunk is
633 inserted in the table); this layer is known as "relay"
634 because all it does is print out the arguments/return
635 values (by using the argument lists in the DLL
636 descriptor's entry point table), then pass the call on,
637 but it's invaluable for debugging misbehaving calls into
638 Wine code. A similar mechanism also exists between Windows
639 DLLs - Wine can optionally insert thunk layers between
640 them, by using <parameter>WINEDEBUG=+snoop</parameter>,
641 but since no DLL descriptor information exists for
642 non-Wine DLLs, this is less reliable and may lead to
643 crashes.
644 </para>
645 <para>
646 For Win16 code, there is no way around thunking - Wine
647 needs to relay between 16-bit and 32-bit code. These
648 thunks switch between the app's 16-bit stack and Wine's
649 32-bit stack, copies and converts arguments as appropriate
650 (an int is 16 bit 16-bit and 32 bits in 32-bit, pointers
651 are segmented in 16 bit (and also near or far) but are 32
652 bit linear values in 32 bit), and handles the Win16
653 mutex. Some finer control can be obtained on the
654 conversion, see <command>winebuild</command> reference
655 manual for the details. Suffice to say that the kind of
656 intricate stack content juggling this results in, is not
657 exactly suitable study material for beginners.
658 </para>
659 <para>
660 A DLL descriptor is also created for every 16 bit
661 DLL. However, this DLL normally paired with a 32 bit
662 DLL. Either, it's the 16 bit counterpart of the 16 bit DLL
663 (<filename>KRNL386.EXE</filename> for
664 <filename>KERNEL32</filename>, <filename>USER</filename>
665 for <filename>USER32</filename>...), or a 16
666 bit DLL directly linked to a 32 bit DLL (like
667 <filename>SYSTEM</filename> for <filename>KERNEL32</filename>,
668 or <filename>DDEML</filename> for
669 <filename>USER32</filename>). In those cases, the 16 bit
670 descriptor(s) is (are) inserted in the same shared library
671 as the the corresponding 32 bit DLL. Wine will also create
672 symbolic links between kernel32.dll.so and system.dll.so
673 so that loading of either
674 <filename>KERNEL32.DLL</filename> or
675 <filename>SYSTEM.DLL</filename> will end up on the same
676 shared library.
677 </para>
678 </sect2>
679 <sect2 id="arch-dlls">
680 <title>Wine/Windows DLLs</title>
681
682 <para>
683 This document mainly deals with the status of current DLL
684 support by Wine. The Wine ini file currently supports
685 settings to change the load order of DLLs. The load order
686 depends on several issues, which results in different settings
687 for various DLLs.
688 </para>
689
690 <sect3>
691 <title>Pros of Native DLLs</title>
692
693 <para>
694 Native DLLs of course guarantee 100% compatibility for
695 routines they implement. For example, using the native
696 <filename>USER</filename> DLL would maintain a virtually
697 perfect and Windows 95-like look for window borders,
698 dialog controls, and so on. Using the built-in Wine
699 version of this library, on the other hand, would produce
700 a display that does not precisely mimic that of Windows
701 95. Such subtle differences can be engendered in other
702 important DLLs, such as the common controls library
703 <filename>COMMCTRL</filename> or the common dialogs library
704 <filename>COMMDLG</filename>, when built-in Wine DLLs
705 outrank other types in load order.
706 </para>
707 <para>
708 More significant, less aesthetically-oriented problems can
709 result if the built-in Wine version of the
710 <filename>SHELL</filename> DLL is loaded before the native
711 version of this library. <filename>SHELL</filename>
712 contains routines such as those used by installer utilities
713 to create desktop shortcuts. Some installers might fail when
714 using Wine's built-in <filename>SHELL</filename>.
715 </para>
716 </sect3>
717
718 <sect3>
719 <title>Cons of Native DLLs</title>
720
721 <para>
722 Not every application performs better under native DLLs. If
723 a library tries to access features of the rest of the system
724 that are not fully implemented in Wine, the native DLL might
725 work much worse than the corresponding built-in one, if at
726 all. For example, the native Windows <filename>GDI</filename>
727 library must be paired with a Windows display driver, which
728 of course is not present under Intel Unix and Wine.
729 </para>
730 <para>
731 Finally, occasionally built-in Wine DLLs implement more
732 features than the corresponding native Windows DLLs.
733 Probably the most important example of such behavior is the
734 integration of Wine with X provided by Wine's built-in
735 <filename>USER</filename> DLL. Should the native Windows
736 <filename>USER</filename> library take load-order
737 precedence, such features as the ability to use the
738 clipboard or drag-and-drop between Wine windows and X
739 windows will be lost.
740 </para>
741 </sect3>
742
743 <sect3>
744 <title>Deciding Between Native and Built-In DLLs</title>
745
746 <para>
747 Clearly, there is no one rule-of-thumb regarding which
748 load-order to use. So, you must become familiar with
749 what specific DLLs do and which other DLLs or features
750 a given library interacts with, and use this information
751 to make a case-by-case decision.
752 </para>
753 </sect3>
754
755 <sect3>
756 <title>Load Order for DLLs</title>
757
758 <para>
759 Using the DLL sections from the wine configuration file, the
760 load order can be tweaked to a high degree. In general it is
761 advised not to change the settings of the configuration
762 file. The default configuration specifies the right load
763 order for the most important DLLs.
764 </para>
765 <para>
766 The default load order follows this algorithm: for all DLLs
767 which have a fully-functional Wine implementation, or where
768 the native DLL is known not to work, the built-in library
769 will be loaded first. In all other cases, the native DLL
770 takes load-order precedence.
771 </para>
772 <para>
773 The <varname>DefaultLoadOrder</varname> from the
774 [DllDefaults] section specifies for all DLLs which version
775 to try first. See manpage for explanation of the arguments.
776 </para>
777 <para>
778 The [DllOverrides] section deals with DLLs, which need a
779 different-from-default treatment.
780 </para>
781 <para>
782 The [DllPairs] section is for DLLs, which must be loaded in
783 pairs. In general, these are DLLs for either 16-bit or
784 32-bit applications. In most cases in Windows, the 32-bit
785 version cannot be used without its 16-bit counterpart. For
786 Wine, it is customary that the 16-bit implementations rely
787 on the 32-bit implementations and cast the results back to
788 16-bit arguments. Changing anything in this section is bound
789 to result in errors.
790 </para>
791 <para>
792 For the future, the Wine implementation of Windows DLL seems
793 to head towards unifying the 16 and 32 bit DLLs wherever
794 possible, resulting in larger DLLs. They are stored in the
795 <filename>dlls/</filename> subdirectory using the 32-bit
796 name.
797 </para>
798 </sect3>
799 </sect2>
800
801 <sect2 id="arch-mem">
802 <title>Memory management</title>
803 <para>
804 Every Win32 process in Wine has its own dedicated native
805 process on the host system, and therefore its own address
806 space. This section explores the layout of the Windows
807 address space and how it is emulated.
808 </para>
809
810 <para>
811 Firstly, a quick recap of how virtual memory works. Physical
812 memory in RAM chips is split into
813 <emphasis>frames</emphasis>, and the memory that each
814 process sees is split into <emphasis>pages</emphasis>. Each
815 process has its own 4 gigabytes of address space (4gig being
816 the maximum space addressable with a 32 bit pointer). Pages
817 can be mapped or unmapped: attempts to access an unmapped
818 page cause an
819 <constant>EXCEPTION_ACCESS_VIOLATION</constant> which has
820 the easily recognizable code of
821 <constant>0xC0000005</constant>. Any page can be mapped to
822 any frame, therefore you can have multiple addresses which
823 actually "contain" the same memory. Pages can also be mapped
824 to things like files or swap space, in which case accessing
825 that page will cause a disk access to read the contents into
826 a free frame.
827 </para>
828
829 <sect3>
830 <title>Initial layout (in Windows)</title>
831 <para>
832 When a Win32 process starts, it does not have a clear
833 address space to use as it pleases. Many pages are already
834 mapped by the operating system. In particular, the EXE
835 file itself and any DLLs it needs are mapped into memory,
836 and space has been reserved for the stack and a couple of
837 heaps (zones used to allocate memory to the app
838 from). Some of these things need to be at a fixed address,
839 and others can be placed anywhere.
840 </para>
841
842 <para>
843 The EXE file itself is usually mapped at address
844 <constant>0x400000</constant> and up: indeed, most EXEs have
845 their relocation records stripped which means they must be
846 loaded at their base address and cannot be loaded at any
847 other address.
848 </para>
849
850 <para>
851 DLLs are internally much the same as EXE files but they
852 have relocation records, which means that they can be
853 mapped at any address in the address space. Remember we
854 are not dealing with physical memory here, but rather
855 virtual memory which is different for each
856 process. Therefore <filename>OLEAUT32.DLL</filename> may
857 be loaded at one address in one process, and a totally
858 different one in another. Ensuring all the functions
859 loaded into memory can find each other is the job of the
860 Windows dynamic linker, which is a part of
861 <filename>NTDLL</filename>.
862 </para>
863 <para>
864 So, we have the EXE and its DLLs mapped into memory. Two
865 other very important regions also exist: the stack and the
866 process heap. The process heap is simply the equivalent of
867 the libc <function>malloc</function> arena on UNIX: it's a
868 region of memory managed by the OS which
869 <function>malloc</function>/<function>HeapAlloc</function>
870 partitions and hands out to the application. Windows
871 applications can create several heaps but the process heap
872 always exists.
873 </para>
874 <para>
875 Windows 9x also implements another kind of heap: the
876 shared heap. The shared heap is unusual in that
877 anything allocated from it will be visible in every other
878 process.
879 </para>
880 </sect3>
881
882 <sect3>
883 <title>Comparison</title>
884 <para>
885 So far we've assumed the entire 4 gigs of address space is
886 available for the application. In fact that's not so: only
887 the lower 2 gigs are available, the upper 2 gigs are on
888 Windows NT used by the operating system and hold the
889 kernel (from <constant>0x80000000</constant>). Why is the
890 kernel mapped into every address space? Mostly for
891 performance: while it's possible to give the kernel its own
892 address space too - this is what Ingo Molnars 4G/4G VM
893 split patch does for Linux - it requires that every system
894 call into the kernel switches address space. As that is a
895 fairly expensive operation (requires flushing the
896 translation lookaside buffers etc) and syscalls are made
897 frequently it's best avoided by keeping the kernel mapped
898 at a constant position in every processes address space.
899 </para>
900
901 <para>
902 Basically, the comparison of memory mappings looks as
903 follows:
904 <table>
905 <title>Memory layout (Windows and Wine)</title>
906 <tgroup cols="4" align="left" colsep="1" rowsep="1">
907 <thead>
908 <row>
909 <entry>Address</entry>
910 <entry>Windows 9x</entry>
911 <entry>Windows NT</entry>
912 <entry>Linux</entry>
913 </row>
914 </thead>
915 <tbody>
916 <row>
917 <entry>00000000-7fffffff</entry>
918 <entry>User</entry>
919 <entry>User</entry>
920 <entry>User</entry>
921 </row>
922 <row>
923 <entry>80000000-bfffffff</entry>
924 <entry>Shared</entry>
925 <entry>User</entry>
926 <entry>User</entry>
927 </row>
928 <row>
929 <entry>c0000000-ffffffff</entry>
930 <entry>Kernel</entry>
931 <entry>Kernel</entry>
932 <entry>Kernel</entry>
933 </row>
934 </tbody>
935 </tgroup>
936 </table>
937 </para>
938
939 <para>
940 On Windows 9x, in fact only the upper gigabyte
941 (<constant>0xC0000000</constant> and up) is used by the
942 kernel, the region from 2 to 3 gigs is a shared area used
943 for loading system DLLs and for file mappings. The bottom
944 2 gigs on both NT and 9x are available for the programs
945 memory allocation and stack.
946 </para>
947 </sect3>
948 </sect2>
949
950 <sect2>
951 <title>Wine drivers</title>
952 <para>
953 Wine will not allow running native Windows drivers under
954 Unix. This comes mainly because (look at the generic
955 architecture schemas) Wine doesn't implement the kernel
956 features of Windows (kernel here really means the kernel,
957 not the <filename>KERNEL32</filename> DLL), but rather
958 sets up a proxy layer on top of the Unix kernel to provide
959 the <filename>NTDLL</filename> and
960 <filename>KERNEL32</filename> features. This means that
961 Wine doesn't provide the inner infrastructure to run
962 native drivers, either from the Win9x family or from the
963 NT family.
964 </para>
965 <para>
966 In other words, Wine will only be able to provide access to
967 a specific device, if and only if, 1/ this device is
968 supported in Unix (there is Unix-driver to talk to it), 2/
969 Wine has implemented the proxy code to make the glue between
970 the API of a Windows driver, and the Unix interface of the
971 Unix driver.
972 </para>
973 <para>
974 Wine, however, tries to implement in the various DLLs
975 needing to access devices to do it through the standard
976 Windows APIs for device drivers in user space. This is for
977 example the case for the multimedia drivers, where Wine
978 loads Wine builtin DLLs to talk to the OSS interface, or the
979 ALSA interface. Those DLLs implement the same interface as
980 any user space audio driver in Windows.
981 </para>
982 </sect2>
983 </sect1>
984 </chapter>
985
986
987 <!-- Keep this comment at the end of the file
988 Local variables:
989 mode: sgml
990 sgml-parent-document:("wine-devel.sgml" "set" "book" "part" "chapter" "")
991 End:
992 -->
useful hacks and other patches not (yet) suitable for mainline