Solved

Restart Windows?

Posted on 1999-01-08
2
215 Views
Last Modified: 2010-04-04
 In 16bit Delphi1 program, calling ExitWindows(EW_RestartWindows, 0) will cause Windows to restart itself. The computer will not reboot.

  In 32bit Delphi4 program , calling ExitWindows(EW_RestartWindows, 0) can only logoff current user. Because ExitWindows is actually function resides in 16bit User.exe, so that cannot be called directly in 32bit programs. Following line is source code extracted from Delphi4 RTL source file Windows.pas:
function ExitWindows(dwReserved: DWORD; Code: Word): BOOL;
begin
  Result := ExitWindowsEx(EWX_LOGOFF, 0);
end;

So, we can only turn to THUNK: calling 16bit DLL functions from 32bit program, Such as following code:
{$StackFrames On}  //QT_Thunk needs a stack frame, Thunking call to 16-bit USER.EXE. The ThunkTrash argument allocates space on the stack for QT_Thunk
function LoadLibrary16(LibraryName: PChar): THandle; stdcall; external kernel32 index 35;
procedure FreeLibrary16(HInstance: THandle); stdcall; external kernel32 index 36;
function GetProcAddress16(Hinstance: THandle; ProcName: PChar): Pointer; stdcall; external kernel32 index 37;
procedure QT_Thunk; cdecl; external kernel32 name 'QT_Thunk';
var
  hInst16: THandle;
  GFSR: Pointer;
function RestartWindows: WordBool;
var
  ThunkTrash: array[0..$20] of Word;
begin
  if Win32Platform = VER_PLATFORM_WIN32_NT then
  begin
    Result := False;
    Exit;
  end;
  ThunkTrash[0] := hInst16; //Prevent the optimizer from getting rid of ThunkTrash
  hInst16 := LoadLibrary16('user.exe');
  if hInst16 < 32 then
    raise Exception.Create('Cannot load USER.EXE');
  FreeLibrary16(hInst16); //Decrement the usage count. This doesn't really free the library, since USER.EXE is always loaded
  GFSR := GetProcAddress16(hInst16, 'ExitWindows'); //Get the function pointer for the 16-bit function in USER.EXE
  if GFSR = nil then
    raise Exception.Create('Cannot get address of ExitWindows');
  asm  //Thunk down to USER.EXE
    push EW_RestartWindows  { push arguments }
    push 0
    mov edx, GFSR     { load 16-bit procedure pointer }
    call QT_Thunk     { call thunk }
    mov Result, ax    { save the result }
  end;
end;
{$StackFrames Off}

Guess what happened. calling above RestartWindows function will cause computer be shutdown. The same function as:
ExitWindowsEx(EWX_FORCE or EWX_SHUTDOWN, 0); I have tested it on several computer running Windows95 and Windows98.
 
I don't know what is wrong and why this happened. We know, in Windows95 shutdown dialog, select option "Reboot computer", then press Shift+Enter(or press Shift then click "Yes") , Windows DO restart itself. Obviously, the SHELL make it. but how?
0
Comment
Question by:delphi1
2 Comments
 
LVL 20

Accepted Solution

by:
Madshi earned 50 total points
ID: 1355226
delphi1,

I'm not sure what is wrong with your code. I think there's a problem with your pushs because you have to push one dword and one word value and I don't know what your code pushes...

However, you can use my code. It works:

function RestartWindows : boolean;  // function ExitWindows(code: dword; res: word) : bool; stdcall;
var thunkTrash : array [0..$20] of word;
    fp,qfp     : pointer;
    huser16    : cardinal;
    c1         : cardinal;
    w1         : word;
begin
  result:=false;
  AddExcStack([unitName,'RestartWindows']);
  try try
    huser16:=LoadLibrary16('user.exe');
    if huser16<>0 then
      try
        thunkTrash[0]:=huser16;
        fp:=GetProcAddress16(huser16, 'ExitWindows');
        qfp:=GetProcAddress(GetModuleHandle(kernel32), 'QT_Thunk');
        c1:=$42; w1:=0;
        if (fp<>nil) and (qfp<>nil) then begin
          asm
            push c1
            push w1
            mov edx, fp
            call qfp
            mov w1, ax
          end;
          result:=w1<>0;
        end;
      finally FreeLibrary16(huser16) end;
  except ExceptionProc end finally DelExcStack end;
end;

Regards, Madshi.
0
 

Author Comment

by:delphi1
ID: 1355227
Yes. the problem is my pushs. Your code works. Thank you!

Regards, Yang.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Introduction I have seen many questions in this Delphi topic area where queries in threads are needed or suggested. I know bumped into a similar need. This article will address some of the concepts when dealing with a multithreaded delphi database…
In my programming career I have only very rarely run into situations where operator overloading would be of any use in my work.  Normally those situations involved math with either overly large numbers (hundreds of thousands of digits or accuracy re…
I designed this idea while studying technology in the classroom.  This is a semester long project.  Students are asked to take photographs on a specific topic which they find meaningful, it can be a place or situation such as travel or homelessness.…
Concerto provides fully managed cloud services and the expertise to provide an easy and reliable route to the cloud. Our best-in-class solutions help you address the toughest IT challenges, find new efficiencies and deliver the best application expe…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now