Fix/engine fixes v7 support (#816)

rfortier · miredirex · web-flow · commit 7acd594f4445 · 2025-10-19T20:46:41.000+02:00
* Update to EngineFixes support to handle both v6 and v7 series.

TL;DR: completely new config format for EF7 requires 2 configs for 2 config-checkers.
Vastly more general approach to initialization; now, all early-stage IAT hooks are preserved.

Revisiting this code, I also figured out how to enable skse_plugin_preloader (d3dx11_42.dll proxy) the right way, by enabling this very early-load, early-run-DllMain() to successfully set a hook in the IAT that Skyrim uses but STR doesn't load.

That means the preloader runs its native behavior. It will work with ANY mod that uses a preloader, including SSE EngineFixes. Any mod that sets early IAT hooks will now work too (well, more than it did).

Prior hack to initialize EngineFixes is deleted.

Fixed some comment / clang-format damage.

* Changes to repair damage that EngineFixes allocator does to STR hooks (if present)

* Merge better hook damage check / repair from Miredirex

* Simplify `IsFormAllocateReplacedByEF` and `RehookFormAllocate`

* Update DebugService.cpp: will move SWP_NOACTIVATE to a separate pr

---------

Co-authored-by: Richard Fortier &lt;rfortier@ourchateau.net&gt;
Co-authored-by: Daniil Zakharov &lt;miredirex@gmail.com&gt;
diff --git a/Code/client/Games/Memory.cpp b/Code/client/Games/Memory.cpp
@@ -67,6 +67,39 @@ void Memory::Free(void* apData) noexcept
     TiltedPhoques::ThisCall(RealFormFree, GameHeap::Get(), apData, false);
 }
 
+static bool IsFormAllocateReplacedByEF(TFormAllocate** appOutEngineFixesAlloc) noexcept
+{
+    POINTER_SKYRIMSE(TFormAllocate, s_formAllocate, 68115);
+    TFormAllocate* pFormAllocate = s_formAllocate.Get();
+
+    auto opcodeBytes = reinterpret_cast<uint16_t*>(*pFormAllocate);
+    uint8_t shift = 0;
+
+    if (*opcodeBytes == 0x25FF) // 'jmp' opcode 'FF 25' and the 4-byte displacement bytes come before the virtual address we're after
+        shift = 6;
+    else if (*opcodeBytes == 0xB848) // 'mov' opcode '48 B8' comes before the virtual address we're after
+        shift = 2;
+
+    auto possibleEfAllocAddress = *reinterpret_cast<uintptr_t*>(reinterpret_cast<uint8_t*>(*pFormAllocate) + shift);
+
+    MEMORY_BASIC_INFORMATION mbi;
+    if (VirtualQuery((void*)possibleEfAllocAddress, &mbi, sizeof(mbi)) != 0)
+    {
+        if (mbi.AllocationBase == GetModuleHandleW(L"EngineFixes.dll"))
+        {
+            *appOutEngineFixesAlloc = reinterpret_cast<TFormAllocate*>(possibleEfAllocAddress);
+            return true;
+        }
+    }
+    return false;
+}
+
+static void RehookFormAllocate(TFormAllocate* apEngineFixesAllocate) noexcept
+{
+    RealFormAllocate = apEngineFixesAllocate;
+    TP_HOOK_IMMEDIATE(&RealFormAllocate, HookFormAllocate);
+}
+
 size_t Hook_msize(void* apData)
 {
     return mi_malloc_size(apData);
@@ -132,4 +165,26 @@ static TiltedPhoques::Initializer s_memoryHooks(
         TP_HOOK(&RealFormAllocate, HookFormAllocate);
     });
 
+using T_initterm_e = decltype(&_initterm_e);
+T_initterm_e Real_initterm_e = nullptr;
+
+// If EngineFixes loaded, and it changed our FormAllocate hook, 
+// reset it. Our hook works just fine chaining to theirs.
+int __cdecl Hook_initterm_e(_PIFV* apFirst, _PIFV* apLast)
+{
+    // We want to run last, so pre-chain.
+    auto retval = Real_initterm_e(apFirst, apLast); 
+    
+    // Check if EngineFixes messed with STR's modified alloc hook; if it did, treat EF as truth and rehook
+    TFormAllocate* pEngineFixesAllocate = nullptr;
+    if (GetModuleHandleW(L"EngineFixes.dll") && IsFormAllocateReplacedByEF(&pEngineFixesAllocate))
+        RehookFormAllocate(pEngineFixesAllocate);
+
+    return retval;
+}
+
+void HookFormAllocateSentinelInit()
+{
+    TP_HOOK_IAT(_initterm_e, "api-ms-win-crt-runtime-l1-1-0.dll");
+}
 #pragma optimize("", on)
diff --git a/Code/client/ScriptExtender.cpp b/Code/client/ScriptExtender.cpp
@@ -141,13 +141,6 @@ void LoadScriptExender()
                 "logs from the "
                 "Script Extender and its loaded mods.",
                 skseVersion);
-            auto hModule = LoadLibraryW((gameDir / L"Data\\SKSE\\Plugins\\EngineFixes.dll").c_str());
-            if (hModule != NULL)
-            {
-                auto* pStartEngineFixes = reinterpret_cast<void (*)()>(GetProcAddress(hModule, "Initialize"));
-                if (pStartEngineFixes)
-                    (*pStartEngineFixes)();
-            }
             pStartSKSE();
             spdlog::info("SKSE is active");
         }
diff --git a/Code/immersive_launcher/loader/ExeLoader.cpp b/Code/immersive_launcher/loader/ExeLoader.cpp
@@ -302,19 +302,21 @@ bool ExeLoader::Load(const uint8_t* apProgramBuffer)
     auto sourceDebugDir = sourceNtHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_DEBUG];
 
     LoadSections(ntHeader);
+
+    // skse64_plugin_preloader (proxy d3dx9_42_dll and others?) may hook
+    // _initterm_e during LoadImports(), so we have to ensure that IAT entry exists.
+    // The simplest way to make sure all SkyrimSE IAT entries exist when mods expect 
+    // them to is to switch to those headers earlier than we used to
+    DWORD oldProtect;
+    VirtualProtect(sourceNtHeader, 0x1000, PAGE_EXECUTE_READWRITE, &oldProtect);
+    sourceNtHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT] = ntHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT];
+
     LoadImports(ntHeader);
 #if defined(_M_AMD64)
     LoadExceptionTable(ntHeader);
     LoadTLS(ntHeader, sourceNtHeader);
 #endif
 
-    // copy over the offset to the new imports directory
-    DWORD oldProtect;
-    VirtualProtect(sourceNtHeader, 0x1000, PAGE_EXECUTE_READWRITE, &oldProtect);
-
-    // re-target the import directory to the target's; ours isn't needed anymore.
-    sourceNtHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT] = ntHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT];
-
     const size_t ntCompleteHeaderSize = sizeof(IMAGE_NT_HEADERS) + (ntHeader->FileHeader.NumberOfSections * (sizeof(IMAGE_SECTION_HEADER)));
 
     // overwrite our headers with the target headers
@@ -325,7 +327,11 @@ bool ExeLoader::Load(const uint8_t* apProgramBuffer)
     sourceNtHeader->OptionalHeader.CheckSum = sourceChecksum;
     sourceNtHeader->FileHeader.TimeDateStamp = sourceTimestamp;
     sourceNtHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_DEBUG] = sourceDebugDir;
-
     m_pBinary = nullptr;
+
+    // Set a hook to check if anything loaded messes with critical hooks.
+    extern void HookFormAllocateSentinelInit();
+    HookFormAllocateSentinelInit();
+
     return true;
 }
diff --git a/Code/immersive_launcher/stubs/DllBlocklist.cpp b/Code/immersive_launcher/stubs/DllBlocklist.cpp
@@ -34,6 +34,7 @@ struct DllGreyEntry
 {
     const wchar_t* m_dllName;           // The name of the DLL to check.
     const wchar_t* m_configLocation;    // The relative path of the config file (from the game dir)
+    const char*    m_configValidator;   // Regex to check if config is sane. Helps distinguish multiple releases of same dll.
     const char*    m_sigRegex;          // If this pattern is found in the config, comments were already added.
     const wchar_t* m_prompt;            // The MessageBox prompt asking for permission to fix.
     const char*    m_sigToInsert;       // This is added at the top of the rewritten config. It can/should say more than just the pattern match signature.
@@ -46,36 +47,46 @@ struct DllGreyEntry
 const DllGreyEntry kDllGreyList[] = 
 {
     {
-        L"EngineFixes.dll",
+        L"EngineFixes.dll", 
         L"Data\\SKSE\\Plugins\\EngineFixes.toml",
-         "# SKYRIM TOGETHER REBORN marker for EngineFixes required compatibility settings v2, DO NOT CHANGE THIS LINE",
- 
+        "^VerboseLogging\\s*=",         // Matches EngineFixes Release 6.x series.
+        "# SKYRIM TOGETHER REBORN marker for EngineFixes required compatibility settings v2, DO NOT CHANGE THIS LINE",
+
         L"For EngineFixes to work with Skyrim Together Reborn, some settings are required:\n"
-            "\tMemoryManager = false\n"
-            "\tScaleformAllocator = false\n"
-            "\tMaxStdio = 8192\n\n"
-
-         "OK:\tMakes the changes for you\n"
-         "Cancel:\tEngineFixes will not load\n\n"
-
-         "If later you get the (harmless) SrtCrashFix64 popup, manually make this EngineFixes configuration change to suppress it:\n"     
-            "\tAnimationLoadSignedCrash = false",
-
-         "# SKYRIM TOGETHER REBORN marker for EngineFixes required compatibility settings v2, DO NOT CHANGE THIS LINE\n"
-         "# For EngineFixes to work with Skyrim Together Reborn, some settings are required:\n"
-         "#    MemoryManager = false\n"
-         "#    ScaleformAllocator = false\n"
-         "#    MaxStdio = 8192\n"
-         "#\n"
-
-         "# If you get a SrtCrashFix64 popup, it is because you've loaded a mod like Animation Limit Crash Fixe SSE\n"
-         "# that is doing the same thing as EngineFixes. Manually set\n"
-         "#    AnimationLoadSignedCrash = false\n"
-         "# to eliminate the annoying popup.\n\n",
-    
-         "(^\\s*MemoryManager\\s*=\\s*)(true ?|false)\n$1false\n"
-         "(^\\s*ScaleformAllocator\\s*=\\s*)(true ?|false)\n$1false\n"
-         "(^\\s*MaxStdio\\s*=\\s*)([0-9]+)\n$018192\n"       // Only huge builds need this many files, but make EF match what STR sets.
+        "\tMemoryManager = false\n"
+        "\tScaleformAllocator = false\n"
+        "\tMaxStdio = 8192\n\n"
+
+        "OK:\tMakes the changes for you\n"
+        "Cancel:\tEngineFixes will not load\n\n"
+
+        "If later you get the (harmless) SrtCrashFix64 popup, manually make this EngineFixes configuration change to suppress it:\n"
+        "\tAnimationLoadSignedCrash = false",
+
+        "# SKYRIM TOGETHER REBORN marker for EngineFixes required compatibility settings v2, DO NOT CHANGE THIS LINE\n"
+        "# For EngineFixes to work with Skyrim Together Reborn, some settings are required:\n"
+        "#    MemoryManager = false\n"
+        "#    ScaleformAllocator = false\n"
+        "#    MaxStdio = 8192\n"
+        "#\n"
+
+        "# If you get a SrtCrashFix64 popup, it is because you've loaded a mod like Animation Limit Crash Fixe SSE\n"
+        "# that is doing the same thing as EngineFixes. Manually set\n"
+        "#    AnimationLoadSignedCrash = false\n"
+        "# to eliminate the annoying popup.\n\n",
+
+        "(^\\s*MemoryManager\\s*=\\s*)(true ?|false)\n$1false\n"
+        "(^\\s*ScaleformAllocator\\s*=\\s*)(true ?|false)\n$1false\n"
+        "(^\\s*MaxStdio\\s*=\\s*)([0-9]+)\n$018192\n" // Only huge builds need this many files, but make EF match what STR sets.
+    },
+    {
+        L"EngineFixes.dll", 
+        L"Data\\SKSE\\Plugins\\EngineFixes.toml",
+        "^bVerboseLogging\\s*=",        // Matches EngineFixes Release 7.x series.
+        "",                             // No sig regex
+        L"",                            // No prompt
+        "",                             // No sig to insert
+        nullptr                         // We need to check for EF7 vs. EF6, but don't need any changes for EF7.
     }
 };
 
@@ -111,20 +122,32 @@ GreyListDisposition IsConfigOK(const std::filesystem::path& aPath, const DllGrey
         Die(msg.c_str(), true);
         return kGreyListAbort;
     }
+
     // Rewind config stream and prepare to generate newConfig;
     configStream.clear(); // Clear any EOF flags
     configStream.seekg(0, std::ios::beg);
     std::string newConfig;   
 
-    // std::regex throws exceeptions
     try
-    {
+    {   // std::regex constructors can throw exceptions, so must be used inside try/catch
+        // subblock to throw away the temps
+        {
+            const std::regex validatorRegex(aEntry.m_configValidator, std::regex_constants::icase);
+            const std::string configStr = configStream.str();
+            std::smatch vmatch;
+            if (!std::regex_search(configStr.begin(), configStr.end(), vmatch, validatorRegex))
+                return kGreyListAbort;
+        }
+
         // This has to be done inside the try/catch, but will be used outside at the end.
         signatureRegex = std::regex(aEntry.m_sigRegex, std::regex_constants::icase);
 
         // Iterate over each line of the config file
         //     Iterate over each replacer, possibly changing the line
         //     Output upddated line to new config
+        if (!aEntry.m_replacers)
+            return kGreyListAccept; // Must be good if nothing to change.
+
         std::string line;
         std::stringstream replacers(aEntry.m_replacers);
 
@@ -207,7 +230,11 @@ enum GreyListDisposition IsDllGreyListBlocked(const std::wstring_view aDllName)
         if (std::wcscmp(aDllName.data(), greyListEntry.m_dllName) == 0)
         {
             // DLL name matches, read in entire config file.
-            return IsConfigOK(gamePath, greyListEntry);
+            // Might be multiple configs for differing versions, 
+            // so only exit iteration early if config accepted.
+            retval = IsConfigOK(gamePath, greyListEntry);
+            if (retval == kGreyListAccept)
+                break;
         }
     }
     return retval;
