Microsoft to End DLL Confusion

MankyD writes "ZDNet is reporting that Microsoft is attempting to do away with DLL version conflicts in its next version of Windows with a technology it calls 'Strong Binding'. When new programs attempt to overwrite old versions of DLL's, the Strong Binding will index the DLL's and allow the programs to reference them by a unique ID, rather than by file name. Hopefully it will prevent a new program from breaking an old one. I would think this might add to DLL clutter however."

Auto-DLL Managment?

[MSTCrow5429]

Sounds like a great idea. While there will be more DLLs in the registry, at least each and every program will have it's "own" DLL and can't be broken. Although I wonder if the software will default to the newest DLL and then go back if it doesn't function correctly.

Re:Auto-DLL Managment?

What you don't realize is that the process will also prevent a 'modified' (read:hacked) dll from operating as well.

Those of us who use MS products, and rely on modified versions of dlls for proper functionality, (Macrovision removal in powerdvd, for instance) will be screwed.

Re:Auto-DLL Managment?

[n3k5]

... at least each and every program will have it's "own" DLL ...

Ah, yes, what a wonderful idea; let each and every program have its own DLLs, at the mere cost of rendering the whole DLL system totally useless.

You see, if you just wanted to split your executable code over several files for one reason or another, you could include DLLs with your program (in its own directory) ever since. Those wouldn't ever be changed by Windows, but this has nothing to do with the registry. The whole idea behind registered DLLs that reside in a centralised place is that you have shared libraries, that you don't have to store code used by several programs in multiple places, but only once, where you can do easy updates.

However, now that there are so many versions of Windows out there, Microsoft is experiencing compatibility issues with DLLs and they're doing something about it. I'm not familiar with the details of their solution and don't want to say it's a bad one at all. But your ideas are a little too extreme; saving one copy of a DLL per program is just absurd.

Re:Auto-DLL Managment?

[WindBourne]

While a sibling poster pointed out that the admin could change it, you have probably hit on where MS is going. I suspect that MS will simply drop the admin capability.
The versioning problem could have been handled with an external nameing approach (name-version.major.mindor.dll) and then using a resolver program. They are electing to give an internal id which implies that dlls will not be in one place or will have different names. This will make it hard to change out dll or know which ones to transport.
Actually, just thinking about it, I've heard that longhorn is supppose to have a sql based file system. It would make it easy to sux this into it and use the id as a way to find the dll. You will simply need to know it.

Re:Auto-DLL Managment?

[arkanes]

Unless the "unique id" is encrypted, both in the DLL and in the executable, and in the file system, with keys you can't recover, then it will still be possible to replace DLLs with modifed versions. It'll just be awkward enough that it (probably) won't happen as part of a program install.

Re:Auto-DLL Managment?

[cgenman]

Agreed. When I first saw this article last night, I immediatly thought they decided to can that archaic, unnecessary system. Obviously there is plenty of disk space. And the RAM savings exists but isn't significant either, as only static and not dynamic data is sharable. When was the last time you saw an executable that didn't contain every library known to man, and whose static ram footprint was over 1 meg? Now, compare that to the number of times your system broke / crashed due to a DLL conflict.

Get rid of it already! This patchwork systeming is well, I guess it's putting a roof over my head. But it is also unnecessary complicating an already excessively unnecessarily complicated system.

It really is getting time that Microsoft put windows in an emulator and re-wrote the functionality of the OS. It will never happen, but it is time.

-C

Re:Auto-DLL Managment?

I don't know about their original intentions, but to me, I am still confused as to why windows programs even need to be installed. (Instead of just copying the directory.) Why do they need to write changes to the registry and put files in the system and system32 directories?

Whoever thought up the idea of saving space with the registry, shared dll's and the whole idea of apps registering themselves with the OS should probably be dragged into the street in my opinion.

I'm no programmer, that's for sure, but I just don't get how saving two megs of disk space per program is worth the hassle of this infernal registry and all the problems it creates and facilitates.

Also, there are still some progs out there that don't need to be installed or have system dll's. Like trillian. If it can do all of the things it does, then when can't yahoo messenger, msn messenger, aol messenger install their apps without the mess? Sloppy coding? Because they hate users? I don't know...

Re:Auto-DLL Managment?

[bourne]

No, I get the point completely. It isn't a complex design.

My point is about what the end result will be after programmers use this: cruft. Major cruft. Cruft beyond all cruftiness of cruftension. So it has always been with apps that get picky about library version, and so it will always be. I have seen this happen to Unix applications, I have seen it happen to Windows applications, I have seen it happen to COM/DCOM, and I recognize the beast when presented as .NET.

Assemblies in .NET are quite powerful and useful.

No doubt. In the programming world, however, power is rarely wielded wisely or for good.

Re:Auto-DLL Managment?

As a matter of fact, version 1.0 of the .NET Framework supported versioning of assemblies (*.exe and *.dll files containing MSIL). The existing functionality works quite well and allows you to redirect to alternative assembly versions via standard configuration settings in the application configuration file.

Version 1.1 of the .NET Framework takes this concept even further and allows the developer to specifiy a specific version of the base class library (and runtime) to execute against. This is actually the realisation of architectural decisions they made in the 1.0 timeframe.

In addition to ILDasm (IL Disassembler) there is also a tool called fuslogvw which allows you to monitor what the runtime is actually binding. Its actually very useful for solving problems where you have pluggable architectures which load assemblies dynamically.

For those of you who haven't played with the .NET Runtime yet I highly recommend it. Even if you don't start developing with it, it should give you some ideas of what to ask for in your platform of choice. If you can't bring yourself to run Windows then try http://www.go-mono.com for Linux, or ROTOR for FreeBSD (I think there is a source code patch which will swap out the PAL with a Linux compatible one too).

Re:In other news

How does Linux deal with the issue of linked libraries? I'm assuming it has something similar.

Re:DLL vs static libs

It is not only for preserving disk space.

It also preserves ram by sharing common code between different applications.

It also makes upgrades and bugfixes easier (think openssl, for example).

Uh....

[simetra]

Wasn't that the point of the Registry?

Garbage collection

[dachshund]

Just as long as Strong Binding knows when to garbage-collect the old DLLs that aren't being used anymore, even if the uninstaller fails to explicitly remove them.

In addition, the OS should be intelligent enough to know when an EXE's been manually deleted (thrown in the Recycle Bin). The current practice of placing all unstallation responsibilities on the vendor tends to result in DLL buildup when the uninstaller doesn't work right or isn't provided (not uncommon.) There should be a unified process for adding a DLL that links it to the executable file that requires it.

Re:Garbage collection

[jonathanclark]

This is impossible unless there were a major change and all software developers conformed to it. But we are stuck with Windows 95 on steroids. Windows XP addresses the problem to a small extent by providing a "side-by-side" DLL loading system.

There is no way for the OS to know which DLLs an application might use - since DLLs are "Dynamically" loaded. The application may only load the DLL in rare cases, or maybe the application is run for the first time 1 year after it's installed.

To further complicate the problem, software vendors themselves cannot be 100% sure that no other application are going to use DLLs they installed - so to be safe they leave them behind on uninstall. So you are stuck with growing system32 directory. The only way to garbage collect is to refresh the entire machine.

I have been working on a virtual machine techology that allows applications to run in a semi-isolated environment (DLLs, files, and registry keys are not shared with the system). So they have zero impact on other applications and other application installs cannot cause them to fail. Also uninstall becomes a simple "del program.exe".

Re:DLL vs static libs

[wiggys]

Agreed. Windows XP gobbles up about 110 megabytes of RAM when it's just booted, without any background images, screensavers, system tray apps running etc.

Dropping the fancy XP theme frees up about 5 megs of RAM, but if your system only has 128 or 256 megs of RAM you don't have a lot of room to load apps.

contradiction in terms?

[broothal]

I don't get it. The sole idea about DLL is, that they are dynamically linked libraries (hence the name ;) shared by applications. This new idea suggest that, in theory, every program can have their own unique DLL. What's wrong with this picture? It's a workaround because today, programmers create DLL's that are not backwards compatible thus breaking older programs once the DLL has been overwritten. Yes, the workaround will work, but at the same time it undermines the idea of sharing libraries and it doesn't exactly urge programmers to write nice code that doesn't break existant functionality.
/Christian

Kinda makes you wonder...

[Jezza]

Well this makes one start to wonder, if each program is going to have a unique DLL (or at least one shared with VERY few others) why bother to have DLLs at all? Why not just roll the library up into the application binary?!

It'll be interesting to see how this adds to the bloat, I imagine it won't take long for the average user to amass quite a number of these things, mostly doing the same job!

There must be a better solution than this!

Re:An End To .DLL Hell?

[IWannaBeAnAC]

The number of copies in memory, for one thing.

Consuder how many processes are loaded on a typical 'doze system. Now imagine what would happen if every one of them had a different copy of USER32.DLL (or whatever).

What about patches and security fixes?

[Raphael]

According to Microsoft's Ivo Salmre, quoted in the article: "When a .Net component is installed onto the machine, the Global Assembly Cache looks at its version, its public key, its language information and creates a strong name for the component."

In a few cases in the past, backwards compatibility has been (slightly) broken by service packs and security fixes. How will they deal with that? Presumably, the public key of a library can be affected by a patch. If an application uses the strong binding to request a specific version of a DLL, does that mean that it will keep its own copy of the DLL without the patches? Or will it have to deal with potential incompatibilities introduced by the patches? How "strong" will this binding be?

And by the way, this idea looks rather similar to the usual UNIX shared libraries that allow an application to bind to libpng.so (version doesn't matter), libpng.so.1 (version 1 required) or libpng.so.1.0.89 (specific version and patchlevel required). The proposed system for DLLs does not seem to be very different from that.

DLLs

[chenry007]

Correct me if I am wrong, but wouldnt that slow windows down even more. You computer will now have to search through your registry to find the correct DLL for your application. And what happens if you registry gets corrupted (not like that ever happens), then that you put you in an even worse position. Would it be easier to make the DLLs backwards compatible?

Re:DLLs

[Lethyos]

Would it be easier to make the DLLs backwards compatible?

You're right. It would. The trouble is, Microsoft's API documentation is a closely guarded secret, and if you've ever done Windows development using resources from MSDN, you'd know that it's utterly pathetic. All the most useful library calls are kept hidden from you under penalty of DMCA I imagine.

So, what happens if you either A) have no access to powerful APIs or B) you have crappy documentation for a crappy set of APIs? Simple! You code it yourself, reinventing the wheel. Dozens upon dozens of application developers for Windows have done this, making changes and additions to what may be standard libraries. One vendor creates a library with a call foo(bar b), and distributes the library. Another makes a call like bar(foo f) and distributes the library under the same moniker. You can't just merge them... so one version has got to go.

And of course, as for backwards compatibility, since when have Microsoft ever gotten that right? I've ran into so many issues with a Windows application not working on XP because I developed it on 2000. A common solution to this problem is to distribute the version of a library that came with 2000 and overwrite whatever existed on the XP box with it.

All in all, Windows is a pathetic, shody state of affairs. I ask myself everyday: "how the hell does this criminal organization con so many sheeple into using their products!?"

Unsolvable?

[Hard_Code]

Well, it is one thing to say that application can now obtain the version of the DLL they want if they *explicitly ask for it*. It is another thing to say that, they always and forever, until the end of time get the DLL they were "compiled against" or "packaged with". It is not clear from the article which of these two situations is the case.

The point of shared libraries is that you CAN upgrade one single library and have many applications "automatically" inherit the changes. This is how you can update a file dialog for instance, without recompiling every single one of your GUI applications. This is a Good Thing. The question then becomes "why is this shit breaking so much". The right solution is a proper combination of carefully-followed deprecation and backwards compatibility rules (preferentially married with some sort of standard version naming convention), and the ability for applications to explicitly choose the library version they want (or even better yet, runtime configuration directive that can be set by the user or administrator) in the cases that *it is known that the new shared library is not backwards compatible*.

Re:DLL vs static libs

[suitti]

If you lie to the system, and say, "This new libzlib.so is libzlib.so.5", you still run the risk of breaking all the apps. The only way to know that they all still work is to test them all.

So, you change the shared library. What programs did you affect?

OH NO !

[MrNop]

..Microsoft use the same news dupe checker than slashdot ! Windows 2000 : "Get out of DLL Hell for good. The Windows® 2000 Professional operating system has a feature to meet, greet, and exorcise applications that mess with your Dynamic-Link Library (DLL) and executable files: Windows File Protection. This feature saves you from unsightly operating system and application mismatches." http://www.microsoft.com/windows2000/techenthusias t/features/wfp.asp Windows XP: "One source of frustration for me is applications that share code. No doubt you've run in to the scenario where two applications share the same DLL but require two different versions of it. The result is usually fatal. Windows XP fixes this problem via side-by-side component sharing. The gist of this technology is to allow multiple versions of a component to run in memory at the same time. Each program gets to use its own version of the DLL." http://www.microsoft.com/technet/treeview/default. asp?url=/technet/prodtechnol/winxppro/evaluate/wxp relb.asp?frame=true&hidetoc=true - MrNop

what's the point?

[Johnny5000]

If each application pretty much has their own version of the DLLs, doesn't that defeat the purpose of having shared libraries anyway?

There's a Bigger Picture Here!!

[CrazyLegs]

Great... MS has discovered versioning and makes a big announcement. But what is really going on here is that MS is trying to design their way out of a more fundamental design problem that has plagued Windows since Day One. That is, they allow system-level software (DLLs) to co-mingle with software others have written. How many Windows shrink-wrap products have taken advantage of this feature by modifying base Windows DLLs, tripping the light fantastic over system-level directories, etc.??

OS/2 - as an example only - had a much better scheme where o/s stuff lived in its own space and the stuff you built/bought lived in its own space (and never the twain shall meet). On top of that, they implemented the idea of a LIBPATH env variable so that you could set the path OS/2 would take when looking for DLLs. Consequently, screwups were minimized, versioning was not an issue, built/bought software could be maintained easily, and (wait for it...) you could upgrade the o/s without blowing away all your apps!

Can't wait to hear what MS 'discovers' next!

not unique, but still doesn't fix the problem

as others have mentioned, this is not an unique problem. I've had plenty of make problems in linux when I didn't have the right gcc installed or the wrong binary.

My perspective isn't how conflicts are solved, but it's the underlying API itself isn't generalized and well designed. I think in MS's effort to make it super simple for stupid programmers, the API's were dumb down to the point where method signatures limited their ability to grow/add new features. Therefore they had to come up with new API constantly, which continually broke old DLL's. It's what happens when software takes it's API design from some one who thinks like a sales guy, instead of a software architect who thinks forward.

Why not store the dll's in the program's directory

The whole idead behind dll's was to keep from having multiple copies of the same file for each program. This seems to overrule that theory, so why even store it in windows\system(32) then, just put the dll in the programs directory and do away with the dll-id nonsense.

Pre-Registry Registry?

[sl0w]

Does anyone else see this as a pre-registry registry?

Re:DLL vs static libs

[oconnorcjo]

Agreed. Windows XP gobbles up about 110 megabytes of RAM when it's just booted, without any background images, screensavers, system tray apps running etc. Dropping the fancy XP theme frees up about 5 megs of RAM, but if your system only has 128 or 256 megs of RAM you don't have a lot of room to load apps.

Actually I think the reason XP takes up so much ram is because it is loading up a ton of USELESS DLL's and COM objects into ram so that IE will load faster and Word XYZ will open immediately, .NET Framework, VB Framework and the list goes on. A whole bunch of junk that really should not reside in RAM just so that MS's stuff loads faster than the competitors products. DLL's are a great idea but Microsoft has found that they have too many DLL's and they are disorganized.

The idea that an opperating system has a standard core set of DLL's that all programs can use to add functionality to programs is a WONDERFULL IDEA! Microsoft is only finding out that there is such thing as too much of a wonderfull thing. They have been writing DLL's and COM components for windows for almost ten years and they need to keep backward compatibility with all of them no matter how ugly or badly implemented an original DLL was done. This method will allow them to stop having to keep backward compatibilty (but leads to other problems such as bloat). They will still have too many DLL's that are only usefull to only one or two programs (and this solution won't make it better) and really should be statically linked or put in a private directory of the XYZ program (and uninstalled when the program is) but this is a good step in the future management of DLL cruft because they can at least start the process of breaking backward compatibility of badly designed libraries.

Re:All Programs Should be Self-Contained

[istartedi]

Well, I was going to say this earlier, but the network hung. All I can do now is expound on this...

The largest EXE on my box is a little over 3 megs (it's AbiWord, by the way). The largest DLL on my box is a little over 5 megs (it's the bulk of the image loader/editor that came with a cheopo digicam I bought). Let's be really, really conservative and say that AbiWord decides to load that DLL. Yeah, I know it would never happen but this is just a worst-case scenario. That's 8 megs resident in memory. Now, how many windows do I typicly have open? 5 or 6, and many times it's the same app like IE or MSVC. Even under a worst-case scenario like 8 separate huge apps open, that's 64megs. Now of course this worst-case scenario is an extreme. I wager a more typical scenario with everything self-contained would result in less than 32 megs of code resident in memory. What's 32 megs cost? They don't even sell 32 meg modules most places. A lot of boxes are coming with half a gig, and if you want more you just grab for some loose change and snap it in.

Of course, apps aren't the only thing on the box. The System Information in Windows shows a lot of DLLs loaded by Windows, many of them legacy support. On a box with 128 megs of ram, I sometimes break over 50% resource utilization, but there's no noticeable impact on performance so who cares?

Now, weigh the cost of RAM against all the hours spent putzing with different dynamic library versions.

Plainly, dynamic libraries are a holdover from the days when memory costs and address-space limits were something to think about.

Now, I'm not saying that there aren't circumstances where dynamics are a good idea. For example, it would have been nice if Microsoft had installed MFC DLLs with earlier versions of Windows. I shudder to think of all the bandwidth wasted downloading those.

The "solution" of maintaining different versions of DLLs and giving them unique IDs is almost an admission of defeat that dynamics don't work. It's probably better to think of it as a way to ween people of dynamics, and of providing those who still want to use them with the option.

sounds cool...

[Enrico+Pulatzo]

but I haven't experienced "DLL-hell" on Windows since 95. Not that it doesn't happen, but is this a feature whose time is over before it arrives?

Now, (rpm|dpkg)-hell, that's another story...

Just put them in with the software!

[supabeast!]

Given the current cost of massive hard disks, why are programs still putting DLLs anywhere outside of ...\Program Files\Foo\dlls? I think most people would be happier losing some extra space per program due to DLL redundancy than to keep dealing with shared libraries!

OS Bloat.

[buttahead]

Great... now when you install and uninstall a package, the DLLs are going to hang around (on purpose). I can see it now with a 13 year old that likes to install lots of little programs. Hopefully there is enough space on my hard drive.

Re:Mac OS X Frameworks?

[IamTheRealMike]

Also note that MacOS has long done a great job at packaging applications together so that the installer is unecessary.

I might as well note that this approach has some serious problems as well as the benefit of added simplicity, like:

• Only Apple can update the OS. That suits Apples goal of selling more copies of MacOS X, but shafts the customer slightly when they find that a few months after a new release comes out, applications start requiring it. See DirectX for contrast.

  Note that there is nothing wrong with a 3rd party application install upgrading parts of the OS, it's just that historically Windows has sucked at it. Look at Debian for an example of how this can be done well.

• Code reuse is stifled. On Windows, for the longest time JabberCOM was the de facto Jabber library. Most clients used it, and if you had more than one client installed, they'd share the same copy. There is no real mechanism for doing that, save shipping the framework inside every app, causing enormous bloat. So it doesn't happen very much.

• Modules are much "coarser" than say on Linux. I can't imagine MacOS developers getting together to share say 60k of code in a framework, it's just not worth it. That sort of thing happens all the time on Linux, and to a slightly lesser extent on Windows. Again, there's nothing wrong with depending on lots of shared code, it just has to be done properly.

Eliminating some of the key code sharing technologies (true dependancy management, strong component model) from MacOS X was I think a pretty big mistake - it bought them short term simplicity while making sacrifices in the longer term.

Re:DLL vs static libs

[rabidcow]

There might be a system running a hundred processes, but a typical windows system runs more like 8.

I currently have 6 programs running, I think that's pretty typical.

How many processes? 35.

Most running programs are less than 50% library code.

Hm, I'll read that as "running processes", since that's what's important.

Let's take one at random: winampa.exe
(winamp's "agent", the little toolbar dealie)
Total image is ~8MB
This includes:
- ntdll.dll: 492kB
- kernel32.dll: 724kB
- user32.dll: 400kB
- gdi32.dll: 240kB
- advapi32.dll: 368kB
- rpcrt4.dll: 448kB
- shell32.dll: 2300kB
- shlwapi.dll: 400kB
- msvcrt.dll: 280kB
- comctl32.dll: 552kB
- imm32.dll: 104kB
- shw95dll.dll: 124kB
- wow32.dll: 256kB
- ntvdm.exe: 644kB
- comdlg32.dll: 248kB
- version.dll: 28kB
- lz32.dll: 24kB
- winampa.exe: 36kB

I don't know about rpcrt4 or some of these, but shell32.dll alone is a huge fraction of its total size. Well over 50% of the memory use of this process is shared.

Trivial apps aren't, but how many trival apps do you run at the same time?

Is this a trivial process? That's about 7MB of shared code. If this is a typical amount (I believe it is), apps have to use >14MB to be less than 50% shared code.

How many do? Only 5 of the 35.