[Bug 30220] Unhandled privileged instruction when starting Minitab 16 (Sentinel HASP hardlock.sys kernel driver tries to write to CR4/not handled in ntoskrnl emulate_instruction)
wine-bugs at winehq.org
wine-bugs at winehq.org
Fri Oct 31 01:20:42 CDT 2014
https://bugs.winehq.org/show_bug.cgi?id=30220
Sebastian Lackner <sebastian at fds-team.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |sebastian at fds-team.de
--- Comment #7 from Sebastian Lackner <sebastian at fds-team.de> ---
@Stefan: The attached patch helps (no crash on this instruction anymore), but
afterwards the driver immediately hits the next issue (fixmes added to simplify
debugging):
```
trace:seh:call_vectored_handlers handler at 0x7ed2fcce returned ffffffff
trace:seh:raise_exception code=c0000096 flags=0 addr=0x7ed55181 ip=7ed55181
tid=0018
trace:seh:raise_exception eax=0053e654 ebx=00000000 ecx=0053e594 edx=0053ef4c
esi=00000000 edi=0053e654
trace:seh:raise_exception ebp=0053e678 esp=0053e59c cs=0023 ds=002b es=002b
fs=0063 gs=006b flags=00010246
trace:seh:call_vectored_handlers calling handler at 0x7ed2fcce code=c0000096
flags=0
fixme:int:emulate_instruction emulate_instruction
fixme:int:emulate_instruction instr[0] = 6e
fixme:int:emulate_instruction instr[1] = 74
fixme:int:emulate_instruction instr[2] = 64
fixme:int:emulate_instruction instr[3] = 6c
fixme:int:emulate_instruction instr[4] = 6c
fixme:int:emulate_instruction instr[5] = 2e
```
This privileged instruction code corresponds to:
```
.data:0x00000000 6e outs dx,BYTE PTR ds:[esi]
.data:0x00000001 7464 je 0x00000067
.data:0x00000003 6c ins BYTE PTR es:[edi],dx
.data:0x00000004 6c ins BYTE PTR es:[edi],dx
```
These instructions will also need to be emulated as it seems like the driver
tries to directly access IO ports via assembler instructions. Code to emulate
outsb/insb already exists in krnl386.exe/instr.c, so a simple stub is pretty
easy, but doesn't bring us further:
outsb is supposed to read data from ds:esi, but in this case esi = 0x0 ? Most
likely some more things are going wrong here. ;)
$ du -sh mtben1610su.exe
93M mtben1610su.exe
$ sha1sum mtben1610su.exe
f457d13475a783a0d2fff5566c0279640ba26bc6
$ git describe origin/master
wine-1.7.29-133-g433df0d
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list