[Bug 41001] 64-bit Core Temp 1.x kernel driver 'ALSysIO.sys' crashes on unimplemented function ntoskrnl.exe.RtlUnwindEx
wine-bugs at winehq.org
wine-bugs at winehq.org
Sun Jan 15 09:41:00 CST 2017
https://bugs.winehq.org/show_bug.cgi?id=41001
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Core Temp 1.1 does not |64-bit Core Temp 1.x kernel
|start with an error popup |driver 'ALSysIO.sys'
| |crashes on unimplemented
| |function
| |ntoskrnl.exe.RtlUnwindEx
Ever confirmed|0 |1
Component|-unknown |ntoskrnl
CC| |focht at gmx.net
Status|UNCONFIRMED |NEW
Keywords| |win64
--- Comment #4 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
the old version Core Temp 1.1 this bug was reported against is no longer
available:
http://www.alcpu.com/CoreTemp/oldversions/
Make sure you download/test with the correct architecture, it was reported with
64-bit version (see crash dump in initial report).
http://www.alcpu.com/CoreTemp/php/download.php?id=3 -> 64-bit Core Temp 1.5.1
The app doesn't crash but the 64-bit kernel driver does:
--- snip ---
$ WINEDEBUG=+tid,+seh,+relay,+service,+ntoskernel,+winedevice wine ./Core\
Temp.exe >>log.txt 2>&1
...
0017:trace:service:create_serviceW (L"ALSysIO", L"ALSysIO", 0xf01ff,
L"C:\\users\\focht\\Temp\\ALSysIO64.sys")
...
0035:trace:winedevice:load_driver loading driver
L"C:\\users\\focht\\Temp\\ALSysIO64.sys"
0035:Call KERNEL32.LoadLibraryW(00026910
L"C:\\users\\focht\\Temp\\ALSysIO64.sys") ret=7fd8dc09fcf0
...
0035:Ret PE DLL (proc=0x7fd8db3144b4,module=0x7fd8db310000
L"hal.dll",reason=PROCESS_ATTACH,res=(nil)) retval=1
0035:Ret KERNEL32.LoadLibraryW() retval=00640000 ret=7fd8dc09fcf0
...
0035:Call driver init 0x648064
(obj=0x26690,str=L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\ALSysIO")
0035:trace:seh:raise_exception code=c0000005 flags=0 addr=0x648034 ip=648034
tid=0035
0035:trace:seh:raise_exception info[0]=0000000000000000
0035:trace:seh:raise_exception info[1]=fffff78000000320
0035:trace:seh:raise_exception rax=fffff78000000320 rbx=0000000000000000
rcx=0000000000646100 rdx=00002b992ddfa232
0035:trace:seh:raise_exception rsi=000000000053eb96 rdi=000000000053eb20
rbp=000000000053e020 rsp=000000000053de98
0035:trace:seh:raise_exception r8=00000000000267f8 r9=0000000000026690
r10=497379534c415c5c r11=0000000000000000
0035:trace:seh:raise_exception r12=000000000033da7f r13=000000000053f700
r14=0000000000000000 r15=0000000000000000
0035:trace:seh:call_vectored_handlers calling handler at 0x7fd8dbb7e835
code=c0000005 flags=0
0035:trace:seh:call_vectored_handlers handler at 0x7fd8dbb7e835 returned
ffffffff
0035:Call ntdll.RtlInitUnicodeString(0053dea0,00643c80 L"\\Device\\ALSysIO")
ret=00641059
0035:Ret ntdll.RtlInitUnicodeString() retval=0053dea0 ret=00641059
0035:Call
ntoskrnl.exe.IoCreateDevice(00026690,00000390,0053dea0,00009c40,00000000,7fd8e2d18701,0053ded0)
ret=00641085
...
0035:Ret ntoskrnl.exe.IoCreateDevice() retval=00000000 ret=00641085
0035:Call ntdll.RtlInitUnicodeString(0053deb0,00643ca0
L"\\DosDevices\\ALSysIO") ret=006410b3
0035:Ret ntdll.RtlInitUnicodeString() retval=0053deb0 ret=006410b3
0035:Call ntoskrnl.exe.IoCreateSymbolicLink(0053deb0,0053dea0) ret=006410c3
0035:Call ntdll.NtCreateSymbolicLinkObject(0053dcf8,000f0001,0053dcc0,0053dea0)
ret=7fd8dbb83faa
0035:Ret ntdll.NtCreateSymbolicLinkObject() retval=00000000 ret=7fd8dbb83faa
0035:Ret ntoskrnl.exe.IoCreateSymbolicLink() retval=00000000 ret=006410c3
0035:Call ntoskrnl.exe.ExAllocatePoolWithTag(00000000,0001ffff,62696f73)
ret=00643003
...
0035:Ret ntoskrnl.exe.ExAllocatePoolWithTag() retval=0002d690 ret=00643003
0035:Call ntoskrnl.exe.MmMapIoSpace(000e0000,0001ffff,00000000) ret=00642e56
0035:fixme:ntoskrnl:MmMapIoSpace stub: 0x00000000000e0000, 131071, 0
0035:Ret ntoskrnl.exe.MmMapIoSpace() retval=00000000 ret=00642e56
0035:trace:seh:raise_exception code=c0000005 flags=0 addr=0x64393b ip=64393b
tid=0035
0035:trace:seh:raise_exception info[0]=0000000000000000
0035:trace:seh:raise_exception info[1]=000000000000fff8
0035:trace:seh:raise_exception rax=0000000000000000 rbx=0000000000000000
rcx=000000000003d688 rdx=fffffffffffd2970
0035:trace:seh:raise_exception rsi=000000000002d690 rdi=000000000001ffff
rbp=000000000053e020 rsp=000000000053dd58
0035:trace:seh:raise_exception r8=000000000001fff8 r9=0000000000000800
r10=0000000000000000 r11=000000000002d690
0035:trace:seh:raise_exception r12=000000000033da7f r13=000000000053f700
r14=0000000000000000 r15=0000000000000000
0035:trace:seh:call_vectored_handlers calling handler at 0x7fd8dbb7e835
code=c0000005 flags=0
0035:trace:seh:call_vectored_handlers handler at 0x7fd8dbb7e835 returned 0
...
wine: Call from 0x7bcc98dc to unimplemented function ntoskrnl.exe.RtlUnwindEx,
aborting
--- snip ---
A forward to 64-bit ntdll.RtlUnwindEx export should be sufficient.
Dump of kernel driver import table:
--- snip ---
1. ImageImportDescriptor:
OriginalFirstThunk: 0x000080D0
TimeDateStamp: 0x00000000 (GMT: Thu Jan 01 00:00:00 1970)
ForwarderChain: 0x00000000
Name: 0x000083F4 ("ntoskrnl.exe")
FirstThunk: 0x00005010
Ordinal/Hint API name
------------ ---------------------------------------
0x01E3 "IoDeleteDevice"
0x0712 "ZwClose"
0x02A3 "IofCompleteRequest"
0x01D8 "IoCreateSymbolicLink"
0x01CE "IoCreateDevice"
0x01B9 "IoBuildDeviceIoControlRequest"
0x052B "RtlAnsiStringToUnicodeString"
0x03BF "MmGetSystemRoutineAddress"
0x02F7 "KeInitializeEvent"
0x05B5 "RtlInitAnsiString"
0x0597 "RtlFreeUnicodeString"
0x0209 "IoGetDeviceObjectPointer"
0x05BA "RtlInitUnicodeString"
0x03C3 "MmIsAddressValid"
0x0488 "ObfDereferenceObject"
0x003F "DbgPrint"
0x02A2 "IofCallDriver"
0x0073 "ExAllocatePoolWithTag"
0x008B "ExFreePoolWithTag"
0x0314 "KeLeaveCriticalRegion"
0x081D "strstr"
0x03ED "MmUnmapIoSpace"
0x02D8 "KeEnterCriticalRegion"
0x03CE "MmMapIoSpace"
0x02C8 "KeBugCheckEx"
0x0387 "KeWaitForSingleObject"
0x01E5 "IoDeleteSymbolicLink"
0x0657 "RtlUnwindEx"
2. ImageImportDescriptor:
OriginalFirstThunk: 0x000080C0
TimeDateStamp: 0x00000000 (GMT: Thu Jan 01 00:00:00 1970)
ForwarderChain: 0x00000000
Name: 0x0000841A ("HAL.dll")
FirstThunk: 0x00005000
Ordinal/Hint API name
------------ ---------------------------------------
0x0016 "HalGetBusDataByOffset"
--- snip ---
ProtectionID scan:
--- snip ---
-=[ ProtectionID v0.6.6.7 DECEMBER]=-
(c) 2003-2015 CDKiLLER & TippeX
Build 24/12/14-22:48:13
Ready...
Scanning -> Z:\home\focht\Downloads\Core Temp.exe
File Type : 64-Bit Exe (Subsystem : Win GUI / 2), Size : 936424 (0E49E8h)
Byte(s)
[!] Warning -> File needs higher OS (Current OS : 05.01, Requires OS: 05.02)
[!] Warning : File is 64 Bit, this os is NOT
Compilation TimeStamp : 0x5833A31D -> Tue 22nd Nov 2016 01:45:01 (GMT)
[TimeStamp] 0x5833A31D -> Tue 22nd Nov 2016 01:45:01 (GMT) | PE Header | - |
Offset: 0x00000000:00000100 | VA: 0x00000001:40000100 | -
-> File Appears to be Digitally Signed @ Offset 0E09F0h, size : 03FF8h / 016376
byte(s)
-> File has 71152 (0115F0h) bytes of appended data starting at offset 0CF400h
[File Heuristics] -> Flag #1 : 00000000000001001101000000000100 (0x0004D004)
[Entrypoint Section Entropy] : 6.39 (section #0) ".text " | Size : 0x81086
(528518) byte(s)
[DllCharacteristics] -> Flag : (0x8140) -> ASLR | DEP | TSA
[SectionCount] 6 (0x6) | ImageSize 0xFC000 (1032192) byte(s)
[VersionInfo] Product Name : Core Temp
[VersionInfo] Product Version : 1.5.1.0
[VersionInfo] File Description : CPU temperature and system information utility
[VersionInfo] File Version : 1.5.1.0
[VersionInfo] Original FileName : Core Temp.exe
[VersionInfo] Internal Name : Core Temp
[VersionInfo] Legal Copyrights : Copyright (C) 2006 - 2016 ALCPU
[CompilerDetect] -> Visual C++ 10.0 (Visual Studio 2010)
[!] File appears to have no protection or is using an unknown protection
- Scan Took : 0.328 Second(s) [000000148h (328) tick(s)] [232 of 573 scan(s)
done]
Scanning ->
Z:\home\focht\Downloads\tmp64\drive_c\users\focht\Temp\ALSysIO64.sys
File Type : 64-Bit Driver (BAD checksum - won't load!), Good Checksum = 014A6Bh
Size : 035320 (089F8h) Byte(s)
[!] Warning -> File needs higher OS (Current OS : 05.01, Requires OS: 06.01)
[!] Warning : File is 64 Bit, this os is NOT
Compilation TimeStamp : 0x577D3625 -> Wed 06th Jul 2016 16:47:33 (GMT)
[TimeStamp] 0x577D3625 -> Wed 06th Jul 2016 16:47:33 (GMT) | PE Header | - |
Offset: 0x00000000:000000E8 | VA: 0x00000000:000100E8 | -
[TimeStamp] 0x577D3625 -> Wed 06th Jul 2016 16:47:33 (GMT) | DebugDirectory | -
| Offset: 0x00000000:00003704 | VA: 0x00000000:00015104 | -
-> File Appears to be Digitally Signed @ Offset 04A00h, size : 03FF8h / 016376
byte(s)
[File Heuristics] -> Flag #1 : 00000100000001101100000000010111 (0x0406C017)
[Entrypoint Section Entropy] : 5.14 (section #4) "INIT " | Size : 0x430
(1072) byte(s)
[DllCharacteristics] -> Flag : (0x0000) -> NONE
[SectionCount] 6 (0x6) | ImageSize 0x9390 (37776) byte(s)
[VersionInfo] Company Name : Arthur Liberman
[VersionInfo] Product Name : ALSysIO
[VersionInfo] Product Version : 2.0.10.0
[VersionInfo] File Description : ALSysIO
[VersionInfo] File Version : 2.0.10.0
[VersionInfo] Original FileName : ALSysIO.sys
[VersionInfo] Internal Name : ALSysIO.sys
[VersionInfo] Version Comments : http://www.alcpu.com/forums
[VersionInfo] Legal Copyrights : Copyright (C) 2003-2009 Arthur Liberman
[Debug Info] (record 1 of 1) (file offset 0x3700)
Characteristics : 0x0 | TimeDateStamp : 0x577D3625 (Wed 06th Jul 2016 16:47:33
(GMT)) | MajorVer : 0 / MinorVer : 0 -> (0.0)
Type : 2 (0x2) -> CodeView | Size : 0x42 (66)
AddressOfRawData : 0x5120 | PointerToRawData : 0x3720
CvSig : 0x53445352 | SigGuid FCDEA483-6222-4531-958B4C67A094332D
Age : 0x68 | Pdb : w:\alsysio\source\lib\amd64\ALSysIO64.pdb
[!] File appears to have no protection or is using an unknown protection
- Scan Took : 0.183 Second(s) [0000000B7h (183) tick(s)] [134 of 573 scan(s)
done]
--- snip ---
$ sha1sum CoreTemp64.zip
3d57bb393dae89b4e0a6af9ab8cbb1ed57024f91 CoreTemp64.zip
$ du -sh CoreTemp64.zip
388K CoreTemp64.zip
$ wine --version
wine-2.0-rc4
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list