[Bug 44837] New: BattlEye 'BEDaisy' kernel service fails in driver entry point due to missing ' ntoskrnl.exe.PsAcquireProcessExitSynchronization'

wine-bugs at winehq.org wine-bugs at winehq.org
Tue Mar 27 17:49:24 CDT 2018 

https://bugs.winehq.org/show_bug.cgi?id=44837

            Bug ID: 44837
           Summary: BattlEye 'BEDaisy' kernel service fails in driver
                    entry point due to missing
                    'ntoskrnl.exe.PsAcquireProcessExitSynchronization'
           Product: Wine
           Version: 3.4
          Hardware: x86-64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ntoskrnl
          Assignee: wine-bugs at winehq.org
          Reporter: focht at gmx.net
      Distribution: ---

Hello folks,

continuation of bug 44811

--- snip ---
...
0052:Call KERNEL32.GetModuleHandleW(7ec246fc L"ntoskrnl.exe") ret=7ec1a2f6
0052:Ret  KERNEL32.GetModuleHandleW() retval=7ec00000 ret=7ec1a2f6
0052:Call KERNEL32.GetProcAddress(7ec00000,0011d4b8
"PsAcquireProcessExitSynchronization") ret=7ec1a30b
0052:Ret  KERNEL32.GetProcAddress() retval=00000000 ret=7ec1a30b
0052:Call KERNEL32.GetModuleHandleW(7ec24718 L"hal.dll") ret=7ec1a324
0052:Ret  KERNEL32.GetModuleHandleW() retval=f7ac0000 ret=7ec1a324
0052:Call KERNEL32.GetProcAddress(f7ac0000,0011d4b8
"PsAcquireProcessExitSynchronization") ret=7ec1a33f
0052:Ret  KERNEL32.GetProcAddress() retval=00000000 ret=7ec1a33f
0052:Call ntdll.RtlFreeAnsiString(0065eb30) ret=7ec1a351
0052:Ret  ntdll.RtlFreeAnsiString() retval=0065eb30 ret=7ec1a351
0052:fixme:ntoskrnl:MmGetSystemRoutineAddress
L"PsAcquireProcessExitSynchronization" not found
0052:Ret  ntoskrnl.exe.MmGetSystemRoutineAddress() retval=00000000 ret=007da46e
0052:Ret  driver init 0x78d000
(obj=0x11caa0,str=L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\BEDaisy")
retval=c0000001
0052:trace:winedevice:init_driver init done for L"BEDaisy" obj 0x11caa0 
...
0052:Ret  ntoskrnl.exe.IoCreateDriver() retval=c0000001 ret=7effb786
0052:err:winedevice:async_create_driver failed to create driver L"BEDaisy":
c0000001 
...
--- snip ---

Discussion of this API (potential use) here

https://forum.sysinternals.com/discussion-howto-enumerate-handles_topic19403_page6%20.html

https://docs.microsoft.com/en-us/windows-hardware/drivers/kernel/windows-kernel-mode-process-and-thread-manager

https://docs.microsoft.com/en-us/windows-hardware/drivers/kernel/run-down-protection

https://www.geoffchappell.com/studies/windows/km/ntoskrnl/api/index.htm

(PsAcquireProcessExitSynchronization  6.0 and higher )

$ sha1sum Tibia_Setup.exe 
50951008ccc402cc32407bfc56a88da873e3e9bd  Tibia_Setup.exe

$ du -sh Tibia_Setup.exe 
5.2M    Tibia_Setup.exe

$ wine --version
wine-3.4-192-gd7430abd40

Regards

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list