[Bug 44588] Many kernel drivers need support for kernel synchronization objects ( event, semaphore, mutex) (BattleEye's 'bedaisy.sys', Franson VSerial service 'bizvserialnt.sys')
wine-bugs at winehq.org
wine-bugs at winehq.org
Tue Nov 27 16:24:21 CST 2018
https://bugs.winehq.org/show_bug.cgi?id=44588
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|STAGED |RESOLVED
Keywords| |obfuscation
Fixed by SHA1| |b9e556d5e8a47a23e8d3d919f73
| |f260de8a10eb9
--- Comment #4 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
this is fixed by commits:
*
https://source.winehq.org/git/wine.git/commitdiff/b9e556d5e8a47a23e8d3d919f73f260de8a10eb9
("ntoskrnl.exe: Implement KeClearEvent().")
*
https://source.winehq.org/git/wine.git/commitdiff/af0c6b5caea8970e5caebb030417d4ae6fb1642e
("ntoskrnl.exe: Implement KeWaitForMutexObject().")
*
https://source.winehq.org/git/wine.git/commitdiff/1aaabb781b6c1a59ea0573a57d0c698b62cad339
("ntoskrnl.exe: Implement KeReleaseMutex() and waiting on mutexes.")
*
https://source.winehq.org/git/wine.git/commitdiff/e3223f30aa298044dcf5c72e0ae64352d953f690
("ntoskrnl.exe: Implement KeInitializeMutex().")
*
https://source.winehq.org/git/wine.git/commitdiff/4824d7217b61111da499ea003b01649eeb169710
("ntoskrnl.exe: Implement KeReleaseSemaphore() and waiting on semaphores.")
*
https://source.winehq.org/git/wine.git/commitdiff/8589d094ff576db6d733c744120c316eb835d6fb
("ntoskrnl.exe: Implement KeInitializeSemaphore().")
*
https://source.winehq.org/git/wine.git/commitdiff/05b278675f4b213fe881bbc6175c09a812f3047c
("ntoskrnl.exe: Implement KeWaitForSingleObject().")
*
https://source.winehq.org/git/wine.git/commitdiff/6345787cf48dac02c17fb8848c0ff7c8f998cb2e
("ntoskrnl.exe: Implement KeResetEvent().")
*
https://source.winehq.org/git/wine.git/commitdiff/469c2fd4d73ae84c716a61630efb79e377236a04
("ntoskrnl.exe: Implement KeSetEvent().")
*
https://source.winehq.org/git/wine.git/commitdiff/a29204cb1326f8344bde20a273bc482a16152980
("ntoskrnl.exe: Implement KeInitializeEvent().")
*
https://source.winehq.org/git/wine.git/commitdiff/d3b2517c8864c5cc4bc35dccc3945de46c0b8aa6
("ntoskrnl.exe: Implement KeWaitForMultipleObjects().")
Thanks Zebediah
--- snip ---
$ WINEDEBUG=+seh,+loaddll,+process,+service,+ntoskrnl wineboot >>log.txt 2>&1
...
000f:trace:service:scmdatabase_load_services Loading service L"bizVSerial"
000f:trace:service:load_service_config Image path =
L"System32\\drivers\\bizVSerialNT.sys"
000f:trace:service:load_service_config Group = (null)
000f:trace:service:load_service_config Service account name = L"LocalSystem"
000f:trace:service:load_service_config Display name = L"Franson
VSerial"
000f:trace:service:load_service_config Service dependencies : (none)
000f:trace:service:load_service_config Group dependencies : (none)
...
0017:trace:service:service_thread 0x10d60
0017:trace:service:SERV_OpenSCManagerW ((null),(null),0x00000001)
0015:trace:service:svcctl_OpenSCManagerW ((null), (null), 1)
0017:trace:service:SERV_OpenSCManagerW returning 0x11920
0017:trace:service:RegisterServiceCtrlHandlerExW L"winedevice" 0x7f47d7011ab0
0x11800
0017:trace:service:SetServiceStatus 0x110c0 30 4 5 0 0 0 0
...
000f:trace:service:process_send_start_message 0x143b0 L"bizVSerial" (nil) 0
0016:trace:service:service_handle_control L"winedevice" control 2147483648 data
0x11bb2 data_size 22
0016:trace:ntoskrnl:ZwLoadDriver
(L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\bizVSerial")
...
0016:trace:service:QueryServiceConfigW Image path =
L"System32\\drivers\\bizVSerialNT.sys"
0016:trace:service:QueryServiceConfigW Group = L""
0016:trace:service:QueryServiceConfigW Dependencies = L""
0016:trace:service:QueryServiceConfigW Service account name = L"LocalSystem"
0016:trace:service:QueryServiceConfigW Display name = L"Franson
VSerial"
0016:trace:ntoskrnl:open_driver opened service for driver
L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\bizVSerial"
0016:trace:service:SetServiceStatus 0x12e50 30 2 0 0 0 0 2710
0014:trace:service:svcctl_SetServiceStatus (0x15e80, 0x15754)
0016:trace:ntoskrnl:IoCreateDriver (L"\\Driver\\bizVSerial", 0x7f47c8c949c0)
0016:trace:ntoskrnl:load_driver loading driver
L"System32\\drivers\\bizVSerialNT.sys"
0016:trace:loaddll:load_native_dll Loaded
L"C:\\windows\\System32\\drivers\\bizVSerialNT.sys" at 0x460000: native
0016:trace:seh:NtRaiseException code=c0000005 flags=0 addr=0x468034 ip=468034
tid=0016
0016:trace:seh:NtRaiseException info[0]=0000000000000000
0016:trace:seh:NtRaiseException info[1]=fffff78000000320
0016:trace:seh:NtRaiseException rax=fffff78000000320 rbx=0000000000013178
rcx=0000000000013010 rdx=0000000000013178
0016:trace:seh:NtRaiseException rsi=00007f47d73b84b1 rdi=00007f47c8cd1c71
rbp=000000000033f8a0 rsp=000000000033f788
0016:trace:seh:NtRaiseException r8=0000000000466100 r9=00002b992ddfa232
r10=000000000000a000 r11=0000000000012ee0
0016:trace:seh:NtRaiseException r12=0000000000013010 r13=0000000000000000
r14=0000000000011b18 r15=0000000000468008
0016:trace:seh:call_vectored_handlers calling handler at 0x7f47c8c93260
code=c0000005 flags=0
0016:trace:seh:call_vectored_handlers handler at 0x7f47c8c93260 returned
ffffffff
0016:trace:ntoskrnl:IoCreateDevice (0x13010, 496, L"\\Device\\bizvSerialMgr",
34, 0, 0, 0x33f790)
0016:trace:ntoskrnl:IoCreateSymbolicLink L"\\DosDevices\\bizSerialMgr" ->
L"\\Device\\bizvSerialMgr"
0016:trace:ntoskrnl:KeInitializeEvent event 0x136e8, type 0, state 0.
0016:trace:ntoskrnl:KeInitializeEvent event 0x136c8, type 0, state 0.
0016:fixme:ntoskrnl:ObReferenceObjectByHandle stub: 0x3c 1fffff (nil) 0 0x136e0
(nil)
0016:trace:ntoskrnl:init_driver init done for L"bizVSerial" obj 0x13010
0016:trace:ntoskrnl:init_driver - DriverInit = 0x468008
0016:trace:ntoskrnl:init_driver - DriverStartIo = (nil)
0016:trace:ntoskrnl:init_driver - DriverUnload = 0x4613c0
0016:trace:ntoskrnl:init_driver - MajorFunction[0] = 0x461180
0016:trace:ntoskrnl:init_driver - MajorFunction[1] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[2] = 0x461228
0016:trace:ntoskrnl:init_driver - MajorFunction[3] = 0x46133c
0016:trace:ntoskrnl:init_driver - MajorFunction[4] = 0x461304
0016:trace:ntoskrnl:init_driver - MajorFunction[5] = 0x461398
0018:trace:ntoskrnl:KeWaitForMultipleObjects count 2, objs 0x56fd80, wait_type
1, reason 0, mode 0, alertable 0, timeout (nil), wait_blocks 0x56fd90.
0016:trace:ntoskrnl:init_driver - MajorFunction[6] = 0x461398
0016:trace:ntoskrnl:init_driver - MajorFunction[7] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[8] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[9] = 0x461398
0016:trace:ntoskrnl:init_driver - MajorFunction[10] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[11] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[12] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[13] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[14] = 0x4612e0
0016:trace:ntoskrnl:init_driver - MajorFunction[15] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[16] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[17] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[18] = 0x461374
0016:trace:ntoskrnl:init_driver - MajorFunction[19] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[20] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[21] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[22] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[23] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[24] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[25] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[26] = 0x7f47c8c997b0
0016:trace:ntoskrnl:init_driver - MajorFunction[27] = 0x7f47c8c997b0
0016:trace:service:SetServiceStatus 0x12e50 30 4 5 0 0 0 0
0015:trace:service:svcctl_SetServiceStatus (0x15e80, 0x15cf4)
...
0017:trace:ntoskrnl:unload_driver L"\\Driver\\bizVSerial"
0017:trace:service:SetServiceStatus 0x12e50 30 3 0 0 0 0 0
...
0017:trace:ntoskrnl:KeSetEvent event 0x136c8, increment 0, wait 0.
0017:trace:ntoskrnl:KeWaitForMultipleObjects count 1, objs 0x44f900, wait_type
1, reason 6, mode 0, alertable 0, timeout (nil), wait_blocks (nil).
0018:trace:ntoskrnl:KeResetEvent event 0x136c8.
0017:trace:seh:NtRaiseException code=c0000005 flags=0 addr=0x7f47c8ca3183
ip=7f47c8ca3183 tid=0017
0017:trace:seh:NtRaiseException info[0]=0000000000000001
0017:trace:seh:NtRaiseException info[1]=00000000deadbeb7
0017:trace:seh:NtRaiseException rax=00000000deadbeaf rbx=000000000044f900
rcx=00007f47d6aed879 rdx=0000000000000000
0017:trace:seh:NtRaiseException rsi=000000000044f5c0 rdi=0000000000000000
rbp=000000000044f8a0 rsp=000000000044f580
0017:trace:seh:NtRaiseException r8=0000000000000000 r9=0000000000000000
r10=000000000044f340 r11=0000000000000246
0017:trace:seh:NtRaiseException r12=0000000000013010 r13=0000000000000001
r14=000000000044f908 r15=000000000044f900
0017:trace:seh:call_vectored_handlers calling handler at 0x7f47c8c93260
code=c0000005 flags=0
...
wine: Unhandled page fault on write access to 0xdeadbeb7 at address
0x7f47c8ca3183 (thread 0017), starting debugger...
0017:trace:seh:start_debugger Starting debugger "winedbg --auto 17 60"
0017:trace:process:CreateProcessInternalW app (null) cmdline L"winedbg --auto
17 60"
0017:trace:process:find_exe_file looking for L"winedbg"
0017:trace:process:find_exe_file Trying native exe
L"C:\\windows\\system32\\winedbg.exe"
0017:trace:process:CreateProcessInternalW starting
L"C:\\windows\\system32\\winedbg.exe" as Win64 binary (10000000-10018000,
x86_64)
0017:err:seh:start_debugger Couldn't start debugger ("winedbg --auto 17 60")
(1115)
--- snip ---
The crash during unloading of driver(s) is a different issue
('ObReferenceObjectByHandle' has to return a proper kernel object).
I will create a new ticket for that.
$ wine --version
wine-3.21-87-g65677e2b2f
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list