[Bug 47044] New: 64-bit MRAC Anti-Cheat (My.Com Warface) kernel service fails in driver entry point due to missing ' ntoskrnl.exe.{ExAcquireFastMutex,ExReleaseFastMutex}'
wine-bugs at winehq.org
wine-bugs at winehq.org
Fri Apr 19 06:21:55 CDT 2019
https://bugs.winehq.org/show_bug.cgi?id=47044
Bug ID: 47044
Summary: 64-bit MRAC Anti-Cheat (My.Com Warface) kernel service
fails in driver entry point due to missing
'ntoskrnl.exe.{ExAcquireFastMutex,ExReleaseFastMutex}'
Product: Wine
Version: 4.6
Hardware: x86-64
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ntoskrnl
Assignee: wine-bugs at winehq.org
Reporter: focht at gmx.net
Distribution: ---
Hello folks,
as it says.
Download:
https://web.archive.org/web/20190331063634/http://static.gc.my.com/WarfaceMycomLoader.exe#0.7927247509897362
--- snip ---
$ pwd
/home/focht/.wine/drive_c/users/focht/Local Settings/Application
Data/GameCenter
$ WINEDEBUG=+seh,+loaddll,+process,+relay,+ntoskrnl,+service wine
./GameCenter.exe >>log.txt 2>&1
...
00d4:trace:ntoskrnl:ZwLoadDriver
(L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\mracdrv")
...
00d4:trace:service:QueryServiceConfigW Image path =
L"\\SystemRoot\\System32\\drivers\\mracdrv.sys"
00d4:trace:service:QueryServiceConfigW Group = L""
00d4:trace:service:QueryServiceConfigW Dependencies = L""
00d4:trace:service:QueryServiceConfigW Service account name = L"LocalSystem"
00d4:trace:service:QueryServiceConfigW Display name = L"MRAC Driver"
...
00d4:trace:ntoskrnl:load_driver loading driver
L"C:\\windows\\System32\\drivers\\mracdrv.sys"
00d4:Call KERNEL32.LoadLibraryW(000277b0
L"C:\\windows\\System32\\drivers\\mracdrv.sys") ret=7f6da7d4ab3c
00d4:trace:loaddll:load_native_dll Loaded
L"C:\\windows\\System32\\drivers\\mracdrv.sys" at 0x140000000: native
00d4:Ret KERNEL32.LoadLibraryW() retval=140000000 ret=7f6da7d4ab3c
...
00d4:Call driver init 0x140098005
(obj=0x27900,str=L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\mracdrv")
...
00d4:Call ntoskrnl.exe.MmGetSystemRoutineAddress(0002acb8) ret=140df04fe
...
00d4:Call KERNEL32.GetModuleHandleW(7f6da7d69280 L"ntoskrnl.exe")
ret=7f6da7d572ec
00d4:Ret KERNEL32.GetModuleHandleW() retval=7f6da7d30000 ret=7f6da7d572ec
00d4:Call KERNEL32.GetProcAddress(7f6da7d30000,00010eb0 "ExAcquireFastMutex")
ret=7f6da7d572f9
00d4:Ret KERNEL32.GetProcAddress() retval=00000000 ret=7f6da7d572f9
00d4:Call KERNEL32.GetModuleHandleW(7f6da7d69270 L"hal.dll") ret=7f6da7d57364
00d4:Ret KERNEL32.GetModuleHandleW() retval=00000000 ret=7f6da7d57364
...
00d4:fixme:ntoskrnl:MmGetSystemRoutineAddress L"ExAcquireFastMutex" not found
00d4:Ret ntoskrnl.exe.MmGetSystemRoutineAddress() retval=00000000
ret=140df04fe
00d4:Call ntoskrnl.exe.MmGetSystemRoutineAddress(0002acb8) ret=140dde090
...
00d4:Call KERNEL32.GetModuleHandleW(7f6da7d69280 L"ntoskrnl.exe")
ret=7f6da7d572ec
00d4:Ret KERNEL32.GetModuleHandleW() retval=7f6da7d30000 ret=7f6da7d572ec
00d4:Call KERNEL32.GetProcAddress(7f6da7d30000,00010eb0 "ExReleaseFastMutex")
ret=7f6da7d572f9
00d4:Ret KERNEL32.GetProcAddress() retval=00000000 ret=7f6da7d572f9
00d4:Call KERNEL32.GetModuleHandleW(7f6da7d69270 L"hal.dll") ret=7f6da7d57364
00d4:Ret KERNEL32.GetModuleHandleW() retval=00000000 ret=7f6da7d57364
...
00d4:fixme:ntoskrnl:MmGetSystemRoutineAddress L"ExReleaseFastMutex" not found
00d4:Ret ntoskrnl.exe.MmGetSystemRoutineAddress() retval=00000000
ret=140dde090
...
00d4:Ret driver init 0x140098005
(obj=0x27900,str=L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\mracdrv")
retval=c0000001
...
00d4:trace:ntoskrnl:init_driver init done for L"mracdrv" obj 0x27900
00d4:trace:ntoskrnl:init_driver - DriverInit = 0x140098005
00d4:trace:ntoskrnl:init_driver - DriverStartIo = (nil)
00d4:trace:ntoskrnl:init_driver - DriverUnload = (nil)
00d4:trace:ntoskrnl:init_driver - MajorFunction[0] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[1] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[2] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[3] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[4] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[5] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[6] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[7] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[8] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[9] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[10] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[11] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[12] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[13] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[14] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[15] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[16] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[17] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[18] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[19] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[20] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[21] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[22] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[23] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[24] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[25] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[26] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:init_driver - MajorFunction[27] = 0x7f6da7d514b0
00d4:trace:ntoskrnl:ObDereferenceObject (0x27900) ref=0
...
00d4:err:ntoskrnl:ZwLoadDriver failed to create driver
L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\mracdrv": c0000001
--- snip ---
Microsoft docs:
https://msdn.microsoft.com/en-us/library/windows/hardware/ff544337(v=vs.85).aspx
https://msdn.microsoft.com/en-us/library/windows/hardware/ff545549(v=vs.85).aspx
Wine source:
https://source.winehq.org/git/wine.git/blob/HEAD:/dlls/ntoskrnl.exe/ntoskrnl.exe.spec#l1
You can leverage from existing
'ntoskrnl.exe.{ExAcquireFastMutexUnsafe,ExReleaseFastMutexUnsafe}'
implementations.
https://source.winehq.org/git/wine.git/blob/HEAD:/dlls/ntoskrnl.exe/sync.c#l703
$ sha1sum WarfaceMycomLoader_805e0da40d16630c2fe73ed12399cb48_.exe
b07e87a029d6697ad823dc03fdbf297c406a91b9
WarfaceMycomLoader_805e0da40d16630c2fe73ed12399cb48_.exe
$ du -sh WarfaceMycomLoader_805e0da40d16630c2fe73ed12399cb48_.exe
6.8M WarfaceMycomLoader_805e0da40d16630c2fe73ed12399cb48_.exe
$ wine --version
wine-4.6-61-g085e58878f
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list