[Bug 48987] New: Riot Vanguard (Riot Games) 'vgk.sys' crashes on unimplemented function ntoskrnl.exe.{wcscat_s,wcscpy_s}
WineHQ Bugzilla
wine-bugs at winehq.org
Tue Apr 21 12:24:19 CDT 2020
https://bugs.winehq.org/show_bug.cgi?id=48987
Bug ID: 48987
Summary: Riot Vanguard (Riot Games) 'vgk.sys' crashes on
unimplemented function
ntoskrnl.exe.{wcscat_s,wcscpy_s}
Product: Wine
Version: 5.6
Hardware: x86-64
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ntoskrnl
Assignee: wine-bugs at winehq.org
Reporter: focht at gmx.net
Distribution: ---
Hello folks,
as it says. It lacks the imports from msvcrt.
--- snip ---
...
002f:Ret ntdll.NtFlushBuffersFile() retval=00000000 ret=7bca1f9f
002f:Ret ntoskrnl.exe.ZwFlushBuffersFile() retval=00000000 ret=0115f5ac
002f:Call ntoskrnl.exe.ExFreePoolWithTag(008a0bc0,656e6f4e) ret=0115fd31
002f:trace:ntoskrnl:ExFreePoolWithTag 00000000008A0BC0
002f:Call KERNEL32.HeapFree(008a0000,00000000,008a0bc0) ret=7bca1f9f
002f:Ret KERNEL32.HeapFree() retval=00000001 ret=7bca1f9f
002f:Ret ntoskrnl.exe.ExFreePoolWithTag() retval=00000001 ret=0115fd31
002f:Call ntoskrnl.exe.ExFreePoolWithTag(008a0b40,656e6f4e) ret=00e73ad4
002f:trace:ntoskrnl:ExFreePoolWithTag 00000000008A0B40
002f:Call KERNEL32.HeapFree(008a0000,00000000,008a0b40) ret=7bca1f9f
002f:Ret KERNEL32.HeapFree() retval=00000001 ret=7bca1f9f
002f:Ret ntoskrnl.exe.ExFreePoolWithTag() retval=00000001 ret=00e73ad4
002f:Call ntoskrnl.exe.ExFreePoolWithTag(008a0330,656e6f4e) ret=00e73ad4
002f:trace:ntoskrnl:ExFreePoolWithTag 00000000008A0330
002f:Call KERNEL32.HeapFree(008a0000,00000000,008a0330) ret=7bca1f9f
002f:Ret KERNEL32.HeapFree() retval=00000001 ret=7bca1f9f
002f:Ret ntoskrnl.exe.ExFreePoolWithTag() retval=00000001 ret=00e73ad4
002f:trace:seh:raise_exception code=c0000005 flags=0 addr=0x115cbbd ip=115cbbd
tid=002f
002f:trace:seh:raise_exception info[0]=0000000000000000
002f:trace:seh:raise_exception info[1]=fffff7800000026c
002f:trace:seh:raise_exception rax=0000000001000001 rbx=0000000000728b98
rcx=0000000000000000 rdx=0000000000000048
002f:trace:seh:raise_exception rsi=0000000000d4f7bc rdi=0000000000728b98
rbp=00000000007277d8 rsp=0000000000d4f6a0
002f:trace:seh:raise_exception r8=0000000000000000 r9=0000000000d4ec12
r10=0000000000000000 r11=0000000000000000
002f:trace:seh:raise_exception r12=0000000000728a30 r13=00007fffffea4000
r14=0000000000728b98 r15=0000000000000000
002f:trace:seh:call_vectored_handlers calling handler at 0x18000b9c0
code=c0000005 flags=0
002f:Call KERNEL32.GetTickCount64() ret=18000bd34
002f:Ret KERNEL32.GetTickCount64() retval=01d54298 ret=18000bd34
002f:Call msvcrt.memcpy(00d4f108,7ffe026c,00000004) ret=18000bd60
002f:Ret msvcrt.memcpy() retval=00d4f108 ret=18000bd60
002f:trace:int:vectored_handler next instruction rip=115cbc6
002f:trace:int:vectored_handler rax=0000000000000006 rbx=0000000000728b98
rcx=0000000000000000 rdx=0000000000000048
002f:trace:int:vectored_handler rsi=0000000000d4f7bc rdi=0000000000728b98
rbp=00000000007277d8 rsp=0000000000d4f6a0
002f:trace:int:vectored_handler r8=0000000000000000 r9=0000000000d4ec12
r10=0000000000000000 r11=0000000000000000
002f:trace:int:vectored_handler r12=0000000000728a30 r13=00000000ffea4000
r14=0000000000728b98 r15=0000000000000000
002f:trace:seh:call_vectored_handlers handler at 0x18000b9c0 returned ffffffff
002f:trace:seh:raise_exception code=c0000005 flags=0 addr=0x115cbff ip=115cbff
tid=002f
002f:trace:seh:raise_exception info[0]=0000000000000000
002f:trace:seh:raise_exception info[1]=fffff78000000270
002f:trace:seh:raise_exception rax=0000000000000001 rbx=0000000000728b98
rcx=0000000000000006 rdx=fffff78000000270
002f:trace:seh:raise_exception rsi=0000000000d4f7bc rdi=0000000000728b98
rbp=00000000007277d8 rsp=0000000000d4f6a0
002f:trace:seh:raise_exception r8=0000000000000000 r9=0000000000d4ec12
r10=0000000000000000 r11=0000000000000000
002f:trace:seh:raise_exception r12=0000000000728a30 r13=00007fffffea4000
r14=0000000000728b98 r15=0000000000000000
002f:trace:seh:call_vectored_handlers calling handler at 0x18000b9c0
code=c0000005 flags=0
002f:trace:int:emulate_instruction cmp dword ptr ds:[rdx],eax
002f:trace:int:vectored_handler next instruction rip=115cc01
002f:trace:int:vectored_handler rax=0000000000000001 rbx=0000000000728b98
rcx=0000000000000006 rdx=0000000000000270
002f:trace:int:vectored_handler rsi=0000000000d4f7bc rdi=0000000000728b98
rbp=00000000007277d8 rsp=0000000000d4f6a0
002f:trace:int:vectored_handler r8=0000000000000000 r9=0000000000d4ec12
r10=0000000000000000 r11=0000000000000000
002f:trace:int:vectored_handler r12=0000000000728a30 r13=00000000ffea4000
r14=0000000000728b98 r15=0000000000000000
002f:trace:seh:call_vectored_handlers handler at 0x18000b9c0 returned ffffffff
002f:trace:seh:raise_exception code=80000100 flags=1 addr=0x7bc6dd4c
ip=7bc6dd4c tid=002f
002f:trace:seh:raise_exception info[0]=0000000000e92434
002f:trace:seh:raise_exception info[1]=0000000000e922ea
wine: Call from 0x7bc6dd4c to unimplemented function ntoskrnl.exe.wcscpy_s,
aborting
002f:trace:seh:call_vectored_handlers calling handler at 0x18000b9c0
code=80000100 flags=1
--- snip ---
--- snip ---
...
002f:Call ntoskrnl.exe.wcscpy_s(00d4f3f0,00000105,00d4f270 L"\\??\\")
ret=0115c8be
002f:Call msvcrt.wcscpy_s(00d4f3f0,00000105,00d4f270 L"\\??\\") ret=7bca1f9f
002f:Ret msvcrt.wcscpy_s() retval=00000000 ret=7bca1f9f
002f:Ret ntoskrnl.exe.wcscpy_s() retval=00000000 ret=0115c8be
002f:trace:seh:raise_exception code=80000100 flags=1 addr=0x7bc6dd4c
ip=7bc6dd4c tid=002f
002f:trace:seh:raise_exception info[0]=0000000000e92434
002f:trace:seh:raise_exception info[1]=0000000000e922de
wine: Call from 0x7bc6dd4c to unimplemented function ntoskrnl.exe.wcscat_s,
aborting
002f:trace:seh:call_vectored_handlers calling handler at 0x18000b9f0
code=80000100 flags=1
...
--- snip ---
--- snip ---
$ winedump -j import vgk.sys
Contents of vgk.sys: 3196560 bytes
Import Table size: 00000050
offset 0001e090 cng.sys
Hint/Name Table: 00022108
TimeDateStamp: 00000000 (Thu Jan 1 01:00:00 1970)
ForwarderChain: 00000000
First thunk RVA: 0001B028
Thunk Ordn Name
0001b028 8 BCryptDestroyHash
0001b030 1 BCryptCloseAlgorithmProvider
offset 0001e0a4 ntoskrnl.exe
Hint/Name Table: 00022120
TimeDateStamp: 00000000 (Thu Jan 1 01:00:00 1970)
ForwarderChain: 00000000
First thunk RVA: 0001B040
Thunk Ordn Name
0001b040 1081 KeIpiGenericCall
0001b048 2777 __C_specific_handler
0001b050 196 ExFreePoolWithTag
0001b058 2801 _stricmp
0001b060 2897 wcscat_s
0001b068 2901 wcscpy_s
0001b070 2060 RtlInitUnicodeString
0001b078 2571 ZwCreateFile
0001b080 2705 ZwReadFile
0001b088 2775 ZwWriteFile
0001b090 2560 ZwClose
0001b098 2604 ZwFlushBuffersFile
0001b0a0 2697 ZwQuerySystemInformation
0001b0a8 2259 RtlTimeToTimeFields
0001b0b0 986 KeAreAllApcsDisabled
0001b0b8 302 ExSystemTimeToLocalTime
0001b0c0 2885 swprintf_s
0001b0c8 2895 vswprintf_s
0001b0d0 2818 _vsnwprintf
0001b0d8 1049 KeInitializeApc
0001b0e0 1074 KeInsertQueueApc
0001b0e8 157 ExAllocatePoolWithTag
0001b0f0 990 KeBugCheckEx
Done dumping vgk.sys
--- snip ---
Wine source:
https://source.winehq.org/git/wine.git/blob/f31a29b8d1ea478af28f14cdaf3db1515a932853:/dlls/ntoskrnl.exe/ntoskrnl.exe.spec
$ sha1sum setup.exe
08deca4c0b46a3481e706926c0217d1c944d22a3 setup.exe
$ du -sh setup.exe
15M setup.exe
$ wine --version
wine-5.6-258-gf31a29b8d1
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list