[Bug 47700] WIBUKEY drivers (part of Graphisoft ARCHICAD 22/23 installer) want Windows 8+ 'ntdll.RtlQueryRegistryValuesEx'
WineHQ Bugzilla
wine-bugs at winehq.org
Sun May 3 07:34:52 CDT 2020
https://bugs.winehq.org/show_bug.cgi?id=47700
Anastasius Focht <focht at gmx.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Function |WIBUKEY drivers (part of
|RtlQueryRegistryValuesEx |Graphisoft ARCHICAD 22/23
|not implemented |installer) want Windows 8+
| |'ntdll.RtlQueryRegistryValu
| |esEx'
Status|NEEDINFO |RESOLVED
URL| |https://graphisoft.akamaize
| |d.net/cdn/AC/23/USA/AC/ARCH
| |ICAD-23-USA-3003-1.2.exe
Resolution|--- |DUPLICATE
Keywords| |download
CC| |focht at gmx.net
--- Comment #2 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
looks like the app is ARCHICAD, a 3D architectural design software from
Graphisoft.
https://www.graphisoft.de/archicad/
The current release is ARCHICAD 23 and it's available for public download.
https://www.graphisoft.de/support/downloads/
https://graphisoft.akamaized.net/cdn/AC/23/USA/AC/ARCHICAD-23-USA-3003-1.2.exe
Bundled with the ARCHICAD installation are 'CodeMeter and 'WibuKey' from
Wibu-Systems (https://www.wibu.com/)
https://www.wibu.com/support/user/user-software.html
The drivers are part of 'WibuKey Runtime for Windows' which is a much smaller
download.
https://www.wibu.com/support/user/user-software/file/download/5790.html
--- snip ---
$ WINEDEBUG=+seh,+relay,+ntoskrnl,+winedevice,+module wineboot >> log.txt 2>&1
...
0084:trace:ntoskrnl:load_driver loading driver
L"SYSTEM32\\DRIVERS\\WibuKey64.sys"
0084:Call KERNEL32.LoadLibraryW(000fdae0 L"SYSTEM32\\DRIVERS\\WibuKey64.sys")
ret=00236878
...
0084:Ret KERNEL32.LoadLibraryW() retval=10000000 ret=00236878
...
0084:Call driver init 0000000010004EE0
(obj=00000000007FD640,str=L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\WIBUKEY")
...
0084:trace:ntoskrnl:IoCreateDevice (00000000007FD640, 48, L"\\Device\\WibuKey",
33280, 0, 0, 0000000000CEF8A0)
...
0084:trace:ntoskrnl:IoCreateSymbolicLink L"\\DosDevices\\WibuKey" ->
L"\\Device\\WibuKey"
...
0084:Call ntoskrnl.exe.MmGetSystemRoutineAddress(00cef510) ret=10005f6a
...
0084:fixme:ntoskrnl:MmGetSystemRoutineAddress L"RtlQueryRegistryValuesEx" not
found
0084:Ret ntoskrnl.exe.MmGetSystemRoutineAddress() retval=00000000 ret=10005f6a
...
0084:Ret driver init 0000000010004EE0
(obj=00000000007FD640,str=L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\WIBUKEY")
retval=00000000
...
0084:Call
ntoskrnl.exe.RtlQueryRegistryValues(00000000,100122e0,009606e0,00000000,00000000)
ret=10005f87
0084:Call
ntdll.RtlQueryRegistryValues(00000000,100122e0,009606e0,00000000,00000000)
ret=7bca1daf
0084:Ret ntdll.RtlQueryRegistryValues() retval=c0000034 ret=7bca1daf
...
--- snip ---
It uses 'ntoskrnl.exe.RtlQueryRegistryValues' fallback in case the -Ex variant
is not found. Anyway could be still useful to test an implementation later.
--- snip ---
$ winedump -j import .wine/drive_c/windows/system32/drivers/WibuKey64.sys
Contents of .wine/drive_c/windows/system32/drivers/WibuKey64.sys: 118200 bytes
Import Table size: 0000003c
offset 00015800 ntoskrnl.exe
Hint/Name Table: 0001A058
TimeDateStamp: 00000000 (Thu Jan 1 01:00:00 1970)
ForwarderChain: 00000000
First thunk RVA: 00012018
Thunk Ordn Name
00012018 1719 RtlAppendUnicodeToString
00012020 1885 RtlGetVersion
00012028 993 KeInitializeEvent
00012030 617 IoCreateDevice
00012038 628 IoCreateSymbolicLink
00012040 641 IoDeleteDevice
00012048 643 IoDeleteSymbolicLink
00012050 2332 ZwClose
00012058 2402 ZwOpenKey
00012060 1117 KeSetEvent
00012068 1157 KeWaitForSingleObject
00012070 180 ExFreePoolWithTag
00012078 884 IofCompleteRequest
00012080 1893 RtlInitAnsiString
00012088 2009 RtlQueryRegistryValues
00012090 1230 MmGetSystemRoutineAddress
00012098 2077 RtlUnicodeStringToAnsiString
000120a0 2066 RtlTimeToTimeFields
000120a8 2598 mbstowcs
000120b0 1718 RtlAppendUnicodeStringToString
000120b8 1029 KeLowerIrql
000120c0 1159 KfRaiseIrql
000120c8 591 IoBuildDeviceIoControlRequest
000120d0 883 IofCallDriver
000120d8 682 IoGetDeviceObjectPointer
000120e0 1448 ObfDereferenceObject
000120e8 593 IoBuildSynchronousFsdRequest
000120f0 596 IoCancelIrp
000120f8 1124 KeSetPriorityThread
00012100 1247 MmMapIoSpace
00012108 1285 MmUnmapIoSpace
00012110 1234 MmIsAddressValid
00012118 2618 strchr
00012120 674 IoGetConfigurationInformation
00012128 740 IoQueryDeviceDescription
00012130 1747 RtlCompareMemory
00012138 146 ExAllocatePoolWithTag
00012140 179 ExFreePool
00012148 1900 RtlInitUnicodeString
00012150 1920 RtlIntegerToUnicodeString
00012158 2610 sprintf
offset 00015814 HAL.dll
Hint/Name Table: 0001A040
TimeDateStamp: 00000000 (Thu Jan 1 01:00:00 1970)
ForwarderChain: 00000000
First thunk RVA: 00012000
Thunk Ordn Name
00012000 72 HalTranslateBusAddress
00012008 84 KeStallExecutionProcessor
Done dumping .wine/drive_c/windows/system32/drivers/WibuKey64.sys
--- snip ---
Tidbit:
--- snip ---
$ winedump -j import .wine/drive_c/windows/system32/drivers/Wibukey2_64.sys
Contents of .wine/drive_c/windows/system32/drivers/Wibukey2_64.sys: 42936 bytes
Import Table size: 00000050
offset 00003000 ntoskrnl.exe
Hint/Name Table: 00007078
TimeDateStamp: 00000000 (Thu Jan 1 01:00:00 1970)
ForwarderChain: 00000000
First thunk RVA: 00003028
Thunk Ordn Name
00003028 162 IofCallDriver
00003030 281 PoRequestPowerIrp
00003038 283 PoSetPowerState
00003040 259 PoCallDriver
00003048 285 PoStartNextPowerIrp
00003050 327 RtlInitUnicodeString
00003058 167 KeAcquireSpinLockRaiseToDpc
00003060 199 KeReleaseSpinLock
00003068 21 ExAllocatePoolWithTag
00003070 216 KeWaitForSingleObject
00003078 74 IoAttachDeviceToDeviceStack
00003080 76 IoBuildDeviceIoControlRequest
00003088 79 IoCancelIrp
00003090 82 IoCreateDevice
00003098 85 IoCreateSymbolicLink
000030a0 92 IoDeleteDevice
000030a8 93 IoDeleteSymbolicLink
000030b0 94 IoDetachDevice
000030b8 208 KeSetEvent
000030c0 178 KeInitializeEvent
000030c8 107 IoGetDeviceProperty
000030d0 29 ExFreePool
000030d8 163 IofCompleteRequest
000030e0 1885 RtlGetVersion
offset 00003014 HAL.DLL
Hint/Name Table: 00007050
TimeDateStamp: 00000000 (Thu Jan 1 01:00:00 1970)
ForwarderChain: 00000000
First thunk RVA: 00003000
Thunk Ordn Name
00003000 2 KeStallExecutionProcessor
offset 00003028 USBD.SYS
Hint/Name Table: 00007060
TimeDateStamp: 00000000 (Thu Jan 1 01:00:00 1970)
ForwarderChain: 00000000
First thunk RVA: 00003010
Thunk Ordn Name
00003010 13 USBD_ParseConfigurationDescriptorEx
00003018 6 USBD_CreateConfigurationRequestEx
--- snip ---
https://source.winehq.org/git/wine.git/tree/d1f858e03da732c621504f90e349d5170ca3336e:/dlls/usbd.sys
But that would require layered driver support.
Anyway, the missing API is already tracked by my own bug 46969 ("Multiple
64-bit WDM kernel drivers want Windows 8+ 'ntdll.RtlQueryRegistryValuesEx'
(WIBUKEY)").
Unfortunately I've noticed it a bit too late, while already making
documentation for this bug.
$ sha1sum ARCHICAD-23-USA-3003-1.2.exe
8ccbaaf3179714c37ac17b2d485a6e1b42fb3532 ARCHICAD-23-USA-3003-1.2.exe
$ du -sh ARCHICAD-23-USA-3003-1.2.exe
2.0G ARCHICAD-23-USA-3003-1.2.exe
$ sha1sum WkRuntime.exe
8014f601f2ca1042a3604e466d05becfcc135777 WkRuntime.exe
$ du -sh WkRuntime.exe
30M WkRuntime.exe
$ wine --version
wine-5.7-177-gad1fad8a94
Regards
*** This bug has been marked as a duplicate of bug 46969 ***
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list