[Bug 49088] New: Acronis Storage Filter Management Driver 'fltsrv.sys' crashes on unimplemented function 'ntoskrnl.exe.IoIs32bitProcess'
WineHQ Bugzilla
wine-bugs at winehq.org
Sun May 3 08:28:04 CDT 2020
https://bugs.winehq.org/show_bug.cgi?id=49088
Bug ID: 49088
Summary: Acronis Storage Filter Management Driver 'fltsrv.sys'
crashes on unimplemented function
'ntoskrnl.exe.IoIs32bitProcess'
Product: Wine
Version: 5.7
Hardware: x86-64
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ntoskrnl
Assignee: wine-bugs at winehq.org
Reporter: focht at gmx.net
Distribution: ---
Hello folks,
continuation of bug 47623
Download:
https://web.archive.org/web/20150518142343/http://dl2.acronis.com/u/ADD12_trial_en-US.exe
--- snip ---
$ WINEDEBUG=+seh,+relay,+ntoskrnl,+winedevice,+module,+msi wine
./ADD12_trial_en-US.exe >>log.txt 2>&1
...
0244:trace:ntoskrnl:load_driver loading driver
L"C:\\windows\\system32\\drivers\\fltsrv.sys"
0244:Call KERNEL32.LoadLibraryW(000fc490
L"C:\\windows\\system32\\drivers\\fltsrv.sys") ret=00236878
...
0244:trace:module:map_image mapped PE file at 0xe10000-0xe35000
0244:trace:module:map_image mapping section .text at 0xe11000 off 400 size
19200 virt 1914b flags 68000020
0244:trace:module:map_image clearing 0xe2a200 - 0xe2b000
0244:trace:module:map_image mapping section .rdata at 0xe2b000 off 19600 size
3800 virt 37ec flags 48000040
0244:trace:module:map_image clearing 0xe2e800 - 0xe2f000
0244:trace:module:map_image mapping section .data at 0xe2f000 off 1ce00 size
200 virt 28c flags c8000040
0244:trace:module:map_image clearing 0xe2f200 - 0xe30000
0244:trace:module:map_image mapping section .pdata at 0xe30000 off 1d000 size
1c00 virt 1a7c flags 48000040
0244:trace:module:map_image clearing 0xe31c00 - 0xe32000
0244:trace:module:map_image mapping section INIT at 0xe32000 off 1ec00 size e00
virt d06 flags e2000020
0244:trace:module:map_image clearing 0xe32e00 - 0xe33000
0244:trace:module:map_image mapping section .rsrc at 0xe33000 off 1fa00 size
600 virt 510 flags 42000040
0244:trace:module:map_image clearing 0xe33600 - 0xe34000
0244:trace:module:map_image mapping section .reloc at 0xe34000 off 20000 size
a00 virt 834 flags 42000040
0244:trace:module:map_image clearing 0xe34a00 - 0xe35000
0244:trace:module:get_load_order looking for
L"C:\\windows\\system32\\drivers\\fltsrv.sys"
...
0244:warn:module:import_dll No implementation for ntoskrnl.exe.IoIs32bitProcess
imported from L"C:\\windows\\system32\\drivers\\fltsrv.sys", setting to
0xe40000
0244:trace:module:load_dll Loaded module
L"\\??\\C:\\windows\\system32\\drivers\\fltsrv.sys" at 0xe10000
...
0244:Ret KERNEL32.LoadLibraryW() retval=00e10000 ret=00236878
...
0244:Call driver init 0000000000E32000
(obj=00000000007FE0F0,str=L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\fltsrv")
...
0244:Ret driver init 0000000000E32000
(obj=00000000007FE0F0,str=L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\fltsrv")
retval=00000000
...
0244:trace:ntoskrnl:init_driver init done for L"fltsrv" obj 00000000007FE0F0
0244:trace:ntoskrnl:init_driver - DriverInit = 0000000000E32000
0244:trace:ntoskrnl:init_driver - DriverStartIo = 0000000000000000
0244:trace:ntoskrnl:init_driver - DriverUnload = 0000000000E1C39C
0244:trace:ntoskrnl:init_driver - MajorFunction[0] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[1] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[2] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[3] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[4] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[5] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[6] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[7] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[8] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[9] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[10] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[11] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[12] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[13] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[14] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[15] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[16] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[17] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[18] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[19] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[20] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[21] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[22] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[23] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[24] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[25] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[26] = 0000000000E1BCF4
0244:trace:ntoskrnl:init_driver - MajorFunction[27] = 0000000000E1BCF4
...
0224:Call KERNEL32.CreateFileA(01c96a00
"\\\\.\\Global\\StorageFilterControl",c0000000,00000003,00000000,00000003,00000000,00000000)
ret=020426f3
...
0224:Ret KERNEL32.CreateFileA() retval=000000ac ret=020426f3
...
0248:Ret KERNEL32.WaitForMultipleObjectsEx() retval=00000001 ret=0022e9de
0224:Call KERNEL32.WaitForSingleObject(000000a8,ffffffff) ret=02041c42
0224:Call
ntdll.NtWaitForMultipleObjects(00000001,0220f1e0,00000001,00000000,00000000)
ret=7b04b037
0224:Ret ntdll.NtWaitForMultipleObjects() retval=00000000 ret=7b04b037
0224:Ret KERNEL32.WaitForSingleObject() retval=00000000 ret=02041c42
0224:Call
KERNEL32.DeviceIoControl(000000ac,8021240b,0220f560,00000018,00000000,00000000,0220f598,00000000)
ret=02042610
0248:trace:ntoskrnl:dispatch_create device 00000000007FE2B0 -> file
00000000007FE660
0248:trace:ntoskrnl:IoGetAttachedDevice (00000000007FE2B0)
0248:trace:ntoskrnl:IoAllocateIrp 1, 0
....
0248:trace:ntoskrnl:IoInitializeIrp 00000000009AD2B0, 280, 1
...
0248:Call ntoskrnl.exe.IoGetCurrentProcess() ret=00e1cb6c
0248:Ret ntoskrnl.exe.IoGetCurrentProcess() retval=000fc6c0 ret=00e1cb6c
0248:trace:seh:raise_exception code=c0000096 flags=0 addr=0xe1cb7f ip=e1cb7f
tid=0248
0248:trace:seh:raise_exception rax=00000000000fc6c0 rbx=00000000009aca40
rcx=00007f76a7cf2ab7 rdx=000000000000004a
0248:trace:seh:raise_exception rsi=00000000009ad2b0 rdi=0000000000950390
rbp=0000000000000000 rsp=0000000000dff830
0248:trace:seh:raise_exception r8=0000000000000000 r9=0000000000dff032
r10=0000000000000000 r11=0000000000000000
0248:trace:seh:raise_exception r12=00000000009ad2b0 r13=0000000000dffb50
r14=00000000c0000017 r15=0000000000dffb58
0248:trace:seh:call_vectored_handlers calling handler at 0x22cde0 code=c0000096
flags=0
0248:trace:seh:call_vectored_handlers handler at 0x22cde0 returned ffffffff
0248:Call ntoskrnl.exe.IoGetRequestorProcess(009ad2b0) ret=00e1cbf9
0248:trace:ntoskrnl:IoGetRequestorProcess irp 00000000009AD2B0.
0248:Ret ntoskrnl.exe.IoGetRequestorProcess() retval=000fc6c0 ret=00e1cbf9
0248:trace:seh:raise_exception code=80000100 flags=1 addr=0x7bc6dfdc
ip=7bc6dfdc tid=0248
0248:trace:seh:raise_exception info[0]=0000000000e324b6
0248:trace:seh:raise_exception info[1]=0000000000e3298e
wine: Call from 0x7bc6dfdc to unimplemented function
ntoskrnl.exe.IoIs32bitProcess, aborting
--- snip ---
--- snip ---
$ winedump -j import .wine/drive_c/windows/system32/drivers/fltsrv.sys
Contents of .wine/drive_c/windows/system32/drivers/fltsrv.sys: 160600 bytes
Import Table size: 00000028
offset 0001ec90 ntoskrnl.exe
Hint/Name Table: 000220B8
TimeDateStamp: 00000000 (Thu Jan 1 01:00:00 1970)
ForwarderChain: 00000000
First thunk RVA: 0001B008
Thunk Ordn Name
0001b008 510 IoGetAttachedDeviceReference
0001b010 1162 ObfReferenceObject
0001b018 1160 ObfDereferenceObject
0001b020 532 IoGetLowerDeviceObject
0001b028 1994 _purecall
0001b030 674 IofCallDriver
0001b038 675 IofCompleteRequest
0001b040 521 IoGetDeviceObjectPointer
0001b048 1175 PoCallDriver
0001b050 712 KeBugCheckEx
0001b058 1484 RtlIntegerToUnicodeString
0001b060 1466 RtlInitUnicodeString
0001b068 1346 RtlCompareUnicodeString
0001b070 1361 RtlCopyUnicodeString
0001b078 1326 RtlAppendUnicodeStringToString
0001b080 583 IoRegisterPlugPlayNotification
0001b088 643 IoUnregisterPlugPlayNotification
0001b090 545 IoInitializeRemoveLockEx
0001b098 421 IoAcquireRemoveLockEx
0001b0a0 588 IoReleaseRemoveLockEx
0001b0a8 587 IoReleaseRemoveLockAndWaitEx
0001b0b0 903 KeWaitForSingleObject
0001b0b8 695 KeAcquireSpinLockAtDpcLevel
0001b0c0 697 KeAcquireSpinLockRaiseToDpc
0001b0c8 840 KeReleaseSpinLock
0001b0d0 842 KeReleaseSpinLockFromDpcLevel
0001b0d8 115 ExAllocatePoolWithTag
0001b0e0 139 ExFreePoolWithTag
0001b0e8 763 KeInitializeMutex
0001b0f0 837 KeReleaseMutex
0001b0f8 2087 vDbgPrintExWithPrefix
0001b100 67 DbgQueryDebugFilterState
0001b108 68 DbgSetDebugFilterState
0001b110 1454 RtlGetVersion
0001b118 677 KdDebuggerEnabled
0001b120 988 MmProbeAndLockPages
0001b128 1004 MmUnlockPages
0001b130 976 MmMapLockedPagesSpecifyCache
0001b138 430 IoAllocateMdl
0001b140 504 IoFreeMdl
0001b148 1981 __C_specific_handler
0001b150 1465 RtlInitString
0001b158 1461 RtlInitAnsiString
0001b160 1323 RtlAnsiStringToUnicodeString
0001b168 1611 RtlUnicodeStringToAnsiString
0001b170 1648 RtlxUnicodeStringToAnsiSize
0001b178 1646 RtlxAnsiStringToUnicodeSize
0001b180 1345 RtlCompareString
0001b188 1017 NlsMbOemCodePageTag
0001b190 495 IoEnumerateDeviceObjectList
0001b198 575 IoRegisterBootDriverReinitialization
0001b1a0 1150 ObReferenceObjectByName
0001b1a8 492 IoDriverObjectType
0001b1b0 472 IoCreateSymbolicLink
0001b1b8 485 IoDeleteSymbolicLink
0001b1c0 1810 ZwClose
0001b1c8 1880 ZwOpenSymbolicLinkObject
0001b1d0 1921 ZwQuerySymbolicLinkObject
0001b1d8 516 IoGetCurrentProcess
0001b1e0 550 IoIs32bitProcess
0001b1e8 1201 PoStartNextPowerIrp
0001b1f0 536 IoGetRequestorProcess
0001b1f8 443 IoBuildSynchronousFsdRequest
0001b200 462 IoCreateDevice
0001b208 483 IoDeleteDevice
0001b210 540 IoGetStackLimits
0001b218 1146 ObQueryNameString
0001b220 1226 PsGetCurrentThreadId
0001b228 1266 PsInitialSystemProcess
0001b230 438 IoAttachDeviceToDeviceStack
0001b238 522 IoGetDeviceProperty
0001b240 875 KeSetPriorityThread
0001b248 1213 PsCreateSystemThread
0001b250 1148 ObReferenceObjectByHandle
0001b258 1243 PsGetProcessId
0001b260 887 KeStackAttachProcess
0001b268 897 KeUnstackDetachProcess
0001b270 1865 ZwOpenDirectoryObject
0001b278 1900 ZwQueryDirectoryObject
0001b280 429 IoAllocateIrp
0001b288 440 IoBuildAsynchronousFsdRequest
0001b290 486 IoDetachDevice
0001b298 503 IoFreeIrp
0001b2a0 1868 ZwOpenFile
0001b2a8 1835 ZwDeviceIoControlFile
0001b2b0 1849 ZwFsControlFile
0001b2b8 1870 ZwOpenKey
0001b2c0 1923 ZwQueryValueKey
0001b2c8 941 MmBuildMdlForNonPagedPool
0001b2d0 441 IoBuildDeviceIoControlRequest
0001b2d8 433 IoAllocateWorkItem
0001b2e0 507 IoFreeWorkItem
0001b2e8 566 IoQueueWorkItem
0001b2f0 759 KeInitializeEvent
0001b2f8 869 KeSetEvent
0001b300 765 KeInitializeSemaphore
0001b308 839 KeReleaseSemaphore
0001b310 959 MmGetSystemRoutineAddress
0001b318 1205 ProbeForRead
0001b320 1206 ProbeForWrite
Done dumping .wine/drive_c/windows/system32/drivers/fltsrv.sys
--- snip ---
$ sha1sum ADD12_trial_en-US.exe
a5cd4fb2b457b86bc9a76b0fafd96ceec5608e6e ADD12_trial_en-US.exe
$ du -sh ADD12_trial_en-US.exe
293M ADD12_trial_en-US.exe
$ wine --version
wine-5.7-177-gad1fad8a94
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list