[Bug 49230] New: Multiple kernel drivers crash on unimplemented function ntoskrnl.exe.KeSetTimer (Denuvo Anti-Cheat 'denuvo-anti-cheat.sys')

WineHQ Bugzilla wine-bugs at winehq.org
Sun May 24 04:38:26 CDT 2020 

https://bugs.winehq.org/show_bug.cgi?id=49230

            Bug ID: 49230
           Summary: Multiple kernel drivers crash on unimplemented
                    function ntoskrnl.exe.KeSetTimer (Denuvo Anti-Cheat
                    'denuvo-anti-cheat.sys')
           Product: Wine
           Version: 5.9
          Hardware: x86-64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ntoskrnl
          Assignee: wine-bugs at winehq.org
          Reporter: focht at gmx.net
      Distribution: ---

Hello folks,

continuation of bug 49224 (split out from bug 49194).

--- snip ---
$ WINEDEBUG=+seh,+relay,+int,+ntoskrnl,+ntdll,+reg wine net start "Denuvo
Anti-Cheat" >>log.txt 2>&1
...
00d0:Call driver init 0000000000C81184
(obj=000000000078DFE0,str=L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\Denuvo
Anti-Cheat") 
...
00d0:Call
ntoskrnl.exe.PsCreateSystemThread(00b5f458,00000000,00000000,00000000,00000000,00c84340,00e41e78)
ret=00c845d6
00d0:Call
ntdll.RtlCreateUserThread(ffffffffffffffff,00000000,00000000,00000000,00000000,00000000,00c84340,00e41e78,00b5f458,00000000)
ret=00233a0b
00d0:Ret  ntdll.RtlCreateUserThread() retval=00000000 ret=00233a0b
00d0:Ret  ntoskrnl.exe.PsCreateSystemThread() retval=00000000 ret=00c845d6
00d0:Call
ntoskrnl.exe.ObReferenceObjectByHandle(00000050,001fffff,00000000,00000000,00e41e88,00000000)
ret=00c8460a
00d0:trace:ntoskrnl:ObReferenceObjectByHandle 0000000000000050 1fffff
0000000000000000 0 0000000000E41E88 0000000000000000
00d0:Call ntdll.NtQueryObject(00000050,00000002,00b5f120,00000100,00b5f220)
ret=0022e6cb
00d0:trace:ntdll:NtQueryObject (0x50,0x00000002,0xb5f120,0x00000100,0xb5f220)
00d0:Ret  ntdll.NtQueryObject() retval=00000000 ret=0022e6cb 
...
00d8:Starting thread proc 0xc84340 (arg=0xe41e78) 
...
00d8:Call ntoskrnl.exe.KeInitializeTimer(04b600c4) ret=00caeab7
00d8:trace:ntoskrnl:KeInitializeTimerEx timer 0000000004B600C4, type 0.
00d8:Ret  ntoskrnl.exe.KeInitializeTimer() retval=00000020 ret=00caeab7
00d8:Call ntoskrnl.exe.KeInitializeDpc(04b60104,00caecf0,04b6009c) ret=00caeacb
00d8:fixme:ntoskrnl:KeInitializeDpc stub
00d8:Ret  ntoskrnl.exe.KeInitializeDpc() retval=00000005 ret=00caeacb
00d8:Call KERNEL32.RaiseException(80000100,00000001,00000002,067efbc0)
ret=0023ea28
00d8:Call ntdll.memcpy(067efaa8,067efbc0,00000010) ret=7b0104f6
00d8:Ret  ntdll.memcpy() retval=067efaa8 ret=7b0104f6
00d8:trace:seh:raise_exception code=80000100 flags=1 addr=0x7b010505
ip=7b010505 tid=00d8
00d8:trace:seh:raise_exception  info[0]=000000000025c000
00d8:trace:seh:raise_exception  info[1]=000000000025e7ac
00d8:trace:seh:call_vectored_handlers calling handler at 0x22d030 code=80000100
flags=1
00d8:trace:seh:call_vectored_handlers handler at 0x22d030 returned 0
00d8:trace:seh:RtlVirtualUnwind type 1 rip 7b010505 rsp 67efa60 
...
wine: Call from 0x7b010505 to unimplemented function ntoskrnl.exe.KeSetTimer,
aborting 
--- snip ---

Wine source:

https://source.winehq.org/git/wine.git/blob/056c9df854817670dc4fb9c095cba29c99089ac8:/dlls/ntoskrnl.exe/ntoskrnl.exe.spec#l637

--- snip ---
 637 @ stub KeSetTimer
 638 @ stdcall KeSetTimerEx(ptr int64 long ptr)
--- snip ---

Should be implemented on top of KeSetTimerEx().

$ wine --version
wine-5.9-13-g3df701e6b9

Regards

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list