[Bug 21061] SUPERAntiSpyware 'saskutil.sys' kernel driver crashes on load (expects valid SDT/SST pointing to valid SSDT)
WineHQ Bugzilla
wine-bugs at winehq.org
Sat May 29 04:42:31 CDT 2021
https://bugs.winehq.org/show_bug.cgi?id=21061
--- Comment #8 from Anastasius Focht <focht at gmx.net> ---
Hello folks,
revisiting, still present.
A recent commit related to service tables:
https://source.winehq.org/git/wine.git/commitdiff/e79fa1866c5d5d71111bf0074becca89d9604c8d
("winebuild: Add support for multiple syscall descriptor tables."). It's for
the ntdll unix side (ntdll.so).
ntoskrnl' 'KeServiceDescriptorTable' is not wired up yet.
https://source.winehq.org/git/wine.git/blob/35180d368a94156cb77b09560b24d3af428b988b:/dlls/ntoskrnl.exe/ntoskrnl.c#l49
--- snip ---
0094:err:plugplay:load_function_driver AddDevice failed for driver L"SASDIFSV",
status 0xc0000002.
wine: Unhandled page fault on read access to E4441094 at address 00E97503
(thread 00a8), starting debugger...
--- snip ---
--- snip ---
00E974F0 | push ebp |
00E974F1 | mov ebp,esp |
00E974F3 | mov eax,dword ptr ds:[<&_NtOpenKey at 12>] |
00E974F8 | mov ecx,dword ptr ds:[eax+1] |
00E974FB | mov edx,dword ptr ds:[<&_KeServiceDescriptorTable>] |
00E97501 | mov eax,dword ptr ds:[edx] |
00E97503 | mov ecx,dword ptr ds:[eax+ecx*4] | *boom*
00E97506 | mov dword ptr ds:[E9F57C],ecx |
00E9750C | mov edx,dword ptr ds:[<&_NtCreateKey at 28>] |
00E97512 | mov eax,dword ptr ds:[edx+1] |
00E97515 | mov ecx,dword ptr ds:[<&_KeServiceDescriptorTable>] |
00E9751B | mov edx,dword ptr ds:[ecx] |
00E9751D | mov eax,dword ptr ds:[edx+eax*4] |
...
--- snip ---
$ wine --version
wine-6.9-169-g35180d368a9
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list