wine-bugs December 2019

wine-bugs@winehq.org

1 participants
7465 discussions

[Bug 29742] New: Microsoft .NET Framework 4.5 Developer Preview installer crashes due to missing "wevtapi.dll"
by wine-bugs＠winehq.org 18 Mar '21

18 Mar '21

http://bugs.winehq.org/show_bug.cgi?id=29742 Bug #: 29742 Summary: Microsoft .NET Framework 4.5 Developer Preview installer crashes due to missing "wevtapi.dll" Product: Wine Version: 1.4-rc1 Platform: x86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: -unknown AssignedTo: wine-bugs(a)winehq.org ReportedBy: focht(a)gmx.net Classification: Unclassified Hello, Microsoft .NET Framework 4.5 Developer Preview crashes due to missing "wevtapi.dll" You need to set WinVer to "Windows 7" before running installer. --- snip --- 002c:Call KERNEL32.LoadLibraryW(0084d4b8 L"C:\\windows\\System32\\wevtapi.dll") ret=1004816b 002c:Ret KERNEL32.LoadLibraryW() retval=00000000 ret=1004816b ... 002c:Call KERNEL32.RaiseException(e06d7363,00000001,00000003,00cec264) ret=1008c0cb 002c:trace:seh:raise_exception code=e06d7363 flags=1 addr=0x7b839297 ip=7b839297 tid=002c 002c:trace:seh:raise_exception info[0]=19930520 002c:trace:seh:raise_exception info[1]=00cec290 002c:trace:seh:raise_exception info[2]=100a7f84 002c:trace:seh:raise_exception eax=7b8262d1 ebx=7b8a96a8 ecx=19930520 edx=00cec174 esi=00cec250 edi=00cec1d0 002c:trace:seh:raise_exception ebp=00cec1b8 esp=00cec154 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00000287 002c:trace:seh:call_stack_handlers calling handler at 0x1009f789 code=e06d7363 flags=1 --- snip --- This dll implements another Windows Event Log API (starting with Windows Vista). MSDN: http://msdn.microsoft.com/en-us/library/windows/desktop/aa385785%28v=vs.85%… Download: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=27541 Regards -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

2 13

[Bug 43307] New: Wargaming Game Center periodically crashes with msvcp140.dll._Current_get
by wine-bugs＠winehq.org 18 Mar '21

18 Mar '21

https://bugs.winehq.org/show_bug.cgi?id=43307 Bug ID: 43307 Summary: Wargaming Game Center periodically crashes with msvcp140.dll._Current_get Product: Wine Version: 2.12 Hardware: x86-64 URL: http://redirect.wargaming.net/WGC/Wargaming_Game_Cente r_Install_EU.exe OS: Linux Status: NEW Keywords: download Severity: minor Priority: P2 Component: msvcp Assignee: wine-bugs(a)winehq.org Reporter: andrey.goosev(a)gmail.com Distribution: --- Application crashes with wgc_watchdog.exe but continue running. After a few seconds crash repeats again. wine: Call from 0x7b43b95c to unimplemented function msvcp140.dll._Current_get wine-2.12-49-g35f82ba -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

2 3

[Bug 46179] New: Multiple Windows 10 ARM64 apps need ' kernel32.dll.GetCurrentThreadStackLimits' to get stack start address
by wine-bugs＠winehq.org 18 Mar '21

18 Mar '21

https://bugs.winehq.org/show_bug.cgi?id=46179 Bug ID: 46179 Summary: Multiple Windows 10 ARM64 apps need 'kernel32.dll.GetCurrentThreadStackLimits' to get stack start address Product: Wine Version: 3.20 Hardware: aarch64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: kernel32 Assignee: wine-bugs(a)winehq.org Reporter: focht(a)gmx.net Distribution: --- Hello folks, another valuable resource of improving/fixing Wine on ARM64 is the Chrome browser port to Windows 10 ARM64 platform that is currently underway and going to continue for some months. I'm following various Chromium and LLVM/Clang pull requests related to Win10 ARM64 porting activities. Related PR to this ticket: https://chromium-review.googlesource.com/c/chromium/src/+/1344870 https://chromium-review.googlesource.com/c/chromium/src/+/1344870/3/third_p… --- snip --- // On Windows stack limits for the current thread are available in // the thread information block (TIB). Its fields can be accessed through // FS segment register on x86 and GS segment register on x86_64. // On Windows ARM64, stack limits could be retrieved by calling // GetCurrentThreadStackLimits. This API doesn't work on x86 and x86_64 here // because it requires Windows 8+. #if defined(ARCH_CPU_X86_64) return reinterpret_cast<void*>(__readgsqword(offsetof(NT_TIB64, StackBase))); #elif defined(ARCH_CPU_X86) return reinterpret_cast<void*>(__readfsdword(offsetof(NT_TIB, StackBase))); #elif defined(ARCH_CPU_ARM64) ULONG_PTR lowLimit, highLimit; ::GetCurrentThreadStackLimits(&lowLimit, &highLimit); return reinterpret_cast<void*>(highLimit); #endif --- snip --- Microsoft docs: https://docs.microsoft.com/en-us/windows/desktop/api/processthreadsapi/nf-p… Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

2 4

[Bug 37275] New: Chess Position Trainer 5 (.NET 4.0 app) wants gdiplus.GdipCreateAdjustableArrowCap
by wine-bugs＠winehq.org 18 Mar '21

18 Mar '21

https://bugs.winehq.org/show_bug.cgi?id=37275 Bug ID: 37275 Summary: Chess Position Trainer 5 (.NET 4.0 app) wants gdiplus.GdipCreateAdjustableArrowCap Product: Wine Version: 1.7.26 Hardware: x86 OS: Linux Status: NEW Severity: minor Priority: P2 Component: gdiplus Assignee: wine-bugs(a)winehq.org Reporter: focht(a)gmx.net Hello folks, as the summary says. Prerequisite: 'winetricks -q dotnet40' Doesn't crash but dismissing message boxes is annoying. 'winetricks -q gdiplus' obviously works around. --- snip --- $ pwd /home/focht/.wine/drive_c/Program Files/Chess Position Trainer $ WINEDEBUG=+tid,+seh,+relay wine ./Chess\ Position\ Trainer\ 5.exe >>log.txt 2>&1 ... 002a:Call gdiplus.GdipCreateAdjustableArrowCap(40400000,40400000,00000001,0033d498) ret=1de38f31 002a:fixme:gdiplus:GdipCreateAdjustableArrowCap not implemented 002a:Ret gdiplus.GdipCreateAdjustableArrowCap() retval=00000006 ret=1de38f31 ... 002a:trace:seh:raise_exception code=e0434352 flags=1 addr=0x7b83ae8f ip=7b83ae8f tid=002a 002a:trace:seh:raise_exception info[0]=80004001 002a:trace:seh:raise_exception info[1]=00000000 002a:trace:seh:raise_exception info[2]=00000000 002a:trace:seh:raise_exception info[3]=00000000 002a:trace:seh:raise_exception info[4]=79140000 002a:trace:seh:raise_exception eax=7b826d6d ebx=7b8be000 ecx=80004001 edx=0033d2b4 esi=0033d358 edi=0033d320 002a:trace:seh:raise_exception ebp=0033d2f8 esp=0033d294 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00000283 002a:trace:seh:call_vectored_handlers calling handler at 0x791f5a7c code=e0434352 flags=1 ... 002a:Call user32.CreateWindowExW(00010001,049639c8 L"WindowsForms10.Window.8.app.0.2bf8098_r8_ad1",057e2af4 L"Error while trying to highlight moves",02c80000,80000000,80000000,000000fe,00000068,000200be,00000000,00400000,00000000) ret=0a36c292 ... --- snip --- MSDN: http://msdn.microsoft.com/en-us/library/windows/desktop/ms533967%28v=vs.85%… Source: http://source.winehq.org/git/wine.git/blob/da7fe7ab5513a2db839aba413ebca076… --- snip --- 248 GpStatus WINGDIPAPI GdipCreateAdjustableArrowCap(REAL height, REAL width, BOOL fill, 249 GpAdjustableArrowCap **cap) 250 { 251 static int calls; 252 253 TRACE("(%0.2f,%0.2f,%i,%p)\n", height, width, fill, cap); 254 255 if(!(calls++)) 256 FIXME("not implemented\n"); 257 258 return NotImplemented; 259 } --- snip --- $ sha1sum Chess_Position_Trainer_5-Setup.exe 6ae6364e399590ce634d667ec8696dcdb78c515a Chess_Position_Trainer_5-Setup.exe $ du -sh Chess_Position_Trainer_5-Setup.exe 57M Chess_Position_Trainer_5-Setup.exe $ wine --version wine-1.7.26-60-g0fa8ae7 Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

2 22

[Bug 44971] New: HackShield for Banking Driver 'HSBDrvNt.sys' ( part of Ahnlab Safe Transaction) crashes on unimplemented function ntoskrnl.exe.ExInterlockedPopEntrySList
by wine-bugs＠winehq.org 18 Mar '21

18 Mar '21

https://bugs.winehq.org/show_bug.cgi?id=44971 Bug ID: 44971 Summary: HackShield for Banking Driver 'HSBDrvNt.sys' (part of Ahnlab Safe Transaction) crashes on unimplemented function ntoskrnl.exe.ExInterlockedPopEntrySList Product: Wine Version: 3.6 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: ntoskrnl Assignee: wine-bugs(a)winehq.org Reporter: focht(a)gmx.net Distribution: --- Hello folks, as it says. --- snip --- ... 0084:trace:ntoskrnl:IoCreateDriver (L"\\Driver\\HSBDrvNt", 0x7effb0ae) ... 0084:trace:winedevice:load_driver loading driver L"system32\\drivers\\HSBDrvNt.sys" 0084:Call KERNEL32.LoadLibraryW(0011cce0 L"system32\\drivers\\HSBDrvNt.sys") ret=7effa9de ... 0084:trace:loaddll:load_native_dll Loaded L"C:\\windows\\system32\\drivers\\HSBDrvNt.sys" at 0x780000: native ... 0084:Ret KERNEL32.LoadLibraryW() retval=00780000 ret=7effa9de ... 0084:trace:winedevice:load_driver_module L"system32\\drivers\\HSBDrvNt.sys": relocating from 0x10000 to 0x780000 ... 0084:Call driver init 0x7805fa (obj=0x11cb18,str=L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\HSBDrvNt") ... 0084:trace:ntoskrnl:IoCreateSymbolicLink L"\\DosDevices\\HSBDrvNt" -> L"\\Device\\HSBDrvNt" ... 0084:Call ntoskrnl.exe.KeInitializeEvent(0079df64,00000001,00000000) ret=0078555d 0084:fixme:ntoskrnl:KeInitializeEvent stub: 0x79df64 1 0 0084:Ret ntoskrnl.exe.KeInitializeEvent() retval=00000039 ret=0078555d 0084:Call KERNEL32.RaiseException(80000100,00000001,00000002,0065fa4c) ret=7ec1ad81 0084:trace:seh:raise_exception code=80000100 flags=1 addr=0x7b446e0f ip=7b446e0f tid=0084 0084:trace:seh:raise_exception info[0]=7ec1ada0 0084:trace:seh:raise_exception info[1]=7ec1ae59 0084:trace:seh:call_vectored_handlers calling handler at 0x7ec124b9 code=80000100 flags=1 0084:trace:seh:call_vectored_handlers handler at 0x7ec124b9 returned 0 0084:trace:seh:call_stack_handlers calling handler at 0x7bcb1ba2 code=80000100 flags=1 0084:Call KERNEL32.UnhandledExceptionFilter(0065f504) ret=7bcb1bdd 0084:trace:seh:start_debugger Starting debugger "winedbg --auto 127 68" 0084:Ret KERNEL32.UnhandledExceptionFilter() retval=00000000 ret=7bcb1bdd 0084:trace:seh:call_stack_handlers handler at 0x7bcb1ba2 returned 1 ... wine: Call from 0x7b446e0f to unimplemented function ntoskrnl.exe.ExInterlockedPopEntrySList, aborting --- snip --- $ sha1sum astx_setup.exe 8f3a49eb2664069a0b22d52850df2b7dc3343c8b astx_setup.exe $ du -sh astx_setup.exe 31M astx_setup.exe $ wine --version wine-3.6 Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

2 6

[Bug 45073] New: Many MSI-based installers crash in remote_GetActionInfo while unmarshalling data
by wine-bugs＠winehq.org 18 Mar '21

18 Mar '21

https://bugs.winehq.org/show_bug.cgi?id=45073 Bug ID: 45073 Summary: Many MSI-based installers crash in remote_GetActionInfo while unmarshalling data Product: Wine Version: 3.6 Hardware: x86-64 OS: Linux Status: NEW Severity: critical Priority: P2 Component: msi Assignee: wine-bugs(a)winehq.org Reporter: focht(a)gmx.net Distribution: --- Hello folks, likely affects *all* MSI-based installers. I just run a few winetricks recipes (.NET, ..) and other installers - all of them crashed. This is a critical (potential blocker) issue, Wine 3.7 can't be released in this state. VirtualPC 2007 (bug 29354) --- snip --- Unhandled exception: page fault on read access to 0x00000004 in 32-bit code (0x7e4ae367). Register dump: CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b EIP:7e4ae367 ESP:0033f838 EBP:0033f848 EFLAGS:00010206( R- -- I - -P- ) EAX:00000004 EBX:0033f8ac ECX:0033f8ac EDX:00000000 ESI:0033f8d0 EDI:0033fc34 ... Backtrace: =>0 0x7e4ae367 align_pointer+0x12(ptr=0x4, align=0x4) [/home/focht/projects/wine/wine.repo/src/dlls/rpcrt4/ndr_marshall.c:103] in rpcrt4 (0x0033f848) 1 0x7e4b160c NdrPointerUnmarshall+0xd8(pStubMsg=<couldn't compute location>, ppMemory=<couldn't compute location>, pFormat=<couldn't compute location>, fMustAlloc='d') [/home/focht/projects/wine/wine.repo/src/dlls/rpcrt4/ndr_marshall.c:1564] in rpcrt4 (0x0033f898) 2 0x7bc7f4e7 relay_call+0x3e() in ntdll (0x0033f8bc) 3 0x7e4a5a54 in rpcrt4 (+0x5a53) (0x0033fab8) 4 0x7ec09214 remote_GetActionInfo+0x27f(guid=<couldn't compute location>, type=<couldn't compute location>, dllname=<couldn't compute location>, function=<couldn't compute location>, hinst=<couldn't compute location>) [/home/focht/projects/wine/wine.repo/build-x86/dlls/msi/winemsi_c.c:2570] in msi (0x0033fab8) 5 0x7ebab091 __wine_msi_call_dll_function+0x165(guid=0x33fc70) [/home/focht/projects/wine/wine.repo/src/dlls/msi/custom.c:525] in msi (0x0033fc28) 6 0x7bc7f4e7 relay_call+0x3e() in ntdll (0x0033fc4c) 7 0x7eb86598 in msi (+0x6597) (0x0033fc88) 8 0x7efee3e8 DoEmbedding+0x23(key="{AD3887D1-245B-4BFF-ADF3-298FD0BFC1FF}") [/home/focht/projects/wine/wine.repo/src/programs/msiexec/msiexec.c:402] in msiexec (0x0033fc88) 9 0x7efee9a4 WinMain+0x18f(hInstance=<couldn't compute location>, hPrevInstance=<couldn't compute location>, lpCmdLine=<couldn't compute location>, nCmdShow=<couldn't compute location>) [/home/focht/projects/wine/wine.repo/src/programs/msiexec/msiexec.c:599] in msiexec (0x0033fde8) 10 0x7eff059e main+0xeb(argc=<couldn't compute location>, argv=<couldn't compute location>) [/home/focht/projects/wine/wine.repo/src/dlls/winecrt0/exe_main.c:49] in msiexec (0x0033fe68) 11 0x7eff0496 __wine_spec_exe_entry+0x56(peb=<couldn't compute location>) [/home/focht/projects/wine/wine.repo/src/dlls/winecrt0/exe_entry.c:36] in msiexec (0x0033fea8) 12 0x7b46d930 call_process_entry+0xb() in kernel32 (0x0033fec8) 13 0x7b46da71 start_process+0x132(entry=<couldn't compute location>, peb=<couldn't compute location>) [/home/focht/projects/wine/wine.repo/src/dlls/kernel32/process.c:1099] in kernel32 (0x0033ffd8) 14 0x7b46d93e start_process_wrapper+0x9() in kernel32 (0x0033ffec) 0x7e4ae367 align_pointer+0x12 [/home/focht/projects/wine/wine.repo/src/dlls/rpcrt4/ndr_marshall.c:103] in rpcrt4: movl 0x0(%eax),%eax 103 *ptr = (unsigned char *)(((ULONG_PTR)*ptr + mask) & ~mask); ... Modules: Module Address Debug info Name (73 modules) ELF 7b400000-7b7f4000 Dwarf kernel32<elf> \-PE 7b420000-7b7f4000 \ kernel32 ELF 7bc00000-7bd0d000 Dwarf ntdll<elf> \-PE 7bc30000-7bd0d000 \ ntdll ELF 7c000000-7c004000 Deferred <wine-loader> ... Threads: process tid prio (all id:s are in hex) ... 0000002d setup.exe 0000002e 0 0000002f msxml6-KB927977-enu-x86.exe 00000031 0 00000030 0 00000032 msiexec.exe 00000038 0 00000035 0 00000034 0 00000033 0 00000036 (D) C:\windows\system32\msiexec.exe 00000037 0 <== --- snip --- 'winetricks -q dotnet40' --- snip --- Unhandled exception: page fault on write access to 0x00000033 in 32-bit code (0xf7c1fcea). Register dump: CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b EIP:f7c1fcea ESP:0033f57c EBP:0033f5a8 EFLAGS:00010203( R- -- I - - -C) EAX:00000000 EBX:00000022 ECX:0000000b EDX:00000000 ESI:00146424 EDI:00000033 ... Backtrace: =>0 0xf7c1fcea memcpy+0x5a() in libc.so.6 (0x0033f5a8) 1 0x7e4af0df safe_copy_from_buffer+0xe0(pStubMsg=0x33f9f8, p=0x33, size=0x17) [/home/focht/projects/wine/wine.repo/src/dlls/rpcrt4/ndr_marshall.c:730] in rpcrt4 (0x0033f5a8) 2 0x7e4b352f array_read_variance_and_unmarshall+0x4d9(fc='"', pStubMsg=0x33f9f8, ppMemory=0x33fbe0, pFormat=""\ \", fMustAlloc=0, fUseBufferMemoryServer=1, fUnmarshall=1) [/home/focht/projects/wine/wine.repo/src/dlls/rpcrt4/ndr_marshall.c:2234] in rpcrt4 (0x0033f638) 3 0x7e4b41c3 NdrConformantStringUnmarshall+0xfe(pStubMsg=<couldn't compute location>, ppMemory=<couldn't compute location>, pFormat=<couldn't compute location>, fMustAlloc=0) [/home/focht/projects/wine/wine.repo/src/dlls/rpcrt4/ndr_marshall.c:2533] in rpcrt4 (0x0033f688) 4 0x7e4afe7f PointerUnmarshall+0x53e(pStubMsg=0x33f9f8, Buffer="", pPointer=0x33fbe0, pSrcPointer=*** invalid address 0x33 ***, pFormat=""\ \", fMustAlloc=0) [/home/focht/projects/wine/wine.repo/src/dlls/rpcrt4/ndr_marshall.c:969] in rpcrt4 (0x0033f758) 5 0x7e4b1644 NdrPointerUnmarshall+0x110(pStubMsg=<couldn't compute location>, ppMemory=<couldn't compute location>, pFormat=<couldn't compute location>, fMustAlloc=0) [/home/focht/projects/wine/wine.repo/src/dlls/rpcrt4/ndr_marshall.c:1569] in rpcrt4 (0x0033f7b8) 6 0x7e4afe7f PointerUnmarshall+0x53e(pStubMsg=0x33f9f8, Buffer="", pPointer=0x33fb0c, pSrcPointer="3", pFormat="", fMustAlloc=0) [/home/focht/projects/wine/wine.repo/src/dlls/rpcrt4/ndr_marshall.c:969] in rpcrt4 (0x0033f888) 7 0x7e4b1644 NdrPointerUnmarshall+0x110(pStubMsg=<couldn't compute location>, ppMemory=<couldn't compute location>, pFormat=<couldn't compute location>, fMustAlloc=0) [/home/focht/projects/wine/wine.repo/src/dlls/rpcrt4/ndr_marshall.c:1569] in rpcrt4 (0x0033f8e8) 8 0x7ec09214 remote_GetActionInfo+0x27f(guid=<couldn't compute location>, type=<couldn't compute location>, dllname=<couldn't compute location>, function=<couldn't compute location>, hinst=<couldn't compute location>) [/home/focht/projects/wine/wine.repo/build-x86/dlls/msi/winemsi_c.c:2570] in msi (0x0033fae8) 9 0x7ebab091 __wine_msi_call_dll_function+0x165(guid=0x33fc70) [/home/focht/projects/wine/wine.repo/src/dlls/msi/custom.c:525] in msi (0x0033fc58) 10 0x7efee3e8 DoEmbedding+0x23(key="{7E1720C8-F634-46E9-A8D1-FB290A0A8D53}") [/home/focht/projects/wine/wine.repo/src/programs/msiexec/msiexec.c:402] in msiexec (0x0033fc88) 11 0x7efee9a4 WinMain+0x18f(hInstance=<couldn't compute location>, hPrevInstance=<couldn't compute location>, lpCmdLine=<couldn't compute location>, nCmdShow=<couldn't compute location>) [/home/focht/projects/wine/wine.repo/src/programs/msiexec/msiexec.c:599] in msiexec (0x0033fde8) 12 0x7eff059e main+0xeb(argc=<couldn't compute location>, argv=<couldn't compute location>) [/home/focht/projects/wine/wine.repo/src/dlls/winecrt0/exe_main.c:49] in msiexec (0x0033fe68) 13 0x7eff0496 __wine_spec_exe_entry+0x56(peb=<couldn't compute location>) [/home/focht/projects/wine/wine.repo/src/dlls/winecrt0/exe_entry.c:36] in msiexec (0x0033fea8) 14 0x7b46d930 call_process_entry+0xb() in kernel32 (0x0033fec8) 15 0x7b46da71 start_process+0x132(entry=<couldn't compute location>, peb=<couldn't compute location>) [/home/focht/projects/wine/wine.repo/src/dlls/kernel32/process.c:1099] in kernel32 (0x0033ffd8) 16 0x7b46d93e start_process_wrapper+0x9() in kernel32 (0x0033ffec) 0xf7c1fcea memcpy+0x5a in libc.so.6: movsb (%esi),%es:(%edi) Modules: Module Address Debug info Name (73 modules) ELF 7b400000-7b7f4000 Dwarf kernel32<elf> \-PE 7b420000-7b7f4000 \ kernel32 ELF 7bc00000-7bd0d000 Deferred ntdll<elf> \-PE 7bc30000-7bd0d000 \ ntdll ELF 7c000000-7c004000 Deferred <wine-loader> ... Threads: process tid prio (all id:s are in hex) 00000008 dotNetFx40_Full_x86_x64.exe 00000009 0 ... 00000032 Setup.exe 0000003d 0 0000003c 0 0000003b 0 00000038 0 00000037 0 00000036 0 00000033 0 00000039 (D) C:\windows\system32\msiexec.exe 0000003a 0 <== System information: Wine build: wine-3.6-236-gd6654dbf2b Platform: i386 Version: Windows 5.1 (0) Host system: Linux Host version: 4.15.17-300.fc27.x86_64 --- snip --- $ wine --version wine-3.6-236-gd6654dbf2b Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

2 10

[Bug 44499] New: BattlEye 'BEDaisy' kernel service crashes on unimplemented function ntoskrnl.exe.PsSetCreateProcessNotifyRoutineEx
by wine-bugs＠winehq.org 18 Mar '21

18 Mar '21

https://bugs.winehq.org/show_bug.cgi?id=44499 Bug ID: 44499 Summary: BattlEye 'BEDaisy' kernel service crashes on unimplemented function ntoskrnl.exe.PsSetCreateProcessNotifyRoutineEx Product: Wine Version: 3.1 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: ntoskrnl Assignee: wine-bugs(a)winehq.org Reporter: focht(a)gmx.net Distribution: --- Hello folks, continuation of bug 44497 The kernel driver uses multiple methods to implement process protection/supervision. * ObRegisterCallbacks * ObUnRegisterCallbacks * ObGetFilterVersion -> covered by bug 44497 Another method: * PsSetCreateProcessNotifyRoutineEx Example kernel driver code to show how the API is being used: https://github.com/Microsoft/Windows-driver-samples/tree/master/general/obc… --- quote --- ObCallback Callback Registration Driver The ObCallback sample driver demonstrates the use of registered callbacks for process protection. The driver registers control callbacks which are called at process creation. Design and Operation The sample exercises both the PsSetCreateProcessNotifyRoutineEx and the ObRegisterCallbacks routines. The first example uses the ObRegisterCallbacks routine and a callback to restrict requested access rights during a open process action. The second example uses the PsSetCreateProcessNotifyRoutineEx routine to reject a process creation by examining the command line. --- quote --- Another article: https://malwaretips.com/threads/av-self-protection-process-c-c.66200/ For BattlEye 'BEDaisy' service to succeed the driver init routine it is enough to implement a stub for 'PsSetCreateProcessNotifyRoutineEx' like it was done with 'PsSetCreateProcessNotifyRoutine' -> return STATUS_SUCCESS https://source.winehq.org/git/wine.git/blob/354fa7eb7921c3317e7943c18871feb… --- snip --- 2381 /*********************************************************************** 2382 * PsSetCreateProcessNotifyRoutine (NTOSKRNL.EXE.@) 2383 */ 2384 NTSTATUS WINAPI PsSetCreateProcessNotifyRoutine( PCREATE_PROCESS_NOTIFY_ROUTINE callback, BOOLEAN remove ) 2385 { 2386 FIXME( "stub: %p %d\n", callback, remove ); 2387 return STATUS_SUCCESS; 2388 } --- snip --- $ sha1sum Tibia_Setup.exe 50951008ccc402cc32407bfc56a88da873e3e9bd Tibia_Setup.exe $ du -sh Tibia_Setup.exe 5.2M Tibia_Setup.exe $ wine --version wine-3.1-193-g354fa7eb79 Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

2 5

[Bug 44907] New: BattlEye 'BEDaisy' kernel service crashes on unimplemented function ' fltmgr.sys.FltGetRoutineAddress'
by wine-bugs＠winehq.org 18 Mar '21

18 Mar '21

https://bugs.winehq.org/show_bug.cgi?id=44907 Bug ID: 44907 Summary: BattlEye 'BEDaisy' kernel service crashes on unimplemented function 'fltmgr.sys.FltGetRoutineAddress' Product: Wine Version: 3.5 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: fltmgr Assignee: wine-bugs(a)winehq.org Reporter: focht(a)gmx.net Distribution: --- Hello folks, already mentioned in bug 44500 It seems the author of the BattlEye driver is actively working on it, adding new API dependencies/imports every week ;-) Prerequisite: * bug 44837 -> missing 'ntoskrnl.exe.Ps{Acquire,Release}ProcessExitSynchronization' * bug 44906 -> missing 'ntoskrnl.exe.ExfUnblockPushLock' There is now an additional one: --- snip --- $ WINEDEBUG=+seh,+relay,+ntoskrnl wine net start BEDaisy >>log.txt 2>&1 ... 0035:Call ntoskrnl.exe.MmGetSystemRoutineAddress(0065ecac) ret=008560ad ... 0035:Call KERNEL32.GetProcAddress(7ec00000,0011d528 "IoDriverObjectType") ret=7ec18587 0035:Ret KERNEL32.GetProcAddress() retval=7ec0700c ret=7ec18587 ... 0035:trace:ntoskrnl:MmGetSystemRoutineAddress L"IoDriverObjectType" -> 0x7ec0700c ... 0035:Ret ntoskrnl.exe.MmGetSystemRoutineAddress() retval=7ec0700c ret=008560ad ... 0035:Call KERNEL32.RaiseException(80000100,00000001,00000002,0065eb78) ret=f7dd1b0f 0035:trace:seh:raise_exception code=80000100 flags=1 addr=0x7b446c33 ip=7b446c33 tid=0035 0035:trace:seh:raise_exception info[0]=f7dd1b28 0035:trace:seh:raise_exception info[1]=f7dd228b wine: Call from 0x7b446c33 to unimplemented function fltmgr.sys.FltGetRoutineAddress, aborting --- snip --- $ sha1sum Tibia_Setup.exe 50951008ccc402cc32407bfc56a88da873e3e9bd Tibia_Setup.exe $ du -sh Tibia_Setup.exe 5.2M Tibia_Setup.exe $ wine --version wine-3.5-106-g182c12c403 Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

2 5

[Bug 44497] New: BattlEye 'BEDaisy' kernel service crashes on unimplemented ntoskrnl.exe ObCallback ( object manager) functions
by wine-bugs＠winehq.org 18 Mar '21

18 Mar '21

https://bugs.winehq.org/show_bug.cgi?id=44497 Bug ID: 44497 Summary: BattlEye 'BEDaisy' kernel service crashes on unimplemented ntoskrnl.exe ObCallback (object manager) functions Product: Wine Version: 3.1 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: ntoskrnl Assignee: wine-bugs(a)winehq.org Reporter: focht(a)gmx.net Distribution: --- Hello folks, continuation of bug 44496 The kernel driver uses object manager callbacks in order to implement process protection. * ObRegisterCallbacks * ObUnRegisterCallbacks * ObGetFilterVersion Example kernel driver code to show how the API is being used: https://github.com/Microsoft/Windows-driver-samples/tree/master/general/obc… --- quote --- ObCallback Callback Registration Driver The ObCallback sample driver demonstrates the use of registered callbacks for process protection. The driver registers control callbacks which are called at process creation. Design and Operation The sample exercises both the PsSetCreateProcessNotifyRoutineEx and the ObRegisterCallbacks routines. The first example uses the ObRegisterCallbacks routine and a callback to restrict requested access rights during a open process action. The second example uses the PsSetCreateProcessNotifyRoutineEx routine to reject a process creation by examining the command line. --- quote --- Another article: https://malwaretips.com/threads/av-self-protection-process-c-c.66200/ BattlEye 'BEDaisy' needs semi-stubs. Pure stubs returning 'STATUS_NOT_IMPLEMENTED' is not enough. The driver init routine will fail. * ObRegisterCallbacks -> return STATUS_SUCCESS (and fake handle) * ObUnRegisterCallbacks -> just empty stub is enough * ObGetFilterVersion -> return OB_FLT_REGISTRATION_VERSION Also mentioned in tps://bugs.winehq.org/show_bug.cgi?id=41039#c0 ("Virtualbox crashes with access violation, needs ntoskrnl.exe.FsRtlIsNameInExpression") although not the problem there. --- snip --- fixme:ntoskrnl:MmGetSystemRoutineAddress L"ObRegisterCallbacks" not found fixme:ntoskrnl:MmGetSystemRoutineAddress L"ObUnRegisterCallbacks" not found --- snip --- With these things fixed, the driver runs further - into next problems. $ sha1sum Tibia_Setup.exe 50951008ccc402cc32407bfc56a88da873e3e9bd Tibia_Setup.exe $ du -sh Tibia_Setup.exe 5.2M Tibia_Setup.exe $ wine --version wine-3.1-193-g354fa7eb79 Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

2 6

[Bug 44500] New: BattlEye 'BEDaisy' kernel service crashes on unimplemented fltmgr.sys functions ( FltRegisterFilter, FltStartFiltering, FltUnregisterFilter)
by wine-bugs＠winehq.org 18 Mar '21

18 Mar '21

https://bugs.winehq.org/show_bug.cgi?id=44500 Bug ID: 44500 Summary: BattlEye 'BEDaisy' kernel service crashes on unimplemented fltmgr.sys functions (FltRegisterFilter, FltStartFiltering, FltUnregisterFilter) Product: Wine Version: 3.1 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: fltmgr Assignee: wine-bugs(a)winehq.org Reporter: focht(a)gmx.net Distribution: --- Hello folks, continuation of bug 44499 The kernel driver uses multiple methods to implement process protection/supervision. * ObRegisterCallbacks * ObUnRegisterCallbacks * ObGetFilterVersion -> covered by bug 44497 * PsSetCreateProcessNotifyRoutineEx -> covered by bug 44499 * FltRegisterFilter * FltStartFiltering * FltUnregisterFilter BattlEye 'BEDaisy' needs semi-stubs. Pure stubs returning 'STATUS_NOT_IMPLEMENTED' is not enough. The driver init routine will fail. * FltRegisterFilter -> return STATUS_SUCCESS and some dummy handle as "out" * FltStartFiltering -> return STATUS_SUCCESS * FltUnregisterFilter -> just empty stub is enough (needed when driver unloads) With this and all previous bug reports fixed/worked around, the driver init routine runs to completion and the kernel service starts successfully. Proof: --- snip --- ... 0048:trace:winedevice:load_driver loading driver L"C:\\Program Files\\Common Files\\BattlEye\\BEDaisy.sys" ... 0048:trace:module:process_attach (L"BEDaisy.sys",(nil)) - END 0048:Ret KERNEL32.LoadLibraryW() retval=00780000 ret=7effaa20 ... 0048:trace:winedevice:load_driver_module L"C:\\Program Files\\Common Files\\BattlEye\\BEDaisy.sys": relocating from 0x400000 to 0x780000 ... 0048:Call driver init 0x7fdf6e (obj=0x11cb58,str=L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\BEDaisy") 0048:Call --- snip --- Map the driver image via Mdl in order to hot-patch. --- snip --- ... ntoskrnl.exe.IoAllocateMdl(00780000,00040409,00000000,00000000,00000000) ret=0080bf37 0048:trace:ntoskrnl:IoAllocateMdl (0x780000, 263177, 0, 0, (nil)) 0048:Call ntdll.RtlAllocateHeap(00110000,00000008,00000120) ret=7ecdf800 0048:Ret ntdll.RtlAllocateHeap() retval=0011cd38 ret=7ecdf800 0048:fixme:ntoskrnl:IoGetCurrentProcess () semi-stub 0048:Ret ntoskrnl.exe.IoAllocateMdl() retval=0011cd38 ret=0080bf37 0048:Call ntoskrnl.exe.MmProbeAndLockPages(0011cd38,00000000,00000001) ret=0080bf37 0048:fixme:ntoskrnl:MmProbeAndLockPages (0x11cd38, 0, 1): stub 0048:Ret ntoskrnl.exe.MmProbeAndLockPages() retval=0000003f ret=0080bf37 0048:Call ntoskrnl.exe.MmMapLockedPagesSpecifyCache(0011cd38,00000000,00000000,00000001,00000000,00000000) ret=0080bf37 0048:fixme:ntoskrnl:MmMapLockedPagesSpecifyCache (0x11cd38, 0, 0, 0x1, 0, 0): stub 0048:Call ntdll.RtlAllocateHeap(00110000,00000000,00040409) ret=7ece28a9 0048:Ret ntdll.RtlAllocateHeap() retval=0011d978 ret=7ece28a9 0048:Call KERNEL32.OpenProcess(001fffff,00000000,00000042) ret=7ece28d4 0048:Ret KERNEL32.OpenProcess() retval=00000040 ret=7ece28d4 0048:Call KERNEL32.ReadProcessMemory(00000040,00780000,0011d978,00040409,00000000) ret=7ece2907 0048:Ret KERNEL32.ReadProcessMemory() retval=00000001 ret=7ece2907 0048:Call KERNEL32.CloseHandle(00000040) ret=7ece2929 0048:Ret KERNEL32.CloseHandle() retval=00000001 ret=7ece2929 0048:fixme:ntoskrnl:MmMapLockedPagesSpecifyCache Success! 0048:Ret ntoskrnl.exe.MmMapLockedPagesSpecifyCache() retval=0011d978 ret=0080bf37 --- snip --- Manually resolve 'ntoskrnl.exe' and other module imports. Most activity is invisible from any trace log (walking in-memory lists, obfuscated strings). --- snip --- 0048:Call ntdll.NtQuerySystemInformation(0000000b,008100a0,00001400,0065f350) ret=008034e1 0048:Ret ntdll.NtQuerySystemInformation() retval=00000000 ret=008034e1 ... 0048:Call ntdll.NtQuerySystemInformation(0000000b,0065f39c,00000000,0065f398) ret=0080732b 0048:Ret ntdll.NtQuerySystemInformation() retval=c0000004 ret=0080732b 0048:Call ntoskrnl.exe.ExAllocatePool(00000000,00001400) ret=007fe2fc 0048:Call ntdll.RtlAllocateHeap(00110000,00000000,00001400) ret=7ece16d9 0048:Ret ntdll.RtlAllocateHeap() retval=008100a0 ret=7ece16d9 0048:trace:ntoskrnl:ExAllocatePoolWithTag 5120 pool 0 -> 0x8100a0 0048:Ret ntoskrnl.exe.ExAllocatePool() retval=008100a0 ret=007fe2fc 0048:Call ntdll.NtQuerySystemInformation(0000000b,008100a0,00001400,0065f398) ret=008034e1 0048:Ret ntdll.NtQuerySystemInformation() retval=00000000 ret=008034e1 ... --- snip --- Commit the changes to the memory image -> 'MmUnlockPages'. --- snip --- ... 0048:Call ntoskrnl.exe.MmUnlockPages(0011cd38) ret=0080bf37 0048:fixme:ntoskrnl:MmUnlockPages (0x11cd38): stub 0048:Call KERNEL32.OpenProcess(001fffff,00000000,00000042) ret=7ece2be8 0048:Ret KERNEL32.OpenProcess() retval=00000040 ret=7ece2be8 0048:Call KERNEL32.WriteProcessMemory(00000040,00780000,0011d978,00040409,00000000) ret=7ece2c17 0048:Ret KERNEL32.WriteProcessMemory() retval=00000001 ret=7ece2c17 0048:Call KERNEL32.CloseHandle(00000040) ret=7ece2c25 0048:Ret KERNEL32.CloseHandle() retval=00000001 ret=7ece2c25 0048:Call ntdll.RtlFreeHeap(00110000,00000000,0011d978) ret=7ece2c45 0048:Ret ntdll.RtlFreeHeap() retval=00000001 ret=7ece2c45 0048:fixme:ntoskrnl:MmUnlockPages Success! 0048:Ret ntoskrnl.exe.MmUnlockPages() retval=0000002b ret=0080bf37 0048:Call ntoskrnl.exe.IoFreeMdl(0011cd38) ret=0080bf37 0048:trace:ntoskrnl:IoFreeMdl 0x11cd38 0048:Call ntdll.RtlFreeHeap(00110000,00000000,0011cd38) ret=7ecdf8fa 0048:Ret ntdll.RtlFreeHeap() retval=00000001 ret=7ecdf8fa 0048:Ret ntoskrnl.exe.IoFreeMdl() retval=00000001 ret=0080bf37 ... --- snip --- Register object manager/process/mini driver callbacks and create driver symlinks. --- snip --- ... 0048:Call ntoskrnl.exe.ObGetFilterVersion() ret=0078c6be 0048:fixme:ntoskrnl:ObGetFilterVersion stub 0048:Ret ntoskrnl.exe.ObGetFilterVersion() retval=00000100 ret=0078c6be 0048:Call ntoskrnl.exe.KeInitializeMutex(00785020,00000000) ret=0079e1f6 0048:fixme:ntoskrnl:KeInitializeMutex stub: 0x785020, 0 0048:Ret ntoskrnl.exe.KeInitializeMutex() retval=00000038 ret=0079e1f6 0048:Call ntoskrnl.exe.IoCreateDevice(0011cb58,00000000,0065f1a8,00000022,00000000,00000000,0065f1e8) ret=007a2653 0048:trace:ntoskrnl:IoCreateDevice (0x11cb58, 0, L"\\Device\\BattlEye", 34, 0, 0, 0x65f1e8) ... 0048:Ret ntoskrnl.exe.IoCreateDevice() retval=00000000 ret=007a2653 0048:Call ntoskrnl.exe.IoCreateSymbolicLink(0065f1cc,0065f1a8) ret=007a2834 0048:trace:ntoskrnl:IoCreateSymbolicLink L"\\DosDevices\\BattlEye" -> L"\\Device\\BattlEye" 0048:Call ntdll.NtCreateSymbolicLinkObject(0065f064,000f0001,0065f04c,0065f1a8) ret=7ece06af 0048:Ret ntdll.NtCreateSymbolicLinkObject() retval=00000000 ret=7ece06af 0048:Ret ntoskrnl.exe.IoCreateSymbolicLink() retval=00000000 ret=007a2834 0048:Call ntoskrnl.exe.KeWaitForSingleObject(00785020,00000000,00000000,00000000,00000000) ret=007b8643 0048:fixme:ntoskrnl:KeWaitForSingleObject stub: 0x785020, 0, 0, 0, (nil) 0048:Ret ntoskrnl.exe.KeWaitForSingleObject() retval=c0000002 ret=007b8643 0048:Call ntdll.RtlInitUnicodeString(0065f0c8,00783a7c L"363220") ret=00794e44 0048:Ret ntdll.RtlInitUnicodeString() retval=0065f0c8 ret=00794e44 0048:Call ntoskrnl.exe.ObRegisterCallbacks(0065f0c4,00785040) ret=007b869d 0048:fixme:ntoskrnl:ObRegisterCallbacks : stub 0048:Ret ntoskrnl.exe.ObRegisterCallbacks() retval=00000000 ret=007b869d 0048:Call ntoskrnl.exe.KeReleaseMutex(00785020,00000000) ret=007a4ee7 0048:fixme:ntoskrnl:KeReleaseMutex stub: 0x785020, 0 0048:Ret ntoskrnl.exe.KeReleaseMutex() retval=c0000002 ret=007a4ee7 0048:Call ntoskrnl.exe.PsSetLoadImageNotifyRoutine(007817a0) ret=00797911 0048:fixme:ntoskrnl:PsSetLoadImageNotifyRoutine (0x7817a0) stub 0048:Ret ntoskrnl.exe.PsSetLoadImageNotifyRoutine() retval=00000000 ret=00797911 0048:Call ntoskrnl.exe.PsSetCreateThreadNotifyRoutine(007811c4) ret=0079e1fb 0048:fixme:ntoskrnl:PsSetCreateThreadNotifyRoutine stub: 0x7811c4 0048:Ret ntoskrnl.exe.PsSetCreateThreadNotifyRoutine() retval=00000000 ret=0079e1fb 0048:Call ntoskrnl.exe.memset(0065f108,00000000,00000038) ret=007b63ab 0048:Ret ntoskrnl.exe.memset() retval=0065f108 ret=007b63ab 0048:Call fltmgr.sys.FltRegisterFilter(0011cb58,0065f108,00785500) ret=007afad8 0048:fixme:fltmgr:FltRegisterFilter (0x11cb58, 0x65f108): stub ... 0048:Ret fltmgr.sys.FltRegisterFilter() retval=00000000 ret=007afad8 0048:Call fltmgr.sys.FltStartFiltering(0011d978) ret=00795697 0048:fixme:fltmgr:FltStartFiltering (0x11d978): stub 0048:Ret fltmgr.sys.FltStartFiltering() retval=00000000 ret=00795697 0048:Call ntoskrnl.exe.PsSetCreateProcessNotifyRoutineEx(00781aba,00000000) ret=0079d0f5 0048:fixme:ntoskrnl:PsSetCreateProcessNotifyRoutineEx stub: 0x781aba 0 0048:Ret ntoskrnl.exe.PsSetCreateProcessNotifyRoutineEx() retval=00000000 ret=0079d0f5 ... --- snip --- Driver init successful return: --- snip --- ... 0048:Call ntdll.RtlInitUnicodeString(0065f190,0065f444 L"\\Driver") ret=0078ee45 0048:Ret ntdll.RtlInitUnicodeString() retval=0065f190 ret=0078ee45 0048:Call ntdll.ZwOpenDirectoryObject(0065f1c8,00000001,0065f1b0) ret=0079a425 0048:Ret ntdll.ZwOpenDirectoryObject() retval=00000000 ret=0079a425 0048:Call ntdll.ZwQueryDirectoryObject(00000048,0065f1f4,00000100,00000001,00000000,0065f458,00000000) ret=007a78fb 0048:Ret ntdll.ZwQueryDirectoryObject() retval=8000001a ret=007a78fb 0048:Call ntdll.ZwClose(00000048) ret=00795dcc 0048:Ret ntdll.ZwClose() retval=00000000 ret=00795dcc 0048:Ret driver init 0x7fdf6e (obj=0x11cb58,str=L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\BEDaisy") retval=00000000 0048:trace:winedevice:init_driver init done for L"BEDaisy" obj 0x11cb58 0048:trace:winedevice:init_driver - DriverInit = 0x7fdf6e 0048:trace:winedevice:init_driver - DriverStartIo = (nil) 0048:trace:winedevice:init_driver - DriverUnload = 0x781de8 0048:trace:winedevice:init_driver - MajorFunction[0] = 0x781dc4 0048:trace:winedevice:init_driver - MajorFunction[1] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[2] = 0x781d54 0048:trace:winedevice:init_driver - MajorFunction[3] = 0x7820c2 0048:trace:winedevice:init_driver - MajorFunction[4] = 0x7829b4 0048:trace:winedevice:init_driver - MajorFunction[5] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[6] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[7] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[8] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[9] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[10] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[11] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[12] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[13] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[14] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[15] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[16] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[17] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[18] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[19] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[20] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[21] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[22] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[23] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[24] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[25] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[26] = 0x7ecdfeb0 0048:trace:winedevice:init_driver - MajorFunction[27] = 0x7ecdfeb0 0048:Ret ntoskrnl.exe.IoCreateDriver() retval=00000000 ret=7effb7c8 0048:Call ntoskrnl.exe.ObReferenceObjectByName(0065fdc0,00000040,00000000,00000000,00000000,00000000,00000000,0065fdc8) ret=7effb852 0048:trace:ntoskrnl:ObReferenceObjectByName mostly-stub:L"\\Driver\\BEDaisy" 64 (nil) 0 (nil) 0 (nil) 0x65fdc8 ... 0048:Ret ntoskrnl.exe.ObReferenceObjectByName() retval=00000000 ret=7effb852 ... 0048:Call advapi32.SetServiceStatus(0011b788,0065fd84) ret=7effb41b ... 0048:Ret advapi32.SetServiceStatus() retval=00000001 ret=7effb41b --- snip --- NOTE: This doesn't really make BattlEye functional. It enables both services to run and prevents the initial driver service crashes/errors (2). The "Tibia" client I used to test with (http://static.tibia.com/download/Tibia_Setup.exe) still reports BattlEye not working properly. --- snip --- ... [ 11:53:26,282 ] BattlEye: "Initialized (v1.243)" [ 11:53:26,374 ] Request connection to gameserver "tcp://tibia-ip-eu.ciproxy.com:7171" (unprotected: "tcp://tibia-pool-eu.ciproxy.com:7171" ) requested (Charakter "Da Beef" ) [ 11:53:26,374 ] Request connection to gameserver "tcp://tibia-ip-eu.ciproxy.com:7171" "Damora" [ 11:53:26,405 ] Connected to gameserver "tcp://tibia-ip-eu.ciproxy.com:7171" "Damora" [ 11:53:26,637 ] QObject::connect: Cannot connect (null)::stateChanged(QNetworkSession::State) to QNetworkReplyHttpImpl::_q_networkSessionStateChanged(QNetworkSession::State) [ 11:53:26,691 ] QObject::connect: Cannot connect (null)::stateChanged(QNetworkSession::State) to QNetworkReplyHttpImpl::_q_networkSessionStateChanged(QNetworkSession::State) [ 11:53:27,317 ] BattlEye: "Restarting client is necessary, service isn't running properly" [ 11:53:27,318 ] BattlEye: "Restarting client is necessary, update required" ... --- snip --- I have no intention to look further unless there is some progress on previous tickets. $ sha1sum Tibia_Setup.exe 50951008ccc402cc32407bfc56a88da873e3e9bd Tibia_Setup.exe $ du -sh Tibia_Setup.exe 5.2M Tibia_Setup.exe $ wine --version wine-3.1-193-g354fa7eb79 Regards -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.

2 5

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

wine-bugs December 2019