[Bug 49088] New: Acronis Storage Filter Management Driver 'fltsrv.sys' crashes on unimplemented function 'ntoskrnl.exe.IoIs32bitProcess'

https://bugs.winehq.org/show_bug.cgi?id=49088

Bug ID: 49088 Summary: Acronis Storage Filter Management Driver 'fltsrv.sys' crashes on unimplemented function 'ntoskrnl.exe.IoIs32bitProcess' Product: Wine Version: 5.7 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: ntoskrnl Assignee: wine-bugs@winehq.org Reporter: focht@gmx.net Distribution: ---

Hello folks,

continuation of bug 47623

Download:

https://web.archive.org/web/20150518142343/http://dl2.acronis.com/u/ADD12_tr...

--- snip --- $ WINEDEBUG=+seh,+relay,+ntoskrnl,+winedevice,+module,+msi wine ./ADD12_trial_en-US.exe >>log.txt 2>&1 ... 0244:trace:ntoskrnl:load_driver loading driver L"C:\windows\system32\drivers\fltsrv.sys" 0244:Call KERNEL32.LoadLibraryW(000fc490 L"C:\windows\system32\drivers\fltsrv.sys") ret=00236878 ... 0244:trace:module:map_image mapped PE file at 0xe10000-0xe35000 0244:trace:module:map_image mapping section .text at 0xe11000 off 400 size 19200 virt 1914b flags 68000020 0244:trace:module:map_image clearing 0xe2a200 - 0xe2b000 0244:trace:module:map_image mapping section .rdata at 0xe2b000 off 19600 size 3800 virt 37ec flags 48000040 0244:trace:module:map_image clearing 0xe2e800 - 0xe2f000 0244:trace:module:map_image mapping section .data at 0xe2f000 off 1ce00 size 200 virt 28c flags c8000040 0244:trace:module:map_image clearing 0xe2f200 - 0xe30000 0244:trace:module:map_image mapping section .pdata at 0xe30000 off 1d000 size 1c00 virt 1a7c flags 48000040 0244:trace:module:map_image clearing 0xe31c00 - 0xe32000 0244:trace:module:map_image mapping section INIT at 0xe32000 off 1ec00 size e00 virt d06 flags e2000020 0244:trace:module:map_image clearing 0xe32e00 - 0xe33000 0244:trace:module:map_image mapping section .rsrc at 0xe33000 off 1fa00 size 600 virt 510 flags 42000040 0244:trace:module:map_image clearing 0xe33600 - 0xe34000 0244:trace:module:map_image mapping section .reloc at 0xe34000 off 20000 size a00 virt 834 flags 42000040 0244:trace:module:map_image clearing 0xe34a00 - 0xe35000 0244:trace:module:get_load_order looking for L"C:\windows\system32\drivers\fltsrv.sys" ... 0244:warn:module:import_dll No implementation for ntoskrnl.exe.IoIs32bitProcess imported from L"C:\windows\system32\drivers\fltsrv.sys", setting to 0xe40000 0244:trace:module:load_dll Loaded module L"\??\C:\windows\system32\drivers\fltsrv.sys" at 0xe10000 ... 0244:Ret KERNEL32.LoadLibraryW() retval=00e10000 ret=00236878 ... 0244:Call driver init 0000000000E32000 (obj=00000000007FE0F0,str=L"\Registry\Machine\System\CurrentControlSet\Services\fltsrv") ... 0244:Ret driver init 0000000000E32000 (obj=00000000007FE0F0,str=L"\Registry\Machine\System\CurrentControlSet\Services\fltsrv") retval=00000000 ... 0244:trace:ntoskrnl:init_driver init done for L"fltsrv" obj 00000000007FE0F0 0244:trace:ntoskrnl:init_driver - DriverInit = 0000000000E32000 0244:trace:ntoskrnl:init_driver - DriverStartIo = 0000000000000000 0244:trace:ntoskrnl:init_driver - DriverUnload = 0000000000E1C39C 0244:trace:ntoskrnl:init_driver - MajorFunction[0] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[1] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[2] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[3] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[4] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[5] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[6] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[7] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[8] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[9] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[10] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[11] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[12] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[13] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[14] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[15] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[16] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[17] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[18] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[19] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[20] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[21] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[22] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[23] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[24] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[25] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[26] = 0000000000E1BCF4 0244:trace:ntoskrnl:init_driver - MajorFunction[27] = 0000000000E1BCF4 ... 0224:Call KERNEL32.CreateFileA(01c96a00 "\\.\Global\StorageFilterControl",c0000000,00000003,00000000,00000003,00000000,00000000) ret=020426f3 ... 0224:Ret KERNEL32.CreateFileA() retval=000000ac ret=020426f3 ... 0248:Ret KERNEL32.WaitForMultipleObjectsEx() retval=00000001 ret=0022e9de 0224:Call KERNEL32.WaitForSingleObject(000000a8,ffffffff) ret=02041c42 0224:Call ntdll.NtWaitForMultipleObjects(00000001,0220f1e0,00000001,00000000,00000000) ret=7b04b037 0224:Ret ntdll.NtWaitForMultipleObjects() retval=00000000 ret=7b04b037 0224:Ret KERNEL32.WaitForSingleObject() retval=00000000 ret=02041c42 0224:Call KERNEL32.DeviceIoControl(000000ac,8021240b,0220f560,00000018,00000000,00000000,0220f598,00000000) ret=02042610 0248:trace:ntoskrnl:dispatch_create device 00000000007FE2B0 -> file 00000000007FE660 0248:trace:ntoskrnl:IoGetAttachedDevice (00000000007FE2B0) 0248:trace:ntoskrnl:IoAllocateIrp 1, 0 .... 0248:trace:ntoskrnl:IoInitializeIrp 00000000009AD2B0, 280, 1 ... 0248:Call ntoskrnl.exe.IoGetCurrentProcess() ret=00e1cb6c 0248:Ret ntoskrnl.exe.IoGetCurrentProcess() retval=000fc6c0 ret=00e1cb6c 0248:trace:seh:raise_exception code=c0000096 flags=0 addr=0xe1cb7f ip=e1cb7f tid=0248 0248:trace:seh:raise_exception rax=00000000000fc6c0 rbx=00000000009aca40 rcx=00007f76a7cf2ab7 rdx=000000000000004a 0248:trace:seh:raise_exception rsi=00000000009ad2b0 rdi=0000000000950390 rbp=0000000000000000 rsp=0000000000dff830 0248:trace:seh:raise_exception r8=0000000000000000 r9=0000000000dff032 r10=0000000000000000 r11=0000000000000000 0248:trace:seh:raise_exception r12=00000000009ad2b0 r13=0000000000dffb50 r14=00000000c0000017 r15=0000000000dffb58 0248:trace:seh:call_vectored_handlers calling handler at 0x22cde0 code=c0000096 flags=0 0248:trace:seh:call_vectored_handlers handler at 0x22cde0 returned ffffffff 0248:Call ntoskrnl.exe.IoGetRequestorProcess(009ad2b0) ret=00e1cbf9 0248:trace:ntoskrnl:IoGetRequestorProcess irp 00000000009AD2B0. 0248:Ret ntoskrnl.exe.IoGetRequestorProcess() retval=000fc6c0 ret=00e1cbf9 0248:trace:seh:raise_exception code=80000100 flags=1 addr=0x7bc6dfdc ip=7bc6dfdc tid=0248 0248:trace:seh:raise_exception info[0]=0000000000e324b6 0248:trace:seh:raise_exception info[1]=0000000000e3298e wine: Call from 0x7bc6dfdc to unimplemented function ntoskrnl.exe.IoIs32bitProcess, aborting --- snip ---

--- snip --- $ winedump -j import .wine/drive_c/windows/system32/drivers/fltsrv.sys Contents of .wine/drive_c/windows/system32/drivers/fltsrv.sys: 160600 bytes

Import Table size: 00000028 offset 0001ec90 ntoskrnl.exe Hint/Name Table: 000220B8 TimeDateStamp: 00000000 (Thu Jan 1 01:00:00 1970) ForwarderChain: 00000000 First thunk RVA: 0001B008 Thunk Ordn Name 0001b008 510 IoGetAttachedDeviceReference 0001b010 1162 ObfReferenceObject 0001b018 1160 ObfDereferenceObject 0001b020 532 IoGetLowerDeviceObject 0001b028 1994 _purecall 0001b030 674 IofCallDriver 0001b038 675 IofCompleteRequest 0001b040 521 IoGetDeviceObjectPointer 0001b048 1175 PoCallDriver 0001b050 712 KeBugCheckEx 0001b058 1484 RtlIntegerToUnicodeString 0001b060 1466 RtlInitUnicodeString 0001b068 1346 RtlCompareUnicodeString 0001b070 1361 RtlCopyUnicodeString 0001b078 1326 RtlAppendUnicodeStringToString 0001b080 583 IoRegisterPlugPlayNotification 0001b088 643 IoUnregisterPlugPlayNotification 0001b090 545 IoInitializeRemoveLockEx 0001b098 421 IoAcquireRemoveLockEx 0001b0a0 588 IoReleaseRemoveLockEx 0001b0a8 587 IoReleaseRemoveLockAndWaitEx 0001b0b0 903 KeWaitForSingleObject 0001b0b8 695 KeAcquireSpinLockAtDpcLevel 0001b0c0 697 KeAcquireSpinLockRaiseToDpc 0001b0c8 840 KeReleaseSpinLock 0001b0d0 842 KeReleaseSpinLockFromDpcLevel 0001b0d8 115 ExAllocatePoolWithTag 0001b0e0 139 ExFreePoolWithTag 0001b0e8 763 KeInitializeMutex 0001b0f0 837 KeReleaseMutex 0001b0f8 2087 vDbgPrintExWithPrefix 0001b100 67 DbgQueryDebugFilterState 0001b108 68 DbgSetDebugFilterState 0001b110 1454 RtlGetVersion 0001b118 677 KdDebuggerEnabled 0001b120 988 MmProbeAndLockPages 0001b128 1004 MmUnlockPages 0001b130 976 MmMapLockedPagesSpecifyCache 0001b138 430 IoAllocateMdl 0001b140 504 IoFreeMdl 0001b148 1981 __C_specific_handler 0001b150 1465 RtlInitString 0001b158 1461 RtlInitAnsiString 0001b160 1323 RtlAnsiStringToUnicodeString 0001b168 1611 RtlUnicodeStringToAnsiString 0001b170 1648 RtlxUnicodeStringToAnsiSize 0001b178 1646 RtlxAnsiStringToUnicodeSize 0001b180 1345 RtlCompareString 0001b188 1017 NlsMbOemCodePageTag 0001b190 495 IoEnumerateDeviceObjectList 0001b198 575 IoRegisterBootDriverReinitialization 0001b1a0 1150 ObReferenceObjectByName 0001b1a8 492 IoDriverObjectType 0001b1b0 472 IoCreateSymbolicLink 0001b1b8 485 IoDeleteSymbolicLink 0001b1c0 1810 ZwClose 0001b1c8 1880 ZwOpenSymbolicLinkObject 0001b1d0 1921 ZwQuerySymbolicLinkObject 0001b1d8 516 IoGetCurrentProcess 0001b1e0 550 IoIs32bitProcess 0001b1e8 1201 PoStartNextPowerIrp 0001b1f0 536 IoGetRequestorProcess 0001b1f8 443 IoBuildSynchronousFsdRequest 0001b200 462 IoCreateDevice 0001b208 483 IoDeleteDevice 0001b210 540 IoGetStackLimits 0001b218 1146 ObQueryNameString 0001b220 1226 PsGetCurrentThreadId 0001b228 1266 PsInitialSystemProcess 0001b230 438 IoAttachDeviceToDeviceStack 0001b238 522 IoGetDeviceProperty 0001b240 875 KeSetPriorityThread 0001b248 1213 PsCreateSystemThread 0001b250 1148 ObReferenceObjectByHandle 0001b258 1243 PsGetProcessId 0001b260 887 KeStackAttachProcess 0001b268 897 KeUnstackDetachProcess 0001b270 1865 ZwOpenDirectoryObject 0001b278 1900 ZwQueryDirectoryObject 0001b280 429 IoAllocateIrp 0001b288 440 IoBuildAsynchronousFsdRequest 0001b290 486 IoDetachDevice 0001b298 503 IoFreeIrp 0001b2a0 1868 ZwOpenFile 0001b2a8 1835 ZwDeviceIoControlFile 0001b2b0 1849 ZwFsControlFile 0001b2b8 1870 ZwOpenKey 0001b2c0 1923 ZwQueryValueKey 0001b2c8 941 MmBuildMdlForNonPagedPool 0001b2d0 441 IoBuildDeviceIoControlRequest 0001b2d8 433 IoAllocateWorkItem 0001b2e0 507 IoFreeWorkItem 0001b2e8 566 IoQueueWorkItem 0001b2f0 759 KeInitializeEvent 0001b2f8 869 KeSetEvent 0001b300 765 KeInitializeSemaphore 0001b308 839 KeReleaseSemaphore 0001b310 959 MmGetSystemRoutineAddress 0001b318 1205 ProbeForRead 0001b320 1206 ProbeForWrite

Done dumping .wine/drive_c/windows/system32/drivers/fltsrv.sys --- snip ---

$ sha1sum ADD12_trial_en-US.exe a5cd4fb2b457b86bc9a76b0fafd96ceec5608e6e ADD12_trial_en-US.exe

$ du -sh ADD12_trial_en-US.exe 293M ADD12_trial_en-US.exe

$ wine --version wine-5.7-177-gad1fad8a94

Regards