https://bugs.winehq.org/show_bug.cgi?id=50208
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|Multiple kernel drivers |Multiple kernel drivers |need |need |NtQuerySystemInformation(Sy |NtQuerySystemInformation(Sy |stemModuleInformation) to |stemModuleInformation) to |return correct |return correct |ImageBaseAddress and |ImageBaseAddress and |ImageSize for modules |ImageSize for modules |(Sentinel HASP |(Sentinel HASP |'hardlock.sys') |'hardlock.sys', SmartGaga | |'AndroidKernelX64.sys')
--- Comment #1 from Anastasius Focht focht@gmx.net --- Hello folks,
revisiting, still present.
Also encountered with SmartGaga (Android Emulator) v1.1.x
'androidkernelx64.sys' driver
--- snip --- $ WINEDEBUG=+seh,+relay,+ntoskrnl,+server wine wineboot >>log.txt 2>&1 ... 005c:Call ntoskrnl.exe.ZwQuerySystemInformation(0000000b,00c5f390,00000000,00c5f390) ret=00e4afa6 005c:Call ntdll.NtQuerySystemInformation(0000000b,00c5f390,00000000,00c5f390) ret=17004226f 005c:Ret ntdll.NtQuerySystemInformation() retval=c0000004 ret=17004226f 005c:Ret ntoskrnl.exe.ZwQuerySystemInformation() retval=c0000004 ret=00e4afa6 005c:Call ntoskrnl.exe.ExAllocatePoolWithTag(00000001,00000380,2154554e) ret=00e4afd5 005c:Call ntdll.RtlAllocateHeap(009e0000,00000000,00000380) ret=003e2ede 005c:Ret ntdll.RtlAllocateHeap() retval=009e1640 ret=003e2ede 005c:trace:ntoskrnl:ExAllocatePoolWithTag 896 pool 1 -> 00000000009E1640 005c:Ret ntoskrnl.exe.ExAllocatePoolWithTag() retval=009e1640 ret=00e4afd5 005c:Call ntoskrnl.exe.ZwQuerySystemInformation(0000000b,009e1640,00000380,00c5f390) ret=00e4aff5 005c:Call ntdll.NtQuerySystemInformation(0000000b,009e1640,00000380,00c5f390) ret=17004226f 005c:Ret ntdll.NtQuerySystemInformation() retval=00000000 ret=17004226f 005c:Ret ntoskrnl.exe.ZwQuerySystemInformation() retval=00000000 ret=00e4aff5 005c:Call ntoskrnl.exe.ExFreePoolWithTag(009e1640,00000000) ret=00e4b040 005c:trace:ntoskrnl:ExFreePoolWithTag 00000000009E1640 005c:Call KERNEL32.HeapFree(009e0000,00000000,009e1640) ret=17004226f 005c:Ret KERNEL32.HeapFree() retval=00000001 ret=17004226f 005c:Ret ntoskrnl.exe.ExFreePoolWithTag() retval=00000001 ret=00e4b040 005c:trace:seh:dispatch_exception code=c0000005 flags=0 addr=0000000000E4B0BB ip=0000000000E4B0BB tid=005c 005c:warn:seh:dispatch_exception EXCEPTION_ACCESS_VIOLATION exception (code=c0000005) raised 005c:trace:seh:dispatch_exception rax=0000000000005a4d rbx=0000000000e8c3b8 rcx=000000017000e254 rdx=0000000000000000 005c:trace:seh:dispatch_exception rsi=00000000c0000001 rdi=0000000010000000 rbp=0000000000c5f5f0 rsp=0000000000c5f390 005c:trace:seh:dispatch_exception r8=0000000000000000 r9=0000000000000040 r10=00007ffbeaa02680 r11=0000000000000000 005c:trace:seh:dispatch_exception r12=0000000000173ef8 r13=000000000000ffff r14=0000000000173d90 r15=0000000000000000 005c:trace:seh:call_vectored_handlers calling handler at 00000000003DD440 code=c0000005 flags=0 005c:trace:seh:call_vectored_handlers handler at 00000000003DD440 returned 0 005c:trace:seh:call_handler calling handler 0000000000DA140C (rec=0000000000C5F160, frame=0000000000C5F4F0 context=0000000000C5E750, dispatch=0000000000C5E618) 005c:trace:seh:call_handler handler at 0000000000DA140C returned 1 005c:trace:seh:call_stack_handlers found wine frame 0000000000C5FE90 rsp 0000000000C5FFE0 handler 000000017005FE00 005c:trace:seh:call_teb_handler calling TEB handler 000000017005FE00 (rec=0000000000C5F160, frame=0000000000C5FE90 context=0000000000C5E750, dispatch=0000000000C5E618) --- snip ---
--- snip --- 0000000000E4B0B6 | mov eax,5A4D | 0000000000E4B0BB | cmp ax,word ptr ds:[rdi] | ImageBaseAddress *boom* 0000000000E4B0BE | jne androidkernelx64.E4B1F6 | 0000000000E4B0C4 | mov eax,dword ptr ds:[rdi+3C] | 0000000000E4B0C7 | add rax,rdi | 0000000000E4B0CA | cmp dword ptr ds:[rax],4550 | 0000000000E4B0D0 | jne androidkernelx64.E4B1F6 | --- snip ---
--- snip --- Base Module Path
0000000000250000 sechost.dll Z:\home\focht\projects\wine\mainline... 0000000000280000 ucrtbase.dll Z:\home\focht\projects\wine\mainline... 0000000000340000 msvcrt.dll Z:\home\focht\projects\wine\mainline... 00000000003D0000 ntoskrnl.exe Z:\home\focht\projects\wine\mainline... 0000000000AF0000 rpcrt4.dll Z:\home\focht\projects\wine\mainline... 0000000000DA0000 androidkernelx64.sys C:\Program Files (x86)\SmartGaGa\Pro... 0000000000EB0000 hal.dll Z:\home\focht\projects\wine\mainline... 000000007B000000 kernelbase.dll Z:\home\focht\projects\wine\mainline... 000000007B600000 kernel32.dll Z:\home\focht\projects\wine\mainline... 0000000140000000 winedevice.exe Z:\home\focht\projects\wine\mainline... 0000000170000000 ntdll.dll Z:\home\focht\projects\wine\mainline... 0000000180000000 advapi32.dll Z:\home\focht\projects\wine\mainline... --- snip ---
The driver tries to access the PE header struct for each module returned by 'NtQuerySystemInformation(SystemModuleInformation)'. This causes a page fault because nothing is mapped at the hard-coded defaults.
rdi=0x10000000 = hard-coded ImageBaseAddress 'ntoskrnl.exe'
'AndroidKernel.log':
--- snip --- [424][436][21:20:10.566]: DriverEntry: PsCalcProcessMD5 C:\Program Files (x86)\SmartGaGa\ProjectTitan\Engine\AndroidKernelX64.sys Fail! --- snip ---
Stable download link via Internet Archive for documentation.
https://web.archive.org/web/20210212083145/https://dl.filehorse.com/win/desk...
https://www.virustotal.com/gui/file/a2928782e205ebe45317c54378136263fb69a4ea...
$ sha1sum Setup_AndroidFs442_1.1.646.1.exe 8cec18338e1e931433ac37f63d26a701dfcbd0dd Setup_AndroidFs442_1.1.646.1.exe
$ du -sh Setup_AndroidFs442_1.1.646.1.exe 203M Setup_AndroidFs442_1.1.646.1.exe
$ wine --version wine-7.0-rc4
Regards