[Bug 44588] New: Multiple kernel drivers need ntoskrnl.exe.KeWaitForMultipleObjects semi-stub (Franson VSerial service 'bizvserialnt.sys')
https://bugs.winehq.org/show_bug.cgi?id=44588
Bug ID: 44588 Summary: Multiple kernel drivers need ntoskrnl.exe.KeWaitForMultipleObjects semi-stub (Franson VSerial service 'bizvserialnt.sys') Product: Wine Version: 3.2 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: ntoskrnl Assignee: wine-bugs@winehq.org Reporter: focht@gmx.net Distribution: ---
Hello folks,
continuation of bug 32186
copy/pasta of my comments from https://bugs.winehq.org/show_bug.cgi?id=32186#c3
With the stub added, the return value 'STATUS_NOT_IMPLEMENTED' causes an endless looping in driver:
--- snip --- ... fixme:ntoskrnl:KeWaitForMultipleObjects (2, 0x64ea4c, 1, 0, 0, 0, (nil), 0x64ea1c): stub fixme:ntoskrnl:KeWaitForMultipleObjects (2, 0x64ea4c, 1, 0, 0, 0, (nil), 0x64ea1c): stub ... <spam> --- snip ---
The driver creates a secondary "system thread" using PsCreateSystemThread() which calls KeWaitForMultipleObjects().
Only in case of STATUS_SUCCESS return value the loop is exited and the driver is happy, probably waiting for ioctls from client.
Download: http://gpsgate.com/download
$ sha1sum GpsGateClient.exe bd5ac140199054a7b4502994439fcc78009fee35 GpsGateClient.exe
$ du -sh GpsGateClient.exe 2.5M GpsGateClient.exe
$ wine --version wine-3.2-173-gea82a00a42
Regards
https://bugs.winehq.org/show_bug.cgi?id=44588
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- URL| |http://update.gpsgate.com/i | |nstall/GpsGateClient.exe Keywords| |download, hardware
https://bugs.winehq.org/show_bug.cgi?id=44588
mirh mirh@protonmail.ch changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mirh@protonmail.ch
https://bugs.winehq.org/show_bug.cgi?id=44588
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.winehq.org/sho | |w_bug.cgi?id=44924
https://bugs.winehq.org/show_bug.cgi?id=44588
tokktokk fdsfgs@krutt.org changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |fdsfgs@krutt.org
https://bugs.winehq.org/show_bug.cgi?id=44588
Zebediah Figura z.figura12@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |z.figura12@gmail.com Staged patchset| |https://github.com/wine-sta | |ging/wine-staging/tree/mast | |er/patches/ntoskrnl-Synchro | |nization Status|NEW |STAGED
--- Comment #1 from Zebediah Figura z.figura12@gmail.com --- I've written a patchset that implements kernel synchronization objects; it seems to work here.
https://bugs.winehq.org/show_bug.cgi?id=44588
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|Multiple kernel drivers |Many kernel drivers need |need |support for kernel |ntoskrnl.exe.KeWaitForMulti |synchronization objects |pleObjects semi-stub |(event, semaphore, mutex) |(Franson VSerial service |(BattleEye's 'bedaisy.sys', |'bizvserialnt.sys') |Franson VSerial service | |'bizvserialnt.sys')
--- Comment #2 from Anastasius Focht focht@gmx.net --- Hello Zebediah,
thanks for the work. Looking forward to have this upstreamed - hopefully it doesn't take years ;-)
The support for synchronization objects is required by all drivers that use secondary threads. For BattleEye's 'bedaisy.sys' suffers a crash in unload phase:
--- snip --- ... 0057:Call ntoskrnl.exe.PsCreateSystemThread(0043e964,001fffff,0043e968,00000000,00000000,005632de,00000000) ret=005f346a 0057:Call ntdll.RtlCreateUserThread(ffffffff,00000000,00000000,00000000,00000000,00000000,005632de,00000000,0043e964,00000000) ret=7e985936 0057:Ret ntdll.RtlCreateUserThread() retval=00000000 ret=7e985936 0057:Ret ntoskrnl.exe.PsCreateSystemThread() retval=00000000 ret=005f346a 0057:Call ntoskrnl.exe.ObReferenceObjectByHandle(0000003c,001fffff,00000000,00000000,0056c554,00000000) ret=0060b15f 0057:fixme:ntoskrnl:ObReferenceObjectByHandle stub: 0x3c 1fffff (nil) 0 0x56c554 (nil) 0057:Ret ntoskrnl.exe.ObReferenceObjectByHandle() retval=00000000 ret=0060b15f 0057:Call ntoskrnl.exe.ZwClose(0000003c) ret=005bfa82 0057:Call ntdll.NtClose(0000003c) ret=7bc815f7 0057:Ret ntdll.NtClose() retval=00000000 ret=7bc815f7 0059:Call PE DLL (proc=0xf7b1c1ce,module=0xf7ad0000 L"rpcrt4.dll",reason=THREAD_ATTACH,res=(nil)) .... 0057:fixme:ntoskrnl:PsSetCreateProcessNotifyRoutineEx stub: 0x5611dc 0 0057:Ret ntoskrnl.exe.PsSetCreateProcessNotifyRoutineEx() retval=00000000 ret=0059901a 0059:Starting thread proc 0x5632de (arg=(nil)) ... 0057:Call driver unload 0x56174c (obj=0x11cc08) 0057:Call ntoskrnl.exe.KeSetEvent(0056c4f8,00000000,00000000) ret=005becc8 0057:fixme:ntoskrnl:KeSetEvent (0x56c4f8, 0, 0): stub 0057:Ret ntoskrnl.exe.KeSetEvent() retval=00000000 ret=005becc8 0057:Call ntoskrnl.exe.KeWaitForSingleObject(deadbeaf,00000000,00000000,00000000,00000000) ret=005b49c8 0057:fixme:ntoskrnl:KeWaitForSingleObject stub: 0xdeadbeaf, 0, 0, 0, (nil) 0057:Ret ntoskrnl.exe.KeWaitForSingleObject() retval=c0000002 ret=005b49c8 0057:trace:ntoskrnl:ObDereferenceObject (0xdeadbeaf): stub 0057:Call ntoskrnl.exe.PsSetCreateProcessNotifyRoutineEx(005611dc,00000001) ret=005ad28f 0057:fixme:ntoskrnl:PsSetCreateProcessNotifyRoutineEx stub: 0x5611dc 1 0057:Ret ntoskrnl.exe.PsSetCreateProcessNotifyRoutineEx() retval=00000000 ret=005ad28f 0057:Call fltmgr.sys.FltUnregisterFilter(deadbeaf) ret=0065b677 0057:fixme:fltmgr:FltUnregisterFilter (0xdeadbeaf): stub 0057:Ret fltmgr.sys.FltUnregisterFilter() retval=00000039 ret=0065b677 0057:Call ntoskrnl.exe.PsRemoveCreateThreadNotifyRoutine(0056145e) ret=00662852 0057:fixme:ntoskrnl:PsRemoveCreateThreadNotifyRoutine stub: 0x56145e 0057:Ret ntoskrnl.exe.PsRemoveCreateThreadNotifyRoutine() retval=00000000 ret=00662852 0057:Call ntoskrnl.exe.PsRemoveLoadImageNotifyRoutine(00561f16) ret=005aeee4 0057:fixme:ntoskrnl:PsRemoveLoadImageNotifyRoutine stub: 0x561f16 0057:Ret ntoskrnl.exe.PsRemoveLoadImageNotifyRoutine() retval=00000000 ret=005aeee4 ... 0057:Ret ntoskrnl.exe.IoDeleteSymbolicLink() retval=00000000 ret=005c1278 0057:Call ntoskrnl.exe.IoDeleteDevice(001202f8) ret=005689a6 0057:trace:ntoskrnl:IoDeleteDevice 0x1202f8 ... 0057:Ret ntoskrnl.exe.IoDeleteDevice() retval=00000001 ret=005689a6 0057:Ret driver unload 0x56174c (obj=0x11cc08) 0057:Call KERNEL32.FreeLibrary(00560000) ret=7e980f00 0057:Call PE DLL (proc=0xf7d2e27c,module=0xf7d20000 L"hal.dll",reason=PROCESS_DETACH,res=(nil)) 0057:Ret PE DLL (proc=0xf7d2e27c,module=0xf7d20000 L"hal.dll",reason=PROCESS_DETACH,res=(nil)) retval=1 0057:Ret KERNEL32.FreeLibrary() retval=00000001 ret=7e980f00 0057:trace:ntoskrnl:IoDeleteDriver (0x11cc08) ... 0057:Call advapi32.SetServiceStatus(0011caf8,0043fc74) ret=7e980d5a ... 0059:Call ntoskrnl.exe.ZwQuerySystemInformation(00000005,00121fe8,0000132c,0087fed8) ret=005635a3 0059:Call ntdll.NtQuerySystemInformation(00000005,00121fe8,0000132c,0087fed8) ret=7bc815f7 0059:Ret ntdll.NtQuerySystemInformation() retval=00000000 ret=7bc815f7 0059:Ret ntoskrnl.exe.ZwQuerySystemInformation() retval=00000000 ret=005635a3 0059:Call ntoskrnl.exe.PsGetProcessId(90909090) ret=0066d51a 0059:fixme:ntoskrnl:PsGetProcessId stub: 0x90909090 0059:Ret ntoskrnl.exe.PsGetProcessId() retval=00000000 ret=0066d51a 0059:Call ntoskrnl.exe.KeWaitForSingleObject(0056c4f8,00000000,00000000,00000000,0087fecc) ret=005ee4e5 0059:fixme:ntoskrnl:KeWaitForSingleObject stub: 0x56c4f8, 0, 0, 0, 0x87fecc 0059:Ret ntoskrnl.exe.KeWaitForSingleObject() retval=c0000002 ret=005ee4e5 0059:Call ntoskrnl.exe.KeWaitForSingleObject(0056c528,00000000,00000000,00000000,00000000) ret=005779cc 0059:fixme:ntoskrnl:KeWaitForSingleObject stub: 0x56c528, 0, 0, 0, (nil) 0059:Ret ntoskrnl.exe.KeWaitForSingleObject() retval=c0000002 ret=005779cc 0059:Call ntoskrnl.exe.KeReleaseMutex(0056c528,00000000) ret=005755da 0059:fixme:ntoskrnl:KeReleaseMutex stub: 0x56c528, 0 0059:Ret ntoskrnl.exe.KeReleaseMutex() retval=c0000002 ret=005755da 0059:Call ntoskrnl.exe.ZwQuerySystemInformation(00000005,00121fe8,0000132c,0087fed8) ret=005635a3 0059:Call ntdll.NtQuerySystemInformation(00000005,00121fe8,0000132c,0087fed8) ret=7bc815f7 0059:Ret ntdll.NtQuerySystemInformation() retval=00000000 ret=7bc815f7 0059:Ret ntoskrnl.exe.ZwQuerySystemInformation() retval=00000000 ret=005635a3 0059:Call ntoskrnl.exe.PsGetProcessId(90909090) ret=0066d51a 0059:fixme:ntoskrnl:PsGetProcessId stub: 0x90909090 0059:Ret ntoskrnl.exe.PsGetProcessId() retval=00000000 ret=0066d51a 0059:Call ntoskrnl.exe.KeWaitForSingleObject(0056c4f8,00000000,00000000,00000000,0087fecc) ret=005ee4e5 0059:fixme:ntoskrnl:KeWaitForSingleObject stub: 0x56c4f8, 0, 0, 0, 0x87fecc 0059:Ret ntoskrnl.exe.KeWaitForSingleObject() retval=c0000002 ret=005ee4e5 0059:Call ntoskrnl.exe.KeWaitForSingleObject(0056c528,00000000,00000000,00000000,00000000) ret=005779cc 0059:fixme:ntoskrnl:KeWaitForSingleObject stub: 0x56c528, 0, 0, 0, (nil) 0059:Ret ntoskrnl.exe.KeWaitForSingleObject() retval=c0000002 ret=005779cc 0059:Call ntoskrnl.exe.KeReleaseMutex(0056c528,00000000) ret=005755da 0059:fixme:ntoskrnl:KeReleaseMutex stub: 0x56c528, 0 0059:Ret ntoskrnl.exe.KeReleaseMutex() retval=c0000002 ret=005755da 0059:Call ntoskrnl.exe.ZwQuerySystemInformation(00000005,00121fe8,0000132c,0087fed8) ret=005635a3 0059:Call ntdll.NtQuerySystemInformation(00000005,00121fe8,0000132c,0087fed8) ret=7bc815f7 0059:Ret ntdll.NtQuerySystemInformation() retval=00000000 ret=7bc815f7 0059:Ret ntoskrnl.exe.ZwQuerySystemInformation() retval=00000000 ret=005635a3 0059:trace:seh:raise_exception code=c0000005 flags=0 addr=0x5635a3 ip=005635a3 tid=0059 0059:trace:seh:raise_exception info[0]=00000008 0059:trace:seh:raise_exception info[1]=005635a3 0059:trace:seh:raise_exception eax=00000000 ebx=00000000 ecx=0000132c edx=00000f2c esi=00000007 edi=00000000 0059:trace:seh:raise_exception ebp=0087fedc esp=0087fec0 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010202 0059:trace:seh:call_vectored_handlers calling handler at 0x7e97ecb1 code=c0000005 flags=0 0059:trace:seh:raise_exception code=c0000005 flags=0 addr=0x7e97e567 ip=7e97e567 tid=0059 0059:trace:seh:raise_exception info[0]=00000000 0059:trace:seh:raise_exception info[1]=005635a3 0059:trace:seh:raise_exception eax=005635a3 ebx=00000023 ecx=0087fa30 edx=0087fe68 esi=0000002b edi=0000002b 0059:trace:seh:raise_exception ebp=0087f9e8 esp=0087f970 cs=0023 ds=002b es=002b fs=0063 gs=006b flags=00010202 0059:trace:seh:call_vectored_handlers calling handler at 0x7e97ecb1 code=c0000005 flags=0 0059:trace:seh:call_vectored_handlers handler at 0x7e97ecb1 returned 0 0059:trace:seh:call_stack_handlers calling handler at 0x7bcb3cc3 code=c0000005 flags=0 0059:Call KERNEL32.UnhandledExceptionFilter(0087f474) ret=7bcb3cfe --- snip ---
The kernel module gets unmapped on unload while a secondary thread is still running. Upon return from API call, it crashes in secondary thread because the page is no longer mapped.
I'm refining the summary to be a bit more generic to track the drivers suffering from lack of synchronization object support here. I know it's kinda turning into a meta-bug then but unlike many other bugs, targeting a single stub is not really useful as it requires more infrastructure.
The timer object parts could be split off in an own ticket with dependency to this one. Not all drivers require this hence I only mentioned the basic sync objects.
Regards
https://bugs.winehq.org/show_bug.cgi?id=44588
--- Comment #3 from Zebediah Figura z.figura12@gmail.com --- (In reply to Anastasius Focht from comment #2)
Hello Zebediah,
thanks for the work. Looking forward to have this upstreamed - hopefully it doesn't take years ;-)
Yeah, I'm just holding off on upstreaming it at the moment since I'm working on bug 14078 (and also upstreaming a lot of quartz work) and I don't want to upstream two large patchsets at once.
The timer object parts could be split off in an own ticket with dependency to this one. Not all drivers require this hence I only mentioned the basic sync objects.
Probably, yeah. There are also a few parts of timers that'll need more work, notably DPCs. They shouldn't be too hard to implement, though.
https://bugs.winehq.org/show_bug.cgi?id=44588
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|STAGED |RESOLVED Keywords| |obfuscation Fixed by SHA1| |b9e556d5e8a47a23e8d3d919f73 | |f260de8a10eb9
--- Comment #4 from Anastasius Focht focht@gmx.net --- Hello folks,
this is fixed by commits:
* https://source.winehq.org/git/wine.git/commitdiff/b9e556d5e8a47a23e8d3d919f7... ("ntoskrnl.exe: Implement KeClearEvent().") * https://source.winehq.org/git/wine.git/commitdiff/af0c6b5caea8970e5caebb0304... ("ntoskrnl.exe: Implement KeWaitForMutexObject().") * https://source.winehq.org/git/wine.git/commitdiff/1aaabb781b6c1a59ea0573a57d... ("ntoskrnl.exe: Implement KeReleaseMutex() and waiting on mutexes.") * https://source.winehq.org/git/wine.git/commitdiff/e3223f30aa298044dcf5c72e0a... ("ntoskrnl.exe: Implement KeInitializeMutex().") * https://source.winehq.org/git/wine.git/commitdiff/4824d7217b61111da499ea003b... ("ntoskrnl.exe: Implement KeReleaseSemaphore() and waiting on semaphores.") * https://source.winehq.org/git/wine.git/commitdiff/8589d094ff576db6d733c74412... ("ntoskrnl.exe: Implement KeInitializeSemaphore().")
* https://source.winehq.org/git/wine.git/commitdiff/05b278675f4b213fe881bbc617... ("ntoskrnl.exe: Implement KeWaitForSingleObject().") * https://source.winehq.org/git/wine.git/commitdiff/6345787cf48dac02c17fb8848c... ("ntoskrnl.exe: Implement KeResetEvent().") * https://source.winehq.org/git/wine.git/commitdiff/469c2fd4d73ae84c716a61630e... ("ntoskrnl.exe: Implement KeSetEvent().") * https://source.winehq.org/git/wine.git/commitdiff/a29204cb1326f8344bde20a273... ("ntoskrnl.exe: Implement KeInitializeEvent().") * https://source.winehq.org/git/wine.git/commitdiff/d3b2517c8864c5cc4bc35dccc3... ("ntoskrnl.exe: Implement KeWaitForMultipleObjects().")
Thanks Zebediah
--- snip --- $ WINEDEBUG=+seh,+loaddll,+process,+service,+ntoskrnl wineboot >>log.txt 2>&1 ... 000f:trace:service:scmdatabase_load_services Loading service L"bizVSerial" 000f:trace:service:load_service_config Image path = L"System32\drivers\bizVSerialNT.sys" 000f:trace:service:load_service_config Group = (null) 000f:trace:service:load_service_config Service account name = L"LocalSystem" 000f:trace:service:load_service_config Display name = L"Franson VSerial" 000f:trace:service:load_service_config Service dependencies : (none) 000f:trace:service:load_service_config Group dependencies : (none) ... 0017:trace:service:service_thread 0x10d60 0017:trace:service:SERV_OpenSCManagerW ((null),(null),0x00000001) 0015:trace:service:svcctl_OpenSCManagerW ((null), (null), 1) 0017:trace:service:SERV_OpenSCManagerW returning 0x11920 0017:trace:service:RegisterServiceCtrlHandlerExW L"winedevice" 0x7f47d7011ab0 0x11800 0017:trace:service:SetServiceStatus 0x110c0 30 4 5 0 0 0 0 ... 000f:trace:service:process_send_start_message 0x143b0 L"bizVSerial" (nil) 0 0016:trace:service:service_handle_control L"winedevice" control 2147483648 data 0x11bb2 data_size 22 0016:trace:ntoskrnl:ZwLoadDriver (L"\Registry\Machine\System\CurrentControlSet\Services\bizVSerial") ... 0016:trace:service:QueryServiceConfigW Image path = L"System32\drivers\bizVSerialNT.sys" 0016:trace:service:QueryServiceConfigW Group = L"" 0016:trace:service:QueryServiceConfigW Dependencies = L"" 0016:trace:service:QueryServiceConfigW Service account name = L"LocalSystem" 0016:trace:service:QueryServiceConfigW Display name = L"Franson VSerial" 0016:trace:ntoskrnl:open_driver opened service for driver L"\Registry\Machine\System\CurrentControlSet\Services\bizVSerial" 0016:trace:service:SetServiceStatus 0x12e50 30 2 0 0 0 0 2710 0014:trace:service:svcctl_SetServiceStatus (0x15e80, 0x15754) 0016:trace:ntoskrnl:IoCreateDriver (L"\Driver\bizVSerial", 0x7f47c8c949c0) 0016:trace:ntoskrnl:load_driver loading driver L"System32\drivers\bizVSerialNT.sys" 0016:trace:loaddll:load_native_dll Loaded L"C:\windows\System32\drivers\bizVSerialNT.sys" at 0x460000: native 0016:trace:seh:NtRaiseException code=c0000005 flags=0 addr=0x468034 ip=468034 tid=0016 0016:trace:seh:NtRaiseException info[0]=0000000000000000 0016:trace:seh:NtRaiseException info[1]=fffff78000000320 0016:trace:seh:NtRaiseException rax=fffff78000000320 rbx=0000000000013178 rcx=0000000000013010 rdx=0000000000013178 0016:trace:seh:NtRaiseException rsi=00007f47d73b84b1 rdi=00007f47c8cd1c71 rbp=000000000033f8a0 rsp=000000000033f788 0016:trace:seh:NtRaiseException r8=0000000000466100 r9=00002b992ddfa232 r10=000000000000a000 r11=0000000000012ee0 0016:trace:seh:NtRaiseException r12=0000000000013010 r13=0000000000000000 r14=0000000000011b18 r15=0000000000468008 0016:trace:seh:call_vectored_handlers calling handler at 0x7f47c8c93260 code=c0000005 flags=0 0016:trace:seh:call_vectored_handlers handler at 0x7f47c8c93260 returned ffffffff 0016:trace:ntoskrnl:IoCreateDevice (0x13010, 496, L"\Device\bizvSerialMgr", 34, 0, 0, 0x33f790) 0016:trace:ntoskrnl:IoCreateSymbolicLink L"\DosDevices\bizSerialMgr" -> L"\Device\bizvSerialMgr" 0016:trace:ntoskrnl:KeInitializeEvent event 0x136e8, type 0, state 0. 0016:trace:ntoskrnl:KeInitializeEvent event 0x136c8, type 0, state 0. 0016:fixme:ntoskrnl:ObReferenceObjectByHandle stub: 0x3c 1fffff (nil) 0 0x136e0 (nil) 0016:trace:ntoskrnl:init_driver init done for L"bizVSerial" obj 0x13010 0016:trace:ntoskrnl:init_driver - DriverInit = 0x468008 0016:trace:ntoskrnl:init_driver - DriverStartIo = (nil) 0016:trace:ntoskrnl:init_driver - DriverUnload = 0x4613c0 0016:trace:ntoskrnl:init_driver - MajorFunction[0] = 0x461180 0016:trace:ntoskrnl:init_driver - MajorFunction[1] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[2] = 0x461228 0016:trace:ntoskrnl:init_driver - MajorFunction[3] = 0x46133c 0016:trace:ntoskrnl:init_driver - MajorFunction[4] = 0x461304 0016:trace:ntoskrnl:init_driver - MajorFunction[5] = 0x461398 0018:trace:ntoskrnl:KeWaitForMultipleObjects count 2, objs 0x56fd80, wait_type 1, reason 0, mode 0, alertable 0, timeout (nil), wait_blocks 0x56fd90. 0016:trace:ntoskrnl:init_driver - MajorFunction[6] = 0x461398 0016:trace:ntoskrnl:init_driver - MajorFunction[7] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[8] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[9] = 0x461398 0016:trace:ntoskrnl:init_driver - MajorFunction[10] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[11] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[12] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[13] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[14] = 0x4612e0 0016:trace:ntoskrnl:init_driver - MajorFunction[15] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[16] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[17] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[18] = 0x461374 0016:trace:ntoskrnl:init_driver - MajorFunction[19] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[20] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[21] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[22] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[23] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[24] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[25] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[26] = 0x7f47c8c997b0 0016:trace:ntoskrnl:init_driver - MajorFunction[27] = 0x7f47c8c997b0 0016:trace:service:SetServiceStatus 0x12e50 30 4 5 0 0 0 0 0015:trace:service:svcctl_SetServiceStatus (0x15e80, 0x15cf4) ... 0017:trace:ntoskrnl:unload_driver L"\Driver\bizVSerial" 0017:trace:service:SetServiceStatus 0x12e50 30 3 0 0 0 0 0 ... 0017:trace:ntoskrnl:KeSetEvent event 0x136c8, increment 0, wait 0. 0017:trace:ntoskrnl:KeWaitForMultipleObjects count 1, objs 0x44f900, wait_type 1, reason 6, mode 0, alertable 0, timeout (nil), wait_blocks (nil). 0018:trace:ntoskrnl:KeResetEvent event 0x136c8. 0017:trace:seh:NtRaiseException code=c0000005 flags=0 addr=0x7f47c8ca3183 ip=7f47c8ca3183 tid=0017 0017:trace:seh:NtRaiseException info[0]=0000000000000001 0017:trace:seh:NtRaiseException info[1]=00000000deadbeb7 0017:trace:seh:NtRaiseException rax=00000000deadbeaf rbx=000000000044f900 rcx=00007f47d6aed879 rdx=0000000000000000 0017:trace:seh:NtRaiseException rsi=000000000044f5c0 rdi=0000000000000000 rbp=000000000044f8a0 rsp=000000000044f580 0017:trace:seh:NtRaiseException r8=0000000000000000 r9=0000000000000000 r10=000000000044f340 r11=0000000000000246 0017:trace:seh:NtRaiseException r12=0000000000013010 r13=0000000000000001 r14=000000000044f908 r15=000000000044f900 0017:trace:seh:call_vectored_handlers calling handler at 0x7f47c8c93260 code=c0000005 flags=0 ... wine: Unhandled page fault on write access to 0xdeadbeb7 at address 0x7f47c8ca3183 (thread 0017), starting debugger... 0017:trace:seh:start_debugger Starting debugger "winedbg --auto 17 60" 0017:trace:process:CreateProcessInternalW app (null) cmdline L"winedbg --auto 17 60" 0017:trace:process:find_exe_file looking for L"winedbg" 0017:trace:process:find_exe_file Trying native exe L"C:\windows\system32\winedbg.exe" 0017:trace:process:CreateProcessInternalW starting L"C:\windows\system32\winedbg.exe" as Win64 binary (10000000-10018000, x86_64) 0017:err:seh:start_debugger Couldn't start debugger ("winedbg --auto 17 60") (1115) --- snip ---
The crash during unloading of driver(s) is a different issue ('ObReferenceObjectByHandle' has to return a proper kernel object). I will create a new ticket for that.
$ wine --version wine-3.21-87-g65677e2b2f
Regards
https://bugs.winehq.org/show_bug.cgi?id=44588
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #5 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 4.0-rc1.
https://bugs.winehq.org/show_bug.cgi?id=44588
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- URL|http://update.gpsgate.com/i |https://web.archive.org/web |nstall/GpsGateClient.exe |/20170608071455/http://upda | |te.gpsgate.com/install/GpsG | |ateClient.exe
-
wine-bugs@winehq.org -
WineHQ Bugzilla