[Bug 49267] New: Denuvo Anti-Cheat 'denuvo-anti-cheat.sys' needs support for CustomTimerDpc via ntoskrnl.exe.KeSetTimer{Ex}
https://bugs.winehq.org/show_bug.cgi?id=49267
Bug ID: 49267 Summary: Denuvo Anti-Cheat 'denuvo-anti-cheat.sys' needs support for CustomTimerDpc via ntoskrnl.exe.KeSetTimer{Ex} Product: Wine Version: 5.9 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: ntoskrnl Assignee: wine-bugs@winehq.org Reporter: focht@gmx.net Distribution: ---
Hello folks,
continuation of bug 49230 (split out from bug 49194).
--- snip --- $ WINEDEBUG=+seh,+relay,+int,+ntoskrnl,+ntdll,+reg wine net start "Denuvo Anti-Cheat" >>log.txt 2>&1 ... 00f8:Call ntoskrnl.exe.KeInitializeTimer(04b600c4) ret=00caeab7 00f8:trace:ntoskrnl:KeInitializeTimerEx timer 0000000004B600C4, type 0. 00f8:Ret ntoskrnl.exe.KeInitializeTimer() retval=00000020 ret=00caeab7 00f8:Call ntoskrnl.exe.KeInitializeDpc(04b60104,00caecf0,04b6009c) ret=00caeacb 00f8:fixme:ntoskrnl:KeInitializeDpc Dpc 0000000004B60104, DeferredRoutine 0000000000CAECF0, DeferredContext 0000000004B6009C, Dpc->DeferredRoutine 0000000000000000 stub 00f8:Ret ntoskrnl.exe.KeInitializeDpc() retval=00000085 ret=00caeacb 00f8:Call ntoskrnl.exe.KeSetTimer(04b600c4,ffffffffff676980,04b60104) ret=00caeae9 00f8:trace:ntoskrnl:KeSetTimer Timer 0000000004B600C4, DueTime ffffffffff676980, Dpc 0000000004B60104. 00f8:trace:ntoskrnl:KeSetTimerEx timer 0000000004B600C4, duetime ffffffffff676980, period 0, dpc 0000000004B60104. 00f8:fixme:ntoskrnl:KeSetTimerEx Unhandled DPC 0000000004B60104. 00f8:Ret ntoskrnl.exe.KeSetTimer() retval=00000000 ret=00caeae9 ... --- snip ---
Wine source:
https://source.winehq.org/git/wine.git/blob/e48fabff525061c8eea9558084a97308...
--- snip --- 414 /*********************************************************************** 415 * KeSetTimerEx (NTOSKRNL.EXE.@) 416 */ 417 BOOLEAN WINAPI KeSetTimerEx( KTIMER *timer, LARGE_INTEGER duetime, LONG period, KDPC *dpc ) 418 { 419 BOOL ret; 420 421 TRACE("timer %p, duetime %s, period %d, dpc %p.\n", 422 timer, wine_dbgstr_longlong(duetime.QuadPart), period, dpc); 423 424 if (dpc) 425 { 426 FIXME("Unhandled DPC %p.\n", dpc); 427 return FALSE; 428 } 429 ... --- snip ---
Microsoft docs (how this is supposed to work):
https://docs.microsoft.com/en-us/windows-hardware/drivers/kernel/registering...
It includes a nice diagram that illustrates the usage of timer and DPC objects for a CustomTimerDpc routine.
Created snapshot of the page via Internet Archive in case it gets "lost".
$ wine --version wine-5.9-107-g3104715700
Regards
https://bugs.winehq.org/show_bug.cgi?id=49267
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- URL| |https://store.steampowered. | |com/app/782330/ Keywords| |obfuscation
https://bugs.winehq.org/show_bug.cgi?id=49267
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|NEW |RESOLVED Fixed by SHA1| |a4a903f97a11625ea36a8eb0425 | |f89be44d853c0
--- Comment #1 from Anastasius Focht focht@gmx.net --- Hello folks,
this is fixed by commits:
* https://source.winehq.org/git/wine.git/commitdiff/e49be2db28bbcd7ac82326c9cc... ("ntoskrnl.exe: Partially implement KeInitializeDpc() function.)
* https://source.winehq.org/git/wine.git/commitdiff/68a03b6393220a8f24f862da9d... ("ntoskrnl.exe: Reimplement KeSetTimerEx() on top of thread pool.")
* https://source.winehq.org/git/wine.git/commitdiff/4584ffaddae059ae2308d6f1f8... ("ntoskrnl.exe: Avoid leaking events on multipe KeSetTimerEx() calls.")
* https://source.winehq.org/git/wine.git/commitdiff/6cb3588969a9cbad1232dfdb9c... ("ntoskrnl.exe: Cancel active timer before setting it.")
* https://source.winehq.org/git/wine.git/commitdiff/a4a903f97a11625ea36a8eb042... ("ntoskrnl.exe: Support DPCs with timers.")
Thanks Paul
--- snip --- ... 00f8:Call ntoskrnl.exe.KeInitializeTimer(04b600c4) ret=00caeab7 00f8:trace:ntoskrnl:KeInitializeTimerEx timer 0000000004B600C4, type 0. 00f8:Ret ntoskrnl.exe.KeInitializeTimer() retval=00000020 ret=00caeab7 00f8:Call ntoskrnl.exe.KeInitializeDpc(04b60104,00caecf0,04b6009c) ret=00caeacb 00f8:fixme:ntoskrnl:KeInitializeDpc dpc 0000000004B60104, deferred_routine 0000000000CAECF0, deferred_context 0000000004B6009C semi-stub. 00f8:Ret ntoskrnl.exe.KeInitializeDpc() retval=00000066 ret=00caeacb 00f8:Call ntoskrnl.exe.KeSetTimer(04b600c4,ffffffffff676980,04b60104) ret=00caeae9 00f8:trace:ntoskrnl:KeSetTimer timer 0000000004B600C4, duetime ffffffffff676980, dpc 0000000004B60104. 00f8:trace:ntoskrnl:KeSetTimerEx timer 0000000004B600C4, duetime ffffffffff676980, period 0, dpc 0000000004B60104. 00f8:Call KERNEL32.CreateThreadpoolTimer(0023b1c0,04b600c4,00000000) ret=0023b083 00f8:Call ntdll.TpAllocTimer(0706fa98,0023b1c0,04b600c4,00000000) ret=7b054ce9 00f8:Ret ntdll.TpAllocTimer() retval=00000000 ret=7b054ce9 00f8:Ret KERNEL32.CreateThreadpoolTimer() retval=000fc050 ret=0023b083 00f8:Call ntdll.TpSetTimer(000fc050,0706fb68,00000000,00000000) ret=0023b0d3 00f8:Ret ntdll.TpSetTimer() retval=00000000 ret=0023b0d3 00f8:Ret ntoskrnl.exe.KeSetTimer() retval=0706fb00 ret=00caeae9 ... 00fc:Starting thread proc 0x7bcd18b0 (arg=0x78fa30) ... 00fc:trace:ntoskrnl:ke_timer_complete_proc instance 000000000717FC90, timer 0000000004B6016C, tp_timer 000000000078FB40. 00fc:trace:ntoskrnl:ke_timer_complete_proc Calling dpc->DeferredRoutine 0000000000CAECF0, dpc->DeferredContext 0000000004B60144. 00fc:Call ntoskrnl.exe.KeAcquireSpinLockRaiseToDpc(008ec0c8) ret=00c890b3 00fc:trace:ntoskrnl:KeAcquireSpinLockRaiseToDpc lock 00000000008EC0C8. 00fc:trace:ntoskrnl:KeAcquireSpinLockAtDpcLevel lock 00000000008EC0C8. 00fc:Ret ntoskrnl.exe.KeAcquireSpinLockRaiseToDpc() retval=00000000 ret=00c890b3 00fc:Call ntoskrnl.exe.KeReleaseSpinLock(008ec0c8,00000000) ret=00c83ad9 00fc:trace:ntoskrnl:KeReleaseSpinLock lock 00000000008EC0C8, irql 0. 00fc:trace:ntoskrnl:KeReleaseSpinLockFromDpcLevel lock 00000000008EC0C8. 00fc:Ret ntoskrnl.exe.KeReleaseSpinLock() retval=00000001 ret=00c83ad9 00fc:Call ntoskrnl.exe.KeAcquireSpinLockRaiseToDpc(008e41d8) ret=00c890b3 00fc:trace:ntoskrnl:KeAcquireSpinLockRaiseToDpc lock 00000000008E41D8. 00fc:trace:ntoskrnl:KeAcquireSpinLockAtDpcLevel lock 00000000008E41D8. 00fc:Ret ntoskrnl.exe.KeAcquireSpinLockRaiseToDpc() retval=00000000 ret=00c890b3 00fc:Call ntoskrnl.exe.KeReleaseSpinLock(008e41d8,00000000) ret=00c84909 00fc:trace:ntoskrnl:KeReleaseSpinLock lock 00000000008E41D8, irql 0. 00fc:trace:ntoskrnl:KeReleaseSpinLockFromDpcLevel lock 00000000008E41D8. 00fc:Ret ntoskrnl.exe.KeReleaseSpinLock() retval=00000001 ret=00c84909 00fc:Call ntoskrnl.exe.KeSetEvent(008e41e0,00000000,00000000) ret=00c846df 00fc:trace:ntoskrnl:KeSetEvent event 00000000008E41E0, increment 0, wait 0. 00fc:Call KERNEL32.SetEvent(00000050) ret=0023abe9 00fc:Call ntdll.NtSetEvent(00000050,00000000) ret=7b050b0d 00fc:Ret ntdll.NtSetEvent() retval=00000000 ret=7b050b0d ... 00f8:Ret ntdll.NtWaitForMultipleObjects() retval=00000000 ret=0023a7e9 ... 00fc:Ret KERNEL32.SetEvent() retval=00000001 ret=0023abe9 00fc:Ret ntoskrnl.exe.KeSetEvent() retval=00000000 ret=00c846df ... 00f8:Call KERNEL32.CloseHandle(00000050) ret=0023a8a7 00f8:Call ntdll.NtClose(00000050) ret=7b03b564 00f8:Ret ntdll.NtClose() retval=00000000 ret=7b03b564 00f8:Ret KERNEL32.CloseHandle() retval=00000001 ret=0023a8a7 00f8:Ret ntoskrnl.exe.KeWaitForSingleObject() retval=00000000 ret=00c8470b --- snip ---
$ wine --version wine-5.9-154-gf6595bbdff
Regards
https://bugs.winehq.org/show_bug.cgi?id=49267
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #2 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 5.10.
-
WineHQ Bugzilla