[Bug 51939] New: Riot Vanguard (Riot Games) v1.0.x.x 'vgk.sys' crashes on unimplemented function ntoskrnl.exe.IoCreateFileEx
https://bugs.winehq.org/show_bug.cgi?id=51939
Bug ID: 51939 Summary: Riot Vanguard (Riot Games) v1.0.x.x 'vgk.sys' crashes on unimplemented function ntoskrnl.exe.IoCreateFileEx Product: Wine Version: 6.20 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: ntoskrnl Assignee: wine-bugs@winehq.org Reporter: focht@gmx.net Distribution: ---
Hello folks,
as it says.
--- snip --- $ WINEDEBUG=+seh,+relay,+ntoskrnl,+module,+imports wine net start vgk >>log.txt 2>&1 ... 0118:trace:module:load_dll Found L"C:\windows\system32\ntoskrnl.exe" for L"ntoskrnl.exe" at 00000000003E0000, count=-1 0118:warn:module:import_dll No implementation for ntoskrnl.exe.KeIpiGenericCall imported from L"C:\Program Files\Riot Vanguard\vgk.sys", setting to 0000000001370000 0118:trace:imports:import_dll --- KeIpiGenericCall ntoskrnl.exe.1081 = 0000000001370000 0118:trace:imports:import_dll --- __C_specific_handler ntoskrnl.exe.2777 = 00000000003EC1F4 0118:trace:imports:import_dll --- ExFreePoolWithTag ntoskrnl.exe.196 = 00000000003E5EA8 0118:trace:imports:import_dll --- ZwClose ntoskrnl.exe.2560 = 00000000003EAE00 0118:trace:imports:import_dll --- _stricmp ntoskrnl.exe.2801 = 00000000003EC444 0118:trace:imports:import_dll --- RtlDuplicateUnicodeString ntoskrnl.exe.1941 = 00000000003E9034 0118:trace:imports:import_dll --- wcscat_s ntoskrnl.exe.2897 = 00000000003ED0F0 0118:trace:imports:import_dll --- wcscpy_s ntoskrnl.exe.2901 = 00000000003ED184 0118:trace:imports:import_dll --- RtlInitUnicodeString ntoskrnl.exe.2060 = 00000000003E981C 0118:trace:imports:import_dll --- ZwReadFile ntoskrnl.exe.2705 = 00000000003EBB60 0118:trace:imports:import_dll --- ZwWriteFile ntoskrnl.exe.2775 = 00000000003EC1B0 0118:warn:module:import_dll No implementation for ntoskrnl.exe.IoCreateFileEx imported from L"C:\Program Files\Riot Vanguard\vgk.sys", setting to 0000000001370024 0118:trace:imports:import_dll --- IoCreateFileEx ntoskrnl.exe.665 = 0000000001370024 0118:trace:imports:import_dll --- ZwFlushBuffersFile ntoskrnl.exe.2604 = 00000000003EB15C 0118:trace:imports:import_dll --- ZwQuerySystemInformation ntoskrnl.exe.2697 = 00000000003EBA5C 0118:trace:imports:import_dll --- RtlTimeToTimeFields ntoskrnl.exe.2259 = 00000000003EA6B0 0118:warn:module:import_dll No implementation for ntoskrnl.exe.KeAreAllApcsDisabled imported from L"C:\Program Files\Riot Vanguard\vgk.sys", setting to 0000000001370048 0118:trace:imports:import_dll --- KeAreAllApcsDisabled ntoskrnl.exe.986 = 0000000001370048 0118:trace:imports:import_dll --- ExSystemTimeToLocalTime ntoskrnl.exe.302 = 00000000003E60A8 0118:trace:imports:import_dll --- swprintf_s ntoskrnl.exe.2885 = 0000000000402460 0118:trace:imports:import_dll --- vswprintf_s ntoskrnl.exe.2895 = 00000000003ED0A0 0118:trace:imports:import_dll --- _vsnwprintf ntoskrnl.exe.2818 = 00000000003EC66C 0118:trace:imports:import_dll --- KeInitializeApc ntoskrnl.exe.1049 = 00000000003E6E38 0118:trace:imports:import_dll --- KeInsertQueueApc ntoskrnl.exe.1074 = 00000000003E3520 0118:trace:imports:import_dll --- ExAllocatePoolWithTag ntoskrnl.exe.157 = 00000000003E5DB0 0118:trace:imports:import_dll --- KeBugCheckEx ntoskrnl.exe.990 = 00000000003E6D44 0118:trace:module:build_module loaded L"\??\C:\Program Files\Riot Vanguard\vgk.sys" 00000000001740D0 0000000000DB0000 0118:trace:module:load_dll Loaded module L"\??\C:\Program Files\Riot Vanguard\vgk.sys" at 0000000000DB0000 0118:trace:module:process_attach (L"vgk.sys",0000000000000000) - START 0118:trace:module:process_attach (L"cng.sys",0000000000000000) - START 0118:Call LDR notification callback (proc=00000000003F7C30,reason=1,data=0000000000C6F2C0,context=0000000000000000) ... 0118:trace:ntoskrnl:ldr_notify_callback loading L"cng.sys" ... 0118:Ret LDR notification callback (proc=00000000003F7C30,reason=1,data=0000000000C6F2C0,context=0000000000000000) 0118:Call PE DLL (proc=0000000001341310,module=0000000001340000 L"cng.sys",reason=PROCESS_ATTACH,res=0000000000000000) ... 0118:Ret PE DLL (proc=0000000001341310,module=0000000001340000 L"cng.sys",reason=PROCESS_ATTACH,res=0000000000000000) retval=1 0118:trace:module:process_attach (L"cng.sys",0000000000000000) - END 0118:Call LDR notification callback (proc=00000000003F7C30,reason=1,data=0000000000C6F330,context=0000000000000000) ... 0118:trace:ntoskrnl:ldr_notify_callback loading L"vgk.sys" ... 0118:trace:ntoskrnl:ldr_notify_callback relocating from 0000000140000000-0000000140583000 to 0000000000DB0000-0000000001333000 ... 0118:Call ntoskrnl.exe.RtlInitUnicodeString(00c6f6e0,009f03e0 L"\??\C:\Program Files\Riot Vanguard\Logs\") ret=012f8b18 0118:Call ntdll.RtlInitUnicodeString(00c6f6e0,009f03e0 L"\??\C:\Program Files\Riot Vanguard\Logs\") ret=7bc4278f 0118:Ret ntdll.RtlInitUnicodeString() retval=00000052 ret=7bc4278f 0118:Ret ntoskrnl.exe.RtlInitUnicodeString() retval=00000052 ret=012f8b18 0118:trace:seh:dispatch_exception code=80000100 flags=1 addr=000000007BC312D8 ip=000000007BC312D8 tid=0118 0118:trace:seh:call_vectored_handlers calling handler at 00000000003ED400 code=80000100 flags=1 0118:trace:seh:call_vectored_handlers handler at 00000000003ED400 returned 0 0118:trace:seh:call_handler calling handler 0000000000DEBCC4 (rec=0000000000C6F590, frame=0000000000C6F640 context=0000000000C6EB50, dispatch=0000000000C6EA28) 0118:trace:seh:call_handler handler at 0000000000DEBCC4 returned 1 0118:trace:seh:call_handler calling handler 0000000000DEBCC4 (rec=0000000000C6F590, frame=0000000000C6F770 context=0000000000C6EB50, dispatch=0000000000C6EA28) 0118:trace:seh:call_handler handler at 0000000000DEBCC4 returned 1 0118:trace:seh:call_stack_handlers found wine frame 0000000000C6FE80 rsp 0000000000C6FFE0 handler 000000007BC61270 0118:trace:seh:call_teb_handler calling TEB handler 000000007BC61270 (rec=0000000000C6F590, frame=0000000000C6FE80 context=0000000000C6EB50, dispatch=0000000000C6EA28) 0118:Call ntdll.NtCreateEvent(00c6e6d0,001f0003,00c6e7b0,00000000,00c6e700) ret=7b013093 0118:Ret ntdll.NtCreateEvent() retval=00000000 ret=7b013093 0118:Call ntdll.RtlInitUnicodeString(00c6e6e0,7b070a96 L"\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AeDebug") ret=7b01311a ... wine: Unimplemented function ntoskrnl.exe.IoCreateFileEx called at address 000000007BC312D8 (thread 0118), starting debugger... --- snip ---
Microsoft docs:
https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/ntddk/nf-ntddk...
Wine source:
https://source.winehq.org/git/wine.git/blob/80a30625a70343cf6f38d80d02f640d6...
https://source.winehq.org/git/wine.git/blob/80a30625a70343cf6f38d80d02f640d6...
After that it runs into bug 48988
https://web.archive.org/web/20211026070447/https://riot-client.secure.dyn.ri...
$ sha1sum setup.exe b8ff7192073b701557354f75e9232e8e237e5814 setup.exe
$ du -sh setup.exe 17M setup.exe
$ wine --version wine-6.20-159-g80a30625a70
Regards
https://bugs.winehq.org/show_bug.cgi?id=51939
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- URL| |https://web.archive.org/web | |/20211026070447/https://rio | |t-client.secure.dyn.riotcdn | |.net/channels/public/rccont | |ent/vanguard/1.0.5.251/setu | |p.exe Keywords| |download, obfuscation
https://bugs.winehq.org/show_bug.cgi?id=51939
Tareque Md Hanif tarequemd.hanif@yahoo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |tarequemd.hanif@yahoo.com
https://bugs.winehq.org/show_bug.cgi?id=51939
Ker noa blue-t@web.de changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |blue-t@web.de
https://bugs.winehq.org/show_bug.cgi?id=51939
Etaash Mathamsetty etaash.mathamsetty@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |etaash.mathamsetty@gmail.co | |m
--- Comment #1 from Etaash Mathamsetty etaash.mathamsetty@gmail.com --- I found a really easy way to implement both functions, you can use NtCreateFile and it basically covers 70-80% of what IoCreateFileEx can do!
NTSTATUS WINAPI IoCreateFileEx(HANDLE *handle, ACCESS_MASK access, OBJECT_ATTRIBUTES *attr, IO_STATUS_BLOCK *io, LARGE_INTEGER *alloc_size, ULONG attributes, ULONG sharing, ULONG disposition, ULONG create_options, VOID *ea_buffer, ULONG ea_length, CREATE_FILE_TYPE file_type, VOID *parameters, ULONG options, void* DriverContext ) { FIXME(": semi-stub\n"); return NtCreateFile(handle, access, attr, io, alloc_size, attributes, sharing, disposition, create_options, ea_buffer, ea_length); } /*********************************************************************** * IoCreateFile (NTOSKRNL.EXE.@) */ NTSTATUS WINAPI IoCreateFile(HANDLE *handle, ACCESS_MASK access, OBJECT_ATTRIBUTES *attr, IO_STATUS_BLOCK *io, LARGE_INTEGER *alloc_size, ULONG attributes, ULONG sharing, ULONG disposition, ULONG create_options, VOID *ea_buffer, ULONG ea_length, CREATE_FILE_TYPE file_type, VOID *parameters, ULONG options ) { FIXME(": semi-stub\n"); return IoCreateFileEx(handle, access, attr, io, alloc_size, attributes, sharing, disposition, create_options, ea_buffer, ea_length, file_type, parameters, options, NULL); }
https://bugs.winehq.org/show_bug.cgi?id=51939
--- Comment #2 from Etaash Mathamsetty etaash.mathamsetty@gmail.com --- fixed with https://gitlab.winehq.org/wine/wine/-/commit/e934e746bee9c16ec484abef300ebc0...
https://bugs.winehq.org/show_bug.cgi?id=51939
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Fixed by SHA1| |e934e746bee9c16ec484abef300 | |ebc073828e494 Resolution|--- |FIXED
--- Comment #3 from Anastasius Focht focht@gmx.net --- Hello folks,
indeed fixed by commit https://source.winehq.org/git/wine.git/commitdiff/e934e746bee9c16ec484abef30... ("ntoskrnl: Implement IoCreateFileEx."), part of Wine 7.16 release.
Thanks Etaash.
--- snip --- ... 00f8:trace:module:load_dll looking for L"ntoskrnl.exe" in L"C:\Program Files\Riot Vanguard;C:\windows\system32;C:\windows\system32\drivers;C:\windows\system32\" 00f8:trace:module:load_dll Found L"C:\windows\system32\ntoskrnl.exe" for L"ntoskrnl.exe" at 00000000008B0000, count=-1 00f8:warn:module:import_dll No implementation for ntoskrnl.exe.KeIpiGenericCall imported from L"C:\Program Files\Riot Vanguard\vgk.sys", setting to 00000000025A0000 00f8:trace:imports:import_dll --- KeIpiGenericCall ntoskrnl.exe.1081 = 00000000025A0000 00f8:trace:imports:import_dll --- __C_specific_handler ntoskrnl.exe.2777 = 00000000008BC2D8 00f8:trace:imports:import_dll --- ExFreePoolWithTag ntoskrnl.exe.196 = 00000000008B5E48 00f8:trace:imports:import_dll --- ZwClose ntoskrnl.exe.2560 = 00000000008BAEE4 00f8:trace:imports:import_dll --- _stricmp ntoskrnl.exe.2801 = 00000000008BC528 00f8:trace:imports:import_dll --- RtlDuplicateUnicodeString ntoskrnl.exe.1941 = 00000000008B90D0 00f8:trace:imports:import_dll --- wcscat_s ntoskrnl.exe.2897 = 00000000008BD1D4 00f8:trace:imports:import_dll --- wcscpy_s ntoskrnl.exe.2901 = 00000000008BD268 00f8:trace:imports:import_dll --- RtlInitUnicodeString ntoskrnl.exe.2060 = 00000000008B98DC 00f8:trace:imports:import_dll --- ZwReadFile ntoskrnl.exe.2705 = 00000000008BBC44 00f8:trace:imports:import_dll --- ZwWriteFile ntoskrnl.exe.2775 = 00000000008BC294 00f8:trace:imports:import_dll --- IoCreateFileEx ntoskrnl.exe.665 = 00000000008B640C 00f8:trace:imports:import_dll --- ZwFlushBuffersFile ntoskrnl.exe.2604 = 00000000008BB240 00f8:trace:imports:import_dll --- ZwQuerySystemInformation ntoskrnl.exe.2697 = 00000000008BBB40 00f8:trace:imports:import_dll --- RtlTimeToTimeFields ntoskrnl.exe.2259 = 00000000008BA794 00f8:trace:imports:import_dll --- KeAreAllApcsDisabled ntoskrnl.exe.986 = 00000000008B6D2C 00f8:trace:imports:import_dll --- ExSystemTimeToLocalTime ntoskrnl.exe.302 = 00000000008B6070 00f8:trace:imports:import_dll --- swprintf_s ntoskrnl.exe.2885 = 00000000008D1A30 00f8:trace:imports:import_dll --- vswprintf_s ntoskrnl.exe.2895 = 00000000008BD184 00f8:trace:imports:import_dll --- _vsnwprintf ntoskrnl.exe.2818 = 00000000008BC750 00f8:trace:imports:import_dll --- KeInitializeApc ntoskrnl.exe.1049 = 00000000008B6E70 00f8:trace:imports:import_dll --- KeInsertQueueApc ntoskrnl.exe.1074 = 00000000008B3508 00f8:trace:imports:import_dll --- ExAllocatePoolWithTag ntoskrnl.exe.157 = 00000000008B5D50 00f8:trace:imports:import_dll --- KeBugCheckEx ntoskrnl.exe.990 = 00000000008B6D7C 00f8:trace:module:build_module loaded L"\??\C:\Program Files\Riot Vanguard\vgk.sys" 00000000002678A0 0000000001FE0000 00f8:trace:module:load_dll Loaded module L"\??\C:\Program Files\Riot Vanguard\vgk.sys" at 0000000001FE0000 ... 00f8:Call ntoskrnl.exe.RtlInitUnicodeString(01adf710,015703e0 L"\??\C:\Program Files\Riot Vanguard\Logs\") ret=02528b18 00f8:Call ntdll.RtlInitUnicodeString(01adf710,015703e0 L"\??\C:\Program Files\Riot Vanguard\Logs\") ret=170045c3f 00f8:Ret ntdll.RtlInitUnicodeString() retval=00000052 ret=170045c3f 00f8:Ret ntoskrnl.exe.RtlInitUnicodeString() retval=00000052 ret=02528b18 00f8:Call ntoskrnl.exe.IoCreateFileEx(01adf6f0,c0000000,01adf720,01adf6f8,00000000,00000000,00000003,00000002,00000021,00000000,00000000,00000000,00000000,00000008,00000000) ret=02528b3f 00f8:fixme:ntoskrnl:IoCreateFileEx : semi-stub 00f8:Call ntdll.NtCreateFile(01adf6f0,c0000000,01adf720,01adf6f8,00000000,00000000,00000003,00000002,00000021,00000000,00000000) ret=170045c3f 00f8:Ret ntdll.NtCreateFile() retval=c0000035 ret=170045c3f 00f8:Ret ntoskrnl.exe.IoCreateFileEx() retval=c0000035 ret=02528b3f 00f8:Call ntoskrnl.exe.RtlInitUnicodeString(01adf710,015703e0 L"\??\C:\Program Files\Riot Vanguard\Logs\vgk_2022-08-30_09-25-09.log") ret=02528b60 00f8:Call ntdll.RtlInitUnicodeString(01adf710,015703e0 L"\??\C:\Program Files\Riot Vanguard\Logs\vgk_2022-08-30_09-25-09.log") ret=170045c3f 00f8:Ret ntdll.RtlInitUnicodeString() retval=00000088 ret=170045c3f 00f8:Ret ntoskrnl.exe.RtlInitUnicodeString() retval=00000088 ret=02528b60 00f8:Call ntoskrnl.exe.IoCreateFileEx(020250c0,c0000000,01adf720,01adf6f8,00000000,00000000,00000001,00000005,00000020,00000000,00000000,00000000,00000000,00000008,00000000) ret=02528b87 00f8:fixme:ntoskrnl:IoCreateFileEx : semi-stub 00f8:Call ntdll.NtCreateFile(020250c0,c0000000,01adf720,01adf6f8,00000000,00000000,00000001,00000005,00000020,00000000,00000000) ret=170045c3f 00f8:Ret ntdll.NtCreateFile() retval=00000000 ret=170045c3f 00f8:Ret ntoskrnl.exe.IoCreateFileEx() retval=00000000 ret=02528b87 00f8:Call ntoskrnl.exe.ZwWriteFile(00000058,00000000,00000000,00000000,01adf510,01adf750,00000024,00000000,00000000) ret=025295b6 00f8:Call ntdll.NtWriteFile(00000058,00000000,00000000,00000000,01adf510,01adf750,00000024,00000000,00000000) ret=170045c3f 00f8:Ret ntdll.NtWriteFile() retval=00000000 ret=170045c3f 00f8:Ret ntoskrnl.exe.ZwWriteFile() retval=00000000 ret=025295b6 00f8:Call ntoskrnl.exe.ZwFlushBuffersFile(00000058,01adf510) ret=025295c1 00f8:Call ntdll.NtFlushBuffersFile(00000058,01adf510) ret=170045c3f 00f8:Ret ntdll.NtFlushBuffersFile() retval=00000000 ret=170045c3f 00f8:Ret ntoskrnl.exe.ZwFlushBuffersFile() retval=00000000 ret=025295c1 ... --- snip ---
$ wine --version wine-7.16
Regards
https://bugs.winehq.org/show_bug.cgi?id=51939
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #4 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 7.17.
-
WineHQ Bugzilla