[Bug 45560] New: Windows Sysinternals 'psping' v2.x tool, part of 'PsTools ' crashes when trying to ping host (needs 'iphlpapi.ParseNetworkString')
wine-bugs at winehq.org
wine-bugs at winehq.org
Fri Aug 3 06:26:57 CDT 2018
https://bugs.winehq.org/show_bug.cgi?id=45560
Bug ID: 45560
Summary: Windows Sysinternals 'psping' v2.x tool, part of
'PsTools' crashes when trying to ping host (needs
'iphlpapi.ParseNetworkString')
Product: Wine
Version: 3.13
Hardware: x86-64
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: iphlpapi
Assignee: wine-bugs at winehq.org
Reporter: focht at gmx.net
Distribution: ---
Hello folks,
as it says.
--- snip ---
$ pwd
/home/focht/.wine/drive_c/Program Files/pstools
$ wine ./psping -? i
PsPing v2.10 - PsPing - ping, latency, bandwidth measurement utility
Copyright (C) 2012-2016 Mark Russinovich
Sysinternals - www.sysinternals.com
ICMP ping usage: psping [-t|-n count[s]] [-i interval] [-w count] [-q] [-h
[buckets|val1,val2,...]] [-l requestsize[k]] [-6|-4] destination
-t Ping until stopped with Ctrl+C and type Ctrl+Break
for statistics.
-n Number of pings or append 's' to specify seconds e.g. '10s'.
-i Interval in seconds. Specify 0 for fast ping.
-w Warmup with the specified number of iterations (default is 1).
-q Don't output during pings.
-h Print histogram (default bucket count is 20).
If you specify a single argument, it's interpreted as a bucket
count and the histogram will contain that number of
buckets covering the entire time range of values.
Specify a comma-separated list of times to create a custom
histogram (e.g. "0.01,0.05,1,5,10").
-l Request size. Append 'k' for kilobytes.
-4 Force using IPv4.
-6 Force using IPv6.
For high-speed ping tests use -q and -i 0.
$ wine ./psping -i 10 www.winehq.org
PsPing v2.10 - PsPing - ping, latency, bandwidth measurement utility
Copyright (C) 2012-2016 Mark Russinovich
Sysinternals - www.sysinternals.com
wine: Unhandled page fault on execute access to 0x00000000 at address (nil)
(thread 0067), starting debugger...
Unhandled exception: page fault on execute access to 0x00000000 in 32-bit code
(0x00000000).
Register dump:
CS:0023 SS:002b DS:002b ES:002b FS:0063 GS:006b
EIP:00000000 ESP:0033fb94 EBP:0033fbfc EFLAGS:00010206( R- -- I - -P- )
EAX:00000000 EBX:00000000 ECX:00148df8 EDX:0043ab90
ESI:0033fbac EDI:0033fbfc
...
Backtrace:
=>0 0x00000000 (0x0033fbfc)
1 0x00409478 in psping (+0x9477) (0x0033fc50)
2 0x004098d5 in psping (+0x98d4) (0x0033fe68)
3 0x0041154f in psping (+0x1154e) (0x0033feb0)
4 0x7b46dbfe call_process_entry+0x11() in kernel32 (0x0033fec8)
5 0x7b46dd37 start_process+0x12c()
[/home/focht/projects/wine/mainline-src/dlls/kernel32/process.c:1101] in
kernel32 (0x0033ffd8)
6 0x7b46dc0a start_process_wrapper+0x9() in kernel32 (0x0033ffec)
0x00000000: -- no code accessible --
Modules:
Module Address Debug info Name (109 modules)
PE 400000- 441000 Export psping
ELF 7b400000-7b7f4000 Dwarf kernel32<elf>
\-PE 7b420000-7b7f4000 \ kernel32
ELF 7bc00000-7bd10000 Deferred ntdll<elf>
\-PE 7bc30000-7bd10000 \ ntdll
ELF 7c000000-7c004000 Deferred <wine-loader>
...
Threads:
process tid prio (all id:s are in hex)
...
00000066 (D) C:\Program Files\pstools\psping.exe
00000067 0 <==
--- snip ---
--- snip ---
$ WINEDEBUG=+seh,+relay wine ./psping.exe -i 10 www.winehq.org >>log.txt 2>&1
...
004d:Call KERNEL32.LoadLibraryExW(0042dd68 L"iphlpapi.dll",00000000,00000000)
ret=004051a3
004d:Ret KERNEL32.LoadLibraryExW() retval=7e2e0000 ret=004051a3
004d:Call KERNEL32.GetModuleHandleW(0042dd68 L"iphlpapi.dll") ret=004051be
004d:Ret KERNEL32.GetModuleHandleW() retval=7e2e0000 ret=004051be
004d:Call KERNEL32.GetProcAddress(7e2e0000,0042dd84 "ParseNetworkString")
ret=004051cc
004d:Ret KERNEL32.GetProcAddress() retval=00000000 ret=004051cc
004d:Call KERNEL32.GetModuleHandleW(0042ddb0 L"ntdll.dll") ret=004051f0
004d:Ret KERNEL32.GetModuleHandleW() retval=7bc30000 ret=004051f0
004d:Call KERNEL32.GetProcAddress(7bc30000,0042dd98 "RtlIpv6AddressToStringW")
ret=004051fe
004d:Ret KERNEL32.GetProcAddress() retval=00000000 ret=004051fe
004d:Call KERNEL32.GetModuleHandleW(0042ddb0 L"ntdll.dll") ret=00405222
004d:Ret KERNEL32.GetModuleHandleW() retval=7bc30000 ret=00405222
004d:Call KERNEL32.GetProcAddress(7bc30000,0042ddc4 "RtlIpv4AddressToStringW")
ret=00405230
004d:Ret KERNEL32.GetProcAddress() retval=7bc38d24 ret=00405230
004d:Call KERNEL32.LoadLibraryExW(0042dd68 L"iphlpapi.dll",00000000,00000000)
ret=004051a3
004d:Ret KERNEL32.LoadLibraryExW() retval=7e2e0000 ret=004051a3
004d:Call KERNEL32.GetModuleHandleW(0042dd68 L"iphlpapi.dll") ret=004051be
004d:Ret KERNEL32.GetModuleHandleW() retval=7e2e0000 ret=004051be
004d:Call KERNEL32.GetProcAddress(7e2e0000,0042dd84 "ParseNetworkString")
ret=004051cc
004d:Ret KERNEL32.GetProcAddress() retval=00000000 ret=004051cc
004d:Call KERNEL32.GetModuleHandleW(0042ddb0 L"ntdll.dll") ret=004051f0
004d:Ret KERNEL32.GetModuleHandleW() retval=7bc30000 ret=004051f0
004d:Call KERNEL32.GetProcAddress(7bc30000,0042dd98 "RtlIpv6AddressToStringW")
ret=004051fe
004d:Ret KERNEL32.GetProcAddress() retval=00000000 ret=004051fe
004d:Call KERNEL32.GetModuleHandleW(0042ddb0 L"ntdll.dll") ret=00405222
004d:Ret KERNEL32.GetModuleHandleW() retval=7bc30000 ret=00405222
004d:Call KERNEL32.GetProcAddress(7bc30000,0042ddc4 "RtlIpv4AddressToStringW")
ret=00405230
004d:Ret KERNEL32.GetProcAddress() retval=7bc38d24 ret=00405230
...
004d:Call ws2_32.WSAStartup(00000202,0033fcc0) ret=004098c1
004d:Ret ws2_32.WSAStartup() retval=00000000 ret=004098c1
004d:Call KERNEL32.GetLastError() ret=004126ab
004d:Ret KERNEL32.GetLastError() retval=00000000 ret=004126ab
004d:trace:seh:raise_exception code=c0000005 flags=0 addr=(nil) ip=00000000
tid=004d
004d:trace:seh:raise_exception info[0]=00000008
004d:trace:seh:raise_exception info[1]=00000000
004d:trace:seh:raise_exception eax=00000000 ebx=00000000 ecx=0015a680
edx=0043ab90 esi=0033fbac edi=0033fbfc
004d:trace:seh:raise_exception ebp=0033fbfc esp=0033fb94 cs=0023 ds=002b
es=002b fs=0063 gs=006b flags=00010206
004d:trace:seh:call_stack_handlers calling handler at 0x42368c code=c0000005
flags=0
--- snip ---
Debugger/disassembly reveals which one is causing the crash (late bound at
startup and the actual API call is much later):
--- snip ---
...
00405194 PUSH 0 ; Flags = 0
00405196 PUSH 0 ; hFile = NULL
00405198 PUSH OFFSET 0042DD68 ; "iphlpapi.dll"
0040519D CALL DWORD PTR DS:[<&KERNEL32.LoadLibraryExW>]
004051A3 CMP ESI,ESP
004051A5 CALL 0042281C
004051AA MOV ESI,ESP
004051AC PUSH OFFSET 0042DD84 ;
"ParseNetworkString"
004051B1 MOV EDI,ESP
004051B3 PUSH OFFSET 0042DD68 ; "iphlpapi.dll"
004051B8 CALL DWORD PTR DS:[<&KERNEL32.GetModuleHandleW>]
004051BE CMP EDI,ESP
004051C0 CALL 0042281C
004051C5 PUSH EAX ; hModule
004051C6 CALL DWORD PTR DS:[<&KERNEL32.GetProcAddress>]
004051CC CMP ESI,ESP
004051CE CALL 0042281C
004051D3 MOV EDX,DWORD PTR SS:[LOCAL.1]
004051D6 MOV DWORD PTR DS:[EDX+21C],EAX
004051DC MOV ESI,ESP
...
00407360 PUSH EBP
00407361 MOV EBP,ESP
00407363 SUB ESP,48
00407366 PUSH ESI
00407367 PUSH EDI
00407368 PUSH ECX
00407369 LEA EDI,[LOCAL.18]
0040736C MOV ECX,12
00407371 MOV EAX,CCCCCCCC
00407376 REP STOS DWORD PTR ES:[EDI]
00407378 POP ECX
00407379 MOV DWORD PTR SS:[LOCAL.1],ECX
0040737C MOV ESI,ESP
0040737E PUSH 0
00407380 PUSH 0
00407382 MOV EAX,DWORD PTR SS:[LOCAL.1]
00407385 PUSH EAX
00407386 PUSH 109
0040738B MOV ECX,DWORD PTR SS:[ARG.2]
0040738E PUSH ECX
0040738F MOV EDX,DWORD PTR SS:[LOCAL.1]
00407392 MOV EAX,DWORD PTR DS:[EDX+21C]
00407398 CALL EAX ; *boom*
0040739A CMP ESI,ESP
--- snip ---
https://docs.microsoft.com/en-us/windows/desktop/api/iphlpapi/nf-iphlpapi-parsenetworkstring
$ sha1sum PSTools.zip
1e562ff2bae38856f8dcf3f939cdbe8e1bf6ccf3 PSTools.zip
$ du -sh PSTools.zip
2.8M PSTools.zip
$ wine --version
wine-3.13
Regards
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list