https://bugs.winehq.org/show_bug.cgi?id=50118
Anastasius Focht focht@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |focht@gmx.net Keywords| |download Summary|connection_GetAdapterId |Genshin Impact launcher |infinite loop in |loops infinitely, causing |Qt5Network.dll |netprofm:connection_GetAdap | |terId message spam | |(Qt5Network.dll, | |iphlpapi.GetAdaptersAddress | |es) URL| |https://genshinimpact.mihoy | |o.com/client_app/launcher/2 | |0201223_d3fcf5785e92e37a/Ge | |nshinImpact_install_2020121 | |1165103.exe
--- Comment #3 from Anastasius Focht focht@gmx.net --- Hello,
--- quote --- Greppting through the files reveals that "GetAdaptersAddresses" is used in Qt5Network.dll, hence it might also affect other applications. --- quote ---
--- quote --- I can no longer reproduce this problem with a newer launcher version. Perhaps this was an application issue. --- quote ---
if you didn't switch the Wine version and didn't touch your Linux host network setup between last tests then it's most likely a client update.
There were few updates to 'iphlpapi' component recently:
https://source.winehq.org/git/wine.git/history/56e7cd12ce0ce3bb331a8595b25ae...
If you suspect a specific third-party library being the problem it might be useful to extract version information and also record checksum (in case vendor doesn't update version resource).
If you don't want to use tools, just upload the binary (dll) to:
https://www.virustotal.com/gui/
It will scan the binary and extract all necessary information. It also generates hashes to identify unique versions and dupes.
https://genshinimpact.mihoyo.com/client_app/launcher/20201223_d3fcf5785e92e3...
https://web.archive.org/web/20201221143329/https://genshinimpact.mihoyo.com/...
I've downloaded it and scanned 'qt5network.dll'.
--- snip --- -=[ ProtectionID v0.6.9.0 DECEMBER]=- (c) 2003-2017 CDKiLLER & TippeX Build 24/12/17-21:05:42 Ready... Scanning -> Z:\home\focht\Downloads\Qt5Network.dll File Type : 64-Bit Dll (Subsystem : Win GUI / 2), Size : 1326712 (0143E78h) Byte(s) | Machine: 0x8664 (AMD64) Compilation TimeStamp : 0x5D6EBEF2 -> Tue 03rd Sep 2019 19:28:50 (GMT) [TimeStamp] 0x5D6EBEF2 -> Tue 03rd Sep 2019 19:28:50 (GMT) | PE Header | - | Offset: 0x00000000:00000120 | VA: 0x00000001:80000120 | - [TimeStamp] 0xFFFFFFFF -> Sun 07th Feb 2106 06:28:15 (GMT) | Export | - | Offset: 0x00000000:00106944 | VA: 0x00000001:80107D44 | - [TimeStamp] 0x5D6EBEF2 -> Tue 03rd Sep 2019 19:28:50 (GMT) | DebugDirectory | - | Offset: 0x00000000:000F2CD4 | VA: 0x00000001:800F40D4 | - [TimeStamp] 0x5D6EBEF2 -> Tue 03rd Sep 2019 19:28:50 (GMT) | DebugDirectory | - | Offset: 0x00000000:000F2CF0 | VA: 0x00000001:800F40F0 | - [TimeStamp] 0x5D6EBEF2 -> Tue 03rd Sep 2019 19:28:50 (GMT) | DebugDirectory | - | Offset: 0x00000000:000F2D0C | VA: 0x00000001:800F410C | - -> File Appears to be Digitally Signed @ Offset 0142800h, size : 01678h / 05752 byte(s) [LoadConfig] Struct determined as v8 (Expected size 232 | Actual size 248) [LoadConfig] CFG (/Guard) - Handler @ 0x1:800DDF28 [LoadConfig] CFG Table @ 0x0:00000000 | 0x00 (00) entries [LoadConfig] CFG Flags : 0x100 [LoadConfig] CodeIntegrity -> Flags 0x0 | Catalog 0x0 (0) | Catalog Offset 0x0 | Reserved 0x0 [LoadConfig] GuardAddressTakenIatEntryTable 0x0:00000000 | Count 0x000000000 (00) [LoadConfig] GuardLongJumpTargetTable 0x0:00000000 | Count 0x000000000 (00) [LoadConfig] HybridMetadataPointer 0x1:00000000 | DynamicValueRelocTable 0x0:00000000 [LoadConfig] FailFastIndirectProc 0x800DA4E0:00000001 | FailFastPointer 0x800DDF38:00000001 [LoadConfig] UnknownZero1 0x0 0 [LoadConfig] CFG Data Present, yet setting is not present in the DllCharacteristics.. patched out? [File Heuristics] -> Flag #1 : 00000100000001001101000100000100 (0x0404D104) [Entrypoint Section Entropy] : 6.26 (section #0) ".text " | Size : 0xDA603 (894467) byte(s) [DllCharacteristics] -> Flag : (0x0160) -> HEVA | ASLR | DEP [SectionCount] 6 (0x6) | ImageSize 0x149000 (1347584) byte(s) [Export] 100% of function(s) (1446 of 1446) are in file | 0 are forwarded | 1393 code | 53 data | 0 uninit data | 0 unknown | [VersionInfo] Company Name : The Qt Company Ltd. [VersionInfo] Product Name : Qt5 [VersionInfo] Product Version : 5.12.5.0 [VersionInfo] File Description : C++ Application Development Framework [VersionInfo] File Version : 5.12.5.0 [VersionInfo] Original FileName : Qt5Network.dll [VersionInfo] Legal Copyrights : Copyright (C) 2019 The Qt Company Ltd. [ModuleReport] [IAT] Modules -> Qt5Core.dll | DNSAPI.dll | IPHLPAPI.DLL | ADVAPI32.dll | CRYPT32.dll | WS2_32.dll | MSVCP140.dll | KERNEL32.dll | VCRUNTIME140.dll | api-ms-win-crt-runtime-l1-1-0.dll | api-ms-win-crt-convert-l1-1-0.dll | api-ms-win-crt-stdio-l1-1-0.dll | api-ms-win-crt-string-l1-1-0.dll | api-ms-win-crt-heap-l1-1-0.dll [Debug Info] (record 1 of 3) (file offset 0xF2CD0) Characteristics : 0x0 | TimeDateStamp : 0x5D6EBEF2 (Tue 03rd Sep 2019 19:28:50 (GMT)) | MajorVer : 0 / MinorVer : 0 -> (0.0) Type : 2 (0x2) -> CodeView | Size : 0x46 (70) AddressOfRawData : 0xF8DD4 | PointerToRawData : 0xF79D4 CvSig : 0x53445352 | SigGuid 05BA99C5-D3BD-4AFF-97F3E0F46C0AD9A3 Age : 0x1 (1) | Pdb : C:\Users\qt\work\qt\qtbase\lib\Qt5Network.pdb [Debug Info] (record 2 of 3) (file offset 0xF2CEC) Characteristics : 0x0 | TimeDateStamp : 0x5D6EBEF2 (Tue 03rd Sep 2019 19:28:50 (GMT)) | MajorVer : 0 / MinorVer : 0 -> (0.0) Type : 12 (0xC) -> Undocumented | Size : 0x14 (20) AddressOfRawData : 0xF8E1C | PointerToRawData : 0xF7A1C [Debug Info] (record 3 of 3) (file offset 0xF2D08) Characteristics : 0x0 | TimeDateStamp : 0x5D6EBEF2 (Tue 03rd Sep 2019 19:28:50 (GMT)) | MajorVer : 0 / MinorVer : 0 -> (0.0) Type : 13 (0xD) -> Undocumented | Size : 0x34C (844) AddressOfRawData : 0xF8E30 | PointerToRawData : 0xF7A30 ... [!] File appears to have no protection or is using an unknown protection - Scan Took : 0.660 Second(s) [000000294h (660) tick(s)] [162 of 580 scan(s) done] --- snip ---
Maybe they've used an older version before. It could have been something else in the caller of the API though (main exe).
Regards