https://bugs.winehq.org/show_bug.cgi?id=50341
Bug ID: 50341 Summary: MS-MPI 10.x crashes due to use-after-free in RpcAsyncCompleteCall() Product: Wine Version: 5.6 Hardware: x86-64 URL: https://github.com/microsoft/Microsoft-MPI/releases/do wnload/v10.1.1/msmpisetup.exe OS: Linux Status: NEW Keywords: download Severity: normal Priority: P2 Component: rpc Assignee: wine-bugs@winehq.org Reporter: z.figura12@gmail.com Distribution: ---
Continued from bug 45699.
RPCRT4_process_packet() frees the stub message which RpcAsyncCompleteCall() subsequently uses.
https://bugs.winehq.org/show_bug.cgi?id=50341
winetaste@gmx.net changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |winetaste@gmx.net
https://bugs.winehq.org/show_bug.cgi?id=50341
Christian Friedl christian.friedl@gmx.at changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |christian.friedl@gmx.at
--- Comment #1 from Christian Friedl christian.friedl@gmx.at --- Created attachment 74592 --> https://bugs.winehq.org/attachment.cgi?id=74592 Output of `wine mpiexec -d notepad.exe`
https://bugs.winehq.org/show_bug.cgi?id=50341
--- Comment #2 from Christian Friedl christian.friedl@gmx.at --- For MS-MPI v10.1.2 installing winbind somewhat helped. For wine-8.0.1 I get the following messages before the process hangs. I could not reproduce the original bug.
$ wine mpiexec notepad.exe 0080:fixme:hid:handle_IRP_MN_QUERY_ID Unhandled type 00000005 0080:fixme:hid:handle_IRP_MN_QUERY_ID Unhandled type 00000005 0080:fixme:hid:handle_IRP_MN_QUERY_ID Unhandled type 00000005 0080:fixme:hid:handle_IRP_MN_QUERY_ID Unhandled type 00000005 0108:fixme:ntdll:EtwEventSetInformation (deadbeef, 2, 0000000140068400, 43) stub 0108:fixme:heap:RtlSetHeapInformation handle 0000000000000000, info_class 1, info 0000000000000000, size 0 stub! 0114:fixme:ntdll:EtwEventSetInformation (deadbeef, 2, 000000014004AD28, 43) stub 0114:fixme:heap:RtlSetHeapInformation handle 0000000000000000, info_class 1, info 0000000000000000, size 0 stub! 0108:fixme:ole:NdrCorrelationInitialize (000000000011F230, 000000000011E6F0, 2048, 0x0): semi-stub 0120:fixme:ole:NdrCorrelationInitialize (0000000001A7EFD0, 0000000001A7F160, 2048, 0x0): semi-stub 0128:fixme:ole:NdrCorrelationFree (0000000001A7EFD0): stub 0120:fixme:ole:NdrCorrelationFree (0000000001A7E2D0): stub
The output of `wine mpiexec -d notepad.exe` is in the previous comment.
-
WineHQ Bugzilla