https://bugs.winehq.org/show_bug.cgi?id=54328
Bug ID: 54328 Summary: nsi:nsi - test_tcp_tables() sometimes crashes in Wine Product: Wine Version: unspecified Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs@winehq.org Reporter: fgouget@codeweavers.com Distribution: ---
nsi:nsi - test_tcp_tables() sometimes crashes in Wine:
Unhandled exception: page fault on read access to 0x00000000 in 32-bit code (0x646c35d0). [...] =>0 0x646c35d0 get_extended_tcp_table+0xd0(table=00B40E40, size=0062FCF4, sort=0, family=0x2, table_class=0x8) [Z:\home\fgouget\wine\winetest\src\dlls\iphlpapi\iphlpapi_main.c:3136] in iphlpapi (0x0062fc48) 1 0x646c7288 GetExtendedTcpTable+0x48(table=00B40E40, size=0062FCF4, sort=0, family=0x2, table_class=TCP_TABLE_OWNER_MODULE_ALL, reserved=0) [Z:\home\fgouget\wine\winetest\src\dlls\iphlpapi\iphlpapi_main.c:3185] in iphlpapi (0x0062fc88) 2 0x00403bc9 in nsi_test (+0x3bc9) (0x0062fd28)
See https://test.winehq.org/data/patterns.html#nsi:nsi
The crash is specific to my Linux desktop, fg-deb64, most likely because it has other network traffic while the test is running.
https://bugs.winehq.org/show_bug.cgi?id=54328
François Gouget fgouget@codeweavers.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Assignee|wine-bugs@winehq.org |fgouget@codeweavers.com Keywords| |source, testcase
https://bugs.winehq.org/show_bug.cgi?id=54328
--- Comment #1 from François Gouget fgouget@codeweavers.com --- The crash comes from two bugs in NsiAllocateAndGetTable() that combine:
1. First the required table size keeps increasing, most likely because there is typically quite a bit of other network traffic while the test is running. So the allocation keeps going like this: num = 64 attempt = 0 NsiEnumerateObjectsAllParameters(..., num = 64) -> too small NsiEnumerateObjectsAllParameters(NULL) returns num=264 attempt = 1 NsiEnumerateObjectsAllParameters(..., num = 264) -> too small NsiEnumerateObjectsAllParameters(NULL) returns num=266 attempt = 2 NsiEnumerateObjectsAllParameters(..., num = 266) -> too small NsiEnumerateObjectsAllParameters(NULL) returns num=267 ...
2. On the last pass through the loop tables are freed and then err is set by:
err = NsiEnumerateObjectsAllParameters( unk, 0, module, table, NULL, 0, NULL, 0, NULL, 0, NULL, 0, &num );
NsiEnumerateObjectsAllParameters() succeeds so NsiAllocateAndGetTable() returns success despite leaving all tables set to NULL, causing get_extended_tcp_table() to crash.
See MR1978: https://gitlab.winehq.org/wine/wine/-/merge_requests/1978
https://bugs.winehq.org/show_bug.cgi?id=54328
David Kahurani k.kahurani@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |k.kahurani@gmail.com
--- Comment #2 from David Kahurani k.kahurani@gmail.com --- I think it is also the issue in bug 53594
https://bugs.winehq.org/show_bug.cgi?id=54328
François Gouget fgouget@codeweavers.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |FIXED Fixed by SHA1| |cc32eb6c0d9f5fa834ee628529f | |ccea51fafc00d
--- Comment #3 from François Gouget fgouget@codeweavers.com --- The main bug, returning success in cases of failure should be fixed by cc32eb6c0d9f5fa834ee628529fccea51fafc00d. The secondary bug, failing to allocate the tables, should be fixed by 31792f43701d74589e2f06dc5b6446a84d5d4614.
https://bugs.winehq.org/show_bug.cgi?id=54328
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #4 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 8.1.
-
WineHQ Bugzilla