New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Mikrotik Winbox crashes when starting #266

Closed
drizo72 opened this Issue Oct 27, 2018 · 20 comments

Comments

Projects
None yet
4 participants
@drizo72
Copy link

drizo72 commented Oct 27, 2018

When I start Mikrotik's Winbox application to control my router, the application crashes. It seems unable to maximize.

I have closed MaxTO 2 beta and it works fine. I have reinstalled MaxTo 1 and winbox works without any issues.

@vegardlarsen vegardlarsen self-assigned this Nov 6, 2018

@vegardlarsen vegardlarsen added the bug label Nov 6, 2018

@vegardlarsen vegardlarsen added this to the 2.0.0 milestone Nov 6, 2018

@vegardlarsen

This comment has been minimized.

Copy link
Member

vegardlarsen commented Nov 6, 2018

Thank you for writing. I will investigate this for 2.0 final and see if it can be fixed.

@vegardlarsen

This comment has been minimized.

Copy link
Member

vegardlarsen commented Nov 9, 2018

@drizo72 I have verified that this issue occurs when Winbox connects to a server. Preliminary findings:

Crashes with 0xC00001AD: The process has terminated because it could not allocate additional memory

Call stack
>	KernelBase.dll!_TerminateProcessOnMemoryExhaustion@4�()	Unknown
 	CoreMessaging.dll!Cn::Process::NotifyOutOfMemory(unsigned int)	Unknown
 	CoreMessaging.dll!Cn::Engine::Heap::_ProcessAllocate(struct Cn::Engine::AllocType,unsigned int,bool,bool)	Unknown
 	CoreMessaging.dll!HeapBuffer<struct AlpcBuffer>::Resize(unsigned int)	Unknown
 	CoreMessaging.dll!AlpcConnection::InitializeDefaultReceiveBuffers(unsigned short,class HeapBuffer<struct AlpcBuffer> *,class HeapBuffer<struct _ALPC_MESSAGE_ATTRIBUTES> *)	Unknown
 	CoreMessaging.dll!AlpcConnection::Callback_ProcessIncoming(struct IAlpcConnectionHost *,bool *)	Unknown
 	CoreMessaging.dll!Microsoft::CoreUI::Messaging::CrossProcessReceivePort__AlpcReceiveSource::OnReceive(void)	Unknown
 	CoreMessaging.dll!Microsoft::CoreUI::Dispatch::OffThreadReceiver::Callback_OnDispatch(void)	Unknown
 	CoreMessaging.dll!Microsoft::CoreUI::Dispatch::Dispatcher::Callback_DispatchLoop(struct Microsoft::CoreUI::Dispatch::RunnablePriorityMask)	Unknown
 	CoreMessaging.dll!Microsoft::CoreUI::Dispatch::EventLoop::Callback_RunCoreLoop(struct Microsoft::CoreUI::Dispatch::RunMode,bool,bool &)	Unknown
 	CoreMessaging.dll!Microsoft::CoreUI::Dispatch::UserAdapter::DrainCoreMessagingQueue(struct Microsoft::CoreUI::Dispatch::UserAdapter__UserPriority,bool,struct System::IntPtr &)	Unknown
 	CoreMessaging.dll!Microsoft::CoreUI::Dispatch::UserAdapter::OnUserDispatch(bool,struct Microsoft::CoreUI::Dispatch::UserAdapter__UserPriority,struct System::IntPtr &)	Unknown
 	CoreMessaging.dll!Microsoft::CoreUI::Dispatch::UserAdapter::OnUserDispatchRaw(struct System::IntPtr,struct Microsoft::CoreUI::Dispatch::UserAdapter__UserPriority,bool,struct System::IntPtr &)	Unknown
 	CoreMessaging.dll!Microsoft::CoreUI::Dispatch::UserAdapter_DoWork(struct Microsoft::CoreUI::Dispatch::UserData *,struct Microsoft::CoreUI::Dispatch::UserAdapter__UserPriority,bool)	Unknown
 	CoreMessaging.dll!Microsoft::CoreUI::Dispatch::UserAdapter_HandleDispatchNotifyMessage(struct HWND__ *,unsigned int)	Unknown
 	CoreMessaging.dll!Microsoft::CoreUI::Dispatch::UserAdapter_WindowProc(struct HWND__ *,unsigned int,unsigned int,long)	Unknown
 	user32.dll!__InternalCallWinProc@20�()	Unknown
 	user32.dll!UserCallWinProcCheckWow()	Unknown
 	user32.dll!DispatchClientMessage()	Unknown
 	user32.dll!___fnDWORD@4�()	Unknown
 	ntdll.dll!_KiUserCallbackDispatcher@12�()	Unknown
 	winbox.exe!0042b8d1()	Unknown
 	[Frames below may be incorrect and/or missing, no symbols loaded for winbox.exe]	Unknown
 	winbox.exe!004aaf8f()	Unknown
 	ntdll.dll!_NtProtectVirtualMemory@20�()	Unknown
 	ntdll.dll!LdrpWriteBackProtectedDelayLoad()	Unknown
 	ntdll.dll!_NtOpenKey@12�()	Unknown
 	ntdll.dll!_NtOpenKey@12�()	Unknown
 	KernelBase.dll!FindFirstFileA()	Unknown
 	kernel32.dll!@BaseThreadInitThunk@12�()	Unknown
 	ntdll.dll!__RtlUserThreadStart()	Unknown
 	ntdll.dll!__RtlUserThreadStart@8�()	Unknown

On the second walkthrough of this, I was able to get an access violation in DefSubclassProc when it tries to call _NtDeleteAtom:

Call stack of second crash
 	winbox.exe!0042e79c()	Unknown
 	[Frames below may be incorrect and/or missing, no symbols loaded for winbox.exe]	Unknown
 	ntdll.dll!_NtDeleteAtom@4�()	Unknown
 	kernel32.dll!_InternalDeleteAtom@8�()	Unknown
 	user32.dll!__InternalCallWinProc@20�()	Unknown
 	user32.dll!UserCallWinProcCheckWow()	Unknown
 	user32.dll!CallWindowProcW()	Unknown
 	comctl32.dll!_CallOriginalWndProc@24�()	Unknown
 	comctl32.dll!_CallNextSubclassProc@20�()	Unknown
 	comctl32.dll!_DefSubclassProc@16�()	Unknown
>	MaxTo.Hook.x86.dll!SubClassFunc(HWND__ * hWnd, unsigned int message, unsigned int wParam, long lParam, unsigned int uIdSubclass, unsigned long dwRefData) Line 323	C++
 	comctl32.dll!_CallNextSubclassProc@20�()	Unknown
 	comctl32.dll!_MasterSubclassProc@16�()	Unknown
 	user32.dll!__InternalCallWinProc@20�()	Unknown
 	user32.dll!UserCallWinProcCheckWow()	Unknown
 	user32.dll!DispatchClientMessage()	Unknown
 	user32.dll!___fnNCDESTROY@4�()	Unknown
 	ntdll.dll!_KiUserCallbackDispatcher@12�()	Unknown
 	winbox.exe!004a3872()	Unknown
 	winbox.exe!0040344d()	Unknown
 	winbox.exe!00403b77()	Unknown
 	winbox.exe!0042bffe()	Unknown
 	winbox.exe!0042eb2c()	Unknown
 	user32.dll!__InternalCallWinProc@20�()	Unknown
 	user32.dll!UserCallWinProcCheckWow()	Unknown
 	user32.dll!DispatchMessageWorker()	Unknown
 	user32.dll!_DispatchMessageA@4�()	Unknown
 	winbox.exe!0042b94a()	Unknown
 	winbox.exe!004aaf8f()	Unknown
 	ntdll.dll!_NtProtectVirtualMemory@20�()	Unknown
 	ntdll.dll!LdrpWriteBackProtectedDelayLoad()	Unknown
 	ntdll.dll!_NtOpenKey@12�()	Unknown
 	ntdll.dll!_NtOpenKey@12�()	Unknown
 	KernelBase.dll!FindFirstFileA()	Unknown
 	kernel32.dll!@BaseThreadInitThunk@12�()	Unknown
 	ntdll.dll!__RtlUserThreadStart()	Unknown
 	ntdll.dll!__RtlUserThreadStart@8�()	Unknown

I have no idea why this occurs at the moment.

@ShutterQuick

This comment has been minimized.

Copy link

ShutterQuick commented Jan 23, 2019

@vegardlarsen Any update on this issue? It is rather annoying to have to disable and reactivate MaxTo all the time.
As a workaround I attempted to add an entry to shims.json, but for some reason it isn't working.
MaxTo finds the shim, but it looks like it's not applied. I could not find the format for shims.json documented anywhere, so I've just tried to monkey-see-monkey-do with base in the other entries in the file.

Do you see any obvious reason why the following wouldn't work? Maybe I'm misunderstanding matching on process, or maybe my assumption about ignore making MaxTo not load itself into the process is wrong?

{
  "id": "winbox",
  "descriptions": {
    "en": {
      "title": "Mikrotik Winbox",
      "subtitle": "Prevent crashes",
      "description": "[Winbox](https://wiki.mikrotik.com/wiki/Manual:Winbox) is a tool for managing Mikrotik routers. It crashes if on connection when MaxTo is injected into it."
    }
  },
  "iconUrl": "https://publicdomainvectors.org/photos/winbox-mikrotik-icon.png",
  "url": null,
  "canDisable": true,
  "defaultEnabled": true,
  "ignore": true,
  "disableSubclassing": false,
  "disableSnapping": false,
  "disableTransparency": false,
  "useMoveWindow": false,
  "emulatesMaximize": false,
  "windowClasses": [],
  "processes": [
    "winbox"
  ]
}
@vegardlarsen

This comment has been minimized.

Copy link
Member

vegardlarsen commented Jan 23, 2019

This seems correct to me at a glance. This assumes that the WinBox process is called winbox.exe. I'd try to set disableSubclassing to true as well, but just using ignore should work.

@Gappa

This comment has been minimized.

Copy link

Gappa commented Jan 29, 2019

Tried disableSubclassing - but no luck.
Also tried both disableSnapping and disableTransparency, with the same result.

@Gappa

This comment has been minimized.

Copy link

Gappa commented Jan 29, 2019

Also, here's the crash log:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
	<System>
		<Provider Name="Application Error" /> 
		<EventID Qualifiers="0">1000</EventID> 
		<Level>2</Level> 
		<Task>100</Task> 
		<Keywords>0x80000000000000</Keywords> 
		<TimeCreated SystemTime="2019-01-29T09:42:41.351552200Z" /> 
		<EventRecordID>4752</EventRecordID> 
		<Channel>Application</Channel> 
		<Computer>DESKTOP-Q6QJ7OC</Computer> 
		<Security /> 
	</System>
	<EventData>
		<Data>winbox.exe</Data> 
		<Data>0.0.0.0</Data> 
		<Data>382f3815</Data> 
		<Data>roteros.dll</Data> 
		<Data>0.0.0.0</Data> 
		<Data>4cee2c15</Data> 
		<Data>40000015</Data> 
		<Data>000b674d</Data> 
		<Data>99624</Data> 
		<Data>01d4b7b6e96af21f</Data> 
		<Data>G:\Software\winbox.exe</Data> 
		<Data>C:\Users\User\AppData\Roaming\Mikrotik\Winbox\5.0rc5-1475189138\roteros.dll</Data> 
		<Data>fa15f794-40c7-47c3-928f-555fe389bc19</Data> 
		<Data /> 
		<Data /> 
	</EventData>
</Event>
@vegardlarsen

This comment has been minimized.

Copy link
Member

vegardlarsen commented Feb 4, 2019

@Gappa Can you go into MaxTo settings, under Compatibility, and hit Check for updates? Then after restarting MaxTo and WinBox, check to see if the issue is still present?

It took me quite a while to figure this out, but apparently some intermediary windows are shown. They have a window class of routeros_null, so targetting them is easy.

The JSON for this update looks like this:

  {
    "id": "winbox",
    "descriptions": {
      "en": {
        "title": "Mikrotik WinBox",
        "subtitle": "Prevent crash",
        "description": "Microtik WinBox presents some intermediary windows that MaxTo should not subclass, to prevent crashes."
      }
    },
    "iconUrl": null,
    "url": null,
    "canDisable": true,
    "defaultEnabled": true,
    "ignore": false,
    "disableSubclassing": true,
    "disableSnapping": false,
    "disableTransparency": false,
    "useMoveWindow": false,
    "emulatesMaximize": false,
    "windowClasses": [
      "routeros_null"
    ],
    "processes": []
  }
@Gappa

This comment has been minimized.

Copy link

Gappa commented Feb 4, 2019

Version 2.0.0-beta9, updated compatibility list, restarted MaxTo.

Sadly, it still crashes, outputting the same log as above.

How can I determine the window class? Because after successful log-in the whole window/GUI changes so drastically that it might be completely something new.

@vegardlarsen

This comment has been minimized.

Copy link
Member

vegardlarsen commented Feb 4, 2019

@Gappa Did Mikrotik WinBox show up on the compatibility list?

Your assumption is correct; WinBox opens and closes a bunch of windows when you connect, and it is one of the intermediary ones that caused issues on my machine at least. The other main candidate was routeros_main, but the crashes only stopped on my machine after adding routeros_null.

@ShutterQuick

This comment has been minimized.

Copy link

ShutterQuick commented Feb 4, 2019

@vegardlarsen Thanks for looking into this.

I put in place my backup-copy of shims.json and tried to update.
Your shim shows up now, but winbox still crashes when connecting to the router.

I'm running MaxTo 2.0.0-beta9.

@Gappa

This comment has been minimized.

Copy link

Gappa commented Feb 4, 2019

Yup, WinBox is present in the compatibility list.

One thing to add - I have to use an older version to connect to the device, newer versions aren't compatible, that might mean something as well.

Tried all of these, no change:

"windowClasses": [
	"routeros_connect",
	"routeros_mbox",
	"routeros_null",
	"routeros_main"
],

The mbox is just a guess, spotted that one once during login and I'm not even sure :)

@vegardlarsen

This comment has been minimized.

Copy link
Member

vegardlarsen commented Feb 4, 2019

After a reboot here, the problem started re-appearing. I am looking into it.

@vegardlarsen

This comment has been minimized.

Copy link
Member

vegardlarsen commented Feb 4, 2019

I have found that checking WinBox' "Open in new window" stops the crash from happening. Still investigating.

@vegardlarsen

This comment has been minimized.

Copy link
Member

vegardlarsen commented Feb 4, 2019

I found the reason this wouldn't work; and it is a bug in MaxTo itself. For 32-bit programs, MaxTo won't be able to read the list of compatibility shims from the hook DLL, due to a misunderstanding about how types change sizes in C/C++ when compiling for different architectures.

This means that until I get a new version released (hopefully tomorrow), you won't be able to get this to work.

@vegardlarsen vegardlarsen modified the milestones: 2.0.0, 2.0.0-beta.10 Feb 5, 2019

@ShutterQuick

This comment has been minimized.

Copy link

ShutterQuick commented Feb 6, 2019

Still not working on 2.0.0-beta10 for me. Shim enabled, but winbox still crashes.

Can confirm the open in new window workaround works, though, so it's not all bad 👍

@Gappa

This comment has been minimized.

Copy link

Gappa commented Feb 6, 2019

Still not working on 2.0.0-beta10 for me. Shim enabled, but winbox still crashes.

Confirmed still crashing.

However, there is a typo in the shim:

    "windowClasses": [
      "routeros_null",
      "routeros_connet"
    ],

...which is the reason why it doesn't work :)

After correcting it to routeros_connect (and restarting MaxTo) it works now - cool, thanks!

Edit: my own typos, some claficiations.

@vegardlarsen

This comment has been minimized.

Copy link
Member

vegardlarsen commented Feb 6, 2019

@Gappa Thanks. I have corrected this typo this server-side, so the next time you update your shims the correct one will be pulled down.

cc: @ShutterQuick

@ShutterQuick

This comment has been minimized.

Copy link

ShutterQuick commented Feb 6, 2019

Thanks for fixing this issue, it's working correctly now!

Just one pedantic little thing; you have a spelling error in the description: "description": "Microtik. Should be Mikrotik. :)

@Gappa

This comment has been minimized.

Copy link

Gappa commented Feb 6, 2019

Thanks for fixing this issue, it's working correctly now!

Just one pedantic little thing; you have a spelling error in the description: "description": "Microtik. Should be Mikrotik. :)

Well... MikroTik :)

https://mikrotik.com/aboutus

@vegardlarsen

This comment has been minimized.

Copy link
Member

vegardlarsen commented Feb 6, 2019

You are technically correct... The best kind of correct.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment