ebpf-for-windows: Workflow failed - km_mt_stress_tests_restart_extension

Failed Run Codebase Test name - km_mt_stress_tests_restart_extension

About this issue

  • Original URL
  • State: closed
  • Created 10 months ago
  • Comments: 91 (85 by maintainers)

Most upvoted comments

Crash repro’d locally and root caused as Driver Verifier triggered. (allocated memory not freed).

Stack dump:

00 ffffcb00`08c9e318 fffff805`40fcb522     nt!DbgBreakPointWithStatus [minkernel\ntos\rtl\amd64\debugstb.asm @ 134] 
01 ffffcb00`08c9e320 fffff805`40fcad89     nt!KiBugCheckDebugBreak+0x12 [minkernel\ntos\ke\bugcheck.c @ 753] 
02 ffffcb00`08c9e380 fffff805`40e81277     nt!KeBugCheck2+0xaf9 [minkernel\ntos\ke\bugcheck.c @ 2344] 
03 ffffcb00`08c9eaf0 fffff805`4103f3e7     nt!KeBugCheckEx+0x107 [minkernel\ntos\ke\amd64\procstat.asm @ 237] 
04 ffffcb00`08c9eb30 fffff805`4103cd1b     nt!CarInitiateBugcheck+0x47 [minkernel\ntos\dif\carbugcheck.c @ 86] 
05 ffffcb00`08c9eb70 fffff805`415428b8     nt!CarReportDifPluginRuleViolation+0x18b [minkernel\ntos\dif\car.c @ 2044] 
06 ffffcb00`08c9ec00 fffff805`4155031c     nt!CarReportRuleViolationFromNt+0xe4 [minkernel\ntos\verifier\vfbugcheck.c @ 311] 
07 ffffcb00`08c9eca0 fffff805`40f37470     nt!VfPoolCheckForLeaks+0x60 [minkernel\ntos\verifier\vfpool.c @ 471] 
08 ffffcb00`08c9ecf0 fffff805`41532366     nt!VfTargetDriversRemove+0x16c5b0 [minkernel\ntos\verifier\vftarget.c @ 376] 
09 ffffcb00`08c9ed90 fffff805`411ae86d     nt!VfDriverUnloadImage+0xd6 [minkernel\ntos\verifier\vfdriver.c @ 2097] 
0a ffffcb00`08c9edc0 fffff805`411742bc     nt!MiUnloadSystemImage+0x1b5 [minkernel\ntos\mm\sysload.c @ 7689] 
0b ffffcb00`08c9ef50 fffff805`411741b0     nt!MmUnloadSystemImage+0x4c [minkernel\ntos\mm\sysload.c @ 7422] 
0c ffffcb00`08c9ef80 fffff805`4110b85e     nt!IopDeleteDriver+0x40 [minkernel\ntos\io\iomgr\objsup.c @ 1071] 
0d ffffcb00`08c9efe0 fffff805`40ce17d3     nt!ObpRemoveObjectRoutine+0x7e [minkernel\ntos\ob\obref.c @ 3314] 
0e (Inline Function) --------`--------     nt!ObfDereferenceObjectWithTag+0x84 [minkernel\ntos\ob\obref.c @ 645] 
0f ffffcb00`08c9f040 fffff805`411aa7a4     nt!ObfDereferenceObject+0x93 [minkernel\ntos\ob\obref.c @ 687] 
10 ffffcb00`08c9f080 fffff805`410fb6eb     nt!IopUnloadDriver+0x268 [minkernel\ntos\io\iomgr\loadunld.c @ 627] 
11 ffffcb00`08c9f190 fffff805`40edc915     nt!NtUnloadDriver+0xb [minkernel\ntos\io\iomgr\loadunld.c @ 316] 
12 ffffcb00`08c9f1c0 fffff805`40ecb390     nt!KiSystemServiceCopyEnd+0x25 [minkernel\ntos\ke\amd64\trap.asm @ 3655] 
13 ffffcb00`08c9f358 fffff805`411aa8c2     nt!KiServiceLinkage [minkernel\ntos\ke\amd64\trap.asm @ 4309] 
14 ffffcb00`08c9f360 fffff805`410fb6eb     nt!IopUnloadDriver+0x386 [minkernel\ntos\io\iomgr\loadunld.c @ 432] 
15 ffffcb00`08c9f470 fffff805`40edc915     nt!NtUnloadDriver+0xb [minkernel\ntos\io\iomgr\loadunld.c @ 316] 
16 ffffcb00`08c9f4a0 00007ffd`d047ac44     nt!KiSystemServiceCopyEnd+0x25 [minkernel\ntos\ke\amd64\trap.asm @ 3655] 
17 0000005f`10a7ee18 00007ff7`6a3844ee     ntdll!ZwUnloadDriver+0x14 [minkernel\ntdll\daytona\objfre\amd64\usrstubs.asm @ 3995] 
18 0000005f`10a7ee20 00007ff7`6a36595d     services!ScUnloadDriver+0x126 [minkernel\screg\sc\server\driver.cxx @ 1216] 
19 (Inline Function) --------`--------     services!ScControlDriver+0x41d [minkernel\screg\sc\server\driver.cxx @ 544] 
1a 0000005f`10a7ee60 00007ff7`6a36531b     services!ScControlService+0x60d [minkernel\screg\sc\server\control.cxx @ 570] 
1b 0000005f`10a7ef20 00007ffd`ce7c3bb3     services!RControlService+0x4b [minkernel\screg\sc\server\control.cxx @ 377] 
1c 0000005f`10a7efa0 00007ffd`ce7718c8     RPCRT4!Invoke+0x73 [minio\rpc\ndr20\amd64\invoke.asm @ 183] 
1d 0000005f`10a7f000 00007ffd`ce77140a     RPCRT4!NdrStubCall2+0x4a8 [minio\rpc\ndr20\srvcall.cxx @ 1509] 
1e 0000005f`10a7f360 00007ffd`ce7a75d7     RPCRT4!NdrServerCall2+0x1a [minio\rpc\ndr20\srvcall.cxx @ 1235] 
1f 0000005f`10a7f390 00007ffd`ce76dba8     RPCRT4!DispatchToStubInCNoAvrf+0x17 [minio\rpc\runtime\mtrt\dispatch.c @ 74] 
20 0000005f`10a7f3e0 00007ffd`ce76d8a1     RPCRT4!RPC_INTERFACE::DispatchToStubWorker+0x1a8 [minio\rpc\runtime\mtrt\hndlsvr.cxx @ 698] 
21 0000005f`10a7f4b0 00007ffd`ce77cdad     RPCRT4!RPC_INTERFACE::DispatchToStub+0xf1 [minio\rpc\runtime\mtrt\hndlsvr.cxx @ 517] 
22 (Inline Function) --------`--------     RPCRT4!LRPC_SBINDING::DispatchToStub+0x22 [minio\rpc\runtime\mtrt\lpcsvr.hxx @ 952] 
23 0000005f`10a7f520 00007ffd`ce77c12a     RPCRT4!LRPC_SCALL::DispatchRequest+0x14d [minio\rpc\runtime\mtrt\lpcsvr.cxx @ 9668] 
24 (Inline Function) --------`--------     RPCRT4!LRPC_SCALL::QueueOrDispatchCall+0x623 [minio\rpc\runtime\mtrt\lpcsvr.cxx @ 9429] 
25 0000005f`10a7f5f0 00007ffd`ce77b2e3     RPCRT4!LRPC_SCALL::HandleRequest+0xd5a [minio\rpc\runtime\mtrt\lpcsvr.cxx @ 9059] 
26 0000005f`10a7f700 00007ffd`ce77af53     RPCRT4!LRPC_SASSOCIATION::HandleRequest+0x2c3 [minio\rpc\runtime\mtrt\lpcsvr.cxx @ 6118] 
27 0000005f`10a7f780 00007ffd`ce77ac49     RPCRT4!LRPC_ADDRESS::HandleRequest+0x183 [minio\rpc\runtime\mtrt\lpcsvr.cxx @ 4314] 
28 0000005f`10a7f820 00007ffd`ce785fae     RPCRT4!LRPC_ADDRESS::ProcessIO+0x939 [minio\rpc\runtime\mtrt\lpcsvr.cxx @ 2245] 
29 0000005f`10a7f970 00007ffd`d04149ac     RPCRT4!LrpcIoComplete+0xfe [minio\rpc\runtime\mtrt\lpcassoc.cxx @ 7547] 
2a 0000005f`10a7fa00 00007ffd`d0401e03     ntdll!TppAlpcpExecuteCallback+0x14c [minkernel\threadpool\ntdll\lpc.c @ 426] 
2b 0000005f`10a7fa50 00007ffd`cf351f87     ntdll!TppWorkerThread+0x473 [minkernel\threadpool\ntdll\worker.c @ 1105] 
2c 0000005f`10a7fd10 00007ffd`d0438f90     KERNEL32!BaseThreadInitThunk+0x17 [clientcore\base\win32\client\thread.c @ 77] 
2d 0000005f`10a7fd40 00000000`00000000     ntdll!RtlUserThreadStart+0x20 [minkernel\ldr\rtlstrt.c @ 1198]

Leak related verifier output:

Driver Verification List
------------------------

nt!_VF_TARGET_DRIVER 0xffff988faa6a4230: netebpfext.sys (Loaded and Unloaded)

    Pool Allocation Statistics: ( NonPagedPool / PagedPool )

      Current Pool Allocations: ( 0x00000001 / 0x00000000 )
      Current Pool Bytes:       ( 0x00000030 / 0x00000000 )
      Peak Pool Allocations:    ( 0x00000016 / 0x00000001 )
      Peak Pool Bytes:          ( 0x000006e4 / 0x00000046 )
      Contiguous Memory Bytes:       0x00000000
      Peak Contiguous Memory Bytes:  0x00000000

    Pool Allocations:

      Address             Length      Tag   Caller Address    
      ------------------  ----------  ----  ------------------
      0xffff988f9bb22fd0  0x00000030  ebfN  0xfffff8053f2f18b6  NetEbpfExt!ExAllocatePoolUninitialized+0x26
+1
dv-msft on Oct 26, 2023
Read more comments on GitHub
← ebpf-for-windows: Workflow failed - fault_injection_full
FASTER: (1.7.2) NotImplementedException thrown sometimes in VarLenBlittableAllocator.cs when deleting entry, using SpanByte as key and value →