You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 0000000000000062, A driver has forgotten to free its pool allocations prior to unloading.
Arg2: ffffe00001b75978, name of the driver having the issue.
Arg3: ffffe00001bd56b0, verifier internal structure with driver information.
Arg4: 0000000000000005, total # of (paged+nonpaged) allocations that weren't freed.
Type !verifier 3 drivername.sys for info on the allocations
that were leaked that caused the bugcheck.
Debugging Details:
DBGHELP: C:\Windows\symbols\ntkrnlmp.exe\5215D156783000\ntkrnlmp.exe - OK
DBGHELP: C:\Windows\symbols\ntkrnlmp.exe\5215D156783000\ntkrnlmp.exe - OK
BUGCHECK_STR: 0xc4_62
IMAGE_NAME: OVSExt.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 5447adb7
MODULE_NAME: OVSExt
FAULTING_MODULE: fffff80001779000 OVSExt
VERIFIER_DRIVER_ENTRY: dt nt!_MI_VERIFIER_DRIVER_ENTRY ffffe00001bd56b0
Symbol nt!_MI_VERIFIER_DRIVER_ENTRY not found.
STANDARD FLAGS: X Automatic Checks X Special pool X Force IRQL checking X Pool tracking X I/O verification X Deadlock detection X DMA checking X Security checks X Miscellaneous checks X DDI compliance checking
ADDITIONAL FLAGS: X Randomized low resources simulation X Force pending I/O requests X IRP logging X Invariant MDL checking for stack X Invariant MDL checking for driver X Power framework delay fuzzing X Systematic low resources simulation X DDI compliance checking (additional) X NDIS/WIFI verification X Kernel synchronization delay fuzzing X VM switch verification
Pool Allocations Attempted 0x10a04
Pool Allocations Succeeded 0x109b3
Pool Allocations Succeeded SpecialPool 0x109b3
Pool Allocations With NO TAG 0x0
Pool Allocations Failed 0x0
Current paged pool allocations 0x95 for 0000283A bytes
Peak paged pool allocations 0x9e for 00002B76 bytes
Current nonpaged pool allocations 0xfa6 for 00115015 bytes
Peak nonpaged pool allocations 0xfab for 00115513 bytes
Driver Verification List
MODULE: 0xffffe00000059820 ovsext.sys (Loaded)
Pool Allocation Statistics: ( NonPagedPool / PagedPool )
Current Pool Allocations: ( 0x00000005 / 0x00000000 )
Current Pool Bytes: ( 0x00018050 / 0x00000000 )
Peak Pool Allocations: ( 0x00000009 / 0x00000000 )
Peak Pool Bytes: ( 0x0001e1f8 / 0x00000000 )
Contiguous Memory Bytes: 0x00000000
Peak Contiguous Memory Bytes: 0x00000000
Pool Allocations:
Address Length Tag Caller Address
------------------ ---------- ---- ------------------
0xffffe00002933000 0x00008010 OVST 0xfffff8000179a4ae OVSExt!OvsAllocateMemory
0xffffe0000292e000 0x00004010 OVST 0xfffff8000179a4ae OVSExt!OvsAllocateMemory
0xffffe00002929000 0x00004010 OVST 0xfffff8000179a4ae OVSExt!OvsAllocateMemory
0xffffe00002924000 0x00004010 OVST 0xfffff8000179a4ae OVSExt!OvsAllocateMemory
0xffffe0000291f000 0x00004010 OVST 0xfffff8000179a4ae OVSExt!OvsAllocateMemory
Contiguous allocations are not displayed with public symbols.
The text was updated successfully, but these errors were encountered:
At machine boot, If the OVS extension is enabled and the Driver Verifier is set, a BSOD will be issued due to memory leaks. The PNP manager calls filter attach routine before the RPC engine is ready, which causes tunnel initialization to fail in OvsTunnelFilterInitialize. In this case, the switch context is freed without performing a cleanup first. This is the reason why the memory leaks are hapening.
The five leaks are from the datapath, portIdHashArray, portNoHashArray, pidHashArray, and ovsPortNameHashArray, members of the switch context which are not released.
If the OVS extension is enabled, Driver Verifier will issue a BSOD
due to memory leaks. This issue reproduces each time and the problem
is in the filter attach routine when the switch context is initialized.
Signed-off-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Reported-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Reported-at: openvswitch/ovs-issues#50
Acked-by: Eitan Eliahu <eliahue@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA will
be among the most commonly seen crashes.
Arguments:
Arg1: 0000000000000062, A driver has forgotten to free its pool allocations prior to unloading.
Arg2: ffffe00001b75978, name of the driver having the issue.
Arg3: ffffe00001bd56b0, verifier internal structure with driver information.
Arg4: 0000000000000005, total # of (paged+nonpaged) allocations that weren't freed.
Type !verifier 3 drivername.sys for info on the allocations
that were leaked that caused the bugcheck.
Debugging Details:
DBGHELP: C:\Windows\symbols\ntkrnlmp.exe\5215D156783000\ntkrnlmp.exe - OK
DBGHELP: C:\Windows\symbols\ntkrnlmp.exe\5215D156783000\ntkrnlmp.exe - OK
BUGCHECK_STR: 0xc4_62
IMAGE_NAME: OVSExt.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 5447adb7
MODULE_NAME: OVSExt
FAULTING_MODULE: fffff80001779000 OVSExt
VERIFIER_DRIVER_ENTRY: dt nt!_MI_VERIFIER_DRIVER_ENTRY ffffe00001bd56b0
Symbol nt!_MI_VERIFIER_DRIVER_ENTRY not found.
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
PROCESS_NAME: services.exe
CURRENT_IRQL: 2
ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) amd64fre
LAST_CONTROL_TRANSFER: from fffff80212e5a7c6 to fffff80212dd7c90
STACK_TEXT:
ffffd000
261e0b18 fffff802
12e5a7c6 : 0000000000000000 00000000
00000000 ffffd000261e0c80 fffff802
12d7f654 : nt!DbgBreakPointWithStatusffffd000
261e0b20 fffff802
12e5a0d7 : 0000000000000003 00000000
00000062 fffff80212ddf070 00000000
000000c4 : nt!KiBugCheckDebugBreak+0x12ffffd000
261e0b80 fffff802
12dd11a4 : 00000000000000c4 fffff802
12d35f6c ffffe00000059870 fffff802
12d38b73 : nt!KeBugCheck2+0x8abffffd000
261e1290 fffff802
132f06a8 : 00000000000000c4 00000000
00000062 ffffe00001b75978 ffffe000
01bd56b0 : nt!KeBugCheckEx+0x104ffffd000
261e12d0 fffff802
132f4c4a : fffff80001779000 ffffe000
01b758c0 0000000000000000 00000000
ffffffff : nt!VerifierBugCheckIfAppropriate+0x3cffffd000
261e1310 fffff802
12e2d2e8 : 0000000000000000 00000000
00001000 0000007f00000001 ffffe000
01bc6fa0 : nt!VfPoolCheckForLeaks+0x4affffd000
261e1350 fffff802
132e2060 : fffff80212f2dcc0 fffff802
12f2dcc0 ffffe00001b758c0 00000000
00000002 : nt! ?? ::FNODOBFM::string'+0x4bd58 ffffd000
261e13e0 fffff802131556c6 : 00000000
00000000 ffffe00001b758c0 00000000
00000000 ffffe00001bd5410 : nt!VfDriverUnloadImage+0x34 ffffd000
261e1410 fffff80213155630 : 00000000
00000000 ffffe00001b758c0 ffffe000
01bd5410 ffffe00001bd53e0 : nt!MiUnloadSystemImage+0x7e ffffd000
261e1490 fffff80213155578 : 00000000
00000000 ffffe000001b2f20 ffffe000
01bd5410 0000000000010286 : nt!MmUnloadSystemImage+0x20 ffffd000
261e14c0 fffff80213032f28 : 00000000
00000000 ffffe00001bd5410 ffffe000
001b2f20 ffffc0000007e918 : nt!IopDeleteDriver+0x40 ffffd000
261e1500 fffff80212ce905f : 00000000
00000000 ffffd000261e1800 ffffe000
01bd5410 00000000c0000001 : nt!ObpRemoveObjectRoutine+0x64 ffffd000
261e1560 fffff80213159a2e : ffffe000
01bd5410 ffffd000261e19a0 00000000
c0000001 00000000c0000001 : nt!ObfDereferenceObject+0x8f ffffd000
261e15a0 fffff80212ddc8b3 : 00000000
00000000 ffffe000023c9080 00000086
86ebe950 0000000000000000 : nt!IopUnloadDriver+0x262 ffffd000
261e1780 fffff80212dd4d00 : fffff802
1321de61 ffffe000023c9080 ffffd000
261e1b80 0000008686ebe950 : nt!KiSystemServiceCopyEnd+0x13 ffffd000
261e1918 fffff8021321de61 : ffffe000
023c9080 ffffd000261e1b80 00000086
86ebe950 00000000000001c8 : nt!KiServiceLinkage ffffd000
261e1920 fffff80212ddc8b3 : ffffe000
023c9080 ffffe000023c9080 00000086
861bf450 0000000000000000 : nt! ?? ::NNGAKEGL::
string'+0x70261ffffd000
261e1b00 00007ffc
7e0e94fa : 00007ff7c8841c90 00000000
00000078 0000000000000078 00000086
861bf450 : nt!KiSystemServiceCopyEnd+0x1300000086
86ebe928 00007ff7
c8841c90 : 0000000000000078 00000000
00000078 00000086861bf450 00007ff7
c88103f4 : ntdll!NtUnloadDriver+0xa00000086
86ebe930 00007ff7
c8841b68 : 000000000000000a 00000000
00000000 00007ff7c8853368 00000086
86ebeaa0 : services!ScUnloadDriver+0xb400000086
86ebe970 00007ff7
c88285d6 : 0000000000000000 00000000
00000000 00000086862082a0 367abb81
0000000d : services!ScControlDriver+0x11000000086
86ebe9a0 00007ff7
c88065b8 : 0000000000000001 00000000
00000001 00007ff7c880f0fc 00007ffc
00000000 : services!RI_ScGetCurrentGroupStateW+0x527200000086
86ebea60 00007ffc
7db62385 : 0000000000000000 00000086
86ebef88 0000008686ebf0d0 00007ffc
7db62346 : services!RControlService+0x5000000086
86ebeae0 00007ffc
7db6ae16 : 0000008686ebef70 00007ff7
c880f0f2 00000086862338d0 00000086
00000001 : RPCRT4!Invoke+0x6500000086
86ebeb40 00007ffc
7db634ea : 0000000000000013 00000000
00000000 00000000000002b0 00007ffc
ffffffff : RPCRT4!NdrStubCall2+0x38b00000086
86ebf1c0 00007ffc
7db62614 : 0000008686271b01 00007ffc
00000001 0000000000000031 00000000
00000011 : RPCRT4!NdrServerCall2+0x1a00000086
86ebf1f0 00007ffc
7db62517 : 0000000000000000 00000086
86ebf2e1 0000008686ebf3a8 00000000
00000001 : RPCRT4!DispatchToStubInCNoAvrf+0x1400000086
86ebf240 00007ffc
7db630ad : 00000086861e0270 00000000
00000000 0000000000000000 00000086
86233780 : RPCRT4!RPC_INTERFACE::DispatchToStubWorker+0x17700000086
86ebf340 00007ffc
7db62cc1 : 0000000000025fa6 00000086
86233780 0000000000000000 00000086
861e0270 : RPCRT4!LRPC_SCALL::DispatchRequest+0x1bd00000086
86ebf440 00007ffc
7db62a97 : 0000001100000000 00000000
00000001 0000008600000000 00000000
00000000 : RPCRT4!LRPC_SCALL::HandleRequest+0x20100000086
86ebf4f0 00007ffc
7db61d04 : 00000086861ddf00 00000086
00000000 00007ffc7dbb9b24 00000086
861ddf00 : RPCRT4!LRPC_SASSOCIATION::HandleRequest+0x23700000086
86ebf580 00007ffc
7db61afe : 0000008600000001 00000000
00000000 000000007ffe03c0 00007ffc
7dbb9b24 : RPCRT4!LRPC_ADDRESS::ProcessIO+0x36d00000086
86ebf6c0 00007ffc
7e074624 : 000000000000003e ffffffff
fd050f80 000000007ffe03b0 00000086
86ebf778 : RPCRT4!LrpcIoComplete+0xae00000086
86ebf760 00007ffc
7e072bfd : 0000000000000000 00000000
00000000 0000000000000000 00000086
8626b3f0 : ntdll!TppAlpcpExecuteCallback+0x20400000086
86ebf7d0 00007ffc
7d021611 : 0000000000000000 00000000
00000000 0000000000000000 00000000
00000000 : ntdll!TppWorkerThread+0x3ad00000086
86ebfbc0 00007ffc
7e0c64ad : 0000000000000000 00000000
00000000 0000000000000000 00000000
00000000 : KERNEL32!BaseThreadInitThunk+0xd00000086
86ebfbf0 00000000
00000000 : 0000000000000000 00000000
00000000 0000000000000000 00000000
00000000 : ntdll!RtlUserThreadStart+0x1dSTACK_COMMAND: kb
FOLLOWUP_NAME: MachineOwner
FAILURE_BUCKET_ID: 0xc4_62_VRF_LEAKED_POOL_IMAGE_OVSExt.sys
BUCKET_ID: 0xc4_62_VRF_LEAKED_POOL_IMAGE_OVSExt.sys
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:0xc4_62_vrf_leaked_pool_image_ovsext.sys
FAILURE_ID_HASH: {4bcf06aa-3750-7f0f-72b4-698f3e1db606}
Followup: MachineOwner
0: kd> !verifier 3 OVSExt.sys
Verify Flags Level 0x01aeefbf
STANDARD FLAGS:
X Automatic Checks
X Special pool
X Force IRQL checking
X Pool tracking
X I/O verification
X Deadlock detection
X DMA checking
X Security checks
X Miscellaneous checks
X DDI compliance checking
ADDITIONAL FLAGS:
X Randomized low resources simulation
X Force pending I/O requests
X IRP logging
X Invariant MDL checking for stack
X Invariant MDL checking for driver
X Power framework delay fuzzing
X Systematic low resources simulation
X DDI compliance checking (additional)
X NDIS/WIFI verification
X Kernel synchronization delay fuzzing
X VM switch verification
Summary of All Verifier Statistics
RaiseIrqls 0x2aaf
AcquireSpinLocks 0x45cb
Synch Executions 0xf6
Trims 0x2240
Pool Allocations Attempted 0x10a04
Pool Allocations Succeeded 0x109b3
Pool Allocations Succeeded SpecialPool 0x109b3
Pool Allocations With NO TAG 0x0
Pool Allocations Failed 0x0
Current paged pool allocations 0x95 for 0000283A bytes
Peak paged pool allocations 0x9e for 00002B76 bytes
Current nonpaged pool allocations 0xfa6 for 00115015 bytes
Peak nonpaged pool allocations 0xfab for 00115513 bytes
Driver Verification List
MODULE: 0xffffe00000059820 ovsext.sys (Loaded)
The text was updated successfully, but these errors were encountered: