I’m fighting a non-paged pool leak from the Irp tag. Basically, I have a Win32 console application running on Windows 7 x64 that calls WSARecv() in a loop issuing overlapped I/O on a single socket. Each call to WSARecv() seems to leak one IRP, which is completed but not freed from non-paged pool.
I have verified that the IRPs are allocated by the WSARecv() call (using ETW PoolAlloc stack tracing). This is the allocating stack:
ws2_32.dll!WSARecv
mswsock.dll!WSPRecv
ntdll.dll!ZwDeviceIoControlFile
ntkrnlpa.exe!KiSystemServicePostCall
ntkrnlpa.exe!NtDeviceIoControlFile
ntkrnlpa.exe!IopXxxControlFile
ntkrnlpa.exe!IoAllocateIrp
ntkrnlpa.exe!IopAllocateIrpPrivate
ntkrnlpa.exe!ExAllocatePoolWithQuotaTag
In the debugger, !irpfind shows a huge number of completed IRPs, and something that strikes me as odd is that their CurrentLocation is greater by *two* than their StackCount, e.g.:
87da5228 [87e26670] Irp is complete (CurrentLocation 6 > StackCount 4)
87da5478 [87e26670] Irp is complete (CurrentLocation 6 > StackCount 4)
87da56c8 [87e26670] Irp is complete (CurrentLocation 6 > StackCount 4)
87da5918 [87e26670] Irp is complete (CurrentLocation 6 > StackCount 4)
87da5b68 [87e26670] Irp is complete (CurrentLocation 6 > StackCount 4)
I don’t know if this particular tidbit means anything. Regardless, the memory is not freed until I exit the application, at which point NP usage drops back to its previous values.
I’m not sure how to proceed. Is there something I can do to understand why the NP pool memory for the IRPs not being freed? Is there anything specific I need to do around the WSARecv() calls which I might have missed?
Thanks in advance for any pointers.
– Sasha
If there a TDI filter or another non-MS driver?
Just to give you all an update (I’m sure you lost sleep over this ;-)):
It turns out that the application in question created an I/O completion
port to which the asynchronous I/O completions were queued, but didn’t
dequeue them from the port. As a result, the IRPs weren’t freed either.
:: Sasha
On Mon, Feb 10, 2014 at 8:50 PM, wrote:
> I’m fighting a non-paged pool leak from the Irp tag. Basically, I have a
> Win32 console application running on Windows 7 x64 that calls WSARecv() in
> a loop issuing overlapped I/O on a single socket. Each call to WSARecv()
> seems to leak one IRP, which is completed but not freed from non-paged pool.
>
> I have verified that the IRPs are allocated by the WSARecv() call (using
> ETW PoolAlloc stack tracing). This is the allocating stack:
>
> ws2_32.dll!WSARecv
> mswsock.dll!WSPRecv
> ntdll.dll!ZwDeviceIoControlFile
> ntkrnlpa.exe!KiSystemServicePostCall
> ntkrnlpa.exe!NtDeviceIoControlFile
> ntkrnlpa.exe!IopXxxControlFile
> ntkrnlpa.exe!IoAllocateIrp
> ntkrnlpa.exe!IopAllocateIrpPrivate
> ntkrnlpa.exe!ExAllocatePoolWithQuotaTag
>
> In the debugger, !irpfind shows a huge number of completed IRPs, and
> something that strikes me as odd is that their CurrentLocation is greater
> by two than their StackCount, e.g.:
>
> 87da5228 [87e26670] Irp is complete (CurrentLocation 6 > StackCount 4)
> 87da5478 [87e26670] Irp is complete (CurrentLocation 6 > StackCount 4)
> 87da56c8 [87e26670] Irp is complete (CurrentLocation 6 > StackCount 4)
> 87da5918 [87e26670] Irp is complete (CurrentLocation 6 > StackCount 4)
> 87da5b68 [87e26670] Irp is complete (CurrentLocation 6 > StackCount 4)
>
> I don’t know if this particular tidbit means anything. Regardless, the
> memory is not freed until I exit the application, at which point NP usage
> drops back to its previous values.
>
> I’m not sure how to proceed. Is there something I can do to understand why
> the NP pool memory for the IRPs not being freed? Is there anything specific
> I need to do around the WSARecv() calls which I might have missed?
>
> Thanks in advance for any pointers.
>
> – Sasha
>
>
> —
> NTDEV is sponsored by OSR
>
> Visit the list at: http://www.osronline.com/showlists.cfm?list=ntdev
>
> OSR is HIRING!! See http://www.osr.com/careers
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>