Skip to content

Sending large payload crashes EventPipe  #50515

New issue
New issue
Closed
Closed
Sending large payload crashes EventPipe #50515
Assignees
sywhang
Labels
EventPipearea-Tracing-coreclrbug
Milestone
6.0.0
@sywhang

Description

@sywhang
sywhang
opened on Mar 31, 2021

Currently, EventPipe's buffer manager is capable of allocating up to 1MB buffer to save event payloads. But the EventPipeFile's block which is used to flush the buffer has a maximum size of 100 KB. This causes an event whose payload is small enough to fit in a EventPipe buffer ( < 1MB) but is larger than the max size of the block (> 100 KB) to crash with a call stack like this:

`00 (Inline Function) --------`-------- KERNELBASE!DebugBreak [minkernel\kernelbase\debug.c @ 143]
01 00000034`3e87f7a8 00007ffc`31c9c8f7 KERNELBASE!wil::details::DebugBreak+0x2 [internal\sdk\inc\wil\resultmacros.h @ 1888]
02 00000034`3e87f7b0 00007ffc`31c97e6c coreclr!file_write_event_to_block+0xa7 [D:\workspace\_work\1\s\src\native\eventpipe\ep-file.c @ 249]
03 00000034`3e87f800 00007ffc`31c951d9 coreclr!ep_file_write_event+0xfc [D:\workspace\_work\1\s\src\native\eventpipe\ep-file.c @ 460]
04 00000034`3e87f860 00007ffc`31c9b56d coreclr!ep_buffer_manager_write_all_buffers_to_file_v4+0xb9 [D:\workspace\_work\1\s\src\native\eventpipe\ep-buffer-manager.c @ 1180]
05 (Inline Function) --------`-------- coreclr!ep_buffer_manager_write_all_buffers_to_file+0x17 [D:\workspace\_work\1\s\src\native\eventpipe\ep-buffer-manager.c @ 1056]
06 00000034`3e87f8e0 00007ffc`31c9d8a1 coreclr!ep_session_write_all_buffers_to_file+0x4d [D:\workspace\_work\1\s\src\native\eventpipe\ep-session.c @ 435]
07 00000034`3e87f910 00007ffc`31c99f47 coreclr!streaming_thread+0xc1 [D:\workspace\_work\1\s\src\native\eventpipe\ep-session.c @ 56]
08 00000034`3e87f960 00007ffc`62037974 coreclr!ep_rt_thread_coreclr_start_func+0x17 [D:\workspace\_work\1\s\src\coreclr\vm\eventing\eventpipe\ep-rt-coreclr.h @ 1923]
09 00000034`3e87f990 00007ffc`64d3a2d1 kernel32!BaseThreadInitThunk+0x14 [base\win32\client\thread.c @ 64]
0a 00000034`3e87f9c0 00000000`00000000 ntdll!RtlUserThreadStart+0x21 [minkernel\ntdll\rtlstrt.c @ 1163]`

Note that in the previous C++ implementation, this would've led to the event simply getting dropped, but in the current C implementation we are using EP_UNREACHABLE() that puts us at this state. This is a regression from Preview 1 to Preview 2 which made the transition from C++ to C implementation of EventPipe.

cc @josalem

Metadata

Metadata

Assignees

Labels

EventPipearea-Tracing-coreclrbug

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions